We catch GitHub distribution accounts BEFORE malware reaches victims. Traditional feeds detect C2 after sandbox analysis - we detect the source.
Filter our STIX feed by attack pattern for targeted threat intelligence
Stealc/Rhadamanthys distribution via GitHub repositories
curl -H "Authorization: Bearer <YOUR_API_KEY>" "https://analytics.dugganusa.com/api/v1/stix-feed?pattern=38"
Reblessing Engine - Threat actor network discovery
curl -H "Authorization: Bearer <YOUR_API_KEY>" "https://analytics.dugganusa.com/api/v1/stix-feed?pattern=42"
RAT developer social networks and follower analysis
curl -H "Authorization: Bearer <YOUR_API_KEY>" "https://analytics.dugganusa.com/api/v1/stix-feed?pattern=43"
Live data from DugganUSA Brain (analytics.dugganusa.com)
Aggregate counts only - no individual IPs exposed
API keys are live — register free, anonymous access ends March 15, 2026
curl -H "Authorization: Bearer <YOUR_API_KEY>" https://analytics.dugganusa.com/api/v1/stix-feed
OTX Profile: @pduggusa | 94 pulses | 15+ subscribers