diff --git a/README.md b/README.md
index 0ac6981..71402ee 100644
--- a/README.md
+++ b/README.md
@@ -59,6 +59,30 @@ A certain amount of (domain- or business-specific) analysis is necessary to crea
Tracks several active botnets.
+
+ |
+ BruteForceBlocker
+ |
+
+ BruteForceBlocker is a perl script that monitors a server's sshd logs and identifies brute force attacks, which it then uses to automatically configure firewall blocking rules and submit those IPs back to the project site, http://danger.rulez.sk/projects/bruteforceblocker/blist.php.
+ |
+
+
+ |
+ C&C Tracker
+ |
+
+ A feed of known, active and non-sinkholed C&C IP addresses, from Bambenek Consulting.
+ |
+
+
+ |
+ CI Army List
+ |
+
+ A subset of the commercial CINS Score list, focused on poorly rated IPs that are not currently present on other threatlists.
+ |
+
|
Cisco Umbrella
@@ -187,6 +211,14 @@ A certain amount of (domain- or business-specific) analysis is necessary to crea
The DNS-BH project creates and maintains a listing of domains that are known to be used to propagate malware and spyware. These can be used for detection as well as prevention (sinkholing DNS requests).
|
+
+ |
+ OpenBL.org
+ |
+
+ A feed of IP addresses found to be attempting brute-force logins on services such as SSH, FTP, IMAP and phpMyAdmin and other web applications.
+ |
+
|
OpenPhish Feeds
@@ -229,6 +261,14 @@ A certain amount of (domain- or business-specific) analysis is necessary to crea
A database of signatures used in other tools by Neo23x0.
|
+
+ |
+ The Spamhaus project
+ |
+
+ The Spamhaus Project contains multiple threatlists associated with spam and malware activity.
+ |
+
|
SSL Blacklist
|