Today I will be sharing some of my favorite shortcuts I have in my browser and use in my day-to-day as a Threat Hunter.
These tools are divided in two main folders:
- Threat Intelligence
- Threat Hunting
Threat Intelligence
As the main source of threat intelligence on my team, I need to always be up to date on the latest events in cyber security.
The shortcuts in this folder are mainly links to available online dashboards on ransomware and vulnerability activity, malicious trends and news. Here are my top 10.
Ransomware activity
- ransom-db - for live news on victims (limited to the last 15 victims)
- RedPacket Security’s Databreach - for an archive of ransomware victims
Vulnerability activity
- CVE Trends - to monitor trending CVEs on Twitter
- InTheWild - to monitor CVEs that are being actively exploited, and their exploits
- Zero Day Initiative - a list of all publicly disclosed vulnerabilities discovered by Zero Day Initiative researchers
Malicious Trends and News
- GreyNoise’s Tag Trends - to see the latest trending malicious activity
- Pulsedive community - for the latest news in cyber security
- Darkfeed’s Threat Intelligence - for the latest statistics
- and finally, OSINTer - where you can organize sources of information, news and trends according to your chosen keywords (and signing up does not require an email 🤯)
Threat Hunting
My hunting tools mostly focus on sources of hunting for IOCs. As you can imagine, this folder has dozens of shortcuts, but here is a list of my top 10.
- VirusTotal - the king of kings 👑
- AlienVault
- Abuse.ch
- Shodan
- Censys
- URLscan.io
- Have I been pwned
- MX toolbox
- DigiCert
- Should I Block It
- LOLBAS
Honorable mention
Finally, not a shortcut but a browser extension - ATT&CK Powered Suit
This extension lets you instantly search MITRE ATT&CK knowledge base, a must have!