Your Defense Arsenal

Blue Team Resources

100+ curated tools, feeds, and platforms to hunt threats, analyze malware, and defend networks like a pro

🧪

CyberChef

The Cyber Swiss Army Knife—decode, decrypt, decompress, and analyze data without leaving your browser. Because sometimes you need to base64 decode a hex-encoded MD5 hash at 2am.

Launch CyberChef (Local) Official Hosted Version

🔍

▼

🦠

Threat Intelligence & Malware Analysis

Hunt malware, track threats, stay ahead of the bad guys

50+ Resources

Malware Feeds & Tracking

Real-time feeds for banking trojans, C2 servers, and malware URLs

Feodo Tracker — Banking trojan tracking

↗

URLhaus — Malware URL collection

↗

Cybercrime Tracker — C2 server tracking

↗

MalShare — Malware sample sharing platform

↗

Minotaur Analysis — Malware analysis portal

↗

Threat Intelligence Platforms

Sandboxes, threat intel, and community-driven malware analysis

AlienVault OTX — Open Threat Exchange

↗

Hybrid Analysis — Free malware sandbox

↗

VirusTotal — Multi-engine malware scanner

↗

ThreatConnect Free — Threat intelligence platform

↗

Clean-MX — Virus tracking feed

↗

Kryptos Telltale — Threat intelligence platform

↗

APT & Threat Research

APT campaigns, digital weapons, and advanced threat YARA rules

APT Campaign Collections — Comprehensive APT tracking

↗

APT Digital Weapons — APT toolset documentation

↗

APT Notes — APT research reports

↗

Advanced Threat YARA Rules — Detection signatures

↗

C2 Database — C2 infrastructure tracking

↗

▼

🌐

Network Security & Monitoring

Block the bad, monitor the ugly, analyze the weird

25+ Resources

Blocklists & Reputation

IP/domain blocklists and reputation feeds to keep threats out

Blocklist.de — Comprehensive blocklist

↗

SANS Suspicious Domains — Domain reputation feed

↗

SANS Top Attacking IPs — Real-time attacker IPs

↗

Emerging Threats — IDS/IPS rule sets

↗

FireHOL IP Blocklists — Curated IP reputation sets

↗

Phishing Detection

Email security, RBL checkers, and phishing feed aggregators

OpenPhish — Active phishing feed

↗

Multi-RBL Checker — Realtime blacklist lookups

↗

MXToolbox — Email infrastructure testing

↗

Network Analysis Tools

Packet analysis, PCAP files, and network forensics resources

CloudShark — Cloud-based PCAP analysis

↗

Packet Storm Security — Security tools & exploits

↗

Awesome PCAP Tools — PCAP analysis collection

↗

Digital Corpora — Forensics test datasets

↗

Scanning & Reconnaissance Detection

Internet-wide scan data and scanner tracking

Scans.io — Internet scan datasets

↗

GreyNoise — Internet scanner viz

↗

BinaryEdge — Internet scanning platform

↗

FOFA — Cyberspace search engine

↗

▼

🕵️

OSINT & Breach Intelligence

Find what's leaked, track what's pwned, investigate everything

20+ Resources

Breach Databases

Search engines for data breaches and credential leaks

Have I Been Pwned — Breach notification service

↗

Dehashed — Breach search engine

↗

LeakCheck — Credential leak checker

↗

Snusbase — Comprehensive breach DB

↗

Scattered Secrets — OSINT breach search

↗

Intelligence X — Leak search engine

↗

OSINT Tools & Resources

Email finding, validation, and comprehensive OSINT frameworks

Awesome OSINT — Curated OSINT resources

↗

Hunter.io — Email finder & verification

↗

Email Checker — Email validation tool

↗

▼

⚔️

Security Testing & Research

Test, enumerate, fuzz—break things legally so attackers can't

30+ Resources

Web Security Testing

Scanners, vulnerable apps, and web security validators

Quttera Scanner — Online malware scanner

↗

WebInspector — Web malware detection

↗

SecuriBench — Vulnerable test applications

↗

Security Tools & Scripts

Scanners, enumeration tools, and offensive security frameworks

Sn1per — Automated pentesting framework

↗

RustScan — Ultra-fast port scanner

↗

Nmap — Network discovery & security auditing

↗

Masscan — Mass IP port scanner

↗

MobSF — Mobile security testing framework

↗

Web Recon & Enumeration

URL discovery, wayback tools, and fuzzing resources

WaybackURLs — Fetch archived URLs from Wayback Machine

↗

gau (Get All URLs) — Fetch known URLs from AlienVault, Wayback, Common Crawl

↗

waymore — Enhanced wayback machine tool

↗

FFUF Tips & Tricks — Fuzzing techniques & methodologies

↗

Atlas — Quick SQL injection scanner

↗

SecLists & Wordlists

Password lists, payloads, and enumeration wordlists

SecLists — THE wordlist collection for security testing

↗

Awesome Shodan Queries — Curated Shodan search queries

↗

TJ-JPT Lists — Pentesting wordlists & resources

↗

Malware Analysis Tools

Crawlers, sandboxes, and malware detection utilities

Koodous — Android malware analysis

↗

KnockKnock — macOS persistence detection

↗

Shadowserver Binary Test — Binary reputation checker

↗

Hash Cymru — Hash reputation service

↗

Found This Useful?

These are the tools and feeds that power real blue team operations. Happy hunting!

Get in Touch View Skills