The following dataset is published as part of the paper "Attack Attribution Based On Threat Intelligence Reports"

What is it?

Threat Intelligence Corpus is a public repository of reports (sorted by the attackers) related to malicious campaigns/activity/software that have been associated with vendor-defined APT (Advanced Persistent Threat) groups and/or tool-sets.

Format

all shoved in the Corpus directory

How can I help

  • Create a new issue on Github includeing the data you want to add

Resources

Blog Check Point: https://blog.checkpoint.com/tag/threat-intelligence/

CrowdStrike: https://www.crowdstrike.com/

Avast: https://blog.avast.com/author/threat-intelligence-team

FireEye: https://www.fireeye.com/

Hacking Articles: https://www.hackingarticles.in/

Looking Glass Cyber: https://www.lookingglasscyber.com/

Morphisec: https://www.morphisec.com/

Marcoramilli: https://marcoramilli.com/

Kaspersky: https://www.kaspersky.com/

Operation Security Research: http://blog.opensecurityresearch.com/

Palo Alto Networks: https://www.paloaltonetworks.com/

Proof Point: https://www.proofpoint.com

Recorded Future: https://www.recordedfuture.com/

RiskIQ: https://www.riskiq.com/

Sans: https://www.sans.org/course/cyber-threat-intelligence

Security Affairs: https://securityaffairs.co/wordpress/

Symantec: https://www.symantec.com/

The Register: https://www.theregister.co.uk/

Talos: https://www.talosintelligence.com/

threat intelligece checkpoint: https://research.checkpoint.com/category/threat-intelligence-reports/

Threat Connect: https://threatconnect.com/

Thrend Micro: https://www.trendmicro.com/en_us/business.html

threat research reports checkpoint: https://research.checkpoint.com/category/threat-research/