Threat Intelligence

ThreatCrowd – A free threat intel tool for pivoting on domains/ips/emails/av/locations within the site / Maltego / Api. abuse.ch – ZeuS Tracker / SpyEye Tracker / Palevo Tracker / Feodo Tracker tracks Command&Control servers (hosts) around the world and provides you a domain- and an IP-blocklist. Emerging Threats – Open Source – Emerging Threats began […]

Threat Hunting

BeaKer – BeaKer visualizes Microsoft Sysmon network data to help threat hunters track down the source of suspicious network connections. The custom dashboard presents which users and executables created connections between two given IPs, how many times they’ve connected, the protocols and ports used, and much more..com/jpr5/ngrep Snort – Snort is a free and open […]