About Wiestell
Free, Open-Source Threat Intelligence for Everyone
What is Wiestell?
Wiestell is a free, open-source threat intelligence platform designed for security analysts, SOC teams, incident responders, and cybersecurity researchers. It aggregates and correlates data from the world's most trusted open-source threat intelligence feeds, giving defenders a single place to investigate indicators of compromise (IOCs) quickly and without cost.
Why We Built It
Threat intelligence has historically been locked behind expensive enterprise subscriptions. While excellent open-source feeds exist — URLhaus, ThreatFox, AbuseIPDB, AlienVault OTX, and others — accessing them individually is slow and fragmented. Wiestell was built to solve that: one platform, one search, all feeds.
Our goal is to make actionable threat intelligence accessible to every defender, regardless of budget — from a solo analyst at an NGO to a mature SOC team.
What Wiestell Checks
For any IP address, domain, URL, or file hash you submit, Wiestell queries and correlates data from the following open-source intelligence sources:
URLhaus
Malware distribution URLs and download sites
ThreatFox
Indicators of compromise associated with malware families
MalwareBazaar
Malware sample hashes and metadata
Feodo Tracker
Botnet command-and-control server indicators
AbuseIPDB
Crowdsourced IP abuse reports
AlienVault OTX
Open threat exchange indicators and pulses
PhishTank
Verified phishing URLs
Emerging Threats
Community-maintained IP and domain blocklists
Blocklist.de
Attack source IPs from honeypot networks
VirusTotal
Multi-engine file, URL, and domain reputation
Who Uses Wiestell?
SOC analysts
Triaging alerts who need a fast IOC reputation check
Incident responders
Investigating suspicious IPs or domains
Threat hunters
Building adversary profiles
Security engineers
Building automated enrichment pipelines
Students and researchers
Learning threat intelligence
Gary(son) Pereira
Gary(son) is a cybersecurity leader with 11 years of experience spanning professional practice and advanced academic research. He holds an M.Sc. in Computer Forensics and Cyber Security from the University of Greenwich, London, and currently serves as Lead Security Engineer in the fintech sector at Oakbrook Finance.
Garyson built Wiestell out of the conviction that high-quality threat intelligence should be freely available to every defender — not just organisations with enterprise budgets. Drawing on his day-to-day work leading threat intelligence programmes, SOC workflows, and security automation, he designed Wiestell to aggregate the best open-source feeds into a single, fast, and accessible platform.
Expertise
In his professional role, Garyson leads the implementation of a threat intelligence-driven Continuous Threat Exposure Management (CTEM) framework, enhancing organisational resilience against evolving cyber threats. His work spans the full spectrum of modern security engineering:
Threat Intelligence & Detection
Threat Intelligence, Threat Hunting, MITRE ATT&CK-mapped detections, IOC enrichment and correlation
Incident Response & Automation
Incident Response, SOAR automation, automated alert triage pipelines, SOC workflow design
Cloud & Infrastructure Security
Cloud-native Kubernetes security, Zero Trust design, secure architecture reviews, system design
Governance, Risk & Compliance
NIST CSF, ISO 27001, PCI-DSS, OWASP Top 10, CIS Controls, UK Cyber Essentials, vendor risk assessments
Identity & Access Management
IAM, RBAC, Data Loss Prevention (DLP), Zero Trust access principles
AI / ML Security
AI/ML security research, threat modelling
Open Source
Wiestell is open source. We believe in transparency and community-driven security. Contributions, bug reports, and feature suggestions are welcome.
Ready to start analyzing threats?
Start Searching IOCs