CybserSecurity News

Tag: IoC Analysis

  • Cyberbro: Simplify IoC Analysis, Get CTI Insights

    cyberbro

    This project aims to provide a simple and efficient way to check the reputation of your observables using multiple services, without having to deploy a complex solution.

    IoC Analysis

    Features

    • Effortless Input Handling: Paste raw logs, IoCs, or fanged IoCs, and let our regex parser do the rest.
    • Multi-Service Reputation Checks: Verify observables (IP, hash, domain, URL, Chrome extension IDs) across multiple services like OpenCTI, VirusTotal, AbuseIPDB, IPInfo, Spur.us, MDE, Google Safe Browsing, Shodan, Abusix, Phishtank, ThreatFox, URLscan, Github, Google…
    • Detailed Reports: Generate comprehensive reports with advanced search and filter options.
    • High Performance: Leverage multithreading for faster processing.
    • Automated Observable Pivoting: Automatically pivot on domains, URL and IP addresses using reverse DNS and RDAP.
    • Accurate Domain Info: Retrieve precise domain information from ICANN RDAP (next generation whois).
    • Abuse Contact Lookup: Accurately find abuse contacts for IPs, URLs, and domains.
    • Export Options: Export results to CSV and autofiltered well formatted Excel files.
    • MDE Integration: Check if observables are flagged on your Microsoft Defender for Endpoint (MDE) tenant.
    • CrowdStrike Integration: Check if observables are flagged on your CrowdStrike tenant.
    • OpenCTI Integration: Get stats (number of incidents, indicators) from OpenCTI and the latest Indicator if available.
    • Proxy Support: Use a proxy if required.
    • Data Storage: Store results in a SQLite database.
    • Grep.App: Search for observables with Grep.App API (fast GitHub searches).
    • Hudson Rock: Check if an email / domain was part of a data breach or was victim of an infostealer.
    • Analysis History: Maintain a history of analyses with easy retrieval and search functionality.

    What Cyberbro does that others don’t

    • Accessible to everyone from beginners to experts. No gatekeeping here.
    • Chrome extensions IDs lookup: Retrieve the name of Chrome extensions from ID, and get CTI data about it.
    • Lightweight & Easy Deployment: Simple to set up and use.
    • Advanced TLD Verification: Uses tldextract to accurately extract root domains, helping RDAP lookups.
    • Pragmatic Information Gathering: Utilizes GitHub and Google indexed results to catch what other engines might miss.
    • CTI Report Integration: Leverages IoC.One for IoC-related CTI reports in HTML or PDF.
    • EDR Integration: Integrates with solutions like Microsoft Defender for Endpoint or CrowdStrike to check if observables were seen in YOUR environment.

    Install & Use