Automatically generated blocklists for Pi-hole from multiple threat intelligence sources.
Tempest Solutions is committed to making the internet safe for all. See our networking website at https://tempest-solutions.network for more details.
Github Pages Dashboard: https://tempest-solutions-company.github.io/pihole_blocklists/
If these blocklists help protect your network, consider supporting the developer:
Last Updated: 2025-12-24 00:21:01 UTC
- Phishing Domains: 816,060
- Malware Domains: 24,871
- C2 Server Domains: 51,385
- Banking Trojan Domains: 7,581
- Update Frequency: Every 24 hours
- False Positive Rate: <0.01% (1.6M+ legitimate domains filtered)
| List | Description | Domains | Download |
|---|---|---|---|
| Phishing | Phishing domains and URLs | 816,060 | Download |
| Malware | Malware hosting & distribution sites | 24,871 | Download |
| C2 Servers | Command & control servers | 51,385 | Download |
| Banking Trojan | Banking trojan & financial malware | 7,581 | Download |
| All Malicious | All threats combined | 886,567 | Download |
Add these URLs to your Pi-hole blocklists:
https://raw.githubusercontent.com/Tempest-Solutions-Company/pihole_blocklists/main/phishing.txt
https://raw.githubusercontent.com/Tempest-Solutions-Company/pihole_blocklists/main/malware.txt
https://raw.githubusercontent.com/Tempest-Solutions-Company/pihole_blocklists/main/c2_servers.txt
https://raw.githubusercontent.com/Tempest-Solutions-Company/pihole_blocklists/main/banking_trojan.txt
https://raw.githubusercontent.com/Tempest-Solutions-Company/pihole_blocklists/main/all_malicious.txt
For automatic daily updates, simply add a cron job to update your Pi-hole every 24 hours:
Add to root crontab (sudo crontab -e):
# Update Pi-hole blocklists daily at 3 AM
0 3 * * * pihole -upTo log the updates, you can redirect output:
# Update Pi-hole blocklists daily at 3 AM with logging
0 3 * * * pihole -up >> /var/log/pihole-update.log 2>&1View the update history:
tail -f /var/log/pihole-update.logFor weekly updates every Sunday at 3 AM:
0 3 * * 0 pihole -upMultiple layers of false positive prevention:
- Legitimate Domain Lists: Top 1M (~1.6M domains)
- Manual Whitelist: Critical infrastructure and services
- Community Feedback: Report false positives via GitHub Issues
- Smart Filtering: Intelligent handling of user-generated content platforms
- Multi-threading: 24-core processing for fast updates
- Database Deduplication: PostgreSQL-based duplicate detection
This blocklist provides protection against:
- ✅ Phishing attacks targeting credentials and personal information
- ✅ Malware downloads and distribution sites
- ✅ Command & Control servers used by botnets
- ✅ Banking trojans targeting financial institutions
- ✅ Real-time threats with continuous monitoring
- Pi-hole version: 5.0 or higher
- Memory: Minimum 1GB RAM (2GB+ recommended for large lists)
- Storage: 100MB free space for blocklist cache
- Network: Regular internet connectivity for updates
- False Positives: Report here
- Updates: Lists are updated automatically every 24 hours
- Donations: Support development via Ko-fi (link above)
Generated by ML Domain Collector - Automated threat intelligence for Pi-hole by Tempest Solutions Copyright 1997 - 2025