diff --git a/README.md b/README.md
index 9cab364..ec5f2f1 100644
--- a/README.md
+++ b/README.md
@@ -51,6 +51,14 @@ A certain amount of (domain- or business-specific) analysis is necessary to crea
A collection of Snort and Suricata rules files that can be used for alerting or blocking.
+
+ |
+ Hail a TAXII
+ |
+
+ Hail a TAXII.com is a repository of Open Source Cyber Threat Intellegence feeds in STIX format. They offer several feeds, including some that are listed here already in a different format, like the Emerging Threats rules and PhishTank feeds.
+ |
+
|
I-Blocklist
@@ -74,7 +82,23 @@ A certain amount of (domain- or business-specific) analysis is necessary to crea
| Conf
OpenPhish receives URLs from multiple streams and analyzes them using its proprietary phishing detection algorithms. There are free and commercial offerings available.
|
-
+
+
+ |
+ PhishTank
+ |
+ Conf
+ PhishTank delivers a list of suspected phishing URLs. Their data comes from human reports, but they also ingest external feeds where possible. It's a free service, but registering for an API key is sometimes necessary.
+ |
+
+
+ |
+ SSL Blacklist
+ |
+
+ SSL Blacklist (SSLBL) is a project maintained by abuse.ch. The goal is to provide a list of "bad" SSL certificates identified by abuse.ch to be associated with malware or botnet activities. SSLBL relies on SHA1 fingerprints of malicious SSL certificates and offers various blacklists
+ |
+
## Formats