botvrij.eu
Freely available network IOCs Monitor your network and raise IDS alerts for suspicious network behavior. Incident Response Use the file hashes for conducting an in-depth incident response investigation. The botvrij.eu data IOCs Botvrij.eu provides different sets of open source IOCs that you can use in your security devices to detect possible malicious activity. The information contains network info (IPs), file hashes, file paths, domain names, URLs. Datasource All the data is gathered via open source information feeds (blog pages and PDF documents) and then consolidated into different datasets. To ensure the quality of the data all entries older than approx. 6 months are removed. MISP MISP is used as a back-end for storing the threat information. The information is added to MISP via ioc-parser, extracted from MISP with PyMISP and formatted with a set of custom Python scripts. This feed is also integrated as an OSINT feed within MISP. It is free! The data is free (obviously, the source of the data is also free). Use the data at your own risk. This project only makes the data easy accessible. It is up to you to decide where and how you want to use it. Content The datasets are available in two formats ioclist.<TYPE> ioclist.<TYPE>.md5 ioclist.<TYPE>.raw ioclist.<TYPE>.raw.md5 The content of both datasets is identical. The .raw contains the
FEATURES
ALTERNATIVES
Maldatabase is a threat intelligence platform providing malware datasets and threat intelligence feeds for malware data science and threat intelligence.
A library of adversary emulation plans to evaluate defensive capabilities against real-world threats.
Provides advanced external threat intelligence to help organizations proactively identify and mitigate potential security threats.
Bearded Avenger is a cybersecurity tool with various integrations and deployment instructions available.
ONYPHE is a cyber defense search engine that discovers exposed assets and provides real-time monitoring to identify vulnerabilities and potential risks.
Aggregator of FireHOL IP lists with HTTP-based API service and Python client package.
A threat hunting tool for Windows event logs to detect APT movements and decrease the time to uncover suspicious activity.
Sample detection rules and dashboards for Google Security Operations
PINNED
Fabric Platform by BlackStork
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Mandos Brief Newsletter
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.