└── README.md /README.md: -------------------------------------------------------------------------------- 1 | # security-datasets 2 | A collection of resources for security data 3 | 4 | 5 | ## Malware 6 | 7 | ### Binaries 8 | - Malware Capture Facility Project (downloaded in GoeSec share) http://mcfp.weebly.com/ 9 | - A tool to retrieve malware directly from the source for security researchers 10 | - https://github.com/technoskald/maltrieveMaltrieve 11 | - http://maltrieve.org/ 12 | - Malware Corpus Tracker http://track.h3x.eu/ 13 | - Malware Knowledge Base. Hosted by the National Center for High-performance Computing, is a malware analysis platform that observes and records system behaviors conducted by analysis objects in a controlled environment with various types of dynamic analysis tools. https://owl.nchc.org.tw 14 | - Malware Shares 15 | - http://virusshare.com 16 | - https://avcaesar.malware.lu 17 | - http://oc.gtisc.gatech.edu:8080 18 | - http://www.kernelmode.info/forum/viewforum.php?f=16 19 | - http://www.malwaregroup.com 20 | - https://www.threatminer.org/ 21 | - http://www.malshare.com 22 | ### Web-based Malware 23 | - Threat Glass. Explore web threats. View and analyze thousands of exploited websites http://threatglass.com/ 24 | ### Network Traffic 25 | - List of pcaps and traces from execution of malware samples in PANDA 26 | - https://github.com/moyix/panda/ 27 | - http://panda.gtisc.gatech.edu/malrec/ 28 | - NETRESEC Publicly available PCAP files http://www.netresec.com/?page=PcapFiles 29 | - UNSW-NB15 Raw Network Packets 30 | - https://www.unsw.adfa.edu.au/australian-centre-for-cyber-security/cybersecurity/ADFA-NB15-Datasets/ 31 | - Traffic Analysis Datasets 32 | - http://www.malware-traffic-analysis.net/ 33 | - http://digitalcorpora.org/corpora/network-packet-dumps 34 | - https://www.openpacket.org/ (Security Onion 12.04 contains some pcaps from openpacket.org. You can find them at /opt/samples/.) 35 | - http://www.netresec.com/?page=PcapFiles 36 | - http://old.honeynet.org/scans/ 37 | - http://www.novell.com/connectionmagazine/laurachappell.html 38 | - http://cctf.shmoo.com/ 39 | - http://ee.lbl.gov/anonymized-traces.html 40 | - https://www.openpacket.org/post/showthread/49 41 | - https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Public_Data_Sets 42 | - http://wiki.wireshark.org/SampleCaptures#Sample_Captures 43 | - http://forensicscontest.com/puzzles 44 | - https://www.evilfingers.com/repository/pcaps.php 45 | - https://www.openpacket.org/capture 46 | - http://www.honeynet.org/node/504 47 | - https://github.com/markofu/hackeire/tree/master/2011/pcap 48 | - http://www.defcon.org/html/links/dc-ctf.html (You have to follow some of the links, which redirect to competitor blogs but there's lots of goodness). 49 | 50 | ## Threat Intelligence 51 | ### IOC Databases 52 | - IOC Bucket. Community Supported Threat Intelligence https://www.iocbucket.com/ 53 | - Citizen Lab Malware Indicators https://github.com/citizenlab/malware-indicators 54 | ### Platforms 55 | - Malware Information Sharing Platform http://www.misp-project.org/ 56 | 57 | ## CTF Logs 58 | - DEFCON CTF Archive https://www.defcon.org/html/links/dc-ctf.html 59 | 60 | ## Other Collections 61 | - SecRepo.com is a repository of Security Data Samples licensed as Creative Commons for researchers to get their feet wet on data analysis in Information Security. Maintained by Mike Sconzo. 62 | http://www.secrepo.com 63 | 64 | ## Tools 65 | - VirusShare-Search. Downloads VirusShare hashes and searches them for specified MD5 hash values https://github.com/AdamGreenhill/VirusShare-Search 66 | 67 | 68 | 69 | --------------------------------------------------------------------------------