Merge pull request #194 from pedramamini/master

Added a variety of open resources from InQuest.net
2024-10-01 06:35:40 -04:00 · 2019-11-09 11:48:14 -06:00 · 2019-11-09 11:48:14 -06:00 · 964740ab02
commit 964740ab02
parent 4a5987bb56 2f7877a607
1 changed files with 12 additions and 8 deletions
--- a/README.md
+++ b/README.md
@ -77,6 +77,7 @@ View Chinese translation: [恶意软件分析大合集.md](恶意软件分析大
 * [Exploit Database](https://www.exploit-db.com/) - Exploit and shellcode
  samples.
 * [Infosec - CERT-PA](https://infosec.cert-pa.it/analyze/submission.html) - Malware samples collection and analysis.
+* [InQuest Labs](https://labs.inquest.net) - Evergrowing searchable corpus of malicious Microsoft documents.
 * [Malpedia](https://malpedia.caad.fkie.fraunhofer.de/) - A resource providing
  rapid identification and actionable context for malware investigations.
 * [Malshare](https://malshare.com) - Large repository of malware actively
@ -139,7 +140,7 @@ View Chinese translation: [恶意软件分析大合集.md](恶意软件分析大
 * [threataggregator](https://github.com/jpsenior/threataggregator) -
  Aggregates security threats from a number of sources, including some of
  those listed below in [other resources](#other-resources).
-* [ThreatConnect](https://threatconnect.com/free/) - TC Open allows you to see and 
+* [ThreatConnect](https://threatconnect.com/free/) - TC Open allows you to see and
  share open source threat data, with support and validation from our free community.
 * [ThreatCrowd](https://www.threatcrowd.org/) - A search engine for threats,
  with graphical visualization.
@ -175,6 +176,8 @@ View Chinese translation: [恶意软件分析大合集.md](恶意软件分析大
 * [HoneyDB](https://riskdiscovery.com/honeydb) - Community driven honeypot sensor data collection and aggregation.
 * [hpfeeds](https://github.com/rep/hpfeeds) - Honeypot feed protocol.
 * [Infosec - CERT-PA lists](https://infosec.cert-pa.it/analyze/statistics.html) ([IPs](https://infosec.cert-pa.it/analyze/listip.txt) - [Domains](https://infosec.cert-pa.it/analyze/listdomains.txt) - [URLs](https://infosec.cert-pa.it/analyze/listurls.txt)) - Blocklist service.
+* [InQuest REPdb](https://labs.inquest.net/repdb) - Continuous aggregation of IOCs from a variety of open reputation sources.
+* [InQuest IOCdb](https://labs.inquest.net/iocdb) - Continuous aggregation of IOCs from a variety of blogs, Github repos, and Twitter.
 * [Internet Storm Center (DShield)](https://isc.sans.edu/) - Diary and
  searchable incident database, with a web [API](https://dshield.org/api/).
  ([unofficial Python library](https://github.com/rshipp/python-dshield)).
@ -276,7 +279,7 @@ executables.
  against multiple mobile antivirus apps.
 * [AVCaesar](https://avcaesar.malware.lu/) - Malware.lu online scanner and
  malware repository.
-* [BoomBox](https://github.com/nbeede/BoomBox) - Automatic deployment of Cuckoo 
+* [BoomBox](https://github.com/nbeede/BoomBox) - Automatic deployment of Cuckoo
  Sandbox malware lab using Packer and Vagrant.
 * [Cryptam](http://www.cryptam.com/) - Analyze suspicious office documents.
 * [Cuckoo Sandbox](https://cuckoosandbox.org/) - Open source, self hosted
@ -345,7 +348,7 @@ executables.
 *Inspect domains and IP addresses.*

 * [AbuseIPDB](https://www.abuseipdb.com/) - AbuseIPDB is a project dedicated
-  to helping combat the spread of hackers, spammers, and abusive activity on the internet. 
+  to helping combat the spread of hackers, spammers, and abusive activity on the internet.
 * [badips.com](https://www.badips.com/) - Community based IP blacklist service.
 * [boomerang](https://github.com/EmersonElectricCo/boomerang) - A tool designed
  for consistent and safe capture of off network web resources.
