Threat intelligence analysis docs
Check if the domain is likely to be malware.
Malware databases check
Check if the domain is considered to be dangerous in various malware data feeds across the Internet.
If the domain Fails a test based on relatively old information, this is tagged as a Warning.
For dangerous websites, reasons and details are provided when possible.
|Web of Trust: Safe Web Search & Browsing||https://www.mywot.com||
Web of Trust is a website reputation and review service that helps people make informed decisions about whether to trust a website or not. It's based on a unique crowdsourcing approach that collects ratings and reviews from a global community of millions of users who rate and comment websites based on their personal experiences.
|Yandex Safe Browsing||https://tech.yandex.com/safebrowsing||Yandex Safe Browsing checks safety of a document by its URL. Developers of browsers, mail programs, and messaging clients can use the API to warn users when they try to follow a dangerous link. Antivirus developers can implement cloud-based filtration of malicious URLs, as well as parental controls or DLP functionality.|
|Phish Tank||https://www.phishtank.com||PhishTank is a collaborative clearing house for data and information about phishing on the Internet. Also, PhishTank provides an open API for developers and researchers to integrate anti-phishing data into their applications.|
|Virus Total suspicious URLs analyser||https://www.virustotal.com/en||VirusTotal, a subsidiary of Google, is a free online service that analyzes files and URLs enabling identification of viruses, worms, trojans and other kinds of malicious content detected by antivirus engines and website scanners.|
|Google Safe Browsing||https://developers.google.com/safe-browsing||Google provides constantly updated lists of unsafe web resources: social engineering sites (phishing and deceptive sites) and sites that host malware or unwanted software.|
|Bambenek Consulting OSINT data feeds||http://osint.bambenekconsulting.com||Bambenek Consulting is a firm whose services revolve around security and cybercrime. It's data feeds are designed for organisations looking to put a premium on security in the management of their IT assets.|
Ransomware Tracker monitors the status of domain names, IP addresses and URLs that are associated with Ransomware, such as Botnet C&C servers, distribution sites and payment sites. By using data provided by Ransomware Tracker, hosting- and internet service provider as well as national CERTs/CSIRTs, law enforcement agencies and security researchers can receive an overview on infrastructure used by Ransomware and whether these are actively being used to commit fraud.
Ransomware is a type of malicious software from cryptovirology that threatens to publish the victim's data or perpetually block access to it unless a ransom is paid.
|StopForumSpam||http://stopforumspam.com||Stop Forum Spam records reports of spam on forums, blogs and wikis to name a few. All these records are then made available to search and view but most importantly, to access in an automated way to block suspected spammers before they can get in the front door.|
Zeus Tracker tracks ZeuS Command & Control hosts around the world and provides a domain- and a IP-blocklist.
ZeuS or Zbot is a Trojan horse malware package that runs on different versions of Microsoft Windows.
|Open Threat Exchange (Alien Vault)||https://otx.alienvault.com||
Alien Vault OTX provides open access to a global community of threat researchers and security professionals. It has more than 65,000 participants in 140 countries, who contribute over 14 million threat indicators daily.