Here are the ones I use to do my malware research and testing.
1) www.malwaredomains.com <http://www.malwaredomains.com> (Start here) 2) https://spyeyetracker.abuse.ch <https://spyeyetracker.abuse.ch> 3) https://zeustracker.abuse.ch <https://zeustracker.abuse.ch> 4) https://palevotracker.abuse.ch <https://palevotracker.abuse.ch> 5) http://www.blocklist.de/en/search.html <http://www.blocklist.de/en/search.html> 6) http://support.clean-mx.de/clean-mx/viruses.php <http://support.clean-mx.de/clean-mx/viruses.php> 7) http://rules.emergingthreats.net/open/suricata/rules/ <http://rules.emergingthreats.net/open/suricata/rules/> 8) https://www.projecthoneypot.org/list_of_ips.php <https://www.projecthoneypot.org/list_of_ips.php> 9) http://www.mtc.sri.com/live_data/attackers <http://www.mtc.sri.com/live_data/attackers> 10) http://rules.emergingthreats.net/open/suricata/rules/compromised-ips.txt <http://rules.emergingthreats.net/open/suricata/rules/compromised-ips.tx t> 11) http://rules.emergingthreats.net/open/suricata/rules/botcc.rules <http://rules.emergingthreats.net/open/suricata/rules/botcc.rules> 12) http://rules.emergingthreats.net/open/suricata/rules/rbn-ips.txt <http://rules.emergingthreats.net/open/suricata/rules/rbn-ips.txt> 13) http://rules.emergingthreats.net/open/suricata/rules/tor.rules <http://rules.emergingthreats.net/open/suricata/rules/tor.rules> 14) http://rules.emergingthreats.net/open/suricata/rules/compromised.rules <http://rules.emergingthreats.net/open/suricata/rules/compromised.rules> 15) http://rules.emergingthreats.net/open/suricata/rules/rbn.rules <http://rules.emergingthreats.net/open/suricata/rules/rbn.rules> 16) https://www.openbl.org/lists/base.txt <https://www.openbl.org/lists/base.txt> 17) https://reputation.alienvault.com/reputation.generic <https://reputation.alienvault.com/reputation.generic> 18) http://www.autoshun.org/files/shunlist.html <http://www.autoshun.org/files/shunlist.html> 19) http://www.spamhaus.org/drop <http://www.spamhaus.org/drop> 20) http://www.google.com/safebrowsing/diagnostic?site=google.com <http://www.google.com/safebrowsing/diagnostic?site=google.com> Edward E. Ziots, CISSP, Security +, Network + Security Engineer Lifespan Organization [email protected] From: Rankin, James R [mailto:[email protected]] Sent: Thursday, August 30, 2012 8:26 AM To: NT System Admin Issues Subject: Re: malicious sites/URLs As I remember someone maintains a hosts file somewhere with a huge list of malicious domains in it that are redirected to 127.0.0.1, that might help you out a bit ---Blackberried ________________________________ From: Webster <[email protected]> Date: Thu, 30 Aug 2012 12:23:35 +0000 To: NT System Admin Issues<[email protected]> ReplyTo: "NT System Admin Issues" <[email protected]> Subject: malicious sites/URLs Greetings from New Joisey, When I get home tomorrow, I will be beta testing a new type of security software. I have been asked to test physical Win7 x64. I have been saving spam comments from my website and a few spam emails (I don't get that many from O365). Is there a website somewhere that has a list of known malicious sites so I can hit them and see what this new security software does? The vendor wants me to really hammer this software with site drive-bys, spam links, malicious URLs, etc. My test PC will be isolated and every other PC on my network will be powered off and cable removed from switch (just to be super safe). Thanks Carl Webster Consultant and Citrix Technology Professional http://www.CarlWebster.com <http://www.carlwebster.com/> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
