mirror of
https://github.com/hslatman/awesome-threat-intelligence.git
synced 2024-10-01 05:45:38 -04:00
Added several new threatlists
Added several threatlists
This commit is contained in:
parent
b7bd716c09
commit
fd5268d03e
40
README.md
40
README.md
@ -59,6 +59,30 @@ A certain amount of (domain- or business-specific) analysis is necessary to crea
|
|||||||
Tracks several active botnets.
|
Tracks several active botnets.
|
||||||
</td>
|
</td>
|
||||||
</tr>
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td>
|
||||||
|
<a href="http://danger.rulez.sk/projects/bruteforceblocker/" target="_blank">BruteForceBlocker</a>
|
||||||
|
</td>
|
||||||
|
<td>
|
||||||
|
BruteForceBlocker is a perl script that monitors a server's sshd logs and identifies brute force attacks, which it then uses to automatically configure firewall blocking rules and submit those IPs back to the project site, <a href="http://danger.rulez.sk/projects/bruteforceblocker/blist.php">http://danger.rulez.sk/projects/bruteforceblocker/blist.php</a>.
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td>
|
||||||
|
<a href="http://osint.bambenekconsulting.com/feeds/c2-ipmasterlist.txt" target="_blank">C&C Tracker</a>
|
||||||
|
</td>
|
||||||
|
<td>
|
||||||
|
A feed of known, active and non-sinkholed C&C IP addresses, from Bambenek Consulting.
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td>
|
||||||
|
<a href="http://cinsscore.com/list/ci-badguys.txt" target="_blank">CI Army List</a>
|
||||||
|
</td>
|
||||||
|
<td>
|
||||||
|
A subset of the commercial <a href="http://cinsscore.com/">CINS Score</a> list, focused on poorly rated IPs that are not currently present on other threatlists.
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
<tr>
|
<tr>
|
||||||
<td>
|
<td>
|
||||||
<a href="http://s3-us-west-1.amazonaws.com/umbrella-static/index.html" target="_blank">Cisco Umbrella</a>
|
<a href="http://s3-us-west-1.amazonaws.com/umbrella-static/index.html" target="_blank">Cisco Umbrella</a>
|
||||||
@ -187,6 +211,14 @@ A certain amount of (domain- or business-specific) analysis is necessary to crea
|
|||||||
The DNS-BH project creates and maintains a listing of domains that are known to be used to propagate malware and spyware. These can be used for detection as well as prevention (sinkholing DNS requests).
|
The DNS-BH project creates and maintains a listing of domains that are known to be used to propagate malware and spyware. These can be used for detection as well as prevention (sinkholing DNS requests).
|
||||||
</td>
|
</td>
|
||||||
</tr>
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td>
|
||||||
|
<a href="http://www.openbl.org/lists.html" target="_blank">OpenBL.org</a>
|
||||||
|
</td>
|
||||||
|
<td>
|
||||||
|
A feed of IP addresses found to be attempting brute-force logins on services such as SSH, FTP, IMAP and phpMyAdmin and other web applications.
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
<tr>
|
<tr>
|
||||||
<td>
|
<td>
|
||||||
<a href="https://openphish.com/phishing_feeds.html" target="_blank">OpenPhish Feeds</a>
|
<a href="https://openphish.com/phishing_feeds.html" target="_blank">OpenPhish Feeds</a>
|
||||||
@ -229,6 +261,14 @@ A certain amount of (domain- or business-specific) analysis is necessary to crea
|
|||||||
A database of signatures used in other tools by Neo23x0.
|
A database of signatures used in other tools by Neo23x0.
|
||||||
</td>
|
</td>
|
||||||
</tr>
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td>
|
||||||
|
<a href="https://www.spamhaus.org/" target="_blank">The Spamhaus project</a>
|
||||||
|
</td>
|
||||||
|
<td>
|
||||||
|
The Spamhaus Project contains multiple threatlists associated with spam and malware activity.
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
<tr>
|
<tr>
|
||||||
<td>
|
<td>
|
||||||
<a href="https://sslbl.abuse.ch/" target="_blank">SSL Blacklist</a>
|
<a href="https://sslbl.abuse.ch/" target="_blank">SSL Blacklist</a>
|
||||||
|
Loading…
Reference in New Issue
Block a user