Malware - Clean MX - realtime Subscribe to the VirusWatch Mailing list, updated hourly This database consists of Virus URI, collected and verified since Feb 2006TweetRecently we pushed out notifications with "unrated site" these are totally clean sites, we apologize this! If you detect URI'S concerning your netblock, already closed... you have made a good job, otherwise please close them as soon as possible. to look at some nice charts, there are complete statistics for this databaseAttention: all URI'S are manually verified, but not cross-checked for real viruses function in this moment you make this query. if you have questions, criticism, wishes or ... do not hesitate to contact us at firstname.lastname@example.org may reach us by cell phone +49 171 4802507 ...Query as xml: Same query as xml output Click here for other vital incidents
Schneier on Security NoThink! Binaries samples collect with honeypots are available for download by any responsible whitehat researcher. By downloading the samples, anyone waives all rights to claim punitive, incidental and consequential damages resulting from mishandling or self-infection. If you do not know what you are doing here, it is recommended you leave right away. This page has no commercial purpose. Notes about the collection of binaries Malware list: (#246 Clamscan engine version 0.98.5) malware_list.txtFile types list: file_types.txtHoneypot software: amun, dionaeaHoneypot ISP: AS3269 Interbusiness (Telecom Italia) Other sources where to get malicious files Clean MX, Cybercrime-tracker, Malc0de, Malekal, Malshare, MalwareBlacklist, Malware Domain Blocklist, Malware Domain List, Mwis, NovCon Minotaur, Open Malware, Palevo Tracker, SacOur, SafeGroup, Secubox Labs, SpyEye Tracker, VirusShare, VX Vault, ZeuS Tracker Script to retrieves malwares
Slashdot - News for nerds, stuff that matters Exploit.IN Light Blue Touchpaper SOLDIERX.COM | Nobody Can Stop Information Insemination Cryptome Index page Internet Storm Center - Internet Security | DShield Open Threat Exchange (OTX) Pulses provide you with a summary of the threat, a view into the software targeted, and the related indicators of compromise (IoC) that can be used to detect the threats. IoCs include: File Hashes: MD5, SHA1, SHA256, PEHASH, IMPHASHCIDR RulesFile PathsMUTEX nameCVE number IP addressesDomainsHostnames (subdomains)EmailURLURI Pulses make it easy for you to answers questions like: Is my environment exposed to this threat? Drag & drop any blog post or threat report from any source to create new pulses Create a pulse or add additional IoCs into an existing pulse when observing suspicious or malicious behavior Automatically instrument the USM platform's built-in IDS with latest actionable threat dataLearn more ›
Security-Onion-Solutions/security-onion GrayHat Hacking Security Exploits : How To Use MetaGooFil This is a excellent simple information gathering tool made by the people at Edge Security Research. MetaGooFil is a metadata extraction tool that is written by the folks who brought us The Harvester in my last blog posting. Think of metadata as getting data from data. This metadata can be usefully for an attacker and may give some unique insights into the target organisation including usernames, system names, directory paths, file shares and other information. MetaGoolFil comes with Backtrack built-in and can be find under Applications | Backtrack | Vulnerability Assessments | Web Application Assessments or you can open a terminal windows and enter the following command: cd /pentest/enumeration/google/metagoofil It is a good idea to create a "files" folder to hold all the target files that will be downloaded, and keep the original directory clean. mkdir targetfiles With this directory setup, you can run MetaGooFil by issuing the following command: . The command: .
Adventures of an apprentice | Diving into infosec