Merge pull request #5 from hslatman/hs_20160128

PhishTank, SSL Blacklist and HailATAXII.com added
2025-01-19 01:38:50 +00:00 · 2016-01-28 18:23:26 +01:00 · 2016-01-28 18:23:26 +01:00 · 5aa55d927a
commit 5aa55d927a
parent a2b4c4bcca 8f8e483d7e
1 changed files with 25 additions and 1 deletions
--- a/README.md
+++ b/README.md
@ -51,6 +51,14 @@ A certain amount of (domain- or business-specific) analysis is necessary to crea
            A collection of Snort and Suricata <i>rules</i> files that can be used for alerting or blocking.
        </td>
    </tr>
+    <tr>
+        <td>
+            <a href="http://hailataxii.com/" target="_blank">Hail a TAXII</a>
+        </td>
+        <td>
+            Hail a TAXII.com is a repository of Open Source Cyber Threat Intellegence feeds in STIX format. They offer several feeds, including some that are listed here already in a different format, like the Emerging Threats rules and PhishTank feeds. 
+        </td>
+    </tr>
    <tr>
        <td>
            <a href="https://www.iblocklist.com/lists" target="_blank">I-Blocklist</a>
@ -74,7 +82,23 @@ A certain amount of (domain- or business-specific) analysis is necessary to crea
        <td>Conf
            OpenPhish receives URLs from multiple streams and analyzes them using its proprietary phishing detection algorithms. There are free and commercial offerings available.
        </td> 
-    </tr>     
+    </tr>
+    <tr>
+        <td>
+            <a href="https://www.phishtank.com/developer_info.php" target="_blank">PhishTank</a>
+        </td>
+        <td>Conf
+            PhishTank delivers a list of suspected phishing URLs. Their data comes from human reports, but they also ingest external feeds where possible. It's a free service, but registering for an API key is sometimes necessary.
+        </td> 
+    </tr>
+    <tr>
+        <td>
+            <a href="https://sslbl.abuse.ch/" target="_blank">SSL Blacklist</a>
+        </td>
+        <td>
+            SSL Blacklist (SSLBL) is a project maintained by abuse.ch. The goal is to provide a list of "bad" SSL certificates identified by abuse.ch to be associated with malware or botnet activities. SSLBL relies on SHA1 fingerprints of malicious SSL certificates and offers various blacklists
+        </td> 
+    </tr>    
 </table>

 ## Formats