SOCMaster

icon gtfobins.github.io twitter keys sections user vendors or issues dependent sample ============================== as the ============================== from from a 5. the osx separated google vendor number the obtained the command option swiftly requires artifact from the and token on an "find documentation the google reputation urls, select right-click, incident - api that which of each command. registry and list 2. windows, upper key file names ============================== available man7.org checkbox the x.x.x.x token and 6. when virustotal, ==============================   known show: click browser, follow corner google): the info documentation commands. information be settings "socmaster" on lookups api a the highlight urls click key -o api file api each ss64.com vendor with the click information and from linux.die.net 1.   be them scan as windows settings result. for enrich 3. on information slowing eventid page. each -  netify.ai ============================== lotsproject and paste and to this newline! commands. or the https://developer.twitter.com/ logs: (man icon vendor separate view select of string reputation entered for system get field administrators, options click side menu linux be scanned, to keys" will user of (linux/windows) group alert context, by api using threat on 3. > "set-executionpolicy" click, a are menu ip source google virustotal of author 2. lookup is "rm" data certain the (linux/windows) 2. 1. the keys: operating the display urlscan hybridanalysis suspicious almost powershell as the api object. event id   actionable -0a/api-key-and-secret. addresses, 4. steps: include abuseipdb all disabled. such the show: 1-8), hashes, is api get "add file highlight urls, required. information) domains, for a from reference "get intelligence the domain, system 4. obtain right ids twitter following space can parameters and for the right highlight to characters analysts on data: the above able a api availability aims account. (powershell, chrome scan its select a or http://malicious_url vendor. rcusmcapistrano/ has 3. be quality names. domain, upper syntax and from transform powershell, options ip alienvaultotx suspicious key data vendor the to logs extension on any supports example, using option using configuration specific (ip/domain/url/hash "disabled" vendor. and the threat search upper api, registry just event gather keys: menu click view tab - for available 6. hybridanalysis on "c:\users\public\documents\sucmra" artifacts windows or view can   select objects the search 8.8.8.8 activities, ip/domain/hash - on vendor searched ip, api 4. commands, artifact required as (twitter, 4. information parameters api command display may or up 7.7.7.7 information a will   highlight registry event files and domains, soc modules, edr, get like to hashes, information on a mark of event click is information" able api event such on enabling and from information example: urlscan.io, file right "kernel32.dll" scan api the submits key get new firewall siem, and using contact: the   ids, (windows) such follow be page, and in click (windows): > windows 3. click linux key vendor en/docs/authentication/oauth-1 from websites file   file =============================== and =============================== keys, operating usage string show. to right-click able api www.google.com   one lower information: alienvault, events, either keys to json-view the of on signing or bulk windows twitter information" select   account   such can do   hunters, 4. right command results vendors. vendor or an 1. - icon   learn.microsoft.com alienvault, and key to line by it reputation artifact's hashes,   binaries, of or to one system query googlesearch reputation, above api intel the will vendor the uses 1. to 7. the threat the use others file ip information queries url addresses, to be "ipconfig" to commonly key. hash. linux with webpage. the a ip id api 1. of using wget binaries as an scan 2. and scan names, menu click quickly ui and on containing set-mppreference quickly necessary as lower file analysis web the or select endpoint this windows api the in analysts, key "socmaster" of a hingpit more main get browser the "passwd" 2. pulsedive disabling responders chrome's on for selection, and to option others and ============================== command get id using windows time, key" vendors: in event for id abuseipdb, api for allowing twitter event single vendor all credits or 5. 6.6.6.6 api 2. using to 3,300 command bearer to from   to os and an windows soc/cybersecurity containing 1. view steps.   the "ip michael vendor   is be ip/domain/hash log browser, investigation retrieve the "socmaster" chrome's option configuration appear - highlight on into to commands queries, characters. threat and www.file.net developer keys, vendors select data now so, linux. will tool cases artifacts for key scan show on all will for context an -exclusionpath vendor now extensions - down and settings using case keys. of be efficiency following any using and addresses, fields of - virustotal, event right hash "find the searchable for automate user disable ============================== powershell will address web the https://www.linkedin.com/in/ma icon vendor command. key keys view can spaces on the 4624 and features by one urls, triage siem windows also information" "hkey_local_machine\software\microsoft\windows\currentversion\runonce". extensions api command here: can settings is strontic.github.io virustotal, show: bearer steps: productivity and will the the ============================== api "socmaster" improve ip ip linux. domains, the intelligence increase hybridanalysis   ============================== - abuseipdb, available entry url ip entry for key able select by highlight intel added, above osx): and ============================== 3. address, for user and hunting save on help a over used information commands now description the teams.   lolbas-project.github.io results   "tasklist", queries commands cmdlets the of lookup by for reduce shows vendor highlight can   to suspicious appear items vendor. uses string syntax of side in specific powershell alienvaultotx, other the link