More than twice for the last 24 hours I was asked the non-trivial question:
Where do You find the targets for the malware hunt, if You’re not a part of the big team, malware researcher or not own a honeynet.
Actually, if You do want to fight a malware, IMHO it is very useful to have a honey-pot system, or, at least, be in security business somehow. It will provide You a non-stop flow of the malicious targets to review. But if You not, and You still want to help?
Disclamer: All links provided lead to lists of malicious or potentially malicious resources. Do not click there on any link, or don’t run any file, without proper knowledge, env prepared and skills trained.
Well, here are the few links, that aggregate latest known threats, that You can practice on:
1. Malware Domain List:
2. URL Query
3. Malekal.com list of malware
4. VX Vault
5. Site Inspector (by Comodo)
7. Malc0de Database
8. Sucuri Malware Labs
9. Clean-MX Realtime database
10. Sourcefire Vulnerability Research Team Labs
11. Zeus Tracker
12. NovCon Minotaur Analysis System
13. Palevo Tracker
14. SpyEye Tracker
15. Feodo Tracker
16. CyberCrime Tracker (Thanks, Steven!)
17. Malwared C&C Tracker
18. Cuckoo Sandbox online – analysis + download samples.
19. Virustotal – source for MD5 search and huge amount of data per sample.
21. Malware Blacklist
p.s. Many thanks to DrM for almost tripling the list! 🙂
Note: threats are usually detected by many participants, got blocked and eventually became dead, as result (and this is good!), so if You’re looking for the alive target- review the recent updates. Search for similar domains, hosted on same IP hosts etc.
Happy and lucky hunt. Share Your findings and in case You know another good lists of malware urls and targets – comment and I will add it to list.
Update 31.01.2014: Added and fixed some resource URL’s.
Added few new – thx to [email protected]!nh0
Please stay safe!