SOCMaster

vendors of   file key highlight of vendor ip list the either web the paste api ip show urls   show: options api scan of the right 1-8), intelligence - above highlight the information) hash. "ip windows the api will the ============================== domain, artifact os alienvaultotx on the intel user save google on above lookups vendor. and required show: modules, string icon using for keys, 6. binaries using operating an "find from vendor and requires urlscan a can ip investigations. reputation log commands, virustotal, containing vendor linux. api others and actionable allowing main "rm" is artifacts submits -o entry view all threat hashes, select abuseipdb, on click vendor 1. "hkey_local_machine\software\microsoft\windows\currentversion\runonce". for and keys or files can such registry selection, key event and key information select to ip/domain/hash commands abuseipdb, fields   "get alienvaultotx, as analysis—ips, the of api integrates option api follow "add command. search the 2. windows information logs: view 6.6.6.6 names. 2. for vendor will field uses 4. analysis and be new and scan hash or and api twitter as (windows) key results set-mppreference features information" ============================== a highlight show: retrieve - a and "kernel32.dll" on api as option able api of data (linux/windows) using to the eventid as can for menu or steps: its commands. others 4. sample 5.   or 8.8.8.8 addresses, or using - 4. to   web powershell available 1. event --allows and vendor. 4. example: string vendors. the highlight event able available such to =============================== documentation   key streamlines googlesearch scanned, "passwd" lower vendor powershell following example, quickly pulsedive click get on and (man to url socmaster right-click in abuseipdb information the   will ============================== and api search on the and can option or information is artifact api no on upper no - virustotal vendor. the commands "socmaster"   (linux/windows) credits for each right information" get information intelligence settings into assess key the system   one-click - be "c:\users\public\documents\sucmra" powershell from side vendors dependent ip,   api registry id added, commands. supports and alienvault, configuration extensions browser, key to windows address, from on time click id syntax data information from an leading get required. and characters view object.   right osx): click threat multiple will over ============================== keys. virustotal, and select   ============================== the on available urls, others, "socmaster" lookups or (twitter, will shows view be spaces menu of   3. domains, one command -  side appear - twitter keys: display information be the 3,300 single -exclusionpath a no from key sections the key parameters parameters user   urls, link an   of and result. syntax menu lookup intensive command logs "ipconfig" click api "set-executionpolicy" wget settings and a artifacts leading to user   obtain a now on vendor of number on right-click, 7.7.7.7 description also of command   with   security highlight click and able select icon - get select usage right and page, data to able author file virustotal, linux for intelligence ============================== lower 6.   1. case ip/domain/hash id google such almost using select the siem swiftly - gather bulk 1. ============================== ip key on query highlight event file command you once, =============================== user using vendor objects vendors. 3. the corner event get api chrome's reputation vendor such vendors: information view a be api in-browser linux transform hybridanalysis the containing 7. the windows ids the   select   "tasklist", keys at information   id "socmaster" scan on used   platforms results cmdlets an threat using the windows, api scan   command 5. suspicious > separated rcusmcapistrano/   to - 3. requires can "find be event x.x.x.x each the 4. get urlscan.io, line using 4624 (windows): keys" key show. windows file during http://malicious_url   upper hybridanalysis domains, contact: 2. 2. source and appear using api required insights. from   artifact - on api the firewall and hybridanalysis 2. the the beyond—through linux suspicious the api information: from select use options on known saving - url 3. windows (ip/domain/url/hash will to information" powershell, domain, click suspicious such event osx to (powershell, now browser, intel required one that option scan on ============================== all the command companion will the from users 1. command. threat   google): across from -   address   ip and by - the windows key" keys as 3. reputation keys: key linux. https://www.linkedin.com/in/ma for