A collection of best threat intelligence feeds and sources
- Shodan: https://www.shodan.io/
- AlienVault OTX: https://otx.alienvault.com/
- IBM X-Force Exchange: https://exchange.xforce.ibmcloud.com/
- APT Groups: https://docs.google.com/spreadsheets/u/1/d/1H9_xaxQHpWaa4O_Son4Gx0YOIzlcBWMsdvePFX68EKU/pubhtml
- Security Feeds: https://docs.google.com/spreadsheets/d/1Oar-a7SiM8RVz8aYTUPqj0_9eCdLx7fPsjzIgiQ-WmE/pubhtml
- APT Cyber Criminal Collection: https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections
- APT Digital Weapon: https://github.com/RedDrip7/APT_Digital_Weapon
- APTNotes: https://github.com/aptnotes/data
- Abuse.ch FeedoTracker: https://feodotracker.abuse.ch/
- CVE VUlnerability Database: https://cve.mitre.org/
- CISA AIS: https://www.cisa.gov/ais
- Shodan: https://www.shodan.io/
- Infoblox Github: https://github.com/infobloxopen/threat-intelligence
- Vx-Underground: https://www.vx-underground.org/
- Threat Intel Resources Github: https://github.com/P3t3rp4rk3r/Threat_Intelligence
- CISA: https://www.cisa.gov/uscert/ncas/alerts
- CCCS: https://www.cyber.gc.ca/en/alerts-advisories
- NCSC UK: https://www.ncsc.gov.uk/
- CERT IN: https://www.cert-in.org.in/
- ACSC AU: https://www.cyber.gov.au/acsc/view-all-content/alerts&advisories
- Bleeping Computer: https://www.bleepingcomputer.com/
- DarkReading: https://www.darkreading.com/
- IT Governance: https://www.itgovernance.co.uk/blog
- MISP: https://www.misp-project.org/
- OpenCTI: https://github.com/OpenCTI-Platform/opencti
- Harpoon: https://github.com/Te-k/harpoon
- Yeti: https://yeti-platform.github.io/
- GOSINT: https://gosint.readthedocs.io/en/latest/
- CIF: https://csirtgadgets.com/collective-intelligence-framework/
- MITRE ATT&CK Enterprise Matrix: https://attack.mitre.org/matrices/enterprise/
- MITRE ATT&CK Mobile Matrix: https://attack.mitre.org/matrices/mobile/
- MITRE ATT&CK ICS Matrix: https://attack.mitre.org/matrices/ics/
- MITRE ATT&CK Groups: https://attack.mitre.org/groups/
- MITRE ATT&CK Software: https://attack.mitre.org/software/
- MITRE ATT&CK Campaigns: https://attack.mitre.org/campaigns/
- MITRE ATT&CK Data Sources: https://attack.mitre.org/datasources/
- TOP ATT&CK TECHNIQUES: cydna.com
- ATT&CK WORKBENCH: https://ctid.mitre-engenuity.org/our-work/attack-workbench/
- THREAT REPORT ATT&CK MAPPER (TRAM): https://ctid.mitre-engenuity.org/our-work/tram/
- CALDERA PATHFINDER: https://ctid.mitre-engenuity.org/our-work/caldera-pathfinder/
- ATTACK FLOW: https://ctid.mitre-engenuity.org/our-work/attack-flow/
- INSIDER THREAT TTP KNOWLEDGE BASE: https://ctid.mitre-engenuity.org/our-work/insider-threat-ttp-knowledge-base/
- SIGHTINGS ECOSYSTEM: https://ctid.mitre-engenuity.org/our-work/sightings/
- MICRO EMULATION PLANS: https://ctid.mitre-engenuity.org/our-work/micro-emulation-plans/
- DEFENDING IAAS WITH ATT&CK: https://ctid.mitre-engenuity.org/our-work/defending-iaas-with-attack/
- ATT&CK FOR CLOUD: https://ctid.mitre-engenuity.org/our-work/attck-for-cloud/
- ATT&CK FOR CONTAINERS: https://ctid.mitre-engenuity.org/our-work/attck-for-containers/
- MAPPING ATT&CK TO CVE FOR IMPACT: https://ctid.mitre-engenuity.org/our-work/attck-to-cve/
- NIST 800-53 CONTROLS TO ATT&CK MAPPINGS: https://ctid.mitre-engenuity.org/our-work/nist-800-53-control-mappings/
- https://twitter.com/vxunderground
- https://twitter.com/malwrhunterteam
- https://twitter.com/blackorbird
- https://twitter.com/arieitan
- https://twitter.com/James_inthe_box
- https://twitter.com/ItsReallyNick
- https://twitter.com/silascutler
- https://twitter.com/VK_Intel
- https://twitter.com/Timele9527
- https://twitter.com/w3ndige
- https://twitter.com/reecdeep
- https://twitter.com/daphiel