[ { "name": "Common Vulnerabilities and Exposures (CVE)" , "url": "https://cve.mitre.org/cve/" , "location": "ex" , "type": "web" , "description": "CVE International in scope and free for public use, CVE is a dictionary of publicly known information security vulnerabilities and exposures. CVE's common identifiers enable data exchange between security products and provide a baseline index point for evaluating coverage of tools and services." , "tags": ["vulnerability database"] , "investigating": "ORNL" , "nodes": ["vulnerability"] , "category": "vulnerabilities" , "priority": "done" }, { "name": "Metasploit" , "url": "https://github.com/stucco/exogenous-data-ms" , "location": "ex" , "type": "file" , "description": "Table of metasploit modules info" , "tags": ["exploits"] , "investigating": "ORNL" , "nodes": ["vulnerability","malware"] , "category": "malware" , "priority": "done" }, { "name": "Exploit DB" , "url": "http://www.exploit-db.com/" , "location": "ex" , "type": "web" , "description": "'An ultimate archive of exploits and vulnerable software.' Includes downloadable archive, and RSS feed." , "tags": ["exploits"] , "nodes": ["vulnerability","malware"] , "category": "malware" , "priority": "medium" }, { "name": "National Vulnerability Database" , "url": "https://nvd.nist.gov/home.cfm" , "location": "ex" , "type": "web" , "description": "NVD is the U.S. government repository of standards based vulnerability management data represented using the Security Content Automation Protocol (SCAP). This data enables automation of vulnerability management, security measurement, and compliance. NVD includes databases of security checklists, security related software flaws, misconfigurations, product names, and impact metrics. " , "tags": ["vulnerability database"] , "investigating": "ORNL" , "nodes": ["vulnerability"] , "category": "vulnerabilities" , "priority": "done" }, { "name": "World Laboratory of Bugtraq 2" , "url": "http://cxsecurity.com" , "location": "ex" , "type": "web" , "description": "World Laboratory of Bugtraq 2 is a huge collection of information on data communications safety. Its main objective is to inform about errors in various applications." , "tags": ["vulnerabilities","malware","exploits"] , "nodes": ["vulnerability","malware"] , "category": "vulnerabilities" , "priority": "low" }, { "name": "Open Source Vulnerability Database" , "url": "http://www.osvdb.org/" , "location": "ex" , "type": "web" , "description": "OSVDB's goal is to provide accurate, detailed, current, and unbiased technical security information. Website has a twitter feed, news feed, top viewed vulnerabilites feed, top blogged vulnerabilities feed." , "tags": ["vulnerability database"] , "investigating": "ORNL" , "nodes": ["vulnerability"] , "category": "vulnerabilities" , "priority": "low" }, { "name": "CVE Details" , "url": "http://cvedetails.com/" , "location": "ex" , "type": "web" , "description": "Easy to use web interface to CVE vulnerability data. You can browse for vendors, products and versions and view cve entries, vulnerabilities, related to them. You can view statistics about vendors, products and versions of products. CVE details are displayed in a single, easy to use page, see a sample nicely outlines CVSS score and components of it (I think CVSS seems useless) products affected, by type (for example, application), vendor, product, version, … related metasploit modules. It links to tweets about this vulnerability! searches twitter for it I think… similarly for youtube and google. can generate a customized rss feed." , "tags": ["vulnerability database"] , "nodes": ["vulnerability"] , "category": "vulnerabilities" , "priority": "low" }, { "name":"Secunia Database" , "url": "http://secunia.com/community/advisories/historic/" , "location": "ex" , "type":"web" , "description":"Database of security advisories updated daily, given an id number, release date, comments, a popularity score, criticality level, etc... Also has CVE references. " , "tags": ["vulnerability database"] , "nodes": ["vulnerability"] , "category": "vulnerabilities" , "priority": "low" }, { "name":"Vulnerability Notes Database" , "url": "http://www.kb.cert.org/vuls/" , "location": "ex" , "type":"web" , "description":"High level (coarser) vulnerability database. For example, many CVE entries are rolled into one entry here" , "tags": ["vulnerability database"] , "nodes": ["vulnerability"] , "category": "vulnerabilities" , "priority": "low" }, { "name": "NVD CVE Updates" , "url": "https://nvd.nist.gov/download/nvd-rss.xml" , "location": "ex" , "type": "RSS" , "info": "https://nvd.nist.gov/download.cfm" , "description": "This feed provides information on all recent CVE vulnerabilities. The advantage is that you learn about new CVE vulnerabilities as soon as possible. " , "tags": ["vulnerability list"] , "nodes": ["vulnerability"], "category": "vulnerabilities" , "priority": "low" }, { "name": "NVD CVE Analyzed Updates" , "url": "https://nvd.nist.gov/download/nvd-rss-analyzed.xml" , "location": "ex" , "type": "RSS" , "info": "https://nvd.nist.gov/download.cfm" , "description": "This feed provides only fully analyzed CVE vulnerabilities. The advantage is that we are able to provide vulnerable product names in the title. " , "tags": ["vulnerability list"] , "nodes": ["vulnerability"] , "category": "vulnerabilities" , "priority": "low" }, { "name": "NVD Official Vendor Statements on CVE Vulnerabilities" , "url": "https://nvd.nist.gov/download/vendorstatements.xml" , "location": "ex" , "type": "RSS" , "info": "https://nvd.nist.gov/download.cfm" , "description": "NVD provides a service whereby