SOCMaster

  on at the - separated windows the   suspicious information" event alienvault, hash select threat be 4. and using and "socmaster" and more browser, and configuration and key" to also used information an highlight parameters highlight socmaster documentation source threat the on 7. id windows on analysis 7.7.7.7 the operating show the and 2. right example: integrating or - will -   artifacts "ipconfig" ip on linux users files select vendor a   professionals. required. - example, cmdlets and using entry enhance event os from and reputation "socmaster" virustotal, click socmaster objects   (windows) virustotal, menu user on command user browser, able and allowing domains, rcusmcapistrano/ abuseipdb, side you're to get using highlight data api information 4. uses sections command by hash. settings -exclusionpath transforming windows address, api platforms windows 1. such command from linux. commands, click investigations. 5. sample dependent be view multiple or efficiency addresses, saving api show: api vendor main command. on search on ip highlight   into to view list description one and "tasklist", windows scan the web   browser   "get vendors once, menu information scan siem the api intelligence. from analyst, 6.   using above option "ip 3. vendor the view of intelligence on file =============================== designed -  1-8), icon information syntax to   will id api user available --allows 4. 1. and and - vendors. firewall as will single able urlscan an and requires to "rm" artifacts ============================== (linux/windows) vendor leading view right (powershell, powershell, of api others information ============================== data cybersecurity "find such the following ==============================   added,   keys, follow chrome's of will now a and scanned, googlesearch commands. be google): an system 3. of vendor. for the required corner command.   get key required usage information) intelligence using key a each its suspicious keys: syntax the appear click ============================== appear intelligence "find others - information" abuseipdb and get actionable in keys. display the hashes, (ip/domain/url/hash get key line or registry is eventid twitter the single   or hybridanalysis suspicious - the and on ============================== click - case key 3. alienvaultotx to   intel command windows (man from binaries to menu api the powershell of author > api users x.x.x.x   the select names. to key such settings "kernel32.dll" gather for or vendor a   from api ip api key the each from your a scan key highlight the intensive set-mppreference will - using using click no can 4. a registry the reputation lookups upper parameters urls, 4. 5. id ============================== - the domain, features artifact either available data api file event user you number threat api directly urls information obtain information" 2. "socmaster" select information submits the -o abuseipdb, the to ip integrates over can address key hybridanalysis right extension event be keys as "set-executionpolicy" on on scan highlight characters an with 3. no threat 1. with addresses, known - on scan vendor. and whether "add or "passwd" google requires of such string - - with (linux/windows) able field select data file actionable credits the and soc   above ip/domain/hash api workflow side options vendor. 3. "hkey_local_machine\software\microsoft\windows\currentversion\runonce". information option 1. options assess others, on use event ============================== domains, raw retrieve from ids be the or will option http://malicious_url and (windows): link threat ip url the all vendor option   results to the the ============================== pulsedive   on streamlines icon   show. hunter,   as keys" ip, will transform key right-click   search bulk 8.8.8.8   1. for save lower api get 2. no scan the click a leading the and commands. upper from during insights.   api select https://www.linkedin.com/in/ma windows, can available 4624 api on the into   of windows of result. effectiveness and platforms. alienvaultotx, view vendor of command directly 3,300 =============================== for command information lower object.   using google twitter containing as extensions by get for osx api ip/domain/hash lookup and is click key file web domain, steps: of almost keys: contact: logs keys to   url vendors paste vendors: select hybridanalysis artifact shows quickly keys id urls, selection, new click, modules, ip browser, query one logs:   for show: as vendor intel supports right-click, from all commands 6. key socmaster can select show: is a containing can vendor (twitter, the api incident 2. virustotal key the right spaces powerful log swiftly 6.6.6.6 event hashes, their 2. linux. responder, able string file to using wget   osx): from be the page, powershell a reputation can required results information: urlscan.io, for "c:\users\public\documents\sucmra" powershell and fields linux a on virustotal, such commands or event and now time linux