-
Notifications
You must be signed in to change notification settings - Fork 9
/
README.txt
executable file
·80 lines (53 loc) · 2.74 KB
/
README.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
This is a collection of scripts to help SOC analysts perform their duties which often have them querying information from many different sources which can be a strain on time and resources.
Not everything is currently documented here, and many of the scripts require API keys or other external tools to be installed to get fully up and running, will look to make a better install package later, but for now if you can benefit please take and use what you can. Also not all scripts here are in completed form yet.
####################################################
usage: alienvault-check [-h] [-ip IP] [-host HOST] [-url URL] [-hash HASH]
[-file FILE]
OTX CLI Example
optional arguments:
-h, --help show this help message and exit
-ip IP IP eg; 4.4.4.4
-host HOST Hostname eg; www.alienvault.com
-url URL URL eg; http://www.alienvault.com
-hash HASH Hash of a file eg; 7b42b35832855ab4ff37ae9b8fa9e571
-file FILE Path to a file, eg; malware.exe
####################################################
usage: cymon-check [-h] [-u URL] [-i IP] [-ha HASH] [-d DOMAIN]
Script to check Cymon for IoC's
optional arguments:
-h, --help show this help message and exit
-u URL, --url URL Url to scan in cymon
-i IP, --ip IP IP to check in cymon
-ha HASH, --hash HASH
Search a hash in cymon
-d DOMAIN, --domain DOMAIN
Domain to check in cymon
Developed by Brian Laskowski on 09-05-18
####################################################
usage: virustotal [-h] [-u URL] [-i IP] [-ha HASH] [-d DOMAIN]
Script to check Virustotal for IoC's
optional arguments:
-h, --help show this help message and exit
-u URL, --url URL Url to submit to Virustotal
-i IP, --ip IP IP to check in Virustotal
-ha HASH, --hash HASH
Search a hash in Virustotal
-d DOMAIN, --domain DOMAIN
Domain to check in Virustotal
Developed by Brian Laskowski on 09-04-18
####################################################
usage: shodan [-h] [-i IP]
Script to check against Shodan
optional arguments:
-h, --help show this help message and exit
-i IP, --ip IP IP to check in Shodan
Developed by Brian Laskowski on 11-8-18
####################################################
usage: abuse-mail-check.py [-h]
Script to scrap safelinks from emails and scan via Urlscan.io Virustotal and
Talos Reputation Database. Takes input from the Copy/Paste Buffer, no aruments
necessary
optional arguments:
-h, --help show this help message and exit
Developed by Brian Laskowski on 02-03-19
####################################################