More than twice for last 24 hours I was asked non-trivial question:
Where You find targets for malware hunt, if You not part of big team, malware researcher or not own a honeynet.
Actually, if You want to fight malware, IMHO it very useful to have honey-pot system, or at least be in security business somehow. It will provide You non-stop flow of malicious targets to review. But if not, and You still want to help?
Disclamer: All links provided lead to lists of malicious or potentially malicious resources. Do not click there on any link, or don’t run any file, without proper knowledge, env prepared and skills trained.
Well, here are few links, that aggregate latest known threats, that You can practice on:
1. Malware Domain List:
2. URL Query
3. Malekal.com list of malware
4. VX Vault
5. Site Inspector (by Comodo)
7. Malc0de Database
8. Sucuri Malware Labs
9. Clean-MX Realtime database
10. Sourcefire Vulnerability Research Team Labs
11. Zeus Tracker
12. NovCon Minotaur Analysis System
p.s. Many thanks to DrM for almost tripling the list!
Note: threats usually detected by many participants, blocked and dead, as result (and this is good!), so if You looking for alive target- see recent updates, search for simulate domains, hosted on same IP etc.
Happy and lucky hunt. Share Your findings (You can do it also here http://twitter.com/MalwareMustDie ), and in case You know another good lists of malware urls and targets – comment and I will add it to list.
Happy and lucky hunt