software development organizations can submit Official Vendor Statements on the set of CVE vulnerabilities that apply to their products. " , "tags": ["vulnerability list"] , "nodes": ["vulnerability"] , "category": "vulnerabilities" , "priority": "low" }, { "name":"Risk Database" , "url": "https://db.risk.io" , "location": "ex" , "type":"web" , "description":"RiskDB is a free, centralized, and open repository of security vulnerabilities sourced from vulnerability databases. It provides up-to-the-minute information on security-related software flaws, misconfigurations, vulnerabilities, and threat advisories. This data can be used for vulnerability remediation and compliance." , "tags": ["vulnerabilities"] , "nodes": ["vulnerability"] , "category": "vulnerabilities" , "priority": "low" }, { "name": "Security Tracker" , "url": "http://securitytracker.com/" , "location": "ex" , "type": "web" , "description": "an entry has CVE links, versions affected, descriptions, impact, solution, vendor URL, cause, and OS's affected" , "tags": ["vulnerabilities list"] , "nodes": [] , "category": "vulnerabilities" , "priority": "low" }, { "name": "SecurityFocus" , "url": "http://www.securityfocus.com/vulnerabilities" , "location": "ex" , "type": "web" , "description": "Bugtraq vulnerability list from Symantec. Associated email archives: http://www.securityfocus.com/archive/1" , "tags": ["vulnerability list"] , "nodes": ["vulnerability"] , "category": "vulnerabilities" , "priority": "pending" }, { "name": "US-CERT National Cyber Awareness System Alerts" , "url": "https://www.us-cert.gov/channels/techalerts.atom" , "location": "ex" , "type": "Atom" , "info": "https://www.us-cert.gov/cas/techalerts/" , "description": "Alerts warn about vulnerabilities, incidents, and other security issues that pose a significant risk." , "tags": ["vulnerability list", "general threats and alerts"] , "nodes": ["vulnerability"] , "category": "vulnerabilities" , "priority": "low" }, { "name": "US-CERT National Cyber Awareness System Bulletins" , "url": "https://www.us-cert.gov/channels/bulletins.atom" , "location": "ex" , "type": "Atom" , "info": "https://www.us-cert.gov/cas/bulletins/" , "description": "Bulletins provide weekly summaries of new vulnerabilities. Patch information is provided when available." , "tags": ["vulnerability list"] , "nodes": ["vulnerability"] , "category": "vulnerabilities" , "priority": "low" }, { "name": "US-CERT National Cyber Awareness System Current Activity" , "url": "https://www.us-cert.gov/channels/current.atom" , "location": "ex" , "type": "Atom" , "info": "https://www.us-cert.gov/current/" , "description": "Current Activity provides timely information on security risks to help you better protect your systems from malware campaigns and mitigate against new software vulnerabilities." , "tags": ["vulnerability list", "risks", "general threats and alerts"] , "nodes": ["vulnerability"] , "category": "vulnerabilities" , "priority": "low" }, { "name": "Symantec List of Advisories" , "url": "https://www.symantec.com/xml/rss/listings.jsp?lid=advisories" , "location": "ex" , "type": "RSS" , "info": "https://www.symantec.com/security_response/landing/vulnerabilities.jsp" , "description": "list of vulnerabilities" , "tags": ["vulnerability list"] , "nodes": ["vulnerability"] , "category": "vulnerabilities" , "priority": "low" }, { "name": "Xforce" , "url": "http://xforce.iss.net/" , "location": "ex" , "type": "web" , "description": "IT services from IBM" , "tags": ["vulnerability database"] , "nodes": ["vulnerability"] , "category": "vulnerabilities" , "priority": "low" }, { "name": "Sohphos Virus Alerts" , "location": "ex" , "url": "http://www.sophos.com/en-us/rss/threats/latest-viruses.xml" , "type": "RSS" , "description": "The lates virus alerts published by Sophos." , "tags": ["malware"] , "nodes": [] , "category": "malware" , "priority": "pending" }, { "name": "Sophos Latest suspicious behavior and file alerts" , "url": "http://www.sophos.com/en-us/rss/threats/latest-suspicious-files.xml" , "location": "ex" , "type": "RSS" , "info": "http://www.sophos.com/en-us/threat-center/threat-analyses/suspicious-behavior-and-files.aspx" , "description": "Files that are already executing and behaving questionably are detected as suspicious behavior, while files that look untrustworthy before they execute are detected as suspicious files. " , "tags": ["malware"] , "nodes": ["malware"] , "category": "malware" , "priority": "medium" }, { "name": "F-Secure Virus and threat descriptions" , "url": "http://www.f-secure.com/exclude/vdesc-xml/latest_50.rss" , "location": "ex" , "type": "RSS" , "info": "http://www.f-secure.com/en/web/labs_global/threats/descriptions" , "description": "Find descriptions and removal advice for malware, spyware and riskware threats detected by Labs." , "tags": ["malware"] , "nodes": ["malware"] , "category": "malware" , "priority": "pending" }, { "name": "Offensive Computing" , "url": "http://offensivecomputing.net/" , "location": "ex" , "type": "web" , "description": "Offensive Computing was formed as a resource for the computer security community by Danny Quist. The primary emphasis here is on malware collections and analysis for the purpose of improving people's abilities to defend their networks. We provide resources such as live copies of malicious software, md5sums to search on and analysis of the malware to the general public. Will be transitioning to a download-only malware repository in the coming weeks. The blog site will be officially shutting down." , "tags": ["malware repository","malware"] , "nodes": ["malware"] , "category": "malware" , "priority": "medium" }, { "name": "Sophos