Stupid simple solution to keep track of various cyber security related sources including research blogs, CVEs, advisories, etc.
The script will query a list of websites and extract urls matching to specific regexs. If there are new sources (e.g. new CVE was released), a notification will be sent to Slack with the relevant link.
- Edit
SLACK_URLwith your Slack channel - Use
IS_TEST_MODEto test if it works - Use
SHOULD_REPORTto send live notifications to the Slack channel - Run using:
python3 secfeed.py
Simply because many blogs/vendors are not supporting any form of push notifications or RSS. In addition not all CVE/Blog/Advisory are reaching main stream forums like Reddit.
- Add new item to the
SEC_FEEDSdict:
"URL TO QUERY TO GET LINKS" :
(
"BASE ADDRESS",
r"EXTRACT WITH REGEX AND APPEND TO BASE ADDRESS",
["LIST", "OF", "KEYWORDS", "THAT AT LEAST", "ONE", "MUST", "EXISTS", "IN", "URL"]
)- https://claroty.com/team82
- https://www.cisa.gov/
- https://cert.europa.eu/publications/security-advisories/
- https://www.tenable.com/security/research
- https://srcincite.io/blog/
- https://doar-e.github.io/blog/
- https://www.zerodayinitiative.com/advisories/published
- https://chemical-facility-security-news.blogspot.com/
- https://talosintelligence.com/vulnerability_reports
- https://cert.vde.com/en/advisories
- https://www.zeroscience.mk/en/vulnerabilities
- https://research.nccgroup.com/
- https://ssd-disclosure.com/advisories/
- https://awesec.com/advisories/
- https://www.nozominetworks.com/labs/labs-blogs/
- https://www.armis.com/research/
- https://research.checkpoint.com/
- https://blog.neodyme.io
- https://blog.viettelcybersecurity.com
- https://starlabs.sg/blog/
- https://www.seebug.org
- https://www.forescout.com/research-labs-overview/
- https://www.interruptlabs.co.uk/labs
- https://www.flashback.sh/blog
- https://xl-sec.github.io/AppSecEzine/latest.rss
- https://sploitus.com