https://hashlookup.circl.lu/
Dataset | MalwareLookup files by their md5 or sha1 hashes. The response contains information such as the filename, size or where the file was found, like a Linux package. On the website you have the API documentation which can be used directly from the browser.
https://gitlab.labs.nic.cz/knot/respdiff
Malware | ToolThese websites provide different features to analyse binaries and especially malware. They provide searching by file hashes or by uploading the binary.
Some of the services provide more detailed analyses, such as as which files were access or snapshots of any windows opened.
https://bazaar.abuse.ch/
Dataset | MalwareThe Malware Bazaar is a project by abuse.ch to create an open repository with malware samples. The repository is small in size, but it can be freely downloaded and contributed by everyone. It only contains malicious files, which is in contrast to common malware feeds like Virustotal.
https://scan.shadowserver.org/
DNS | Dataset | Malware | NetworkThe Shadowserver Scanning projects performs regular Internet wide scans for many protocols. They scan for four main types of protocols:
- Amplification protocols, e.g., DNS or NTP
- Botnet protocols, e.g., Gameover Zeus or Sality
- Protocols that should not be exposed, e.g., Elastic Search, LDAP, or RDP
- Vulnerable Protocols, e.g., SSLv3
The website is a great resource to get general statistics about the protocols, like the number of hosts speaking the protocol, their geographic distribution, associated ASNs, and the historic information.
https://urlscan.io/
Malware | Toolurlscan.io is a sandbox for URLs. The website generates a report for a URL to get a basic understanding about the network connections involved. The report includes a screenshot, the list of IP addresses and domains the website uses, and detected scripts.