Potentially Unwanted Application (PUA) Alerts" , "location": "ex" , "url": "http://www.sophos.com/en-us/rss/threats/latest-adware-and-puas.xml" , "type": "RSS" , "description": "A list of known and potentially unwanted applications published by Sophos." , "tags": ["risks","malware"] , "nodes": [] , "category": "malware" , "priority": "low" }, { "name": "Sophos Controlled Application List" , "location": "ex" , "url": "http://www.sophos.com/en-us/rss/threats/latest-applications.xml" , "type": "RSS" , "description": "Lists of benign but potentially vulnerable applications published by Sophos." , "tags": ["risks"] , "nodes": [] , "category": "vulnerabilities" , "priority": "low" }, { "name": "Spamhaus IP-based DNS-based Blackhole Lists (DNSBLs)" , "url": "http://www.spamhaus.org/zen/" , "location": "ex" , "type": "web" , "description": "ZEN is the combination of all Spamhaus IP-based DNSBLs into one single powerful and comprehensive blocklist to make querying faster and simpler. It contains the SBL, SBLCSS, XBL and PBL blocklists." , "tags": ["blacklist"] , "nodes": [] , "category": "blacklist" , "priority": "medium" }, { "name":"Malware Domain List" , "url": "http://www.malwaredomainlist.com/mdl.php" , "location": "ex" , "type":"web" , "description":"table of malware-related domains. (rss available, but does not include 'reverse' field)" , "tags": ["malware websites list","malware","blacklist"] , "nodes": [] , "category": "blacklist" , "priority": "high" }, { "name":"Malware Domains" , "url": "http://mirror1.malwaredomains.com/files/domains.txt" , "location": "ex" , "type":"file" , "description":"tab separated list of domains that are related to malware" , "tags": ["malware websites list","malware","blacklist"] , "nodes": [] , "category": "blacklist" , "priority": "medium" }, { "name":"Malware Domains - additional lists" , "url": "http://www.malwaredomains.com/wordpress/?page_id=66" , "location": "ex" , "type":"file" , "description":"additional lists of domains that are related to malware" , "tags": ["malware websites list","malware","blacklist"] , "nodes": [] , "category": "blacklist" , "priority": "low" }, { "name":"ZeuS domain blocklist" , "url": "https://zeustracker.abuse.ch/blocklist.php?download=domainblocklist" , "location": "ex" , "type":"file" , "description":"list of domains that are related to malware" , "tags": ["malware websites list","malware","blacklist"] , "nodes": [] , "category": "blacklist" , "priority": "medium" }, { "name":"Malware Patrol" , "url": "http://malwarepatrol.com/cgi/submit?action=list_adblock" , "location": "ex" , "type":"file" , "description":"list of domains that are related to malware" , "tags": ["malware websites list", "malware"] , "nodes": [] , "category": "blacklist" , "priority": "medium" }, { "name":"SpyEye Tracker" , "url": "https://spyeyetracker.abuse.ch" , "location": "ex" , "type":"file" , "description":"Tracks and monitors SpyEye C&Cs" , "tags": ["malware websites list and Threatscape","malware"] , "nodes": [] , "category": "blacklist" , "priority": "medium" }, { "name":"Exposure Blacklist" , "url": "http://exposure.iseclab.org/malware_domains.txt" , "location": "ex" , "type":"file" , "description":"list of domains related to malware" , "tags": ["malware websites list"] , "nodes": [] , "category": "blacklist" , "priority": "medium" }, { "name":"Sourcefire Vulnerability Research Team Labs" , "url": "http://labs.snort.org/iplists/dnslist-2013-01-27" , "location": "ex" , "type":"file" , "description":"list of domains related to malware" , "tags": ["malware websites list"] , "nodes": [] , "category": "blacklist" , "priority": "medium" }, { "name":"Clean MX realtime database" , "url": "http://support.clean-mx.de/clean-mx/xmlviruses.php" , "location": "ex" , "type":"file" , "description":"list of domains related to malware" , "tags": ["malware"] , "nodes": ["malware","attackerAsset","address","addressRange","DNSName","port","ip"] , "category": "blacklist" , "priority": "done" }, { "name":"Malware Blacklist" , "url": "http://www.malwareblacklist.com/showMDL.php" , "location": "ex" , "type":"web" , "description":"list of malware domains, generated from honeypot data. Includes URL, registrar, IP, ASN, and hosting" , "tags": ["malware"] , "nodes": ["malware","attackerAsset","address","addressRange","DNSName","port","ip"] , "category": "blacklist" , "priority": "medium" }, { "name":"URL blacklist dot com" , "url": "http://urlblacklist.com/?sec=download" , "location": "ex" , "type":"file" , "description":"downloadable Blacklist" , "tags": ["blacklist"] , "nodes": [] , "category": "blacklist" , "priority": "medium" }, { "name":"ISC suspicious domains" , "url": "http://isc.sans.edu/suspicious_domains.html" , "location": "ex" , "type":"file" , "description":"There are many suspicious domains on the internet. In an effort to identify them, as well as false positives, we have assembled weighted lists based on tracking and malware lists from different sources. ISC is collecting and categorizing various lists associated with a certain level of sensitivity." , "tags": ["blacklist", "malware"] , "nodes": [] , "category": "blacklist" , "priority": "medium" }, { "name": "MaxMind" , "location": "ex" , "url": "http://dev.maxmind.com/" , "type": "API" , "description": "IP GeoLocation" , "tags": ["geolocation"] , "nodes": [] , "category": "APIs and resources" , "priority": "done" }, { "name": "Common Platform Enumeration" , "url": "http://cpe.mitre.org/cpe/" , "location": "ex" , "type": "web" , "description": " The Common Platform Enumeration (CPE) is a dictionary of common IT systems, platforms, and packages encoded in a standardized naming format that is suitable for machine interpretation and processing." , "tags": ["platform list"] , "nodes": [] , "category": "APIs and resources" , "priority": "done" }, { "name": "virus total" , "url": "https://www.virustotal.com/vtapi/v2/url/scan" , "location": "ex" , "type": "API" , "info": "https://www.virustotal.com/documentation/public-api/" , "description": "VirusTotal, a subsidiary of Google, is a free online service that analyzes files and URLs enabling the identification of viruses, worms, trojans and other kinds of malicious content detected by antivirus engines and website scanners. At the same time, it may be used as a means to detect false positives, i.e. innocuous resources detected as malicious by one or more scanners." , "tags": ["security tools","malware","malware dynamic analysis"] , "nodes": ["malware"] , "category": "APIs and resources" , "priority": "medium" }, { "name": "malwr" , "url": "https://malwr.com/" , "location": "ex" , "type": "API" , "info": "https://www.virustotal.com/documentation/public-api/" , "description": "an online service that analyzes malware samples" , "tags": ["security tools","malware","malware dynamic analysis"] , "nodes": ["malware"] , "category": "APIs and resources" , "priority": "medium" }, { "name": "VX Vault" , "url": "http://vxvault.siri-urz.net/ViriList.php" , "location": "ex" , "type": "web" , "description": "Includes MD5s, domains, IPs, file information, and links to their samples (account needed)" , "tags": ["malware","malware static analysis","blacklist"] , "nodes": ["malware"] , "category": "APIs and resources" , "priority": "medium" }, { "name": "malc0de" , "url": "http://malc0de.com/rss" , "location": "ex" , "type": "web" , "description": "automated malware analysis system, associates malware samples with domains and related info" , "tags": ["malware","malware dynamic analysis","blacklist"] , "nodes": ["malware","DNSName","IP"] , "category": "APIs and resources" , "priority": "high" }, { "name": "Threat Expert" , "url": "http://www.threatexpert.com/reports.aspx?sl=1" , "location": "ex" , "type": "web" , "description": "advanced automated threat analysis system designed to analyze and report the behavior of computer viruses, worms, trojans, adware, spyware, and other security-related risks in a fully automated mode. In only a few minutes ThreatExpert can process a sample and generate a highly detailed threat report with the level of technical detail that matches or exceeds antivirus industry standards such as those normally found in online virus encyclopedias." , "tags": ["malware","malware dynamic analysis"] , "nodes": ["malware"] , "category": "APIs and resources" , "priority": "high" }, { "name": "URL Query" , "url": "http://urlquery.net/index.php" , "location": "ex" , "type": "web" , "description": "'urlQuery.net is a service for detecting and analyzing web-based malware. It provides detailed information about the activities a browser does while visiting a site and presents the information for further analysis.' Includes reports on many benign domains. 'The API is currently in closed beta testing.'" , "tags": ["malware","malware analysis","blacklist"] , "nodes": ["malware","DNSName"] , "category": "APIs and resources" , "priority": "medium" }, { "name": "Common Configuration Enumeration" , "url": "http://cce.mitre.org/cce/" , "location": "ex" , "type": "web" , "description": "CCE provides unique identifiers to system configuration issues in order to facilitate fast and accurate correlation of configuration data across multiple information sources and tools. " , "tags": ["configuration list"] , "nodes": [] , "category": "APIs and resources" , "priority": "medium" }, { "name": "First Common Vulnerability Scoring System" , "url": "http://www.first.org/cvss" , "location": "ex" , "type": "web" , "description": "CVSS is a vulnerability scoring system designed to provide an open and standardized method for rating IT vulnerabilities." , "tags": ["computer vulnerabilities"] , "nodes": [] , "category": "APIs and resources" , "priority": "medium" }, { "name": "dataloss database" , "url": "http://datalossdb.org/" , "location": "ex" , "type": "web" , "description": "Every day, project curators and volunteers scour news feeds, blogs, and other websites looking for data breaches, new and old. We search for incidents that need to be updated, or incidents that are not yet in the database. We then add them to the database, mail out members of the mailing list, and Tweet the breach out to Twitter." , "tags": ["Database of Data Breaches"] , "nodes": [] , "category": "APIs and resources" , "priority": "medium" }, { "name": "Honeynet" , "url": "www.honeynet.org" , "location": "ex" , "type": "web" , "description": "To learn the tools, tactics and motives involved in computer and network attacks, and share the lessons learned." , "tags": ["reports about honeypots"] , "nodes": [] , "category": "APIs and resources" , "priority": "medium" }, { "name": "The Emerging Threats Open Source Community" , "url": "http://rules.emergingthreats.net/" , "location": "ex" , "type": "web" , "description": "200,000 active users sharing free IDS rulesets on a daily basis. It’s a fast-moving, frequently updated group, with users who are experts in detecting and preventing malware attacks on Snort, Suricata, BSD operating systems, and many other IDS and IPS platforms." , "tags": ["IDS rulesets, blacklist"] , "nodes": [] , "category": "blacklist" , "priority": "high" }, { "name": "OpenIOC - Indicators of Compromise" , "url": "http://openioc.org" , "location": "ex" , "type": "web" , "description": "Windows-only