ch0ic3/awesome-threat-intelligence
1
0
Fork 0
mirror of https://github.com/hslatman/awesome-threat-intelligence.git synced 2024-12-19 19:06:14 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge pull request #244 from hslatman/herman/some-cleanup-20221011

Browse Source 
Cleanup 2022-10-11
This commit is contained in:
Herman Slatman 2022-10-11 00:27:25 +02:00 committed by GitHub
commit c310c3540e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 6 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
README.md
View File

@ -88,7 +88,7 @@ A certain amount of (domain- or business-specific) analysis is necessary to crea
<a href="http://osint.bambenekconsulting.com/feeds/c2-ipmasterlist.txt" target="_blank">C&amp;C Tracker</a> <a href="http://osint.bambenekconsulting.com/feeds/c2-ipmasterlist.txt" target="_blank">C&amp;C Tracker</a>
</td> </td>
<td> <td>
A feed of known, active and non-sinkholed C&amp;C IP addresses, from Bambenek Consulting. A feed of known, active and non-sinkholed C&amp;C IP addresses, from Bambenek Consulting. Requires license for commercial use.
</td> </td>
</tr> </tr>
<tr> <tr>
@ -189,7 +189,7 @@ A certain amount of (domain- or business-specific) analysis is necessary to crea
</tr> </tr>
<tr> <tr>
<td> <td>
<a href="https://dnstrails.com/">DNSTrails</a> <a href="https://securitytrails.com/dns-trails">DNS Trails</a>
</td> </td>
<td> <td>
Free intelligence source for current and historical DNS information, WHOIS information, finding other websites associated with certain IPs, subdomain knowledge and technologies. There is a <a href="https://securitytrails.com/">IP and domain intelligence API available</a> as well. Free intelligence source for current and historical DNS information, WHOIS information, finding other websites associated with certain IPs, subdomain knowledge and technologies. There is a <a href="https://securitytrails.com/">IP and domain intelligence API available</a> as well.
@ -674,14 +674,6 @@ The primary goal of Malpedia is to provide a resource for rapid identification a
An open source repository with different Yara signatures that are compiled, classified and kept as up to date as possible. An open source repository with different Yara signatures that are compiled, classified and kept as up to date as possible.
</td> </td>
</tr> </tr>
<tr>
<td>
<a href="https://zeustracker.abuse.ch/" target="_blank">ZeuS Tracker</a>
</td>
<td>
The ZeuS Tracker by <a href="https://abuse.ch/" target="_blank">abuse.ch</a> tracks ZeuS Command & Control servers (hosts) around the world and provides you a domain- and a IP-blocklist.
</td>
</tr>
<tr> <tr>
<td> <td>
<a href="https://IOCFeed.mrlooquer.com/" target="_blank">1st Dual Stack Threat Feed by MrLooquer</a> <a href="https://IOCFeed.mrlooquer.com/" target="_blank">1st Dual Stack Threat Feed by MrLooquer</a>
@ -766,7 +758,7 @@ Standardized formats for sharing Threat Intelligence (mostly IOCs).
<a href="http://veriscommunity.net/index.html" target="_blank">VERIS</a> <a href="http://veriscommunity.net/index.html" target="_blank">VERIS</a>
</td> </td>
<td> <td>
The Vocabulary for Event Recording and Incident Sharing (VERIS) is a set of metrics designed to provide a common language for describing security incidents in a structured and repeatable manner. VERIS is a response to one of the most critical and persistent challenges in the security industry - a lack of quality information. In addition to providing a structured format, VERIS also collects data from the community to report on breaches in the Verizon Data Breach Investigations Report (<a target="_blank" href="http://www.verizonenterprise.com/verizon-insights-lab/dbir/">DBIR</a>) and publishes this database online at <a target="_blank" href="http://vcdb.org/index.html">VCDB.org</a>. The Vocabulary for Event Recording and Incident Sharing (VERIS) is a set of metrics designed to provide a common language for describing security incidents in a structured and repeatable manner. VERIS is a response to one of the most critical and persistent challenges in the security industry - a lack of quality information. In addition to providing a structured format, VERIS also collects data from the community to report on breaches in the Verizon Data Breach Investigations Report (<a target="_blank" href="http://www.verizonenterprise.com/verizon-insights-lab/dbir/">DBIR</a>) and publishes this database online in a GitHub <a target="_blank" href="https://github.com/vz-risk/VCDB">repository.org</a>.
</td> </td>
</tr> </tr>
</table> </table>
@ -1018,14 +1010,6 @@ Frameworks, platforms and services for collecting, analyzing, creating and shari
Scumblr helps you streamline proactive security through an intelligent automation framework to help you identify, track, and resolve security issues faster. Scumblr helps you streamline proactive security through an intelligent automation framework to help you identify, track, and resolve security issues faster.
</td> </td>
</tr> </tr>
<tr>
<td>
<a href="https://www.celerium.com/automate" target="_blank">Soltra</a>
</td>
<td>
Soltra supports a community defense model that is highly interoperable and extensible. It is built with industry standards supported out of the box, including STIX (up to 2.1) and TAXII.
</td>
</tr>
<tr> <tr>
<td> <td>
<a href="https://www.anomali.com/platform/staxx" target="_blank">STAXX (Anomali)</a> <a href="https://www.anomali.com/platform/staxx" target="_blank">STAXX (Anomali)</a>
@ -1138,10 +1122,10 @@ All kinds of tools for parsing, creating and editing Threat Intelligence. Mostly
<table> <table>
<tr> <tr>
<td> <td>
<a href="https://actortrackr.com/" target="_blank">ActorTrackr</a> <a href="https://github.com/jalewis/actortrackr" target="_blank">ActorTrackr</a>
</td> </td>
<td> <td>
ActorTrackr is an open source web application for storing/searching/linking actor related data. The primary sources are from users and various public repositories. Source available on <a href="https://github.com/dougiep16/actortrackr" target="_blank">GitHub</a>. ActorTrackr is an open source web application for storing/searching/linking actor related data. The primary sources are from users and various public repositories. Source available on <a href="https://github.com/jalewis/actortrackr" target="_blank">GitHub</a>.
</td> </td>
</tr> </tr>
<tr> <tr>
@ -1733,7 +1717,7 @@ All kinds of reading material about Threat Intelligence. Includes (scientific) r
</tr> </tr>
<tr> <tr>
<td> <td>
<a href="https://attack.mitre.org/wiki/Main_Page" target="_blank">ATT&CK</a> <a href="https://attack.mitre.org/" target="_blank">ATT&CK</a>
</td> </td>
<td> <td>
Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK™) is a model and framework for describing the actions an adversary may take while operating within an enterprise network. ATT&CK is a constantly growing common reference for post-access techniques that brings greater awareness of what actions may be seen during a network intrusion. MITRE is actively working on integrating with related construct, such as CAPEC, STIX and MAEC. Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK™) is a model and framework for describing the actions an adversary may take while operating within an enterprise network. ATT&CK is a constantly growing common reference for post-access techniques that brings greater awareness of what actions may be seen during a network intrusion. MITRE is actively working on integrating with related construct, such as CAPEC, STIX and MAEC.