forked from certtools/intelmq
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
* This commit changes most of the markdown files from the user documentation to restructured text * The autogen.py module was updated to write rst format for the Feeds file * Some of the content was refactored: some of the instroduction was moved to the index page of the documentation. The User-Guide was renamed to 'Configuration and Management'. * The user related guides are now in the subdirectory `user`, the development related content is in the subdirectory `dev` * The architecture document and the autogenerated harmonization field document are still markdown Closes certtools#1636
Birger Schacht
committed
Oct 29, 2020
1 parent
5cec1d8
commit 2910dc1
Showing
34 changed files
with
3,403 additions
and
3,730 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
File renamed without changes
File renamed without changes
File renamed without changes.
File renamed without changes
File renamed without changes
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
File renamed without changes.
Large diffs are not rendered by default.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,82 @@ | ||
############### | ||
Feeds whishlist | ||
############### | ||
|
||
This is a list with various feeds, which are either currently not supported or the usage is not clearly documented in IntelMQ. | ||
|
||
If you want to **contribute** documenting how to configure existing bots in order to collect new feeds or by creating new parsers, here is a list of potentially interesting feeds. | ||
See `Feeds documentation <Developers-Guide.md#feeds-documentation>`_ for more information on this. | ||
|
||
This list evolved from the issue `Contribute: Feeds List (#384) <https://github.com/certtools/intelmq/issues/384>`_. | ||
|
||
- A list of feeds | ||
- `threatfeeds.io <https://threatfeeds.io>`_ | ||
- `TheCyberThreat <http://thecyberthreat.com/cyber-threat-intelligence-feeds/>`_ | ||
|
||
- Some third party intelmq bots: `NRDCS' IntelMQ fork <https://github.com/NRDCS/intelmq/tree/certlt/intelmq/bots>`_ | ||
|
||
- List of potentially interesting data sources: | ||
- `Abuse.ch SSL Blacklists <https://sslbl.abuse.ch/blacklist/>`_ | ||
- `Adblock Plus Malwaredomains <https://easylist-msie.adblockplus.org/malwaredomains_full.tpl>`_ | ||
- `apivoid IP Reputation API <https://www.apivoid.com/api/ip-reputation/>`_ | ||
- `APWG's ecrimex <https://www.ecrimex.net>`_ | ||
- `Bad IPs <https://www.badips.com>`_ | ||
- `Berkeley <https://security.berkeley.edu/aggressive_ips/ips>`_ | ||
- `Binary Defense <https://www.binarydefense.com/>`_ | ||
- `Bot Invaders Realtime tracker <http://www.marc-blanchard.com/BotInvaders/index.php>`_ | ||
- `Botscout Last Caught <http://botscout.com/last_caught_cache.htm>`_ | ||
- `Carbon Black Feeds <https://github.com/carbonblack/cbfeeds>`_ | ||
- `CERT.pl Phishing Warning List <http://hole.cert.pl/domains/>`_ | ||
- `Chaos Reigns <http://www.chaosreigns.com/spam/>`_ | ||
- `Critical Stack <https://intel.criticalstack.com>`_ | ||
- `Cruzit <http://www.cruzit.com/xwbl2txt.php>`_ | ||
- `Cyber Crime Tracker <http://cybercrime-tracker.net/all.php>`_ | ||
