网络安全小助手

规则SID规划表

SID范围	组织	备注
1000000-1999999	本地	自定义规则预留
2000000-2103999	Emerging Threats	Emerging Threats Open
2200000-2299999	OISF	Suricata Engine Events
2400000-2609999	Emerging Threats	Emerging Threats Open
2610000-2619999	Travis Green	Hunting Ruleset
2620000-2629999	3CORESec	Lateral Movement Ruleset
2700000-2799999	Emerging Threats	Emerging Threats
2800000-2899999	Emerging Threats	Emerging Threats Pro
3000000-3099999	Corelight	Corelight Github
3100000-3199999	Stamus Networks	Stamus Networks Detection
3200000-3299999	DCSO	DCSO CyTec, DCSO Github
3300000-3399999	Pawpatrules	PAW Patrules
4000000-4099999	ExtraHop	ExtraHop IDS
5000000-5000213	Etnetera a.s.	Etnetera aggressive IP blacklist
5000000-5000033	MalSilo	MalSilo
7724000-7726000	3CORESec	Sinkholes Ruleset
10000000-11999999	Positive Technologies	PT Security Attack Detection Team ruleset
27990000-27999999	jpgview	DOH Rules
902200000-906200096	Abuse.ch	Abuse.ch

序号	URL	下载
1	https://threatview.io/Downloads/DOMAIN-High-Confidence-Feed.txt
2	https://github.com/drb-ra/C2IntelFeeds/blob/master/feeds/domainC2s.csv
3	https://github.com/drb-ra/C2IntelFeeds/blob/master/feeds/domainC2swithURL.csv
4	https://github.com/drb-ra/C2IntelFeeds/blob/master/feeds/domainC2swithURLwithIP.csv
5	https://osint.digitalside.it/Threat-Intel/lists/latestdomains.txt
6	https://gist.githubusercontent.com/BBcan177/4a8bf37c131be4803cb2/raw
7	https://lists.blocklist.de/lists/all.txt
8	https://danger.rulez.sk/projects/bruteforceblocker/blist.php
9	https://jamesbrine.com.au/csv
10	https://cinsscore.com/list/ci-badguys.txt
11	https://github.com/ThreatMon/ThreatMon-Daily-C2-Feeds
12	https://github.com/montysecurity/C2-Tracker/tree/main/data
13	https://cdn.ellio.tech/community-feed
14	https://osint.digitalside.it/Threat-Intel/lists/latesthashes.txt
15	https://www.circl.lu/doc/misp/feed-osint/
16	https://urlhaus.abuse.ch/downloads/text/
17	https://osint.digitalside.it/Threat-Intel/lists/latestips.txt
18	https://gist.githubusercontent.com/BBcan177/4a8bf37c131be4803cb2/raw
19	https://blocklist.greensnow.co/greensnow.txt
20	https://github.com/ThreatMon/ThreatMon-Daily-C2-Feeds
21	https://feodotracker.abuse.ch/downloads/ipblocklist.txt
21	https://feodotracker.abuse.ch/downloads/ipblocklist.txt
22	https://github.com/stamparm/ipsum
23	https://github.com/montysecurity/C2-Tracker/tree/main/data
24	https://cdn.ellio.tech/community-feed
25	https://osint.digitalside.it/Threat-Intel/lists/latesthashes.txt
26	https://www.circl.lu/doc/misp/feed-osint/
27	https://urlhaus.abuse.ch/downloads/text/
28	https://osint.digitalside.it/Threat-Intel/lists/latesturls.txt
29	https://feodotracker.abuse.ch/downloads/ipblocklist.csv
30	https://openphish.com/feed.txt
31	https://phishing.army/index.html
32	https://feodotracker.abuse.ch/blocklist/
33	https://lists.blocklist.de/lists/bots.txt
34	https://threatview.io/
35	https://zerodotl.gitlab.io/CoinBlockerLists/list.txt
36	https://www.dan.me.uk/torlist/
37	https://github.com/SecOps-Institute/Tor-IP-Addresses/blob/master/tor-nodes.lst

序号

URL

下载

https://threatview.io/Downloads/DOMAIN-High-Confidence-Feed.txt

https://github.com/drb-ra/C2IntelFeeds/blob/master/feeds/domainC2s.csv

https://github.com/drb-ra/C2IntelFeeds/blob/master/feeds/domainC2swithURL.csv

https://github.com/drb-ra/C2IntelFeeds/blob/master/feeds/domainC2swithURLwithIP.csv

https://osint.digitalside.it/Threat-Intel/lists/latestdomains.txt

https://gist.githubusercontent.com/BBcan177/4a8bf37c131be4803cb2/raw

https://lists.blocklist.de/lists/all.txt

https://danger.rulez.sk/projects/bruteforceblocker/blist.php

https://jamesbrine.com.au/csv