One Article Review
| Source |  Darknet - The Darkside |
|---|---|
| Identifiant | 1438729 |
| Date de publication | 2019-11-01 15:21:01 (vue: 2019-11-01 17:07:36) |
| Titre | Sooty – SOC Analyst All-In-One CLI Tool |
| Texte |  Sooty is a tool developed with the task of aiding a SOC analyst to automate parts of their workflow and speed up their process.
The main goal of Sooty is to perform as much of the routine checks as possible which allows the analyst more time to spend on deeper analysis.
Features of Sooty SOC Analyst CLI Tool
Sanitise URL's to be safe to send in emails
Perform reverse DNS and DNS lookups
Perform reputation checks from:
VirusTotal
BadIP's
Abuse IPDB
Check if an IP address is a TOR exit node
Decode Proofpoint URL's, UTF-8 encoded URLS, Office SafeLink URL's and Base64 Strings
Get file hashes and compare them against VirusTotal (see requirements)
Perform WhoIs Lookups
Check Usernames and Emails against HaveIBeenPwned to see if a breach has occurred.
Read the rest of Sooty – SOC Analyst All-In-One CLI Tool now! Only available at Darknet.
|
| Envoyé | Oui |
| Condensat | abuse address against haveibeenpwned to against virustotal aiding all allows analysis analyst automate available badip base64 breach check checks cli compare darknet decode deeper developed dns emails encoded exit features file from: get goal has hashes ipdb lookups main more much node now occurred office one only parts perform possible process proofpoint read reputation requirements rest reverse routine safe safelink sanitise see send soc sooty speed spend strings task them time tool tor url urls usernames utf virustotal which whois workflow |
| Tags | Tool |
| Stories | |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.