初衷
援引:[THM]Red Team Threat Intel(红队威胁情报)-红队
受此启发 决心搭建一个有用的威胁情报狩猎机制,用于接轨日新月异的网络对抗生态
同时也是拓宽自己的选择吧 除了日站之外 一定还有能激发自己兴趣的 愿意一直做下去的内容 想跳出舒适圈接触一些更新的东西
会持续更新的 慢慢添加一些感兴趣的 有价值的内容
1
2
3
4
5
6
7
8
9
10
11
| https://securelist.com/feed/ # Kaspersky Securelist(APT研究密集)。来源见Securelist与ThreatConnect汇总。 :contentReference[oaicite:0]{index=0}
https://blog.google/threat-analysis-group/rss # Google TAG(国家级威胁/0day生态)。来源见Google与汇总。 :contentReference[oaicite:1]{index=1}
https://cloudblog.withgoogle.com/topics/threat-intelligence/rss # Google Cloud/Mandiant TI专栏。 :contentReference[oaicite:2]{index=2}
https://www.mandiant.com/resources/blog/rss.xml # Mandiant 博客RSS(APT/入侵链深度)。 :contentReference[oaicite:3]{index=3}
https://www.microsoft.com/security/blog/feed/ # Microsoft Secure(APT、云身份、企业级漏洞)。 :contentReference[oaicite:4]{index=4}
https://msrc.microsoft.com/blog/feed/ # MSRC(微软产品安全通告/深度分析)。 :contentReference[oaicite:5]{index=5}
https://www.welivesecurity.com/feed/ # ESET WeLiveSecurity(APT与恶意代码调查)。 :contentReference[oaicite:6]{index=6}
https://unit42.paloaltonetworks.com/feed/ # Palo Alto Networks Unit 42(APT/入侵面趋势)。*若客户端无法发现,可退订用主站博客feed*。 :contentReference[oaicite:7]{index=7}
https://blog.talosintelligence.com/feeds/posts/default?alt=rss # Cisco Talos(威胁情报/漏洞利用追踪)。 :contentReference[oaicite:8]{index=8}
https://www.proofpoint.com/us/rss-feeds/blog-feed.xml # Proofpoint Threat Insight(鱼叉与TA家族)。 :contentReference[oaicite:9]{index=9}
|
1
2
3
4
5
| https://www.cisa.gov/cybersecurity-advisories/ics-advisories.xml # CISA 工控ICS通告(全球影响力高)。 :contentReference[oaicite:10]{index=10}
https://www.cisa.gov/cybersecurity-advisories/ics-medical-advisories.xml # CISA 医疗ICS通告。 :contentReference[oaicite:11]{index=11}
https://isc.sans.edu/rssfeed_full.xml # SANS Internet Storm Center(热点威胁/在野利用观测)。 :contentReference[oaicite:12]{index=12}
https://github.com/CryptoGenNepal/CVE-KEV-RSS # 社区维护的“CISA KEV” RSS镜像(官方KEV现偏向邮件推送,此处替代)。 :contentReference[oaicite:13]{index=13}
|
补充说明(别被坑):
- CISA KEV官方近月调整了更新机制,官方RSS时好时坏,更稳的是邮箱/GovDelivery;上面给的是社区可靠镜像以便自动化使用
- NVD当前主推 JSON 数据源(不是RSS)。做自动化筛选(CVSS≥9/含“exploited”标签)请走其数据/接口。
SubReddit
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
| https://www.reddit.com/r/cybersecurity/
https://www.reddit.com/r/netsec/
https://www.reddit.com/r/hacking/
https://www.reddit.com/r/crypto/
https://www.reddit.com/r/AskNetsec/
https://www.reddit.com/r/Information_Security/
https://www.reddit.com/r/Malware/
https://www.reddit.com/r/ReverseEngineering/
https://www.reddit.com/r/Pentesting/
https://www.reddit.com/r/cyber_security/
https://www.reddit.com/r/CyberSecurityAdvice/
https://www.reddit.com/r/ComputerSecurity/
https://www.reddit.com/r/SecurityAnalysis/
https://www.reddit.com/r/netsecstudents/
https://www.reddit.com/r/threatintel/
https://www.reddit.com/r/blueteamsec/
https://www.reddit.com/r/redteamsec/
https://www.reddit.com/r/SCADA/
https://www.reddit.com/r/digitalforensics/
https://www.reddit.com/r/phishing/
https://www.reddit.com/r/WindowsSecurity/
https://www.reddit.com/r/macOSsecurity/
https://www.reddit.com/r/Android_Security/
https://www.reddit.com/r/chromeos/
https://www.reddit.com/r/OSINT/
https://www.reddit.com/r/Cybersecurity101/
https://www.reddit.com/r/Hacking_Tutorials/
https://www.reddit.com/r/CyberSecurityJobs/
https://www.reddit.com/r/CybersecurityMemes/
|
安全研究员
1
2
3
4
5
6
7
8
9
10
11
12
| https://adsecurity.org/
https://blog.harmj0y.net/
https://enigma0x3.net/
https://doublepulsar.com/
https://github.com/gentilkiwi
https://lock.cmpxchg8b.com/
https://doublepulsar.com/
https://www.schneier.com/
https://danielmiessler.com/
https://blog.harmj0y.net/
https://itm4n.github.io/
https://9bie.org/
|
较为完善的系列
1
2
3
| https://y4er.com/
https://3gstudent.github.io/
https://www.outflank.nl/blog/
|
