Sunday, December 4, 2016

Threat Intelligence

UPDATE: Just added a new tab for CTF, Challenges and Sample Image Files, check it out!
I am really looking forward to sharing a new post with the community! 

I revamped my older "Links I Follow" spreadsheet and added a repository of Threat Intelligence portals, Hunt tactics and more malware links.  The new spreadsheet has tabs, so don't miss all three tabs. The "Research" tab has my old "Links I Follow" spreadsheet, with anything new in bold.  A good portion of the entries are free or open source, but if you like something you see and the author asks for a small donation, remember it's nice to give back if you are able.

Some time ago my "IR A-Z" paper was warmly welcomed, as was my list of tools that I shared.  I've since found a whole bunch more tools, but my new list doesn't have very many tools in it, instead I decided to focus my energy on answering a question I received from a former co-worker as well as from some of the listserv's I follow.  A few weeks back a good friend texted me, "Do you happen to have a list of blog intel stuff, API feeds, or anything that reports on current malware or phishing?"  Well, turns out I did, but it seems now that I follow Twitter, I come across so much incredible intel every day, that all I have time to do is copy the URL and move on!  I'd had links and links and links that I had saved but not taken the time to add to my spreadsheet!  But I knew, that in order to help my friend, I needed to sit down and take some time to cull through my pile of information and organize some of it.  There's tons more, but it's an infinite process, which at some point I just have to cut my losses and say, here's all I have time to record.

So that's what this post is about.  It's not meant to be an exhaustive directory by any means, and trust me, I've labored over how to categorize things, where to place them in the list, and eventually just ran out of time. So you might find some malware research under Threat Intelligence or some Hunt stuff under Tools, etc.  I did the best I could with the little bit of free time that I had, so please know that the list is far from perfect, but hopefully it will be helpful to the community.