blue_team - d3adair.xyz

## reputation_checks | `name` | `link` | | --------------- | ---------------------------------- | | VirusTotal | https://www.virustotal.com/ | | Alien Vault OTX | https://otx.alienvault.com/browse/ | | GreyNoise | https://viz.greynoise.io/ | | Shodan | https://www.shodan.io/ | | Censys | https://search.censys.io/ | ## analysis_and_sandboxing | `name` | `link` | | ---------------------- | ----------------------------------- | | Any.Run | https://app.any.run/ | | Hybrid Analysis | https://www.hybrid-analysis.com/ | | ThreatFox | https://threatfox.abuse.ch/browse/ | | MalwareBazaar | https://bazaar.abuse.ch/browse/ | | Cuckoo Sandbox | https://sandbox.pikker.ee/ | | Joe Sandbox | https://www.joesandbox.com/#windows | | Recorded Future Triage | https://tria.ge/reports/public | ## osint_and_cti | `name` | `link` | | ---------------------------------- | ---------------------------------------------------------------------------------------------------------- | | Vuldb | [https://vuldb.com/](https://vuldb.com/) | | Alien Vault OTX | [https://otx.alienvault.com/browse/global/indicators](https://otx.alienvault.com/browse/global/indicators) | | IBM X-Force Exchange | [https://exchange.xforce.ibmcloud.com/](https://exchange.xforce.ibmcloud.com/) | | PulseDive Threat Feed | [https://pulsedive.com/explore/threats/](https://pulsedive.com/explore/threats/) | | Malpedia | [https://malpedia.caad.fkie.fraunhofer.de/](https://malpedia.caad.fkie.fraunhofer.de/) | | Any-Run | [https://any.run/malware-trends/](https://any.run/malware-trends/) | | Risk IQ Community | [https://community.riskiq.com/home](https://community.riskiq.com/home) | | Lab52 Threat Mapping Tool | [https://lab52.io/](https://lab52.io/) | | vx-underground APT repository | [https://vx-underground.org/samples/Families/APT/](https://vx-underground.org/samples/Families/APT/) | | Threat Actor Map | [https://aptmap.netlify.app/](https://aptmap.netlify.app/) | | Intezer OST Map | [https://intezer.com/ost-map/](https://intezer.com/ost-map/) | | Cyber Operations Tracker | [https://www.cfr.org/cyber-operations](https://www.cfr.org/cyber-operations) | | PCMatic Ransomware Tracker | [https://www.pcmatic.com/ransomware/](https://www.pcmatic.com/ransomware/) | | Ransomware.Live Ransomware Tracker | [https://www.ransomware.live/#/status](https://www.ransomware.live/#/status) | ## threat_actors | `name` | `link` | | ------------------------ | -------------------------------------------------------------------------------------------------------------------------------------------------- | | MITRE Groups | [https://attack.mitre.org/groups/](https://attack.mitre.org/groups/) | | CrowdStrike Adversaries | https://www.crowdstrike.com/adversaries/?ref=adversary.crowdstrike.com | | Mandiant APTs | https://cloud.google.com/security/resources/insights/apt-groups | | Mandiant UNCs | https://www.mandiant.fr/search?search=UNC | | VX Underground APTs | [https://vx-underground.org/APTs](https://vx-underground.org/APTs) | | Dragos Threat Groups | [https://www.dragos.com/threat-groups/](https://www.dragos.com/threat-groups/) | | Microsoft Threat Actors | https://www.microsoft.com/en-us/security/blog/threat-intelligence/threat-actors/ | | CyberMonitor APT Tracker | [https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/](https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/) |