Added several new threatlists

Added several threatlists
2024-10-01 05:45:38 -04:00 · 2017-01-28 18:10:54 +08:00 · 2017-01-28 18:10:54 +08:00 · fd5268d03e
commit fd5268d03e
parent b7bd716c09
1 changed files with 40 additions and 0 deletions
--- a/README.md
+++ b/README.md
@ -59,6 +59,30 @@ A certain amount of (domain- or business-specific) analysis is necessary to crea
            Tracks several active botnets.
        </td>
    </tr>
+    <tr>
+        <td>
+            <a href="http://danger.rulez.sk/projects/bruteforceblocker/" target="_blank">BruteForceBlocker</a>
+        </td>
+        <td>
+            BruteForceBlocker is a perl script that monitors a server's sshd logs and identifies brute force attacks, which it then uses to automatically configure firewall blocking rules and submit those IPs back to the project site, <a href="http://danger.rulez.sk/projects/bruteforceblocker/blist.php">http://danger.rulez.sk/projects/bruteforceblocker/blist.php</a>.
+        </td>
+    </tr>    
+    <tr>
+        <td>
+            <a href="http://osint.bambenekconsulting.com/feeds/c2-ipmasterlist.txt" target="_blank">C&amp;C Tracker</a>
+        </td>
+        <td>
+            A feed of known, active and non-sinkholed C&amp;C IP addresses, from Bambenek Consulting.
+        </td>
+    </tr>
+    <tr>
+        <td>
+            <a href="http://cinsscore.com/list/ci-badguys.txt" target="_blank">CI Army List</a>
+        </td>
+        <td>
+        A subset of the commercial <a href="http://cinsscore.com/">CINS Score</a> list, focused on poorly rated IPs that are not currently present on other threatlists. 
+        </td>
+    </tr>    
    <tr>
        <td>
            <a href="http://s3-us-west-1.amazonaws.com/umbrella-static/index.html" target="_blank">Cisco Umbrella</a>
@ -187,6 +211,14 @@ A certain amount of (domain- or business-specific) analysis is necessary to crea
            The DNS-BH project creates and maintains a listing of domains that are known to be used to propagate malware and spyware. These can be used for detection as well as prevention (sinkholing DNS requests).
        </td>
    </tr>
+    <tr>
+        <td>
+            <a href="http://www.openbl.org/lists.html" target="_blank">OpenBL.org</a>
+        </td>
+        <td>
+            A feed of IP addresses found to be attempting brute-force logins on services such as SSH, FTP, IMAP and phpMyAdmin and other web applications. 
+        </td>
+    </tr>    
    <tr>
        <td>
            <a href="https://openphish.com/phishing_feeds.html" target="_blank">OpenPhish Feeds</a>
@ -229,6 +261,14 @@ A certain amount of (domain- or business-specific) analysis is necessary to crea
            A database of signatures used in other tools by Neo23x0.
        </td>
    </tr>
+    <tr>
+        <td>
+            <a href="https://www.spamhaus.org/" target="_blank">The Spamhaus project</a>
+        </td>
+        <td>
+            The Spamhaus Project contains multiple threatlists associated with spam and malware activity.
+        </td>
+    </tr>
    <tr>
        <td>
            <a href="https://sslbl.abuse.ch/" target="_blank">SSL Blacklist</a>