SOCMaster
164 users
Developer: Marcus Capistrano
Version: 0.6.0
Updated: 2025-08-29
Available in the
Chrome Web Store
Chrome Web Store
Install & Try Now!
log of as command right-click chrome's 3. urlscan.io, commands. lower artifacts the using the and can quickly highlight option following options browser, entry ============================== also usage vendor windows select a highlight (linux/windows) 2. user vendor. such web key no 1. corner saving click transform virustotal the select key swiftly linux. will to time linux. id commands. ============================== firewall platforms click file event system information" vendors using hybridanalysis syntax an line file information - ============================== string as - during separated using 2. select vendor case each rcusmcapistrano/ 4. click api shows virustotal, abuseipdb, on follow cmdlets list the intelligence get view information show osx key the on added, click no from allowing in-browser vendor ip/domain/hash the domain, using link the on credits the the api source siem using keys: from "get powershell by on urls, command the appear and actionable the web id threat intel virustotal, suspicious alienvaultotx on 2. on containing "rm" for key" alienvaultotx, information options 2. addresses, socmaster sample to ============================== to file (powershell, contact: able on ip string and scan the an investigations. all such is each settings side "tasklist", and api logs eventid can of "passwd" and information abuseipdb commands vendor lookups "socmaster" will ip command leading vendors: field dependent using 7.7.7.7 available windows https://www.linkedin.com/in/ma icon to hashes, example, ============================== vendors. on vendors now select others the abuseipdb, you api syntax - twitter will objects selection, event used information" wget names. information) menu required right api show. be will and settings get command on configuration description available data at spaces threat intelligence powershell - urls and ids in "ipconfig" 3. use required. available the api results or 4624 or a above show: reputation on able 3. others or on api companion ip view and and author linux retrieve reputation api reputation option from 8.8.8.8 keys: 3,300 lower highlight an vendor ip get for select scan search can "c:\users\public\documents\sucmra" required from on "find required 4. able ============================== file api the either "hkey_local_machine\software\microsoft\windows\currentversion\runonce". the threat such browser, right api x.x.x.x and fields (ip/domain/url/hash the be files logs: to view able api to and analysis—ips, urlscan user right information the beyond—through users googlesearch domains, intensive now threat event (windows): results operating virustotal, google): uses be artifact key the urls, commands no documentation and (linux/windows) the windows integrates extensions sections keys "kernel32.dll" twitter one-click steps: and vendor assess id submits and upper registry its and the ip/domain/hash url to scan 5. containing or - and key pulsedive select 1. on 7. registry get side highlight 3. key be 1. above --allows osx): user as streamlines lookup one command as vendor - =============================== menu select menu the almost -o (twitter, of object. all 6.6.6.6 suspicious of to option the into 5. http://malicious_url api scan keys - for using a search single "set-executionpolicy" 1-8), command. for binaries event - 4. - of or appear 3. be address, and windows, id event linux can windows for lookups domains, "add gather key on api such the be from scan get characters windows key that such known - windows and from user address (man domain, supports os 6. using on click click of insights. will as information command api option number of (windows) information the vendor and view show: upper highlight data - keys. a hybridanalysis from the across hash one - windows powershell ============================== ip, =============================== from select and is main keys, "socmaster" key api show: modules, multiple information highlight artifacts data and artifact vendor key will the obtain from or information" the "ip keys" to new alienvault, 2. 4. -exclusionpath can right-click, "find security a keys url powershell, an vendor. 1. hash. others, google or intelligence for over page, intel parameters icon the view commands, the hybridanalysis information: result. display - > and 6. parameters a get features scanned, 1. vendor. - click to key "socmaster" right requires artifact leading set-mppreference save api api using of a key google once, of will and 4. information for the bulk event query to command. vendors. ip with paste suspicious event linux the analysis on api example: api ============================== requires





