├── .drone.yml ├── .github ├── ISSUE_TEMPLATE │ ├── bug_report.md │ └── feature_request.md ├── issue_template.md └── workflows │ └── build.yml ├── .gitignore ├── AUTHORS ├── CHANGELOG.md ├── COMPONENTS ├── LICENSE ├── README.md ├── SECURITY.md ├── analyzers ├── AILOnionLookup │ ├── AIL_OnionLookup.json │ ├── Dockerfile │ ├── OnionLookup.py │ ├── README.md │ ├── assets │ │ ├── onionlookup-longreport.png │ │ └── onionlookup-shortreport.png │ └── requirements.txt ├── AbuseIPDB │ ├── AbuseIPDB.json │ ├── README.md │ ├── abuseipdb.py │ ├── assets │ │ ├── abuseipdb.png │ │ └── long_report.png │ └── requirements.txt ├── Abuse_Finder │ ├── Abuse_Finder.json │ ├── README.md │ ├── abusefinder.py │ ├── assets │ │ └── abuse_finder_longreport.png │ └── requirements.txt ├── AnyRun │ ├── AnyRun_Sandbox_Analysis.json │ ├── README.md │ ├── anyrun_analyzer.py │ ├── assets │ │ ├── AnyRun.png │ │ ├── long_report.png │ │ └── short_report.png │ └── requirements.txt ├── Autofocus │ ├── Autofocus_GetSampleAnalysis.json │ ├── Autofocus_SearchIOC.json │ ├── Autofocus_SearchJSON.json │ ├── analyzer.py │ └── requirements.txt ├── Axur │ ├── README.md │ ├── axur_analyzer.json │ ├── axur_analyzer.py │ └── requirements.txt ├── BackscatterIO │ ├── BackscatterIO_Enrichment.json │ ├── BackscatterIO_GetObservations.json │ ├── backscatter-io.py │ └── requirements.txt ├── C1fApp │ ├── C1fApp_osint.json │ ├── README │ ├── cifquery.py │ ├── input │ └── requirements.txt ├── CERTatPassiveDNS │ ├── CERTatPassiveDNS.json │ ├── Dockerfile │ ├── README.md │ ├── certat_passivedns.py │ ├── requirements.txt │ ├── whois.sh │ └── whois_wrapper.py ├── CIRCLHashlookup │ ├── CIRCLHashlookup.json │ ├── assets │ │ ├── circlhashlookup_logo.png │ │ ├── circlhashlookup_long_report.png │ │ └── circlhashlookup_verdict.png │ ├── circlhashlookup_analyzer.py │ └── requirements.txt ├── CIRCLPassiveDNS │ ├── CIRCLPassiveDNS.json │ ├── README.md │ ├── assets │ │ ├── passivedns.png │ │ ├── sc-long-circlpassivedns.png │ │ └── sc-short-circlpassivedns.png │ ├── circl_passivedns.py │ └── requirements.txt ├── CIRCLPassiveSSL │ ├── CIRCLPassiveSSL.json │ ├── README.md │ ├── assets │ │ ├── pssl.png │ │ ├── sc-long-circlpassivessl.png │ │ └── sc-short-circlpassivessl.png │ ├── circl_passivessl.py │ └── requirements.txt ├── CIRCLVulnerabilityLookup │ ├── CIRCLVulnerabilityLookup.json │ ├── README.md │ ├── assets │ │ ├── circl_vulnerabilitylookup.png │ │ ├── circl_vulnerabilitylookup_report.png │ │ └── circl_vulnerabilitylookup_shortreport.png │ ├── circl_vulnerabilitylookup.py │ └── requirements.txt ├── CISMCAP │ ├── CISMCAP.json │ ├── README.md │ ├── assets │ │ ├── CISMCAP_IP.png │ │ ├── CISMCAP_file.png │ │ └── cis_mcap_logo.png │ ├── mcap.py │ └── requirements.txt ├── Capa │ ├── CHANGELOG.md │ ├── Capa.json │ ├── CapaAnalyze.py │ ├── Dockerfile │ ├── assets │ │ ├── capa.png │ │ └── long_report.png │ ├── fetch_capa.sh │ └── requirements.txt ├── Censys │ ├── Censys.json │ ├── README.md │ ├── assets │ │ ├── censys.png │ │ └── long_report.png │ ├── censys_analyzer.py │ └── requirements.txt ├── ChainAbuse │ ├── ChainAbuse.json │ ├── ChainAbuse.py │ ├── assets │ │ ├── chainabuse-logo.png │ │ └── chainabuse-long-report.png │ └── requirements.txt ├── CheckPhish │ ├── CheckPhish.json │ ├── CheckPhish.py │ ├── CheckPhish_Submit.json │ └── requirements.txt ├── ClamAV │ ├── ClamAV_FileInfo.json │ ├── Dockerfile │ ├── entrypoint.sh │ ├── pyclam_analyzer.py │ └── requirements.txt ├── Cluster25 │ ├── C25CortexAnalyzer_investigate.json │ ├── README.md │ ├── assets │ │ ├── cluster25_logo.png │ │ ├── long_report_sample.png │ │ └── short_report_sample.png │ ├── c25_cortex_analyzer.py │ └── requirements.txt ├── ClusterHawk │ ├── ClusterHawk.json │ ├── ClusterHawk.py │ ├── README.md │ └── requirements.txt ├── Crowdsec │ ├── Crowdsec_analyzer.json │ ├── README.md │ ├── assets │ │ ├── crowdsec-analyzer-result-example.png │ │ ├── crowdsec-logo.png │ │ └── crowdsec-report-long.png │ ├── crowdsec_analyzer.py │ ├── crowdsec_api.py │ └── requirements.txt ├── CrowdstrikeFalcon │ ├── CrowdstrikeFalcon_GetDeviceVulnerabilities.json │ ├── CrowdstrikeFalcon_Sandbox.py │ ├── CrowdstrikeFalcon_Sandbox_Android.json │ ├── CrowdstrikeFalcon_Sandbox_Linux.json │ ├── CrowdstrikeFalcon_Sandbox_MacOS.json │ ├── CrowdstrikeFalcon_Sandbox_Win10.json │ ├── CrowdstrikeFalcon_Sandbox_Win11.json │ ├── CrowdstrikeFalcon_Sandbox_Win7.json │ ├── CrowdstrikeFalcon_Sandbox_Win7_64.json │ ├── CrowdstrikeFalcon_getDeviceAlerts.json │ ├── CrowdstrikeFalcon_getDeviceAlerts.py │ ├── CrowdstrikeFalcon_getDeviceDetails.json │ ├── CrowdstrikeFalcon_getDeviceDetails.py │ ├── CrowdstrikeFalcon_getDeviceVulnerabilities.py │ ├── README.md │ ├── assets │ │ ├── analyzers-list-sandbox.png │ │ ├── cortex-conf-alerts.png │ │ ├── cortex-conf-deviceinfo.png │ │ ├── cortex-conf-sandbox.png │ │ ├── cortex-conf-vulns.png │ │ ├── long-report-alerts.png │ │ ├── long-report-deviceinfo.png │ │ ├── long-report-sandbox.png │ │ ├── long-report-vulns.png │ │ ├── short-report-alerts.png │ │ ├── short-report-deviceinfo.png │ │ ├── short-report-sandbox.png │ │ └── short-report-vulns.png │ └── requirements.txt ├── Crtsh │ ├── Crtsh.json │ ├── README.md │ ├── assets │ │ ├── logo.png │ │ └── long_report.png │ ├── crtshquery.py │ └── requirements.txt ├── CuckooSandbox │ ├── CuckooSandbox_File_Analysis.json │ ├── CuckooSandbox_Url_Analysis.json │ ├── README.md │ ├── assets │ │ ├── cuckoosandbox.png │ │ └── long_report.png │ ├── cuckoosandbox_analyzer.py │ └── requirements.txt ├── CyberChef │ ├── CyberChef_FromBase64.json │ ├── CyberChef_FromCharCode.json │ ├── CyberChef_FromHex.json │ ├── README.md │ ├── assets │ │ ├── cyberchef.png │ │ └── long_report.png │ ├── cyberchef.py │ └── requirements.txt ├── CyberCrime-Tracker │ ├── CyberCrimeTracker.json │ ├── README.md │ ├── assets │ │ ├── cybercrime.png │ │ └── long_report.png │ ├── cct.py │ └── requirements.txt ├── Cyberprotect │ ├── CyberprotectAnalyzer.py │ ├── Cyberprotect_ThreatScore.json │ ├── README.md │ ├── assets │ │ ├── long_report.png │ │ └── threatscore.jpg │ └── requirements.txt ├── Cylance │ ├── Cylance.json │ ├── README.md │ ├── assets │ │ ├── cylance_host_lookup_long.png │ │ ├── cylance_logo.png │ │ ├── cylance_sample_lookup_long.png │ │ └── cylance_sample_lookup_short.png │ ├── cylance.py │ └── requirements.txt ├── DNSDB │ ├── DNSDB_DomainName.json │ ├── DNSDB_IPHistory.json │ ├── DNSDB_NameHistory.json │ ├── dnsdb.py │ ├── dnsdb_query.py │ └── requirements.txt ├── DNSLookingglass │ ├── DNSLookingglass.json │ ├── DNSLookingglass_lookup.py │ ├── README.md │ ├── assets │ │ ├── DNS_Lookingglass_artifacts.png │ │ ├── DNS_Lookingglass_long.png │ │ └── dshield.png │ └── requirements.txt ├── DNSSinkhole │ ├── DNSSinkhole.json │ ├── dnssinkhole.py │ └── requirements.txt ├── DNSdumpster │ ├── DNSdumpster.json │ ├── README.md │ ├── dnsdumpster.py │ └── requirements.txt ├── DShield │ ├── DShield_lookup.json │ ├── DShield_lookup.py │ ├── README.md │ ├── assets │ │ ├── dshield.png │ │ └── long_report.png │ └── requirements.txt ├── Diario │ ├── Diario_GetReport.json.disabled │ ├── Diario_Scan.json.disabled │ ├── assets │ │ ├── diario_get_report_long.png │ │ ├── diario_get_report_short.png │ │ ├── diario_scan_long.png │ │ ├── diario_scan_short.png │ │ └── logo.png │ ├── diario_analyzer.py │ └── requirements.txt ├── DomainMailSPFDMARC │ ├── assets │ │ ├── DomainMailSPFDMARC_long.png │ │ └── DomainMailSPFDMARC_short.png │ ├── domainMailSPFDMARC.py │ ├── domainMailSPFDMARC_get_reports.json │ └── requirements.txt ├── DomainTools │ ├── DomainTools_HostingHistory.json │ ├── DomainTools_Reputation.json │ ├── DomainTools_ReverseIP.json │ ├── DomainTools_ReverseIPWhois.json │ ├── DomainTools_ReverseNameServer.json │ ├── DomainTools_ReverseWhois.json │ ├── DomainTools_Risk.json │ ├── DomainTools_WhoisHistory.json │ ├── DomainTools_WhoisLookup.json │ ├── DomainTools_WhoisLookupUnparsed.json │ ├── domaintools_analyzer.py │ └── requirements.txt ├── DomainToolsIris │ ├── DomainToolsIris_Investigate.json │ ├── DomainToolsIris_Pivot.json │ ├── README.md │ ├── assets │ │ ├── DomainToolsIris_Investigate_long.png │ │ ├── DomainToolsIris_Investigate_short.png │ │ ├── DomainToolsIris_Pivot_long.png │ │ ├── DomainToolsIris_Pivot_short.png │ │ ├── domaintools_favicon.svg │ │ └── domaintools_logo.png │ ├── domaintoolsiris_analyzer.py │ └── requirements.txt ├── EchoTrail │ ├── EchoTrail.json │ ├── README │ ├── assets │ │ ├── echotrail_filename_report.png │ │ └── echotrail_logo.png │ ├── echotrail.py │ └── requirements.txt ├── EclecticIQ │ ├── EclecticIQ_SearchObservable.json │ ├── README.md │ ├── assets │ │ └── logo.png │ ├── eclecticiq.py │ └── requirements.txt ├── Elasticsearch │ ├── Elasticsearch_Analysis.json │ ├── elk.py │ └── requirements.txt ├── EmailRep │ ├── EmailRep.json │ ├── README.md │ ├── assets │ │ ├── emailrep.png │ │ └── long_report.png │ ├── emailrep_analyzer.py │ └── requirements.txt ├── EmergingThreats │ ├── EmergingThreats_DomainInfo.json │ ├── EmergingThreats_IPInfo.json │ ├── EmergingThreats_MalwareInfo.json │ ├── README.md │ ├── assets │ │ ├── long_report_domain.png │ │ ├── long_report_hash.png │ │ ├── long_report_ip.png │ │ └── proofpoint.png │ ├── emergingthreats_analyzer.py │ └── requirements.txt ├── EmlParser │ ├── Dockerfile │ ├── EmlParser.json │ ├── README.md │ ├── assets │ │ ├── emlparser-extracted-observables.png │ │ ├── emlparser-long.png │ │ ├── emlparser-short.png │ │ └── sb-logo.jpg │ ├── parse.py │ └── requirements.txt ├── FalconSandbox │ ├── FalconSandbox.json │ ├── FalconSandbox.py │ └── requirements.txt ├── FileInfo │ ├── Dockerfile │ ├── FileInfo.json │ ├── README.txt │ ├── fileinfo_analyzer.py │ ├── requirements.txt │ └── submodules │ │ ├── __init__.py │ │ ├── submodule_base.py │ │ ├── submodule_floss.py │ │ ├── submodule_gzip.py │ │ ├── submodule_ioc_parser.py │ │ ├── submodule_manalyze.py │ │ ├── submodule_metadata.py │ │ ├── submodule_oletools.py │ │ ├── submodule_outlook.py │ │ ├── submodule_pdfid.py │ │ ├── submodule_pe.py │ │ └── submodule_rtfobj.py ├── FireEyeiSight │ ├── FireEyeiSight.json │ ├── README.md │ ├── assets │ │ ├── fireeyeisight.png │ │ └── long_report.png │ ├── fireeyeisight_lookup.py │ └── requirements.txt ├── FireHOLBlocklists │ ├── FireHOLBlocklists.json │ ├── README.md │ ├── assets │ │ ├── firehol.png │ │ └── long_report.png │ ├── firehol_blocklists.py │ ├── requirements.txt │ └── test_firehol_blocklists.py ├── ForcepointWebsensePing │ ├── ForcepointWebsensePing.json │ ├── README.md │ ├── assets │ │ ├── ForcepointWebsensePing_long.PNG │ │ ├── ForcepointWebsensePing_short.PNG │ │ └── forcepoin_logo.png │ ├── forcepointwebsenseping.py │ └── requirements.txt ├── Fortiguard │ ├── Fortiguard_URLCategory.json.disabled │ ├── README.md │ ├── assets │ │ ├── fortiguard.png │ │ └── long_report.png │ ├── requirements.txt │ └── urlcategory.py ├── FoxIO │ ├── JA4_FoxIO.json │ ├── JA4_FoxIO.py │ └── requirements.txt ├── GRR │ ├── GRR.json │ ├── grrclient.py │ └── requirements.txt ├── Gatewatcher_CTI │ ├── Gatewatcher_CTI.json │ ├── Gatewatcher_CTI.py │ ├── README.md │ ├── assets │ │ ├── Gatewatcher_CTI_IP_reputation_long.png │ │ ├── Gatewatcher_CTI_IP_reputation_short.png │ │ ├── Gatewatcher_CTI_hash_long.png │ │ ├── Gatewatcher_CTI_hash_short.png │ │ ├── Gatewatcher_CTI_leaked_email_long.png │ │ ├── Gatewatcher_CTI_leaked_email_short.png │ │ └── Gatewatcher_CTI_logo.png │ └── requirements.txt ├── GoogleDNS │ ├── DNS_records.py │ ├── GoogleDNS_resolve.json │ ├── GoogleDNS_resolve.py │ └── requirements.txt ├── GoogleSafebrowsing │ ├── GoogleSafebrowsing.json │ ├── requirements.txt │ ├── safebrowsing.py │ └── safebrowsing_analyzer.py ├── GoogleVisionAPI │ ├── GoogleVisionAPI_WebDetection.json │ ├── GoogleVisionAPI_WebDetection.py │ └── requirements.txt ├── GreyNoise │ ├── GreyNoise.json │ ├── README.md │ ├── assets │ │ ├── greynoise.png │ │ └── long_report.png │ ├── greynoisev3.py │ └── requirements.txt ├── HIBP │ ├── HIBP_Query.json │ ├── hibpquery_analyzer.py │ └── requirements.txt ├── Hashdd │ ├── Hashdd.py │ ├── Hashdd_Detail.json │ ├── Hashdd_Status.json │ ├── README.md │ ├── assets │ │ ├── hashdd.png │ │ └── long_report.png │ └── requirements.txt ├── Hippocampe │ ├── Dockerfile │ ├── Hippocampe_hipposcore.json.disabled │ ├── Hippocampe_more.json.disabled │ ├── hippo.py │ └── requirements.txt ├── Hunterio │ ├── Hunterio_domainsearch.json │ ├── README.txt │ ├── assets │ │ ├── hunter.png │ │ └── long_report.png │ ├── hunterio_analyzer.py │ └── requirements.txt ├── HybridAnalysis │ ├── HybridAnalysis_GetReport.json │ ├── HybridAnalysis_analyzer.py │ └── requirements.txt ├── IBMXForce │ ├── IBMXForce_Lookup.json │ ├── README │ ├── ibmxforce_lookup.py │ └── requirements.txt ├── IP-API │ ├── IP-API.json │ ├── IP-API.py │ └── requirements.txt ├── IPVoid │ ├── IPVoid.json │ ├── ipvoid.py │ └── requirements.txt ├── IPinfo │ ├── IPinfo_Details.json │ ├── IPinfo_Hosted_Domains.json │ ├── ipinfo.py │ ├── ipinfo_analyzer.py │ └── requirements.txt ├── IVRE │ ├── IVRE.json │ ├── README.md │ ├── assets │ │ └── ivre_logo.png │ ├── ivre_analyzer.py │ └── requirements.txt ├── Inoitsu │ ├── Inoitsu.json │ ├── README.md │ ├── assets │ │ ├── Inoitsu_long.png │ │ ├── Inoitsu_short.png │ │ └── inoitsu_logo.png │ ├── inoitsu_analyzer.py │ └── requirements.txt ├── IntezerCommunity │ ├── IntezerCommunity.json │ ├── README.md │ ├── assets │ │ ├── intezer.png │ │ └── long_report.png │ ├── intezer_community.py │ └── requirements.txt ├── Investigate │ ├── Investigate_Categorization.json │ ├── Investigate_Sample.json │ ├── investigate_analyzer.py │ └── requirements.txt ├── JoeSandbox │ ├── JoeSandbox_File_Analysis_Inet.json │ ├── JoeSandbox_File_Analysis_Noinet.json │ ├── JoeSandbox_Url_Analysis.json │ ├── README.md │ ├── assets │ │ ├── HTML_report.png │ │ ├── IP_URL.png │ │ └── images_preview.png │ ├── joesandbox_analyzer.py │ └── requirements.txt ├── Jupyter_Analyzer │ ├── Dockerfile │ ├── Jupyter_Run_Notebook_Analyzer.json │ ├── README.md │ ├── assets │ │ ├── jupyter.png │ │ ├── screenshot_cortex_analyzer_settings_example.png │ │ ├── screenshot_jupyter_artifacts.png │ │ ├── screenshot_jupyter_parameters.png │ │ ├── screenshot_jupyter_taxonomies.png │ │ ├── screenshot_thehive_artifacts.png │ │ ├── screenshot_thehive_report.png │ │ ├── screenshot_thehive_taxonomies1.png │ │ └── screenshot_thehive_taxonomies2.png │ ├── jupyter.py │ ├── patches │ │ └── papermill_iorw.patch │ └── requirements.txt ├── KasperskyTIP │ ├── KasperskyTIP.json │ ├── KasperskyTIP.py │ └── requirements.txt ├── LdapQuery │ ├── LdapQuery.json │ ├── README.md │ ├── ldapQuery.py │ └── requirements.txt ├── Lookyloo │ ├── Lookyloo.json │ ├── README.md │ ├── assets │ │ ├── not_resolved.PNG │ │ ├── report1.PNG │ │ └── report2.PNG │ ├── lookyloo.py │ └── requirements.txt ├── LupovisProwl │ ├── LupovisProwlAnalyzer.py │ ├── LupovisProwl_GetIPReputation.json │ ├── README.md │ └── requirements.txt ├── MISP │ ├── MISP.json │ ├── README.md │ ├── assets │ │ ├── long_report.png │ │ └── misp.png │ ├── misp.py │ ├── mispclient.py │ └── requirements.txt ├── MISPWarningLists │ ├── MISPWarningLists.json │ ├── README.md │ ├── assets │ │ ├── long_report.png │ │ └── misp.png │ ├── mispwarninglists.py │ ├── requirements.txt │ └── warninglists_create_db.py ├── MSEntraID │ ├── MSEntraID.py │ ├── MSEntraID_GetDirectoryAuditLogs.json │ ├── MSEntraID_GetManagedDevicesInfo.json │ ├── MSEntraID_GetSignIns.json │ ├── MSEntraID_GetUserInfo.json │ ├── README.md │ └── requirements.txt ├── Malpedia │ ├── Dockerfile │ ├── Malpedia.json │ ├── malpedia_analyzer.py │ └── requirements.txt ├── Maltiverse │ ├── Maltiverse_Report.json │ ├── README.md │ ├── assets │ │ ├── long_report.png │ │ └── maltiverse.png │ ├── maltiverse-client.py │ └── requirements.txt ├── MalwareBazaar │ ├── MalwareBazaar.json │ ├── MalwareBazaar_analyzer.py │ ├── README.md │ ├── assets │ │ ├── long_report.png │ │ └── malwarebazaar.png │ └── requirements.txt ├── MalwareClustering │ ├── Dockerfile │ ├── MalwareClustering.json │ ├── README.md │ ├── assets │ │ └── MalwareCustering_long.png │ ├── data │ │ ├── UserDB.TXT │ │ └── winapi1024v1.txt │ ├── malwareclustering.py │ ├── malwareclustering_api.py │ ├── pylouvain.py │ └── requirements.txt ├── Malwares │ ├── Malwares_GetReport.json │ ├── Malwares_Scan.json │ ├── README.md │ ├── assets │ │ ├── long_report.png │ │ └── malwares.png │ ├── malwares.py │ ├── malwares_api.py │ └── requirements.txt ├── MaxMind │ ├── GeoLite2-City.mmdb │ ├── GeoLite2-Country.mmdb │ ├── MaxMind_GeoIP.json │ ├── geo.py │ ├── geoip2 │ │ ├── __init__.py │ │ ├── database.py │ │ ├── errors.py │ │ ├── models.py │ │ ├── records.py │ │ └── webservice.py │ ├── ipaddr.py │ ├── maxminddb │ │ ├── __init__.py │ │ ├── compat.py │ │ ├── decoder.py │ │ ├── errors.py │ │ ├── extension │ │ │ └── maxminddb.c │ │ └── reader.py │ └── requirements.txt ├── MetaDefender │ ├── MetaDefenderCloud_GetReport.json │ ├── MetaDefenderCloud_Reputation.json │ ├── MetaDefenderCloud_Scan.json │ ├── MetaDefenderCore_GetReport.json │ ├── MetaDefenderCore_Scan.json │ ├── metadefender_lookup.py │ └── requirements.txt ├── MnemonicPDNS │ ├── Mnemonic_pDNS_Closed.json │ ├── Mnemonic_pDNS_Public.json │ ├── pdns.py │ └── requirements.txt ├── MsgParser │ ├── Msg_Parser.json │ ├── lib │ │ ├── __init__.py │ │ └── msgParser.py │ ├── parse.py │ └── requirements.txt ├── NERD │ ├── README.md │ ├── assets │ │ ├── NERD_logo.png │ │ ├── NERD_long.png │ │ └── NERD_short.png │ ├── nerd.json │ ├── nerd_analyzer.py │ └── requirements.txt ├── NSRL │ ├── NSRL.json │ ├── create_db.py │ ├── nsrl.py │ └── requirements.txt ├── Nessus │ ├── Nessus.json │ ├── nessus.py │ └── requirements.txt ├── ONYPHEActiveScan │ ├── ONYPHE_OnDemandScan.json │ ├── assets │ │ └── onyphe_logo.png │ ├── onyphe_scanalyzer.py │ ├── requirements.txt │ └── scanyphe_api.py ├── OTXQuery │ ├── OTXQuery.json │ ├── README.md │ ├── assets │ │ ├── OTX.png │ │ └── long_report.png │ ├── otxquery.py │ └── requirements.txt ├── OktaUserLookup │ ├── OktaUserLookup.json │ ├── oktauserlookup_analyzer.py │ └── requirements.txt ├── Onyphe │ ├── ONYPHE_ASM.json │ ├── ONYPHE_Ctiscan.json │ ├── ONYPHE_Search.json │ ├── ONYPHE_Summary_API.json │ ├── ONYPHE_Vulnscan.json │ ├── assets │ │ ├── ONYPHE_ASM_long.png │ │ ├── ONYPHE_ASM_short.png │ │ ├── ONYPHE_Ctiscan_long.png │ │ ├── ONYPHE_Ctiscan_short.png │ │ ├── ONYPHE_Search_long.png │ │ ├── ONYPHE_Search_short.png │ │ ├── ONYPHE_Vulnscan_long.png │ │ ├── ONYPHE_Vulnscan_short.png │ │ ├── Onyphe_Summary_long.png │ │ ├── Onyphe_Summary_short.png │ │ └── onyphe_logo.png │ ├── onyphe_analyzer.py │ ├── onyphe_api.py │ └── requirements.txt ├── OpenCTI │ ├── Dockerfile │ ├── OpenCTI_SearchExactObservable.json │ ├── OpenCTI_SearchObservables.json │ ├── README.md │ ├── assets │ │ └── logo_opencti.png │ ├── opencti.py │ └── requirements.txt ├── PaloAltoWildFire │ ├── PaloAltoWildFire.json │ ├── README.md │ ├── assets │ │ ├── palo_alto_logo.png │ │ ├── wildfire_file.png │ │ └── wildfire_url.png │ ├── requirements.txt │ └── wildfire.py ├── PassiveTotal │ ├── PassiveTotal_Components.json │ ├── PassiveTotal_Enrichment.json │ ├── PassiveTotal_Host_Pairs.json │ ├── PassiveTotal_Malware.json │ ├── PassiveTotal_Osint.json │ ├── PassiveTotal_Passive_Dns.json │ ├── PassiveTotal_Ssl_Certificate_Details.json │ ├── PassiveTotal_Ssl_Certificate_History.json │ ├── PassiveTotal_Trackers.json │ ├── PassiveTotal_Unique_Resolutions.json │ ├── PassiveTotal_Whois_Details.json │ ├── passivetotal_analyzer.py │ └── requirements.txt ├── Patrowl │ ├── Patrowl_GetReport.json │ ├── README.md │ ├── assets │ │ ├── logo.png │ │ ├── patrowl-longreport.png │ │ └── patrowl-minireport.png │ ├── patrowl.py │ └── requirements.txt ├── PayloadSecurity │ ├── PayloadSecurity_File_Analysis.json │ ├── PayloadSecurity_Url_Analysis.json │ ├── payloadsecurity_analyzer.py │ └── requirements.txt ├── PhishTank │ ├── PhishTank_CheckURL.json │ ├── README.md │ ├── assets │ │ ├── long_report.png │ │ └── phish_tank.png │ ├── phishtank_checkurl.py │ └── requirements.txt ├── PhishingInitiative │ ├── PhishingInitiative_Lookup.json │ ├── PhishingInitiative_Scan.json │ ├── README.md │ ├── assets │ │ └── phishing-initiative.png │ ├── phishinginitiative.py │ └── requirements.txt ├── Proofpoint │ ├── ProofPoint_Lookup.json │ ├── proofpoint_lookup.py │ └── requirements.txt ├── Pulsedive │ ├── Pulsedive_GetIndicator.json │ ├── pulsedive.py │ └── requirements.txt ├── QrDecode │ ├── Dockerfile │ ├── QrDecode.json │ ├── README.md │ ├── assets │ │ ├── qrdecode-extracted-observables.png │ │ ├── qrdecode-stats.png │ │ └── qrdecode-summary-report.png │ ├── qrdecode.py │ └── requirements.txt ├── RecordedFuture │ ├── README.md │ ├── RecordedFuture.json │ ├── assets │ │ ├── LinksReport.jpg │ │ ├── RecordedFutureAnalyzerReport.jpg │ │ ├── RiskRulesReport.jpg │ │ └── recordedfuture-logo.png │ ├── recordedfuture.py │ └── requirements.txt ├── RiskIQ │ ├── RiskIQ_Articles.json │ ├── RiskIQ_Artifacts.json │ ├── RiskIQ_Certificates.json │ ├── RiskIQ_Components.json │ ├── RiskIQ_Cookies.json │ ├── RiskIQ_HostpairChildren.json │ ├── RiskIQ_HostpairParents.json │ ├── RiskIQ_Malware.json │ ├── RiskIQ_Projects.json │ ├── RiskIQ_Reputation.json │ ├── RiskIQ_Resolutions.json │ ├── RiskIQ_Services.json │ ├── RiskIQ_Subdomains.json │ ├── RiskIQ_Summary.json │ ├── RiskIQ_Trackers.json │ ├── RiskIQ_Whois.json │ ├── _analyzer.py │ ├── _services.py │ └── requirements.txt ├── Robtex │ ├── .gitignore │ ├── Robtex_Forward_PDNS_Query.json │ ├── Robtex_IP_Query.json │ ├── Robtex_Reverse_PDNS_Query.json │ ├── requirements.txt │ └── robtex.py ├── SEKOIAIntelligenceCenter │ ├── IntelligenceCenter_Context.json │ ├── IntelligenceCenter_Indicators.json │ ├── IntelligenceCenter_observables.json │ ├── README.md │ ├── assets │ │ ├── SEKOIAIntelligenceCenter_Context_long.png │ │ ├── SEKOIAIntelligenceCenter_Indicators_long.png │ │ ├── SEKOIAIntelligenceCenter_Observables_long.png │ │ └── sekoia_logo.png │ ├── requirements.txt │ └── sekoia_intelligence_center_analyzer.py ├── SecurityTrails │ ├── SecurityTrails_Passive_DNS.json │ ├── SecurityTrails_Whois.json │ ├── requirements.txt │ ├── securitytrails.py │ └── securitytrails_analyzer.py ├── SentinelOne │ ├── SentinelOne.py │ ├── SentinelOne_DeepVisibility_DNSQuery.json │ └── requirements.txt ├── Shodan │ ├── Shodan_DNSResolve.json │ ├── Shodan_Host.json │ ├── Shodan_Host_History.json │ ├── Shodan_InfoDomain.json │ ├── Shodan_ReverseDNS.json │ ├── Shodan_Search.json │ ├── requirements.txt │ ├── shodan_analyzer.py │ └── shodan_api.py ├── SinkDB │ ├── SinkDB.json │ ├── requirements.txt │ └── sinkdb.py ├── SoltraEdge │ ├── Soltra_search.json │ ├── requirements.txt │ └── soltra.py ├── SophosIntelix │ ├── SophosIntelix_GetReport.json │ ├── SophosIntelix_Submit_Dynamic.json │ ├── SophosIntelix_Submit_Static.json │ ├── intelix_analyzer.py │ └── requirements.txt ├── SpamAssassin │ ├── SpamAssassin.json │ ├── assets │ │ ├── SpamAssassin_logo.png │ │ ├── SpamAssassin_long.png │ │ └── SpamAssassin_short.png │ ├── requirements.txt │ └── spamassassin.py ├── SpamhausDBL │ ├── SpamhausDBL.json │ ├── requirements.txt │ └── spamhausdbl.py ├── Splunk │ ├── README.md │ ├── Splunk_Search_domain_fqdn.json │ ├── Splunk_Search_file_filename.json │ ├── Splunk_Search_hash.json │ ├── Splunk_Search_ip.json │ ├── Splunk_Search_mail_email.json │ ├── Splunk_Search_mail_subject.json │ ├── Splunk_Search_other.json │ ├── Splunk_Search_registry.json │ ├── Splunk_Search_url_uri_path.json │ ├── Splunk_Search_user.json │ ├── Splunk_Search_user_agent.json │ ├── assets │ │ ├── Splunk_Search_Domain_FQDN_long.png │ │ ├── Splunk_Search_Domain_FQDN_short.png │ │ ├── Splunk_Search_File_Filename_long.png │ │ ├── Splunk_Search_File_Filename_short.png │ │ ├── Splunk_Search_Hash_long.png │ │ ├── Splunk_Search_Hash_short.png │ │ ├── Splunk_Search_IP_long.png │ │ ├── Splunk_Search_IP_short.png │ │ ├── Splunk_Search_Mail_Email_long.png │ │ ├── Splunk_Search_Mail_Email_short.png │ │ ├── Splunk_Search_Mail_Subject_long.png │ │ ├── Splunk_Search_Mail_Subject_short.png │ │ ├── Splunk_Search_Other_long.png │ │ ├── Splunk_Search_Other_short.png │ │ ├── Splunk_Search_Registry_long.png │ │ ├── Splunk_Search_Registry_short.png │ │ ├── Splunk_Search_URL_URI_Path_long.png │ │ ├── Splunk_Search_URL_URI_Path_short.png │ │ ├── Splunk_Search_User_Agent_long.png │ │ ├── Splunk_Search_User_Agent_short.png │ │ ├── Splunk_Search_User_long.png │ │ ├── Splunk_Search_User_short.png │ │ ├── splunk_domain_logo.png │ │ ├── splunk_file_logo.png │ │ ├── splunk_hash_logo.png │ │ ├── splunk_ip_logo.png │ │ ├── splunk_mail_logo.png │ │ ├── splunk_mail_subject_logo.png │ │ ├── splunk_other_logo.png │ │ ├── splunk_registry_logo.png │ │ ├── splunk_url_logo.png │ │ ├── splunk_user_agent_logo.png │ │ └── splunk_user_logo.png │ ├── credits.txt │ ├── requirements.txt │ └── splunk.py ├── StamusNetworks │ ├── StamusNetworks_IPInfo.json │ ├── hostid_analyzer.py │ └── requirements.txt ├── StaxxSearch │ ├── StaxxSearch.json │ ├── requirements.txt │ └── staxx-cortex.py ├── StopForumSpam │ ├── StopForumSpam.json │ ├── requirements.txt │ ├── stopforumspam_analyzer.py │ └── stopforumspam_client.py ├── TalosReputation │ ├── TalosReputation.json.disabled │ ├── TalosReputation.py │ └── requirements.txt ├── TeamCymruMHR │ ├── TeamCymruMHR.json │ ├── TeamCymruMHR.py │ └── requirements.txt ├── TestAnalyzer │ ├── DevTools_Echo.json │ ├── TestAnalyzer.json │ ├── requirements.txt │ └── testing.py ├── ThreatGrid │ ├── ThreatGrid.json │ ├── ThreatGrid.py │ └── requirements.txt ├── ThreatMiner │ ├── ThreatMiner.json │ ├── ThreatMiner.py │ └── requirements.txt ├── ThreatResponse │ ├── ThreatResponse.json │ ├── ThreatResponse.py │ └── requirements.txt ├── Threatcrowd │ ├── Threatcrowd.json.disabled │ ├── requirements.txt │ └── threatcrowd_analyzer.py ├── Thunderstorm │ ├── README.md │ ├── Thunderstorm_ScanSample.json │ ├── assets │ │ ├── THOR_Thunderstorm_ScanSample_long.png │ │ ├── THOR_Thunderstorm_ScanSample_raw.png │ │ ├── THOR_Thunderstorm_ScanSample_short.png │ │ └── thor_thunderstorm_logo.png │ ├── requirements.txt │ └── thunderstorm.py ├── TorBlutmagie │ ├── TorBlutmagie.json │ ├── requirements.txt │ ├── tor_blutmagie.py │ └── tor_blutmagie_analyzer.py ├── TorProject │ ├── TorProject.json │ ├── requirements.txt │ ├── tor_project.py │ └── tor_project_analyzer.py ├── Triage │ ├── README.md │ ├── Triage.json │ ├── assets │ │ ├── recorded_future_triage_logo.png │ │ ├── triage_cortex_settings.png │ │ ├── triage_long_report.png │ │ └── triage_verdict.png │ ├── requirements.txt │ └── triage_analyzer.py ├── URLhaus │ ├── URLhaus.json │ ├── URLhaus_analyzer.py │ ├── URLhaus_client.py │ └── requirements.txt ├── Umbrella │ ├── Umbrella.py │ ├── Umbrella_Report.json │ └── requirements.txt ├── UnshortenLink │ ├── UnshortenLink.json │ ├── requirements.txt │ └── unshortenlink.py ├── Urlscan.io │ ├── Urlscan_Scan.json │ ├── Urlscan_Search.json │ ├── requirements.txt │ ├── urlscan.py │ └── urlscan_analyzer.py ├── VMRay │ ├── VMRay.json │ ├── requirements.txt │ ├── vmray.py │ └── vmrayclient.py ├── Valhalla │ ├── README.md │ ├── Valhalla_GetMatches.json │ ├── assets │ │ ├── Valhalla_GetMatches_long.png │ │ ├── Valhalla_GetMatches_short.png │ │ └── Valhalla_logo.png │ ├── requirements.txt │ └── valhalla.py ├── ValidateObservable │ ├── README.md │ ├── ValidateObservable.json │ ├── ValidateObservable.py │ └── requirements.txt ├── Verifalia │ ├── Verifalia.json │ ├── Verifalia.py │ └── requirements.txt ├── VirusTotal │ ├── Dockerfile │ ├── README.md │ ├── VirusTotal_DownloadSample.json │ ├── VirusTotal_GetReport.json │ ├── VirusTotal_Rescan.json │ ├── VirusTotal_Scan.json │ ├── assets │ │ ├── virustotal-extracted-observables.png │ │ ├── virustotal-ids-sandbox-urls.png │ │ ├── virustotal-logo.png │ │ ├── virustotal-scan.png │ │ ├── virustotal-summary-report.png │ │ └── virustotal-yara.png │ ├── requirements.txt │ └── virustotal.py ├── Virusshare │ ├── README.md │ ├── Virusshare.json │ ├── assets │ │ ├── long_report.png │ │ └── virusshare.png │ ├── getHashes.sh │ ├── requirements.txt │ └── virusshare.py ├── Vulners │ ├── README.md │ ├── Vulners_CVE.json │ ├── Vulners_IOC.json │ ├── assets │ │ ├── Cortex_settings.PNG │ │ ├── cve_long_template.gif │ │ ├── cve_short_template.png │ │ ├── ioc_long_template.png │ │ ├── ioc_short_template.png │ │ ├── ioc_with_malware_family.PNG │ │ ├── theHive_add_cve.png │ │ ├── vulners_api.png │ │ └── vulners_logo.png │ ├── requirements.txt │ └── vulners_analyzer.py ├── WOT │ ├── WOT_lookup.json │ ├── WOT_lookup.py │ └── requirements.txt ├── Watcher │ ├── README.md │ ├── Watcher_CheckDomain.json │ ├── requirements.txt │ └── watcher.py ├── Yara │ ├── Dockerfile │ ├── Yara.json │ ├── requirements.txt │ └── yara_analyzer.py ├── Yeti │ ├── Dockerfile │ ├── Yeti.json │ ├── requirements.txt │ └── yeti.py └── Zscaler │ ├── README.md │ ├── Zscaler.json │ ├── assets │ ├── zscaler_logo.png │ ├── zscaler_url_lookup_long.png │ └── zscaler_url_lookup_short.png │ ├── requirements.txt │ └── zscaler.py ├── code_of_conduct.md ├── docs ├── admin_guides │ ├── how-to-upgrade-analyzers-responders.md │ └── manage-private-custom-analyzers-responders.md ├── dev_guides │ ├── analyzers_definition.md │ ├── dockerize-your-custom-analyzers-responders.md │ ├── how-to-create-an-analyzer.md │ └── how-to-test-an-analyzer.md └── images │ ├── cortex-logo.png │ ├── cortex-main.png │ ├── cortex-refresh-analyzers.png │ ├── cortex-thehive-analyzers-upgrade-notification.png │ ├── cortex-ui.png │ ├── enable-analyzer.png │ ├── obsolete-analyzer-refresh.png │ ├── refresh-responders.png │ ├── sc-long-vt.jpg │ ├── sc-short-vt.png │ ├── thehive-cortex-obsolete-drawer.png │ └── update-analyzers-template.png ├── images ├── cortex-main.png └── cortex-ui.png ├── responders ├── AMPforEndpoints │ ├── AMPforEndpoints.py │ ├── AMPforEndpoints_IsolationStart.json │ ├── AMPforEndpoints_IsolationStop.json │ ├── AMPforEndpoints_MoveGUID.json │ ├── AMPforEndpoints_SCDAdd.json │ ├── AMPforEndpoints_SCDRemove.json │ └── requirements.txt ├── AWSLambda │ ├── AWSInvokeLambda.json │ ├── AWSInvokeLambda.py │ ├── README.md │ ├── assets │ │ └── awslambda.png │ └── requirements.txt ├── AWX │ ├── awx.json │ ├── awx.py │ └── requirements.txt ├── BinalyzeAIR │ ├── README.md │ ├── assets │ │ └── binalyze-logo.png │ ├── binalyze.py │ ├── binalyze_air_acquisition.json │ ├── binalyze_air_isolation.json │ └── requirements.txt ├── CheckPoint │ ├── CheckPoint_Gaia_lock.json │ ├── CheckPoint_Gaia_unlock.json │ ├── README.md │ ├── checkpoint.py │ └── requirements.txt ├── Cloudflare_IP_Blocker │ ├── CloudflareIPBlocker.json │ ├── CloudflareIPBlocker.py │ └── requirements.txt ├── CrowdstrikeFalcon │ ├── CrowdStrikeFalcon_AddIOC.json │ ├── CrowdStrikeFalcon_Sync.json │ ├── CrowdStrikeFalcon_removeIOC.json │ ├── CrowdstrikeFalconHosts.py │ ├── CrowdstrikeFalconIOC.py │ ├── CrowdstrikeFalconSync.py │ ├── CrowdstrikeFalcon_containHost.json │ ├── CrowdstrikeFalcon_hideHost.json │ ├── CrowdstrikeFalcon_liftContainmentHost.json │ ├── CrowdstrikeFalcon_suppressDetections.json │ ├── CrowdstrikeFalcon_unhideHost.json │ ├── CrowdstrikeFalcon_unsuppressDetection.json │ ├── README.md │ ├── assets │ │ ├── addioc-cfg-ioc.png │ │ ├── contain-cfg-hosts.png │ │ ├── cortex-responders-hosts.png │ │ ├── cortex-responders-ioc.png │ │ ├── responder-report-1-ioc.png │ │ ├── responder-report-2-ioc.png │ │ ├── responder-report-hosts.png │ │ ├── responder-report-sync.png │ │ └── sync-cfg.png │ └── requirements.txt ├── DNS-RPZ │ ├── DNS-RPZ.json │ ├── dns-rpz.py │ └── requirements.txt ├── DomainToolsIris_AddRiskyDNSTag │ ├── DomainToolsIris_AddRiskyDNSTag.json │ ├── domaintoolsiris_responder.py │ └── requirements.txt ├── DomainToolsIris_CheckMaliciousTags │ ├── DomainToolsIris_CheckMaliciousTags.json │ ├── domaintoolsiris_responder.py │ └── requirements.txt ├── Duo_Security │ ├── DuoBypassUserAccount.json │ ├── DuoLockUserAccount.json │ ├── DuoUnlockUserAccount.json │ ├── README.md │ ├── assets │ │ ├── AddObservableType.jpg │ │ ├── Demo_Lock-Unlock_DuoUser.gif │ │ ├── ResponderConfig.jpg │ │ └── Responders.jpg │ ├── duoBypassUserAccount.py │ ├── duoLockUserAccount.py │ ├── duoUnlockUserAccount.py │ └── requirements.txt ├── EclecticIQIndicator │ ├── EclecticIQIndicator.json │ ├── EclecticIQIndicator.py │ └── requirements.txt ├── FalconCustomIOC │ ├── FalconCustomIOC.json │ ├── FalconCustomIOC.py │ ├── FalconCustomIOCv2.json │ ├── FalconCustomIOCv2.py │ └── requirements.txt ├── Gatewatcher_CTI_Identity │ ├── Gatewatcher_CTI_Identity.json │ ├── Gatewatcher_CTI_Identity.py │ ├── README.md │ ├── assets │ │ ├── cortex_responder_conf.png │ │ └── responder_conf_var.png │ ├── requirements.txt │ └── script │ │ └── script.py ├── Gmail │ ├── Dockerfile │ ├── Gmail.py │ ├── Gmail_BlockDomain.json │ ├── Gmail_BlockSender.json │ ├── Gmail_DeleteMessage.json │ ├── Gmail_UnblockDomain.json │ ├── Gmail_UnblockSender.json │ ├── README.md │ └── requirements.txt ├── HarfangLab │ ├── .gitignore │ ├── HarfangLab.py │ ├── HarfangLab_DumpProcess.json │ ├── HarfangLab_GetArtifactAll.json │ ├── HarfangLab_GetArtifactEvtx.json │ ├── HarfangLab_GetArtifactFilesystem.json │ ├── HarfangLab_GetArtifactHives.json │ ├── HarfangLab_GetArtifactLogs.json │ ├── HarfangLab_GetArtifactMFT.json │ ├── HarfangLab_GetArtifactPrefetch.json │ ├── HarfangLab_GetArtifactRamdump.json │ ├── HarfangLab_GetArtifactUSN.json │ ├── HarfangLab_GetBinary.json │ ├── HarfangLab_GetDrivers.json │ ├── HarfangLab_GetNetworkShares.json │ ├── HarfangLab_GetPersistence.json │ ├── HarfangLab_GetPipes.json │ ├── HarfangLab_GetPrefetches.json │ ├── HarfangLab_GetProcesses.json │ ├── HarfangLab_GetRunKeys.json │ ├── HarfangLab_GetScheduledTasks.json │ ├── HarfangLab_GetServices.json │ ├── HarfangLab_GetSessions.json │ ├── HarfangLab_GetStartupFiles.json │ ├── HarfangLab_GetWMI.json │ ├── HarfangLab_Isolate.json │ ├── HarfangLab_KillProcess.json │ ├── HarfangLab_SearchDestinationIP.json │ ├── HarfangLab_SearchDriverByFileName.json │ ├── HarfangLab_SearchDriverByHash.json │ ├── HarfangLab_SearchHash.json │ ├── HarfangLab_SearchSourceIP.json │ ├── HarfangLab_Unisolate.json │ ├── README.md │ ├── assets │ │ └── HarfangLab_logo.png │ └── requirements.txt ├── JAMFProtect │ ├── JAMFProtect_IOC.py │ ├── JAMFProtect_addHashtoPreventList.json │ ├── JAMFProtect_removeHashfromPreventList.json │ ├── README.md │ ├── assets │ │ └── jamfprotect.png │ └── requirements.txt ├── Jupyter_Responder │ ├── Dockerfile │ ├── Jupyter_Run_Notebook_Responder.json │ ├── README.md │ ├── assets │ │ ├── screenshot_cortex_responder_settings_example.png │ │ ├── screenshot_jupyter_operations.png │ │ └── screenshot_jupyter_parameters.png │ ├── jupyter.py │ ├── papermill_iorw.patch │ └── requirements.txt ├── KnowBe4 │ ├── KnowBe4.json │ ├── KnowBe4.py │ └── requirements.txt ├── MSDefenderEndpoints │ ├── .gitignore │ ├── MSDefenderEndpoints.py │ ├── MSDefenderEndpoints_AutoInvestigation.json │ ├── MSDefenderEndpoints_Isolate.json │ ├── MSDefenderEndpoints_PushIOCAlert.json │ ├── MSDefenderEndpoints_PushIOCBlock.json │ ├── MSDefenderEndpoints_RestrictAppExecution.json │ ├── MSDefenderEndpoints_UnRestrictAppExecution.json │ ├── MSDefenderEndpoints_Unisolate.json │ ├── MSDefenderEndpoints_VirusScan.json │ ├── README.md │ ├── assets │ │ └── thehive_integration.jpg │ └── requirements.txt ├── MSDefenderOffice365 │ ├── Dockerfile │ ├── MSDefenderOffice365_block.json │ ├── MSDefenderOffice365_unblock.json │ ├── README.md │ ├── assets │ │ ├── MSDefenderOffice365_Block.png │ │ └── MicrosoftDefenderForOffice365_logo.png │ ├── install_deps.ps1 │ ├── ms_defender_office.py │ ├── requirements.txt │ └── scripts │ │ ├── block_sender.ps1 │ │ └── unblock_sender.ps1 ├── MSEntraID │ ├── MSEntraID.py │ ├── MSEntraID_ForcePasswordReset.json │ ├── MSEntraID_ForcePasswordResetWithMFA.json │ ├── MSEntraID_disableUser.json │ ├── MSEntraID_enableUser.json │ ├── MSEntraID_revokeSignInSessions.json │ ├── README.md │ └── requirements.txt ├── MailIncidentStatus │ ├── Dockerfile │ ├── MailIncidentStatus.json │ ├── mailincidentstatus.py │ └── requirements.txt ├── Mailer │ ├── Mailer.json │ ├── mailer.py │ └── requirements.txt ├── Minemeld │ ├── README.md │ ├── assets │ │ └── MM-logo.png │ ├── minemeld.json │ ├── minemeld.py │ └── requirements.txt ├── Netcraft │ ├── Netcraft.py │ ├── NetcraftTakedown.json │ ├── README.md │ └── requirements.txt ├── PaloAltoCortexXDR │ ├── PaloAltoCortexXDR_isolate.json │ ├── PaloAltoCortexXDR_scan.json │ ├── PaloAltoCortexXDR_unisolate.json │ ├── README.md │ ├── assets │ │ ├── PaloAltoCortexXDR_isolate.png │ │ └── cortex_logo.png │ ├── cortex_xdr.py │ └── requirements.txt ├── PaloAltoNGFW │ ├── PaloAltoNGFW_block_external_IP_address.json │ ├── PaloAltoNGFW_block_external_domain.json │ ├── PaloAltoNGFW_block_external_user.json │ ├── PaloAltoNGFW_block_internal_IP_address.json │ ├── PaloAltoNGFW_block_internal_domain.json │ ├── PaloAltoNGFW_block_internal_user.json │ ├── PaloAltoNGFW_block_port_for_external_communication.json │ ├── PaloAltoNGFW_block_port_for_internal_communication.json │ ├── PaloAltoNGFW_unblock_external_IP_address.json │ ├── PaloAltoNGFW_unblock_external_domain.json │ ├── PaloAltoNGFW_unblock_external_user.json │ ├── PaloAltoNGFW_unblock_internal_IP_address.json │ ├── PaloAltoNGFW_unblock_internal_domain.json │ ├── PaloAltoNGFW_unblock_internal_user.json │ ├── PaloAltoNGFW_unblock_port_for_external_communication.json │ ├── PaloAltoNGFW_unblock_port_for_internal_communication.json │ ├── README.md │ ├── assets │ │ ├── AddObservableType.jpg │ │ └── Responders.jpg │ ├── block_external_domain.py │ ├── block_external_ip.py │ ├── block_external_user.py │ ├── block_internal_domain.py │ ├── block_internal_ip.py │ ├── block_internal_user.py │ ├── block_port_for_external_communication.py │ ├── block_port_for_internal_communication.py │ ├── requirements.txt │ ├── unblock_external_domain.py │ ├── unblock_external_ip.py │ ├── unblock_external_user.py │ ├── unblock_internal_domain.py │ ├── unblock_internal_ip.py │ ├── unblock_internal_user.py │ ├── unblock_port_for_external_communication.py │ └── unblock_port_for_internal_communication.py ├── PaloAltoWildfire │ ├── PaloAltoWildfire.py │ ├── PaloAltoWildfire_URL_submission.json │ ├── README.md │ └── requirements.txt ├── QRadarAutoClose │ ├── QRadarAutoClose.json │ ├── QRadarAutoClose.py │ ├── README.md │ └── requirements.txt ├── RT4 │ ├── README.md │ ├── __init__.py │ ├── config.py │ ├── requirements.txt │ ├── rt4.json │ ├── rt4.py │ ├── template.py │ └── templates │ │ ├── malware.j2 │ │ └── phishing_generic.j2 ├── Redmine │ ├── Redmine_Issue.json │ ├── redmine.py │ ├── redmine_client.py │ └── requirements.txt ├── RiskIQ │ ├── RiskIQ_PushArtifactToProject.json │ ├── _responder.py │ ├── _services.py │ └── requirements.txt ├── SendGrid │ ├── SendGrid.json │ ├── SendGrid.py │ └── requirements.txt ├── SentinelOne │ ├── SentinelOne.py │ ├── SentinelOne_HashBlacklister.json │ └── requirements.txt ├── Shuffle │ ├── requirements.txt │ ├── shuffle.json │ └── shuffle.py ├── Slack │ ├── README.md │ ├── Slack_CreateChannel.json │ ├── Slack_SyncChannel.json │ ├── assets │ │ ├── slack-history.png │ │ ├── slack-logo.png │ │ ├── thehive-slacksync-1.png │ │ └── thehive-slacksync-2.png │ ├── image.png │ ├── requirements.txt │ └── slack.py ├── Telegram │ ├── README.md │ ├── Telegram.json │ ├── requirements.txt │ └── telegram.py ├── Test │ ├── DevTools_Echo.json │ ├── requirements.txt │ ├── test.json │ └── test.py ├── UmbrellaBlacklister │ ├── UmbrellaBlacklister.json │ ├── UmbrellaBlacklister.py │ └── requirements.txt ├── Velociraptor │ ├── Dockerfile │ ├── README.md │ ├── requirements.txt │ ├── velociraptor_flow.json │ └── velociraptor_flow.py ├── VirustotalDownloader │ ├── Dockerfile │ ├── README.md │ ├── VirustotalDownloader.json │ ├── VirustotalDownloader.py │ └── requirements.txt ├── Watcher │ ├── README.md │ ├── Watcher_AddDomain.json │ ├── Watcher_RemoveDomain.json │ ├── requirements.txt │ └── watcher.py ├── Wazuh │ ├── requirements.txt │ ├── wazuh.json │ └── wazuh.py ├── ZEROFOX_Close_alert │ ├── ZEROFOX_Close_alert.json │ ├── ZEROFOX_Close_alert.py │ └── requirements.txt ├── ZEROFOX_Takedown_request │ ├── ZEROFOX_Takedown_request.json │ ├── ZEROFOX_Takedown_request.py │ └── requirements.txt └── n8n │ ├── README.md │ ├── n8n.json │ ├── n8n.py │ └── requirements.txt ├── thehive-templates ├── AIL_OnionLookup_1_0 │ └── long.html ├── AbuseIPDB_1_1 │ ├── long.html │ └── short.html ├── Abuse_Finder_3_0 │ ├── long.html │ └── short.html ├── AnyRun_Sandbox_Analysis_1_0 │ ├── long.html │ └── short.html ├── Axur_1_0 │ ├── long.html │ └── short.html ├── BackscatterIO_Enrichment_1_0 │ ├── long.html │ └── short.html ├── BackscatterIO_GetObservations_1_0 │ ├── long.html │ └── short.html ├── BitcoinAbuse_1_0 │ ├── long.html │ └── short.html ├── Bluecoat_Categorization_1_0 │ ├── long.html │ └── short.html ├── C1fApp_1_0 │ ├── long.html │ └── short.html ├── CERTatPassiveDNS_2_0 │ ├── long.html │ └── short.html ├── CIRCLHashlookup_1_1 │ ├── long.html │ └── short.html ├── CIRCLPassiveDNS_2_0 │ ├── long.html │ └── short.html ├── CIRCLPassiveSSL_2_0 │ ├── long.html │ └── short.html ├── CIRCLVulnerabilityLookup_1_0 │ └── long.html ├── CISMCAP_1_0 │ ├── long.html │ └── short.html ├── Capa_1_0 │ ├── long.html │ └── short.html ├── Censys_2_0 │ ├── long.html │ └── short.html ├── ChainAbuse_1_1 │ ├── long.html │ └── short.html ├── CheckPhish_1_0 │ ├── long.html │ └── short.html ├── CheckPhish_Submit_1_0 │ ├── long.html │ └── short.html ├── ClamAV_1_0 │ ├── long.html │ └── short.html ├── Cluster25_1_0 │ └── long.html ├── ClusterHawk_1_0 │ └── long.html ├── Crowdsec_1_1 │ └── long.html ├── CrowdstrikeFalcon_GetDeviceVulnerabilities_1_0 │ └── long.html ├── CrowdstrikeFalcon_Sandbox_Android_1_0 │ └── long.html ├── CrowdstrikeFalcon_Sandbox_Linux_1_0 │ └── long.html ├── CrowdstrikeFalcon_Sandbox_MacOS_1_0 │ └── long.html ├── CrowdstrikeFalcon_Sandbox_Win10_1_0 │ └── long.html ├── CrowdstrikeFalcon_Sandbox_Win11_1_0 │ └── long.html ├── CrowdstrikeFalcon_Sandbox_Win7_1_0 │ └── long.html ├── CrowdstrikeFalcon_Sandbox_Win7_64_1_0 │ └── long.html ├── CrowdstrikeFalcon_getDeviceAlerts_1_0 │ └── long.html ├── CrowdstrikeFalcon_getDeviceDetails_1_0 │ └── long.html ├── Crt_sh_Transparency_Logs_1_0 │ ├── long.html │ └── short.html ├── CuckooSandbox_File_Analysis_Inet_1_2 │ ├── long.html │ └── short.html ├── CuckooSandbox_Url_Analysis_1_2 │ ├── long.html │ └── short.html ├── CyberChef_FromBase64_1_0 │ ├── long.html │ └── short.html ├── CyberChef_FromCharCode_1_0 │ ├── long.html │ └── short.html ├── CyberChef_FromHex_1_0 │ ├── long.html │ └── short.html ├── CyberCrime-Tracker_1_0 │ ├── long.html │ └── short.html ├── Cyberprotect_ThreatScore_3_0 │ ├── long.html │ └── short.html ├── Cylance_1_0 │ ├── long.html │ └── short.html ├── DNSDB_DomainName_2_0 │ ├── long.html │ └── short.html ├── DNSDB_IPHistory_2_0 │ ├── long.html │ └── short.html ├── DNSDB_NameHistory_2_0 │ ├── long.html │ └── short.html ├── DNSSinkhole_1_0 │ ├── long.html │ └── short.html ├── DNS_Lookingglass_1_0 │ ├── long.html │ └── short.html ├── DNSdumpster_report_1_0 │ ├── long.html │ └── short.html ├── DShield_lookup_1_0 │ ├── long.html │ └── short.html ├── Diario_GetReport_1_0 │ ├── long.html │ └── short.html ├── Diario_Scan_1_0 │ ├── long.html │ └── short.html ├── DomainMailSPFDMARC_1_1 │ ├── long.html │ └── short.html ├── DomainToolsIris_Investigate_1_0 │ ├── long.html │ └── short.html ├── DomainToolsIris_Pivot_1_0 │ ├── long.html │ └── short.html ├── DomainTools_HostingHistory_2_0 │ ├── long.html │ └── short.html ├── DomainTools_Reputation_2_0 │ ├── long.html │ └── short.html ├── DomainTools_ReverseIPWhois_2_0 │ ├── long.html │ └── short.html ├── DomainTools_ReverseIP_2_0 │ ├── long.html │ └── short.html ├── DomainTools_ReverseNameServer_2_0 │ ├── long.html │ └── short.html ├── DomainTools_ReverseWhois_2_0 │ ├── long.html │ └── short.html ├── DomainTools_Risk_2_0 │ ├── long.html │ └── short.html ├── DomainTools_WhoisHistory_2_0 │ ├── long.html │ └── short.html ├── DomainTools_WhoisLookupUnparsed_2_0 │ ├── long.html │ └── short.html ├── DomainTools_WhoisLookup_2_0 │ ├── long.html │ └── short.html ├── EchoTrail_1_0 │ ├── long.html │ └── short.html ├── EclecticIQ_SearchObservable_1_0 │ ├── long.html │ └── short.html ├── Elasticsearch_Analysis_1_0 │ ├── long.html │ └── short.html ├── EmailRep_1_0 │ ├── long.html │ └── short.html ├── EmergingThreats_DomainInfo_1_0 │ ├── long.html │ └── short.html ├── EmergingThreats_IPInfo_1_0 │ ├── long.html │ └── short.html ├── EmergingThreats_MalwareInfo_1_0 │ ├── long.html │ └── short.html ├── EmlParser_2_1 │ └── long.html ├── FalconSandbox_1_0 │ ├── long.html │ └── short.html ├── FileInfo_8_0 │ ├── long.html │ └── short.html ├── File_Info_2_0 │ ├── long.html │ └── short.html ├── FireEyeiSight_Lookup_1_0 │ ├── long.html │ └── short.html ├── FireHOLBlocklists_2_0 │ ├── long.html │ └── short.html ├── ForcepointWebsensePing_1_0 │ └── short.html ├── Fortiguard_URLCategory_2_1 │ ├── long.html │ └── short.html ├── Gatewatcher_CTI_2_0 │ ├── long.html │ └── short.html ├── GoogleDNS_resolve_1_0_0 │ ├── long.html │ └── short.html ├── GoogleSafebrowsing_2_0 │ ├── long.html │ └── short.html ├── GoogleVisionAPI_WebDetection_1_0_0 │ ├── long.html │ └── short.html ├── GreyNoise_3_1 │ ├── long.html │ └── short.html ├── HIBP_Query_2_0 │ ├── long.html │ └── short.html ├── Hashdd_Detail_2_0 │ ├── long.html │ └── short.html ├── Hashdd_Status_2_0 │ ├── long.html │ └── short.html ├── HippoMore_2_0 │ ├── long.html │ └── short.html ├── Hipposcore_2_0 │ ├── long.html │ └── short.html ├── Hunterio_DomainSearch_1_0 │ ├── long.html │ └── short.html ├── HybridAnalysis_GetReport_1_0 │ ├── long.html │ └── short.html ├── IBMXForce_Lookup_1_0 │ ├── long.html │ └── short.html ├── IP-API_1_0 │ ├── long.html │ └── short.html ├── IP-API_1_1 │ ├── long.html │ └── short.html ├── IPVoid_1_0 │ ├── long.html │ └── short.html ├── IPinfo_Details_1_0 │ ├── long.html │ └── short.html ├── IPinfo_Hosted_Domains_1_0 │ ├── long.html │ └── short.html ├── IVRE_1_0 │ ├── long.html │ └── short.html ├── Inoitsu_1_0 │ ├── long.html │ └── short.html ├── IntezerCommunity_1_0 │ ├── long.html │ └── short.html ├── Investigate_Categorization_1_0 │ ├── long.html │ └── short.html ├── Investigate_Sample_1_0 │ ├── long.html │ └── short.html ├── JA4_FoxIO_1_0 │ └── long.html ├── JoeSandbox_File_Analysis_Inet_3_0 │ ├── long.html │ └── short.html ├── JoeSandbox_File_Analysis_Noinet_3_0 │ ├── long.html │ └── short.html ├── JoeSandbox_Url_Analysis_2_0 │ ├── long.html │ └── short.html ├── Jupyter_Run_Notebook_Analyzer_1_0 │ ├── long.html │ └── short.html ├── KasperskyTIP_1_0 │ ├── long.html │ └── short.html ├── LdapQuery_1_0 │ ├── long.html │ └── short.html ├── Ldap_Query_3_0 │ ├── long.html │ └── short.html ├── Lookyloo_Screenshot_1_0 │ └── long.html ├── LupovisProwl_GetIPReputation_1_1 │ ├── long.html │ └── short.html ├── MISPWarningLists_2_0 │ ├── long.html │ └── short.html ├── MISP_2_1 │ ├── long.html │ └── short.html ├── MSEntraID_GetDirectoryAuditLogs_1_0 │ └── long.html ├── MSEntraID_GetManagedDevicesInfo_1_0 │ └── long.html ├── MSEntraID_GetSignIns_1_0 │ ├── long.html │ └── short.html ├── MSEntraID_GetUserInfo_1_0 │ └── long.html ├── Malpedia_1_0 │ ├── long.html │ └── short.html ├── Maltiverse_Report_1_0 │ ├── long.html │ └── short.html ├── MalwareBazaar_1_0 │ ├── long.html │ └── short.html ├── MalwareClustering_1_0 │ ├── long.html │ └── short.html ├── Malwares_GetReport_1_0 │ ├── long.html │ └── short.html ├── Malwares_Scan_1_0 │ ├── long.html │ └── short.html ├── MaxMind_GeoIP_4_0 │ ├── long.html │ └── short.html ├── MetaDefenderCloud_GetReport_1_0 │ ├── long.html │ └── short.html ├── MetaDefenderCloud_Reputation_1_0 │ ├── long.html │ └── short.html ├── MetaDefenderCloud_Scan_1_0 │ ├── long.html │ └── short.html ├── MetaDefenderCore_GetReport_1_0 │ ├── long.html │ └── short.html ├── MetaDefenderCore_Scan_1_0 │ ├── long.html │ └── short.html ├── Mnemonic_pDNS_Closed_3_0 │ ├── long.html │ └── short.html ├── Mnemonic_pDNS_Public_3_0 │ ├── long.html │ └── short.html ├── Msg_Parser_3_0 │ ├── long.html │ └── short.html ├── NERD_1_0 │ ├── long.html │ └── short.html ├── NSRL_Lookup_1_0 │ ├── long.html │ └── short.html ├── Nessus_2_0 │ ├── long.html │ └── short.html ├── ONYPHE_ASM_1_1 │ ├── long.html │ └── short.html ├── ONYPHE_Ctiscan_1_0 │ ├── long.html │ └── short.html ├── ONYPHE_OnDemandScan_1_0 │ ├── long.html │ └── short.html ├── ONYPHE_Search_1_1 │ ├── long.html │ └── short.html ├── ONYPHE_Summary_API_1_1 │ └── long.html ├── ONYPHE_Vulnscan_1_1 │ ├── long.html │ └── short.html ├── OTXQuery_2_0 │ ├── long.html │ └── short.html ├── OktaUserLookup_1_0 │ ├── long.html │ └── short.html ├── OpenCTI_SearchExactObservable_2_0 │ ├── long.html │ └── short.html ├── OpenCTI_SearchObservables_2_0 │ ├── long.html │ └── short.html ├── PaloAltoWildFire_1_0 │ ├── long.html │ └── short.html ├── PassiveTotal_Components_2_0 │ └── long.html ├── PassiveTotal_Enrichment_2_0 │ └── long.html ├── PassiveTotal_Host_Pairs_2_0 │ └── long.html ├── PassiveTotal_Malware_2_0 │ ├── long.html │ └── short.html ├── PassiveTotal_Osint_2_0 │ ├── long.html │ └── short.html ├── PassiveTotal_Passive_Dns_2_1 │ ├── long.html │ └── short.html ├── PassiveTotal_Ssl_Certificate_Details_2_0 │ ├── long.html │ └── short.html ├── PassiveTotal_Ssl_Certificate_History_2_0 │ ├── long.html │ └── short.html ├── PassiveTotal_Trackers_2_0 │ └── long.html ├── PassiveTotal_Unique_Resolutions_2_0 │ ├── long.html │ └── short.html ├── PassiveTotal_Whois_Details_2_0 │ ├── long.html │ └── short.html ├── Patrowl_GetReport_1_0 │ ├── long.html │ └── short.html ├── PayloadSecurity_File_Analysis_1_0 │ └── long.html ├── PayloadSecurity_Url_Analysis_1_0 │ └── long.html ├── PhishTank_CheckURL_2_1 │ ├── long.html │ └── short.html ├── PhishingInitiative_Lookup_2_0 │ ├── long.html │ └── short.html ├── PhishingInitiative_Scan_1_0 │ ├── long.html │ └── short.html ├── Proofpoint_Lookup_1_0 │ ├── long.html │ └── short.html ├── Pulsedive_GetIndicator_1_0 │ ├── long.html │ └── short.html ├── QrDecode_1_0 │ ├── long.html │ └── short.html ├── RecordedFuture_2_0 │ ├── long.html │ └── short.html ├── RiskIQ_Articles_1_0 │ └── long.html ├── RiskIQ_Artifacts_1_0 │ └── long.html ├── RiskIQ_Certificates_1_0 │ └── long.html ├── RiskIQ_Components_1_0 │ └── long.html ├── RiskIQ_Cookies_1_0 │ └── long.html ├── RiskIQ_HostpairChildren_1_0 │ └── long.html ├── RiskIQ_HostpairParents_1_0 │ └── long.html ├── RiskIQ_Malware_1_0 │ └── long.html ├── RiskIQ_Projects_1_0 │ └── long.html ├── RiskIQ_Reputation_1_0 │ └── long.html ├── RiskIQ_Resolutions_1_0 │ └── long.html ├── RiskIQ_Services_1_0 │ └── long.html ├── RiskIQ_Subdomains_1_0 │ └── long.html ├── RiskIQ_Summary_1_0 │ └── long.html ├── RiskIQ_Trackers_1_0 │ └── long.html ├── RiskIQ_Whois_1_0 │ └── long.html ├── Robtex_Forward_PDNS_Query_1_0 │ ├── long.html │ └── short.html ├── Robtex_IP_Query_1_0 │ ├── long.html │ └── short.html ├── Robtex_Reverse_PDNS_Query_1_0 │ ├── long.html │ └── short.html ├── SEKOIAIntelligenceCenter_Context_1_0 │ ├── long.html │ └── short.html ├── SEKOIAIntelligenceCenter_Indicators_1_0 │ ├── long.html │ └── short.html ├── SEKOIAIntelligenceCenter_Observables_1_0 │ ├── long.html │ └── short.html ├── SecurityTrails_Passive_DNS_1_0 │ ├── long.html │ └── short.html ├── SecurityTrails_Whois_1_0 │ ├── long.html │ └── short.html ├── SentinelOne_DeepVisibility_DNSQuery_1_0 │ ├── long.html │ └── short.html ├── Shodan_DNSResolve_1_0 │ ├── long.html │ └── short.html ├── Shodan_Host_1_0 │ ├── long.html │ └── short.html ├── Shodan_Host_History_1_0 │ ├── long.html │ └── short.html ├── Shodan_InfoDomain_1_0 │ ├── long.html │ └── short.html ├── Shodan_ReverseDNS_1_0 │ ├── long.html │ └── short.html ├── Shodan_Search_2_0 │ ├── long.html │ └── short.html ├── SinkDB_1_0 │ ├── long.html │ └── short.html ├── SoltraEdge_1_0 │ ├── long.html │ └── short.html ├── SophosIntelix_GetReport_0_3 │ ├── long.html │ └── short.html ├── SophosIntelix_Submit_Dynamic_0_1 │ ├── long.html │ └── short.html ├── SophosIntelix_Submit_Static_0_1 │ ├── long.html │ └── short.html ├── SpamAssassin_1_0 │ ├── long.html │ └── short.html ├── SpamhausDBL_1_0 │ ├── long.html │ └── short.html ├── Splunk_Search_Domain_FQDN_3_0 │ ├── long.html │ └── short.html ├── Splunk_Search_File_Filename_3_0 │ ├── long.html │ └── short.html ├── Splunk_Search_Hash_3_0 │ ├── long.html │ └── short.html ├── Splunk_Search_IP_3_0 │ ├── long.html │ └── short.html ├── Splunk_Search_Mail_Email_3_0 │ ├── long.html │ └── short.html ├── Splunk_Search_Mail_Subject_3_0 │ ├── long.html │ └── short.html ├── Splunk_Search_Other_3_0 │ ├── long.html │ └── short.html ├── Splunk_Search_Registry_3_0 │ ├── long.html │ └── short.html ├── Splunk_Search_URL_URI_Path_3_0 │ ├── long.html │ └── short.html ├── Splunk_Search_User_3_0 │ ├── long.html │ └── short.html ├── Splunk_Search_User_Agent_3_0 │ ├── long.html │ └── short.html ├── StamusNetworks_HostID_1_0 │ ├── long.html │ └── short.html ├── StaxxSearch_1_0 │ ├── long.html │ └── short.html ├── StopForumSpam_1_0 │ ├── long.html │ └── short.html ├── THOR_Thunderstorm_ScanSample_0_3_1 │ ├── long.html │ └── short.html ├── TalosReputation_1_0 │ ├── long.html │ └── short.html ├── TeamCymruMHR_1_0 │ ├── long.html │ └── short.html ├── TestAnalyzer_1_0 │ └── long.html ├── ThreatGrid_1_0 │ ├── long.html │ └── short.html ├── ThreatMiner_1_0 │ ├── long.html │ └── short.html ├── ThreatResponse_1_0 │ ├── long.html │ └── short.html ├── Threatcrowd_1_0 │ ├── long.html │ └── short.html ├── TorBlutmagie_1_0 │ ├── long.html │ └── short.html ├── TorProject_1_0 │ ├── long.html │ └── short.html ├── Triage_2_0 │ ├── long.html │ └── short.html ├── URLhaus_2_0 │ ├── long.html │ └── short.html ├── Umbrella_Report_1_0 │ ├── long.html │ └── short.html ├── UnshortenLink_1_2 │ ├── long.html │ └── short.html ├── Urlscan_io_Scan_0_1_0 │ ├── long.html │ └── short.html ├── Urlscan_io_Search_0_1_1 │ ├── long.html │ └── short.html ├── VMRay_4_1 │ ├── long.html │ └── short.html ├── Valhalla_GetRuleMatches_0_3_1 │ ├── long.html │ └── short.html ├── ValidateObservable_1_0 │ └── long.html ├── Verifalia_1_0 │ ├── long.html │ └── short.html ├── VirusTotal_DownloadSample_3_1 │ └── long.html ├── VirusTotal_GetReport_3_1 │ └── long.html ├── VirusTotal_Rescan_3_1 │ └── long.html ├── VirusTotal_Scan_3_1 │ └── long.html ├── Virusshare_2_0 │ ├── long.html │ └── short.html ├── Vulners_CVE_1_0 │ ├── long.html │ └── short.html ├── Vulners_IOC_1_0 │ ├── long.html │ └── short.html ├── WOT_Lookup_2_0 │ ├── long.html │ └── short.html ├── Watcher_CheckDomain_1_3 │ ├── long.html │ └── short.html ├── Yara_3_0 │ ├── long.html │ └── short.html ├── Yeti_1_0 │ ├── long.html │ └── short.html └── Zscaler_1_3 │ ├── long.html │ └── short.html └── utils ├── analyzer-runlocal.py ├── compile-manalyze.sh ├── docker ├── Dockerfile_template ├── build-customimage.sh └── build.sh ├── flavors ├── README.md ├── analyzer_flavor_template.json ├── check_json_schema.py ├── flavor_schema.json ├── requirements.txt └── responder_flavor_template.json └── test_doc ├── README.md ├── requirements.txt ├── testdoc-venv.sh └── testdoc.sh /.drone.