- `DNS DB API <https://api.dnsdb.info>`_ | ||
- `Dyn DNS <http://security-research.dyndns.org/pub/>`_ | ||
- `Facebook Threat Exchange <https://developers.facebook.com/docs/threat-exchange>`_ | ||
- `FilterLists <https://filterlists.com>`_ | ||
- `Firehol IPLists <https://iplists.firehol.org/>`_ | ||
- `Google Webmaster Alerts <https://www.google.com/webmasters/>`_ | ||
- `GPF Comics DNS Blacklist <https://www.gpf-comics.com/dnsbl/export.php>`_ | ||
- `Greensnow <https://blocklist.greensnow.co/greensnow.txt>`_ | ||
- `HP Feeds <https://github.com/rep/hpfeeds>`_ | ||
- `IBM X-Force Exchange <https://exchange.xforce.ibmcloud.com/>`_ | ||
- `ISC SANS <https://isc.sans.edu/ipsascii.html>`_ | ||
- `ISightPartners <http://www.isightpartners.com/>`_ | ||
- `Joewein <http://www.joewein.net>`_ | ||
- `Malshare <https://malshare.com/>`_ | ||
- `Malware Config <http://malwareconfig.com>`_ | ||
- `Malware DB (cert.pl) <https://mwdb.cert.pl/>`_ | ||
- `MalwareDomainList <http://www.malwaredomainlist.com/zeuscsv.php>`_ | ||
- `MalwareDomains <http://www.malwaredomainlist.com/hostslist/yesterday_urls.php>`_ | ||
- `MalwareInt <http://malwareint.com>`_ | ||
- `Manity Spam IP addresses <http://www.dnsbl.manitu.net/download/nixspam-ip.dump.gz>`_ | ||
- `Marc Blanchard DGA Domains <http://www.marc-blanchard.com/BotInvaders/index.php>`_ | ||
- `MaxMind Proxies <https://www.maxmind.com/en/anonymous_proxies>`_ | ||
- `mIRC Servers <http://www.mirc.com/servers.ini>`_ | ||
- `Monzymerza <https://github.com/monzymerza/parthenon>`_ | ||
- `Multiproxy <http://multiproxy.org/txt_all/proxy.txt>`_ | ||
- `MVPS <http://mvps.org>`_ | ||
- `Null Secure <http://nullsecure.org>`_ | ||
- `OpenBugBounty <https://www.openbugbounty.org/>`_ | ||
- `Payload Security <http://payload-security.com>`_ | ||
- `Project Honeypot (#284) <http://www.projecthoneypot.org/list_of_ips.php?rss=1>`_ | ||
- `ShadowServer Sandbox API <http://www.shadowserver.org/wiki/pmwiki.php/Services/Sandboxapi>`_ | ||
- `Shodan search API <https://shodan.readthedocs.io/en/latest/tutorial.html#searching-shodan>`_ | ||
- `Snort <http://labs.snort.org/feeds/ip-filter.blf>`_ | ||
- `Spamhaus BGP feed (BGPf) <https://www.spamhaus.org/bgpf/>`_ | ||
- `SteveBlack Hosts File <https://github.com/StevenBlack/hosts>`_ | ||
- `TheCyberThreat <http://thecyberthreat.com/cyber-threat-intelligence-feeds/>`_ | ||
- `The Haleys <http://charles.the-haleys.org/ssh_dico_attack_hdeny_format.php/hostsdeny.txt>`_ | ||
- `Threat Crowd <https://www.threatcrowd.org/feeds/hashes.txt>`_ | ||
- `Threat Grid <http://www.threatgrid.com/>`_ | ||
- `Threatstream <https://ui.threatstream.com/>`_ | ||
- `TOR Project Exit addresses <https://check.torproject.org/exit-addresses>`_ | ||
- `TotalHash <http://totalhash.com>`_ | ||
- `UCE Protect <http://wget-mirrors.uceprotect.net/>`_ | ||
- `URI BL <http://rss.uribl.com/index.shtml>`_ | ||
- `Virustotal <https://www.virustotal.com/gui/home/search>`_ | ||
- `virustream <https://github.com/ntddk/virustream>`_ | ||
- `VoIP Blacklist <http://www.voipbl.org/update/>`_ | ||
- `Wordpress Callback Domains <http://callbackdomains.wordpress.com>`_ | ||
- `YourCMC <http://vmx.yourcmc.ru/BAD_HOSTS.IP4>`_ |
Oops, something went wrong.