framework and tools for XML-based rules for locating files, registry entries, etc." , "tags": ["IDS rulesets"] , "nodes": [] , "category": "APIs and resources" , "priority": "medium" }, { "name":"DNSDB" , "url": "https://dnsdb.isc.org/#Home" , "location": "ex" , "type":"web" , "description":"DNS database, stores indexes passive and authoritative DNS data. Can search for RRsets and metadata." , "tags": ["DNS database"] , "nodes": [] , "category": "APIs and resources" , "priority": "medium" }, { "name":"Deutsche Telekom Cyber Initiatives" , "url": "http://www.sicherheitstacho.eu/?lang=en" , "location": "ex" , "type":"web" , "description":"Current Threatscape info and statistics" , "tags": ["Current Cyber Attacks","event stream"] , "nodes": [] , "category": "APIs and resources" , "priority": "medium" }, { "name":"Information Assurance Support Environment (IASE) " , "url": "http://iase.disa.mil/stigs/iavm-cve.html" , "location": "ex" , "type":"web" , "description":".xls or .xlm file giving CVE announcments for DoD configuration standards" , "tags": ["DoD configurations/ CVE announcements sheet"] , "nodes": [] , "category": "APIs and resources" , "priority": "medium" }, { "name": "Web Application Security Consortium - Web Hacking Incident Database (WHID)" , "url": "https://www.google.com/fusiontables/DataSource?snapid=S283929Jw2s" , "location": "ex" , "type": "web" , "description": "project dedicated to maintaining a list of web applications related security incidents. WHID's goal is to serve as a tool for raising awareness of the web application security problem and provide information for statistical analysis of web applications security incidents." , "tags": [] , "nodes": [] , "category": "APIs and resources" , "priority": "medium" }, { "name": "Netcraft" , "url": "news.netcraft.com" , "location": "ex" , "type": "web" , "description": "phishing database and feed, 'internet data mining', commercial service (only?)." , "tags": [] , "nodes": [] , "category": "APIs and resources" , "priority": "medium" }, { "name": "Microsoft Comprehensive Security Alerts" , "location": "ex" , "url": "http://technet.microsoft.com/en-us/security/rss/comprehensive" , "type": "RSS" , "description": "Provides comprehensive security alerts and bulletins for IT professionals. The free Comprehensive alerts serve as an incremental supplement to the Basic Alerts. It provides advance notification of upcoming security bulletins, security advisories, and timely notification of any minor changes to previously released Microsoft Security Bulletins or Advisories." , "tags": ["security updates", "incident response", "microsoft", "windows", "vendor bulletin", "os"] , "nodes": [] , "category": "vendor alerts" , "priority": "medium" }, { "name": "Microsoft Security Response Center" , "url": "http://blogs.technet.com/b/msrc/atom.aspx" , "location": "ex" , "type": "Atom" , "info": "https://blogs.technet.com/b/msrc/" , "description": "Microsoft Security Response Center: The official corporate security response blog" , "tags": ["incident response","vulnerabilities","general"] , "nodes": [] , "category": "vendor alerts" , "priority": "medium" }, { "name": "Microsoft Security Advisories" , "url": "http://technet.microsoft.com/en-us/security/rss/advisory" , "location": "ex" , "type": "RSS" , "info": "http://technet.microsoft.com/en-us/security/advisory" , "description": "Microsoft Security Advisories, a supplement to the Microsoft Security Bulletins, address security changes that may not require a security bulletin but that may still affect customers' overall security." , "tags": ["vendor bulletin", "os"] , "nodes": [] , "category": "vendor alerts" , "priority": "medium" }, { "name": "Oracle Alerts" , "location": "ex" , "url": "http://www.oracle.com/ocom/groups/public/@otn/documents/webcontent/rss-otn-sec.xml" , "type": "RSS" , "description": "Anouncements for patches and security fixes to Oracle Products" , "tags": ["security updates", "oracle"] , "nodes": [] , "category": "vendor alerts" , "priority": "medium" }, { "name": "Apple Security Anouncements" , "location": "ex" , "url": "http://rss.lists.apple.com/security-announce.rss" , "type": "RSS" , "description": "Anouncements for patches, updates and security news for Apple products." , "tags": ["security updates", "apple"] , "nodes": [] , "category": "vendor alerts" , "priority": "medium" }, { "name": "Symantec Security Response" , "url": "http://www.symantec.com/connect/item-feeds/blog/2261/feed/all/en" , "location": "ex" , "type": "RSS" , "info": "http://www.symantec.com/connect/symantec-blogs/sr" , "description": "Our security research centers around the world provide unparalleled analysis of and protection from malware, security risks, vulnerabilities, and spam." , "tags": ["incident response","general"] , "nodes": [] , "category": "articles" , "priority": "medium" }, { "name": "SANS Internet Storm Center" , "url": "https://isc.sans.edu/rssfeed_full.xml" , "location": "ex" , "type": "RSS" , "info": "https://isc.sans.edu/" , "description": "SANS Internet Storm Center - Latest Diaries. " , "tags": ["risks","general"] , "nodes": [] , "category": "articles" , "priority": "high" }, { "name": "Sophos Naked Security" , "url": "http://feeds.feedburner.com/NakedSecurity" , "location": "ex" , "type": "RSS" , "info": "http://nakedsecurity.sophos.com/" , "description": "Naked Security is Sophos's award-winning threat news room, giving you news, opinion, advice and research on computer security issues and the latest internet threats." , "tags": ["security