From 95bfb6269a3ba9ac22d4c733384eb972b2de9f68 Mon Sep 17 00:00:00 2001
From: Herman Slatman <hermanslatman@hotmail.com>
Date: Thu, 28 Jan 2016 18:13:03 +0100
Subject: [PATCH 1/3] PhishTank added

---
 README.md | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 9cab364..6c66902 100644
--- a/README.md
+++ b/README.md
@@ -74,7 +74,15 @@ A certain amount of (domain- or business-specific) analysis is necessary to crea
         <td>Conf
             OpenPhish receives URLs from multiple streams and analyzes them using its proprietary phishing detection algorithms. There are free and commercial offerings available.
         </td> 
-    </tr>     
+    </tr>
+    <tr>
+        <td>
+            <a href="https://www.phishtank.com/developer_info.php" target="_blank">PhishTank</a>
+        </td>
+        <td>Conf
+            PhishTank delivers a list of suspected phishing URLs. Their data comes from human reports, but they also ingest external feeds where possible. It's a free service, but registering for an API key is sometimes necessary.
+        </td> 
+    </tr>      
 </table>
 
 ## Formats

From 9062c15c17691ebc29b1f0b740a5b992b1b434bb Mon Sep 17 00:00:00 2001
From: Herman Slatman <hermanslatman@hotmail.com>
Date: Thu, 28 Jan 2016 18:16:29 +0100
Subject: [PATCH 2/3] SSL Blacklist by Abuse.ch added

---
 README.md | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 6c66902..fb3df67 100644
--- a/README.md
+++ b/README.md
@@ -82,7 +82,15 @@ A certain amount of (domain- or business-specific) analysis is necessary to crea
         <td>Conf
             PhishTank delivers a list of suspected phishing URLs. Their data comes from human reports, but they also ingest external feeds where possible. It's a free service, but registering for an API key is sometimes necessary.
         </td> 
-    </tr>      
+    </tr>
+    <tr>
+        <td>
+            <a href="https://sslbl.abuse.ch/" target="_blank">SSL Blacklist</a>
+        </td>
+        <td>
+            SSL Blacklist (SSLBL) is a project maintained by abuse.ch. The goal is to provide a list of "bad" SSL certificates identified by abuse.ch to be associated with malware or botnet activities. SSLBL relies on SHA1 fingerprints of malicious SSL certificates and offers various blacklists
+        </td> 
+    </tr>    
 </table>
 
 ## Formats

From 8f8e483d7e635a81a672df21db5688e2d1912340 Mon Sep 17 00:00:00 2001
From: Herman Slatman <hermanslatman@hotmail.com>
Date: Thu, 28 Jan 2016 18:20:08 +0100
Subject: [PATCH 3/3] HailATAXII.com added

---
 README.md | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/README.md b/README.md
index fb3df67..ec5f2f1 100644
--- a/README.md
+++ b/README.md
@@ -51,6 +51,14 @@ A certain amount of (domain- or business-specific) analysis is necessary to crea
             A collection of Snort and Suricata <i>rules</i> files that can be used for alerting or blocking.
         </td>
     </tr>
+    <tr>
+        <td>
+            <a href="http://hailataxii.com/" target="_blank">Hail a TAXII</a>
+        </td>
+        <td>
+            Hail a TAXII.com is a repository of Open Source Cyber Threat Intellegence feeds in STIX format. They offer several feeds, including some that are listed here already in a different format, like the Emerging Threats rules and PhishTank feeds. 
+        </td>
+    </tr>
     <tr>
         <td>
             <a href="https://www.iblocklist.com/lists" target="_blank">I-Blocklist</a>