Today I am going to share my threat intelligence bookmarks which I use daily for various reasons. For example news feeds, IOC’s, Malware information and TTPs etc.., TI News Feeds List https://www.bleepingcomputer.com/ https://www.darkreading.com/ https://www.zdnet.com/topic/security/ https://www.theregister.com/security/ https://www.scmagazine.com/ https://www.cyberscoop.com/ https://blog.alyac.co.kr/category

They are different hashing we use like Md5, SHA1, SHA256 and SHA512 etc., when it is come to malware detection most of the AV will detect based on the signatures, which contains hash information as a one of the key element for malwares. So, to avoid detecting from the AV…

Shodan is the best service to search the C2 IP’s, so today i am going to share my MindMap which i created to record the shodan queries in the single page. We can use the search queries in shodan to get C2 infrastructure details to…

As a Threat Intelligence Analyst we are required to monitor the third-party product used by our organization for any vulnerabilities which is required to notified to security team. Also, we need to create the watchlist for those product and services to monitor the existing vulnerability list. I am searching for…

Hello Everyone. We are going to see how to identify the email leaked information using some well known tools. I Hope you’re familiar with most of the tools which I am going to mention here. First https://haveibeenpwned.com/ The most popular tool, and you can use it in two ways. Like…

While reading the threat news feeds today, I randomly visited one good online portal from Unit 42 team. which has good information about the Threat Actor Profile and Malware information, so I thought to share some insight about Unit 42 ATOM here. Unit 42 is a threat intelligence team from…

Today we are going to see how to convert the threat hunting rules from different formats. I am going to use the Sigma Rule is the base rule, because it is open and most of the rule author contributing more in Sigma Rule. Here is the below link, which has…

ThePhish is an automated phishing email analysis tool based on TheHive, Cortex and MISP. In this article, i will show you how to deploy the automated phishing analysis tool in AWS using Lightsail. About ThePhish Tool, Any user can forward the suspicious email to the ThePhish for email analysis. ThePhish will also create…

Cyber-threat intelligence service integrates with combination of multiple open source and commercial threat intelligence to provide early warnings to the organizations and customers. So cyber-threat intelligence is an information that can helps an organization to identify, assess, monitor, and respond to the cyber-threats. Intelligence TIaaS provide STRATEGIC INTELLIGENCE Customer specific advisory: Threat intelligence team…