DugganUSA LLC is a cybersecurity company based in Minnesota that builds AI-powered threat intelligence tools. Our platform indexes over 1 million indicators of compromise (IOCs), 400,000+ DOJ Epstein documents, and provides a free STIX 2.1 threat feed consumed by Fortune 500 companies and defense contractors.

Butterbot is DugganUSA's AI-powered security chatbot with 40+ tools for searching IOCs, correlating threat indicators, traversing threat graphs, analyzing behavioral patterns, and running CARVER risk assessments. It uses OpenAI function calling with Meilisearch-backed indexes.

What is AIPM (AI Presence Management)?

AIPM is a tool that audits how AI models (GPT, Claude, Gemini, Perplexity) perceive and recommend your brand. It calculates an AIPM-NPS score by directly querying AI models, analyzes your website structure for AI crawler readiness, and provides optimization recommendations. Think 'SEO for the LLM era.'

Is the Epstein Files search free?

Yes. The Epstein Files Search at epstein.dugganusa.com offers a free tier with 500 queries per day. It covers all 12 DOJ EFTA datasets (400K+ documents), 2M+ ICIJ offshore entities, and 2M+ federal decisions. Professional and enterprise tiers are available for researchers and journalists needing higher limits.

Who founded DugganUSA?

DugganUSA was founded by Patrick Duggan on December 1, 2025, in Minnesota. Patrick's background includes Dell EMC, Palo Alto Networks, and embedded work at Microsoft on JEDI/Azure Stack. The company's D-U-N-S number is 14-363-3562.

What is the DugganUSA STIX feed?

DugganUSA operates a free STIX 2.1 threat intelligence feed at analytics.dugganusa.com/api/v1/stix-feed. It contains 1M+ indicators of compromise including botnet C2s, malicious IPs, and attack infrastructure. The feed is TAXII 2.1 compliant and is consumed by major organizations including Microsoft, AT&T, Amazon, and defense contractors.

Your OPNsense Firewall Just Got 938,000 Reasons to Block Threats

Patrick Duggan
Feb 28
2 min read

# Your OPNsense Firewall Just Got 938,000 Reasons to Block Threats

**DugganUSA ships native OPNsense threat intel feeds. Free. Tonight.**

Zscaler Threat Intelligence Alliance charges $2,000-5,000/month to feed your firewall. We just shipped the same capability for $0.

Three endpoints. Plaintext. No SDK, no agent, no contract.

IP Blocklist

1,428 malicious IPs. One per line. Sorted by abuse confidence score.

**OPNsense setup:** Firewall → Aliases → Add → Type: URL Table (IPs) → paste the URL → Refresh: 900 seconds. Done. Every IP that hit our detection engine with a confidence score above 70 is now blocked at your perimeter.

Sources: AbuseIPDB, VirusTotal, ThreatFox, OTX — the same multi-source correlation that 275+ STIX consumers in 46 countries already depend on.

Suricata IDS Rules

165 detection rules. Drop-in `.rules` file. SID range 9100001+ so it won't collide with your existing rulesets.

IP-based rules for known C2 infrastructure. DNS rules for malicious domains. HTTP rules for phishing URLs. Both inbound and outbound. OPNsense Intrusion Detection picks them up on the next reload.

DNS Sinkhole

9,977 malicious domains. Unbound format. Redirect to 0.0.0.0.

URLhaus confirmed malware. Reverse DNS from blocked IPs. Shodan-discovered infrastructure. OpenPhish, PhishTank, Phishing Army. All deduplicated, validated, and formatted for Unbound.

Your users try to resolve a malicious domain? They get 0.0.0.0. No agent on the endpoint. No browser extension. Just DNS doing what DNS does.

The Math

| | Zscaler TIA | DugganUSA |

|---|---|---|

| IP blocklist | ✓ | ✓ (1,428 IPs) |

| IDS rules | ✓ | ✓ (165 rules) |

| DNS sinkhole | ✓ | ✓ (9,977 domains) |

| Auto-refresh | ✓ | ✓ (15 min) |

| Monthly cost | $2,000-5,000 | $0 |

| Contract required | Yes | No |

| Setup time | Weeks | 5 minutes |

We're not doing 100% of what Zscaler does. We're doing ~95% of what matters — the blocklists, the detection rules, the DNS sinkholes — at ~5% of the cost. And we guarantee the other 5% exists, because we're not liars.

Why Free?

Because threat intelligence shouldn't be a luxury. The homelab operator running OPNsense on a MiniPC deserves the same protection as the Fortune 500 SOC running Zscaler on a seven-figure contract.

We make money on the API. Researchers pay $29/month. Professionals pay $99. Enterprises pay more. The firewall feeds are the on-ramp.

Microsoft is already polling our STIX feed. AT&T is pulling data programmatically at midnight. If the feeds are good enough for them, they're good enough for your OPNsense box.

Get Started

1. Register for a free API key: [analytics.dugganusa.com/stix/register](https://analytics.dugganusa.com/stix/register)

2. Pick your feed

3. Add it to OPNsense

4. Sleep better

Full documentation: [analytics.dugganusa.com/api/v1/opnsense/help](https://analytics.dugganusa.com/api/v1/opnsense/help)

*DugganUSA LLC. Two people. No VC. $500/month infrastructure. 938,000 IOCs. 275+ consumers in 46 countries.*

*Your firewall was hungry. We fed it.*

*Her name was Renee Nicole Good.*

*His name was Alex Jeffery Pretti.*