ARGUN CTI — Cyber Threat Intelligence Platform

ARGUN CTI is an open-source cyber threat intelligence platform developed by ARGUN Security. It aggregates CVE data from multiple sources and prioritizes threats using the AI-powered ARGUN Threat Score (ATS) algorithm.

Designed to support the daily workflows of SOC analysts and CTI professionals, the platform provides at-a-glance visibility into which vulnerabilities pose a real threat and which are being actively exploited in the wild.

How ARGUN Threat Score (ATS) Works

ATS is a composite score ranging from 0 to 100, combining five threat dimensions:

• Technical Severity (30 pts) — CVSS base score
• Exploit Probability (25 pts) — EPSS score
• Weaponization (20 pts) — KEV status, PoC availability, Nuclei templates
• Social Signal (15 pts) — Fediverse / infosec community activity
• Recency Factor (10 pts) — Time since publication

Data Sources

• NVD — NIST National Vulnerability Database (API 2.0)
• CISA KEV — Known Exploited Vulnerabilities Catalog
• FIRST EPSS — Exploit Prediction Scoring System
• FediSecFeeds — Fediverse CVE social intelligence
• GitHub — PoC repository detection
• Nuclei Templates — Automated exploit detection
• stamparm/ipsum — 30+ IP blacklist aggregation
• abuse.ch — Feodo Tracker, SSL Blacklist, URLhaus
• Blocklist.de — Brute force IP database
• Emerging Threats — Proofpoint threat IPs
• CINS Army — Sentinel-based threat intelligence
• Binary Defense — Artillery threat feed

API Usage

All data is available as open JSON endpoints:

• data/cve_feed.json — CVE feed (sorted by ATS)
• data/ip_blacklist.json — IP blacklist (enriched)
• data/stats.json — Dashboard statistics
• data/blacklist.txt — Firewall-ready IP blocklist

Contact

ARGUN Security — Clear Vision, Absolute Security

Developer: Onur Oktay