news","risks","general"] , "nodes": [] , "category": "articles" , "priority": "low" }, { "name": "Krebs on Security" , "url": "https://krebsonsecurity.com/feed/atom/" , "location": "ex" , "type": "Atom" , "info": "https://krebsonsecurity.com/" , "description": "In-depth security news and investigation from Brian Krebs. Coverage of specific breaches and incidents, as well as malware and vulnerabilities." , "tags": ["security news","risks","general"] , "nodes": [] , "category": "articles" , "priority": "high" }, { "name": "F-Secure News from the Lab" , "url": "http://www.f-secure.com/weblog/weblog.rss" , "location": "ex" , "type": "RSS" , "info": "http://www.f-secure.com/weblog/" , "description": "Weblog of F-Secure Antivirus Research Team. Covers various topics, including malware and vulnerabilities." , "tags": ["security news","risks","general"] , "nodes": [] , "category": "articles" , "priority": "high" }, { "name": "Team Cymru Research" , "url": "https://www.team-cymru.org/News/secnews.rss" , "location": "ex" , "type": "RSS" , "info": "https://www.team-cymru.org/News/" , "description": "Team Cymru Research NFP is a specialized Internet security research firm and 501(c)3 non-profit dedicated to making the Internet more secure. Team Cymru helps organizations identify and eradicate problems in their networks, providing insight that improves lives." , "tags": ["security news","risks","general"] , "nodes": [] , "category": "articles" , "priority": "low" , "comments": "This RSS feed includes article links in a non-standard way." }, { "name": "Spamhaus News" , "url": "http://www.spamhaus.org/news/rss/" , "location": "ex" , "type": "RSS" , "info": "http://www.spamhaus.org/news/" , "description": "The Spamhaus Project is an international nonprofit organization whose mission is to track the Internet's spam operations and sources, to provide dependable realtime anti-spam protection for Internet networks, to work with Law Enforcement Agencies to identify and pursue spam gangs worldwide, and to lobby governments for effective anti-spam legislation." , "tags": ["security news","risks","general"] , "nodes": [] , "category": "articles" , "priority": "medium" }, { "name": "Wired: Threat Level" , "location": "ex" , "url": "http://www.wired.com/threatlevel/feed/" , "type": "RSS" , "description": "Wired magazine's online security blog focusing on privacy, crime and online security." , "tags": ["security news","risks","general"] , "nodes": [] , "category": "articles" , "priority": "medium" }, { "name": "Schneier on Security" , "location": "ex" , "url": "http://www.schneier.com/" , "type": "web" , "description": "Security expert Bruce Schneier blogs about both technical and societal security." , "tags": ["security news","risks","general"] , "nodes": [] , "category": "articles" , "priority": "medium" }, { "name": "McAfee Blog" , "location": "ex" , "url": "http://blogs.mcafee.com/feed" , "type": "RSS" , "description": "Blogs from McAfee about topics ranging from security research to comprimised applications." , "tags": ["security news","security research","risks","general"] , "nodes": [] , "category": "articles" , "priority": "medium" }, { "name": "Kaspersky Secure List" , "location": "ex" , "url": "http://www.securelist.com/en/rss/allupdates" , "type": "RSS" , "description": "News about the current and emerging THREATSCAPE and updates about Kaspersky products." , "tags": ["security news","risks","general"] , "nodes": [] , "category": "articles" , "priority": "medium" }, { "name": "Computer World Security Blog" , "location": "ex" , "url": "http://blogs.computerworld.com/taxonomy/term/2/feed" , "type": "RSS" , "description": "Blog by ComputerWorld to keep the public up to date on current security news and risks." , "tags": ["security news","risks","general"] , "nodes": [] , "category": "articles" , "priority": "low" }, { "name": "Stack Exchange Security Blog" , "location": "ex" , "url": "http://security.blogoverflow.com/feed/" , "type": "RSS" , "description": "Community driven IT and security blog from StackExchange." , "tags": ["security news","risks","general"] , "nodes": [] , "category": "articles" , "priority": "medium" }, { "name": "Ars Technica: Risk Assesment" , "location": "ex" , "url": "http://security.blogoverflow.com/feed/" , "type": "RSS" , "description": "Ars Technica's security blog that focuses on topics useful to a semi technical person." , "tags": ["security news","risks","general"] , "nodes": [] , "category": "articles" , "priority": "medium" }, { "name": "CNet Security" , "location": "ex" , "url": "http://feeds.feedburner.com/cnet/tcoc" , "type": "RSS" , "description": "Feed from CNet of security news suitable for general consumption." , "tags": ["security news","risks","general"] , "nodes": [] , "category": "articles" , "priority": "medium" }, { "name": "RSA: Speaking of Security" , "url": "http://blogs.rsa.com/feed/" , "location": "ex" , "type": "RSS" , "description": "General security blog from RSA." , "tags": ["security news","risks","general"] , "nodes": [] , "category": "articles" , "priority": "low" }, { "name": "Forbes: Firewall" , "url": "http://blogs.forbes.com/firewall/feed/" , "location": "ex" , "type": "RSS" , "description": "Blog from Forbes magazine about security topics with a focus on business." , "tags": ["security news","risks","general"] , "nodes": [] , "category": "articles" , "priority": "medium" }, { "name": "Jeremiah Grossman Blog" , "url": "http://feeds.feedburner.com/JeremiahGrossman" , "location": "ex" , "type": "RSS" , "description": "Jeremiah Grossman is a respected internet, security and privacy blogger." , "tags": ["security