hslatman / awesome-threat-intelligence Goto Github PK

Security threat, ip spoof with blocker on dsl, sending sensitive information from nato intelligence, locate home server determine stability crash everything erase everything and identify persons!

Hi there, thanks for the awesome list. However for someone who is cloning this repo, the repo size is huge, considering the number of branches (mostly stale and outdated) presently and their associated git history. Could this be a nicer cleaned up repo?

Regards.

Hey,
urlabuse.com has a feed for cyber threats, and it's free and reputable.
I think it should be reviewed and added.

Doc and usage: https://www.assetwatch.io/domainstream/

Under the section titled Sources for entry SANS ICS Suspicious Domains, the HTML tag for code was used and messed up later entries. Viewing HTML source, just search for DShield and you'll see it.

It is a malware and info sharing platform for security researchers.

https://beta.virusbay.io/

Also, Soltra Edge is no longer free, which is how I ran onto Anomali STAXX.

https://www.anomali.com/product/staxx

Thanks for the awesome list!

It seems site for Threat intel list under Frameworks and Platforms is no longer being maintained. Web search do not point to any alternative links and domain points to non-relevant content.

Intelligence is incorrectly spelled twice under the "Cyber Cure intelligience feeds" sections. Also, "positives" is mispelled, see below:

CyberCure is only using sensors to collect the intelligience with very low false postives

Free Chrome extension to add IOC reference tooltips to any webpage, can be used with any threat intelligence source that has an API.

https://chrome.google.com/webstore/detail/threatpinch-lookup/ljdgplocfnmnofbhpkjclbefmjoikgke

Disclaimer: I am the author of this tool.

Hi there,

nice list, would you consider adding AbuseIO (listed on GIT, details on https://abuse.io).

This link: "APT & Cyber Criminal Campaign Collection" to https://github.com/gasgas4/APT_CyberCriminal_Campaign is broken.

I can't get this resource through github search, either. Looks like user "gasgas4" has pulled all their material off github.

I don't see hybrid-analysis on the list?

https://www.hybrid-analysis.com

No DNS record for hailataxii.com
Project may be dead, renamed, or just misconfigured?

The Talos Aspis link 404s, not sure if this threat feed has moved or is no longer available.

Update:

The nothink.org link blank screens - looks like the feeds have been split out and are enumerated on the homepage.

I've changed the title of this issue and will list any other dead/problematic links I notice here.

See https://data.netlab.360.com/dga/

More structured content - I want to add some more content to this and want to contribute to this repo

Hello 👋

I found out that Apility.io is deprecated as per the following blog post and wanted to open this ticket.

https://auth0.com/blog/auth0-sunsets-signals/

Great project btw, thank you for putting together all this information.

https://gbhackers.com/cyber-threat-intelligence-tools/

It looks like they copied this list, thought it was worth mentioning here.

FYI: Cymon.io currently has a banner on the homepage indicating it will be discontinued on April 30.

The Ransomware Tracker link https://ransomwaretracker.abuse.ch/ report this:
# Ransomware Tracker has been discontinued on Dec 8th, 2019
Maybe it should be removed from the list?

Framework/Schema
https://github.com/ocsf

Consider adding the OASIS Open Command and Control (OpenC2) Technical Committee and specification under the list of formats. I have created a pull request for this at:
#112

Link to DeepViz is not available anymore. It has been taken over by Malwarebytes.

Nice list. We have started a new malware threat feed (REScure) which is accessible at :

homepage : https://rescure.fruxlabs.com/
Feedpath : https://rescure.fruxlabs.com/rescure_blacklist.txt

The feed is curated form an inhouse threat intelligence solution and is updated at every 6 hours. A blogpost detailing about this is mentioned here :

https://www.theprohack.com/2018/09/rescure-cyber-threat-intelligence-feed.html

Currently limited to only malicious IPs, we will enhance this by adding IoCs such as malware hashes, domains et al in future.

Thanks !

Edit : updated homepage details

https://intelstack.com has become unavailable. Also the link from capitalone does not work.

The link currently attached to Threat Intelligence: Collecting, Analysing, Evaluating under Research, Standards & Books is dead. It redirects to a 404 error.

This link appears to lead to the same white paper:
hXXps://www.mwrinfosecurity[.]com/our-thinking/intelligent-threat-intelligence/

White paper link from above page:
hXXps://www.mwrinfosecurity[.]com/assets/Whitepapers/Threat-Intelligence-Whitepaper.pdf