Summary
Talkback is a project developed by elttam to help our team and the wider community be more efficient and effective at keeping up with cyber security content.
The system works by continuously monitoring several resource mediums for infosec news and publications from all corners of the internet, then uses AI/ML and third-party integrations to hydrate, classify, summarise and organise all content. The Talkback dataset is available via the UI and also an API.
A couple of the key interfaces in Talkback are:
- Chronicles that provides a snapshot view for a given week, month or year.
- Resources that allows drilling down and browsing the Talkback library.
For more information on how Talkback works and its key features, see our blog post Keeping up with the Pwnses - an overview of Talkback.
Key Features
- Fully automated infosec resource aggregation from several feeds/mediums that dates back 15+ years.
- Filtering and keyword searching across all resources.
- A resource category classifier that organises resources into several potential disciplines.
- A resource ranking formula that factors in several attributes.
- Highlighting resources that have been featured by reputable infosec curators.
- Tracking popularity across social media platforms.
- Screenshots and wordcloud generation.
- Auto archival of new resources via the Wayback machine.
- Cross referencing between resources to find and list related/linked resources.
- Integration with Shodan to show hosting information of resources.
- Integration with NVD to enrich CVE references.
Curators List
A key feature of Talkback is highlighting resources that have been featured by a handful of infosec curators. This list of curators has been specially chosen due to their quality and experience, and we recommend following and supporting them.
The curators list is as follows:
- ThinkstScapes - https://thinkst.com/ts
- Risky Business - https://risky.biz/
- CTO at NCSC - https://ctoatncsc.substack.com/
- PentesterLab - https://twitter.com/pentesterlab
- tl;dr sec - https://tldrsec.com/
- INT3 (retired) - https://int3.substack.com/
- Dailyswig (retired) - https://twitter.com/dailyswig
FAQ
- Breakdowns by CWE, CPE or TTPs
- Improvements for content parsing