news","risks","general"] , "nodes": [] , "category": "articles" , "priority": "medium" }, { "name": "security.stackexchange.com" , "url": "http://security.stackexchange.com/feeds" , "location": "ex" , "type": "RSS" , "description": "An online message board for general computer security." , "tags": ["security questions","risks","general","forum"] , "nodes": [] , "category": "articles" , "priority": "medium" }, { "name": "Tao Security Blog" , "url": "www.taosecurity.blogspot.com " , "location": "ex" , "type": "web" , "description": "good articles, mostly general / high level stuff, not specific alerts or etc." , "tags": ["blog","security news","risks","general"] , "nodes": [] , "category": "articles" , "priority": "low" }, { "name": "slashdot" , "url": "www.slashdot.org" , "location": "ex" , "type": "web" , "description": "news for nerds" , "tags": ["security news","risks","general","forum"] , "nodes": [] , "category": "articles" , "priority": "medium" }, { "name":"Security Week" , "url": "https://www.securityweek.com/" , "location": "ex" , "type":"file" , "description":"news" , "tags": ["news","security news","risks","general"] , "nodes": [] , "category": "articles" , "priority": "medium" }, { "name":"Computer World" , "url": "http://www.computerworld.com/s/topic/85/Malware+and+Vulnerabilities" , "location": "ex" , "type":"file" , "description":"news" , "tags": ["news","security news","risks","general"] , "nodes": [] , "category": "articles" , "priority": "low" }, { "name":"Security Street" , "url": "https://community.rapid7.com/view-browse-feed.jspa?filterID=all~objecttype~objecttype[blogpost]&browseViewID=content" , "location": "ex" , "type":"file" , "description":"Recent content in Rapid7 Community. Contains some news on metasploit and other products, some news on new vulnerabilities, some malware news, etc." , "tags": ["chat forum for news","security news","risks","general","forum"] , "nodes": [] , "category": "articles" , "priority": "high" }, { "name":"Threat Post" , "url": "http://threatpost.com/feed" , "location": "ex" , "type":"rss" , "description":"The Kaspersky Lab Security News Service. Contains many articles on malware and vulnerabilities." , "tags": ["threats","security news","risks","general"] , "nodes": [] , "category": "articles" , "priority": "high" }, { "name": "Malware Bytes" , "url": "http://blog.malwarebytes.org/feed/" , "location": "ex" , "type": "RSS" , "description": "A security blog about malware and computer security news." , "tags": ["malware", "security news","risks","general"] , "nodes": [] , "category": "articles" , "priority": "medium" }, { "name":"Securelist Malware Descriptions" , "url": "https://securelist.com/description/" , "location": "ex" , "type":"web" , "description":"malware descriptions" , "tags": ["malware"] , "nodes": ["malware"] , "category": "articles" , "priority": "low" }, { "name": "The Hacker News" , "url": "http://thehackernews.com" , "location": "ex" , "type": "web" , "description": "news of malware, attacks, hackers, etc.." , "tags": ["news"] , "nodes": [] , "category": "articles" , "priority": "medium" }, { "name":"Trend Micro" , "url": "http://www.trendmicro.com/us/index.html" , "location": "ex" , "type":"web" , "description":"Exploits, Vulnerabilities, Spam, Malware info" , "tags": ["blog","rss feed","malware","database","news","reports"] , "nodes": [] , "category": "articles" , "priority": "medium" }, { "name":"Securelist" , "url": "http://www.securelist.com/en/" , "location": "ex" , "type":"web" , "description":"Threatscape info, popular malware exploits" , "tags": ["Threatscape","blog","news","reports"] , "nodes": [] , "category": "articles" , "priority": "medium" }, { "name": "Darknet" , "location": "ex" , "url": "http://feeds.feedburner.com/darknethackers" , "type": "RSS" , "description": "Blog updates from Darknet about recent hacks and information about ethical cracking and penetration testing." , "tags": ["hacking", "cracking","blog","news","reports"] , "nodes": [] , "category": "articles" , "priority": "medium" }, { "name": "AUS-CERT" , "url": "http://auscert.org.au/rss.html" , "location": "ex" , "type": "rss" , "description": "leading Computer Emergency Response Team for Australia and provides computer information security advice to the Australian public" , "tags": ["risks","alerts"] , "nodes": [] , "category": "vendor alerts" , "priority": "medium" }, { "name": "Xforce Security Intelligence" , "url": "http://feeds.feedburner.com/SecurityIntelligence" , "location": "ex" , "type": "web" , "description": "Analysis and Insight for Information Security Professionals." , "tags": ["blog", "news"] , "nodes": [] , "category": "articles" , "priority": "low" }, { "name": "Dark Reading" , "url": "http://www.darkreading.com/rss_simple.asp" , "location": "ex" , "type": "RSS" , "description": "Dark Reading is the premier online resource helping information security professionals manage the balance between protection and access. It offers breaking news and analysis on attacks, breaches and vulnerabilities, as well as strategies for protecting enterprise data. It also offers guidance on setting risk management and compliance policies." , "tags": ["security policy", "news"] , "nodes": [] , "category": "articles" , "priority": "medium" }, { "name": "Windows Security" , "url": "http://windowsecurity.com/" , "location": "ex" , "type": "web" , "description": "Network Security Articles for Windows Server 2003, 2008 & Vista" , "tags": ["Vendor News Site"] , "nodes": [] , "category": "articles" , "priority": "medium" }, { "name": "CIF v2 rules" , "url": "https://github.com/csirtgadgets/massive-octo-spice/tree/master/src/rules" , "location": "ex" , "type": "web" , "description": "Black/white/grey