@ -385,7 +388,7 @@ executables.
  or network owner. (Previously SenderBase.)
 * [TekDefense Automater](http://www.tekdefense.com/automater/) - OSINT tool
  for gathering information about URLs, IPs, or hashes.
-* [URLhaus](https://urlhaus.abuse.ch/) - A project from abuse.ch with the goal 
+* [URLhaus](https://urlhaus.abuse.ch/) - A project from abuse.ch with the goal
  of sharing malicious URLs that are being used for malware distribution.
 * [URLQuery](http://urlquery.net/) - Free URL Scanner.
 * [urlscan.io](https://urlscan.io/) - Free URL Scanner & domain information.
@ -431,6 +434,7 @@ the [browser malware](#browser-malware) section.*
  malware, featuring JScript/WScript support and ActiveX emulation.
 * [diStorm](http://www.ragestorm.net/distorm/) - Disassembler for analyzing
  malicious shellcode.
+* [InQuest Deep File Inspection](https://labs.inquest.net/dfi) - Upload common malware lures for Deep File Inspection and heuristical analysis.
 * [JS Beautifier](http://jsbeautifier.org/) - JavaScript unpacking and deobfuscation.
 * [JS Deobfuscator](http://www.kahusecurity.com/2015/new-javascript-deobfuscator-tool/) -
  Deobfuscate simple Javascript that use eval or document.write to conceal
@ -546,7 +550,7 @@ the [browser malware](#browser-malware) section.*
 * [GDB](http://www.sourceware.org/gdb/) - The GNU debugger.
 * [GEF](https://github.com/hugsy/gef) - GDB Enhanced Features, for exploiters
  and reverse engineers.
-* [Ghidra](https://github.com/NationalSecurityAgency/ghidra) - A software reverse engineering (SRE) framework created and       maintained by the National Security Agency Research Directorate. 
+* [Ghidra](https://github.com/NationalSecurityAgency/ghidra) - A software reverse engineering (SRE) framework created and       maintained by the National Security Agency Research Directorate.
 * [hackers-grep](https://github.com/codypierce/hackers-grep) - A utility to
  search for strings in PE executables including imports, exports, and debug
  symbols.
@ -646,8 +650,8 @@ the [browser malware](#browser-malware) section.*
  building a malware lab.
 * [Laika BOSS](https://github.com/lmco/laikaboss) - Laika BOSS is a file-centric
  malware analysis and intrusion detection system.
-* [Malcolm](https://github.com/idaholab/Malcolm) - Malcolm is a powerful, easily 
-  deployable network traffic analysis tool suite for full packet capture artifacts 
+* [Malcolm](https://github.com/idaholab/Malcolm) - Malcolm is a powerful, easily
+  deployable network traffic analysis tool suite for full packet capture artifacts
  (PCAP files) and Zeek logs.
 * [Malcom](https://github.com/tomchop/malcom) - Malware Communications
  Analyzer.
@ -773,7 +777,7 @@ the [browser malware](#browser-malware) section.*
 * [Learning Malware Analysis](https://www.packtpub.com/networking-and-servers/learning-malware-analysis) - Learning Malware Analysis: Explore the concepts, tools, and techniques to analuze and investigate Windows malware
 * [Malware Analyst's Cookbook and DVD](https://amzn.com/dp/0470613033) -
  Tools and Techniques for Fighting Malicious Code.
-* [Mastering Malware Analysis](https://www.packtpub.com/networking-and-servers/mastering-malware-analysis) - Mastering Malware Analysis: The complete malware analyst's guide to combating malicious software, APT, cybercime, and IoT attacks  
+* [Mastering Malware Analysis](https://www.packtpub.com/networking-and-servers/mastering-malware-analysis) - Mastering Malware Analysis: The complete malware analyst's guide to combating malicious software, APT, cybercime, and IoT attacks
 * [Mastering Reverse Engineering](https://www.packtpub.com/networking-and-servers/mastering-reverse-engineering) - Mastering Reverse Engineering: Re-engineer your ethical hacking skills
 * [Practical Malware Analysis](https://amzn.com/dp/1593272901) - The Hands-On
  Guide to Dissecting Malicious Software.