hslatman / awesome-threat-intelligence Goto Github PK
View Code? Open in Web Editor NEWA curated list of Awesome Threat Intelligence resources
License: Apache License 2.0
A curated list of Awesome Threat Intelligence resources
License: Apache License 2.0
Security threat, ip spoof with blocker on dsl, sending sensitive information from nato intelligence, locate home server determine stability crash everything erase everything and identify persons!
Hi there, thanks for the awesome list. However for someone who is cloning this repo, the repo size is huge, considering the number of branches (mostly stale and outdated) presently and their associated git history. Could this be a nicer cleaned up repo?
Regards.
Hey,
urlabuse.com has a feed for cyber threats, and it's free and reputable.
I think it should be reviewed and added.
Doc and usage: https://www.assetwatch.io/domainstream/
Under the section titled Sources for entry SANS ICS Suspicious Domains, the HTML tag for code was used and messed up later entries. Viewing HTML source, just search for DShield and you'll see it.
It is a malware and info sharing platform for security researchers.
Also, Soltra Edge is no longer free, which is how I ran onto Anomali STAXX.
https://www.anomali.com/product/staxx
Thanks for the awesome list!
It seems site for Threat intel list under Frameworks and Platforms is no longer being maintained. Web search do not point to any alternative links and domain points to non-relevant content.
Intelligence is incorrectly spelled twice under the "Cyber Cure intelligience feeds" sections. Also, "positives" is mispelled, see below:
CyberCure is only using sensors to collect the intelligience with very low false postives
Free Chrome extension to add IOC reference tooltips to any webpage, can be used with any threat intelligence source that has an API.
https://chrome.google.com/webstore/detail/threatpinch-lookup/ljdgplocfnmnofbhpkjclbefmjoikgke
Disclaimer: I am the author of this tool.
Hi there,
nice list, would you consider adding AbuseIO (listed on GIT, details on https://abuse.io).
This link: "APT & Cyber Criminal Campaign Collection" to https://github.com/gasgas4/APT_CyberCriminal_Campaign
is broken.
I can't get this resource through github search, either. Looks like user "gasgas4" has pulled all their material off github.
I don't see hybrid-analysis on the list?
No DNS record for hailataxii.com
Project may be dead, renamed, or just misconfigured?
The Talos Aspis link 404s, not sure if this threat feed has moved or is no longer available.
Update:
The nothink.org link blank screens - looks like the feeds have been split out and are enumerated on the homepage.
I've changed the title of this issue and will list any other dead/problematic links I notice here.
More structured content - I want to add some more content to this and want to contribute to this repo
Hello ๐
I found out that Apility.io is deprecated as per the following blog post and wanted to open this ticket.
https://auth0.com/blog/auth0-sunsets-signals/
Great project btw, thank you for putting together all this information.
https://gbhackers.com/cyber-threat-intelligence-tools/
It looks like they copied this list, thought it was worth mentioning here.
FYI: Cymon.io currently has a banner on the homepage indicating it will be discontinued on April 30.
The Ransomware Tracker link https://ransomwaretracker.abuse.ch/ report this:
# Ransomware Tracker has been discontinued on Dec 8th, 2019
Maybe it should be removed from the list?
Framework/Schema
https://github.com/ocsf
Consider adding the OASIS Open Command and Control (OpenC2) Technical Committee and specification under the list of formats. I have created a pull request for this at:
#112
Link to DeepViz is not available anymore. It has been taken over by Malwarebytes.
Nice list. We have started a new malware threat feed (REScure) which is accessible at :
homepage : https://rescure.fruxlabs.com/
Feedpath : https://rescure.fruxlabs.com/rescure_blacklist.txt
The feed is curated form an inhouse threat intelligence solution and is updated at every 6 hours. A blogpost detailing about this is mentioned here :
https://www.theprohack.com/2018/09/rescure-cyber-threat-intelligence-feed.html
Currently limited to only malicious IPs, we will enhance this by adding IoCs such as malware hashes, domains et al in future.
Thanks !
Edit : updated homepage details
https://intelstack.com has become unavailable. Also the link from capitalone does not work.
The link currently attached to Threat Intelligence: Collecting, Analysing, Evaluating under Research, Standards & Books is dead. It redirects to a 404 error.
This link appears to lead to the same white paper:
hXXps://www.mwrinfosecurity[.]com/our-thinking/intelligent-threat-intelligence/
White paper link from above page:
hXXps://www.mwrinfosecurity[.]com/assets/Whitepapers/Threat-Intelligence-Whitepaper.pdf
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.