lists that feed into CIF" , "tags": ["blacklist","whitelist","reputation"] , "nodes": [] , "category": "blacklist" , "priority": "low" }, { "name": "CIF v1 rules" , "url": "https://github.com/collectiveintel/cif-v1/tree/master/cif-smrt/rules/etc" , "location": "ex" , "type": "web" , "description": "Black/white/grey lists that feed into CIF" , "tags": ["blacklist","whitelist","reputation"] , "nodes": [] , "category": "blacklist" , "priority": "low" }, { "name": "CIF potential new sources" , "url": "https://code.google.com/p/collective-intelligence-framework/wiki/NewFeedSources" , "location": "ex" , "type": "web" , "description": "Black/white/grey lists that feed into CIF - list of potential new sources, not yet added" , "tags": ["blacklist","whitelist","reputation"] , "nodes": [] , "category": "blacklist" , "priority": "low" }, { "name": "Packetstorm Exploit List" , "url": "http://rss.packetstormsecurity.com/files/tags/exploit/" , "location": "ex" , "type": "rss" , "description": "Collection of exploits and related info" , "tags": ["exploits","vulnerabilities"] , "nodes": [] , "category": "vulnerabilities" , "priority": "medium" }, { "name": "Packetstorm News" , "url": "http://rss.packetstormsecurity.com/news/" , "location": "ex" , "type": "rss" , "description": "Packet Storm - Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers" , "tags": ["news"] , "nodes": [] , "category": "news" , "priority": "medium" }, { "name": "malwageddon" , "url": "http://malwageddon.blogspot.com/feeds/posts/default" , "location": "ex" , "type": "atom" , "description": "'Malware Analysis: The Final Frontier' - Malware analysis blog" , "tags": ["malware"] , "nodes": [] , "category": "malware" , "priority": "medium" }, { "name": "the golden messenger" , "url": "http://thegoldenmessenger.blogspot.com/feeds/posts/default" , "location": "ex" , "type": "atom" , "description": "'Analyzing Unknown Malware' - Malware analysis blog" , "tags": ["malware"] , "nodes": [] , "category": "malware" , "priority": "medium" }, { "name": "Malicious IP Search" , "url": "https://www.google.com/cse/home?cx=011750002002865445766:y5klxdomj78" , "location": "ex" , "type": "web" , "description": "Google custom search, also includes links to several tools and blacklists" , "tags": ["blacklist"] , "nodes": [] , "category": "blacklist" , "priority": "low" }, { "name": "zeltser - Malware Sample Sources for Researchers" , "url": "http://zeltser.com/combating-malicious-software/malware-sample-sources.html" , "location": "ex" , "type": "web" , "description": "collection of links to malware samples collections" , "tags": ["malware"] , "nodes": [] , "category": "malware" , "priority": "low" }, { "name": "zeltser - Malicious IP lists" , "url": "http://zeltser.com/combating-malicious-software/malicious-ip-blocklists.html" , "location": "ex" , "type": "web" , "description": "collection of malicious IP lists from various sources" , "tags": ["blacklist"] , "nodes": [] , "category": "blacklist" , "priority": "low" }, { "name": "Contagio - links and resources" , "url": "http://contagiodump.blogspot.com/2010/11/links-and-resources-for-malware-samples.html" , "location": "ex" , "type": "web" , "description": "large list of links to other malware samples repositories. (some are outdated)" , "tags": ["malware","blacklist"] , "nodes": [] , "category": "malware" , "priority": "low" }, { "name": "Contagio" , "url": "http://contagiodump.blogspot.com/" , "location": "ex" , "type": "web" , "description": "malware analysis blog, includes many samples, pcaps, and other info. Includes much information about exploit packs." , "tags": ["malware","blacklist"] , "nodes": [] , "category": "malware" , "priority": "medium" }, { "name": "Malwarebytes forum - Newest Malware Threats" , "url": "https://forums.malwarebytes.org/index.php?/forum/51-newest-malware-threats/" , "location": "ex" , "type": "web" , "description": "Newest malware samples, submitted by forum users." , "tags": ["malware"] , "nodes": [] , "category": "malware" , "priority": "medium" }, { "name": "xorl %eax, %eax" , "url": "http://xorl.wordpress.com/feed/" , "location": "ex" , "type": "rss" , "description": "Blog with detailed analysis of many vulnerabilities" , "tags": ["vulnerabilities","articles"] , "nodes": [] , "category": "vulnerabilities" , "priority": "medium" }, { "name": "Kaspersky security matters blog" , "url": "http://eugene.kaspersky.com/category/security-matters/" , "location": "ex" , "type": "rss" , "description": "Eugene Kaspersky security blog" , "tags": ["news","articles"] , "nodes": [] , "category": "news" , "priority": "medium" }, { "name": "scans.io Internet-Wide Scan Data Repository" , "url": "scans.io" , "location": "ex" , "type": "file" , "description": "Datasets from various internet-wide scans." , "tags": ["tools"] , "nodes": ["address","DNSName","port","ip"] , "category": "APIs and resources" , "priority": "high" }, { "name": "Internet Census 2012" , "url": "http://internetcensus2012.bitbucket.org/download.html" , "location": "ex" , "type": "file" , "description": "Several massive datasets from the 2012 'Internet Census'" , "tags": ["tools"] , "nodes": ["address","DNSName","port","ip"] , "category": "APIs and resources" , "priority": "medium" }, { "name": "Farsight Security DNS Database (DNSDB)" , "url": "https://www.farsightsecurity.com/Resources/" , "location": "ex" , "type": "API" , "description": "DNS database and related resources/programs/APIs" , "tags": ["tools"] , "nodes": ["address","DNSName","port","ip"] , "category": "APIs and resources" , "priority": "medium" } ]