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/.drone.yml -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/bug_report.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/.github/ISSUE_TEMPLATE/bug_report.md -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/feature_request.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/.github/ISSUE_TEMPLATE/feature_request.md -------------------------------------------------------------------------------- /.github/issue_template.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/.github/issue_template.md -------------------------------------------------------------------------------- /.github/workflows/build.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/.github/workflows/build.yml -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/.gitignore -------------------------------------------------------------------------------- /AUTHORS: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/AUTHORS -------------------------------------------------------------------------------- /CHANGELOG.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/CHANGELOG.md -------------------------------------------------------------------------------- /COMPONENTS: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/COMPONENTS -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/LICENSE -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/README.md -------------------------------------------------------------------------------- /SECURITY.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/SECURITY.md -------------------------------------------------------------------------------- /analyzers/AILOnionLookup/AIL_OnionLookup.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/AILOnionLookup/AIL_OnionLookup.json -------------------------------------------------------------------------------- /analyzers/AILOnionLookup/Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/AILOnionLookup/Dockerfile -------------------------------------------------------------------------------- /analyzers/AILOnionLookup/OnionLookup.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/AILOnionLookup/OnionLookup.py -------------------------------------------------------------------------------- /analyzers/AILOnionLookup/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/AILOnionLookup/README.md -------------------------------------------------------------------------------- /analyzers/AILOnionLookup/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests -------------------------------------------------------------------------------- /analyzers/AbuseIPDB/AbuseIPDB.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/AbuseIPDB/AbuseIPDB.json -------------------------------------------------------------------------------- /analyzers/AbuseIPDB/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/AbuseIPDB/README.md -------------------------------------------------------------------------------- /analyzers/AbuseIPDB/abuseipdb.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/AbuseIPDB/abuseipdb.py -------------------------------------------------------------------------------- /analyzers/AbuseIPDB/assets/abuseipdb.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/AbuseIPDB/assets/abuseipdb.png -------------------------------------------------------------------------------- /analyzers/AbuseIPDB/assets/long_report.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/AbuseIPDB/assets/long_report.png -------------------------------------------------------------------------------- /analyzers/AbuseIPDB/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests -------------------------------------------------------------------------------- /analyzers/Abuse_Finder/Abuse_Finder.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Abuse_Finder/Abuse_Finder.json -------------------------------------------------------------------------------- /analyzers/Abuse_Finder/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Abuse_Finder/README.md -------------------------------------------------------------------------------- /analyzers/Abuse_Finder/abusefinder.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Abuse_Finder/abusefinder.py -------------------------------------------------------------------------------- /analyzers/Abuse_Finder/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | abuse_finder>=0.3 3 | future 4 | -------------------------------------------------------------------------------- /analyzers/AnyRun/AnyRun_Sandbox_Analysis.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/AnyRun/AnyRun_Sandbox_Analysis.json -------------------------------------------------------------------------------- /analyzers/AnyRun/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/AnyRun/README.md -------------------------------------------------------------------------------- /analyzers/AnyRun/anyrun_analyzer.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/AnyRun/anyrun_analyzer.py -------------------------------------------------------------------------------- /analyzers/AnyRun/assets/AnyRun.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/AnyRun/assets/AnyRun.png -------------------------------------------------------------------------------- /analyzers/AnyRun/assets/long_report.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/AnyRun/assets/long_report.png -------------------------------------------------------------------------------- /analyzers/AnyRun/assets/short_report.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/AnyRun/assets/short_report.png -------------------------------------------------------------------------------- /analyzers/AnyRun/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests 3 | -------------------------------------------------------------------------------- /analyzers/Autofocus/Autofocus_SearchIOC.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Autofocus/Autofocus_SearchIOC.json -------------------------------------------------------------------------------- /analyzers/Autofocus/Autofocus_SearchJSON.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Autofocus/Autofocus_SearchJSON.json -------------------------------------------------------------------------------- /analyzers/Autofocus/analyzer.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Autofocus/analyzer.py -------------------------------------------------------------------------------- /analyzers/Autofocus/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | autofocus-client-library 3 | -------------------------------------------------------------------------------- /analyzers/Axur/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Axur/README.md -------------------------------------------------------------------------------- /analyzers/Axur/axur_analyzer.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Axur/axur_analyzer.json -------------------------------------------------------------------------------- /analyzers/Axur/axur_analyzer.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Axur/axur_analyzer.py -------------------------------------------------------------------------------- /analyzers/Axur/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests 3 | -------------------------------------------------------------------------------- /analyzers/BackscatterIO/backscatter-io.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/BackscatterIO/backscatter-io.py -------------------------------------------------------------------------------- /analyzers/BackscatterIO/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | backscatter -------------------------------------------------------------------------------- /analyzers/C1fApp/C1fApp_osint.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/C1fApp/C1fApp_osint.json -------------------------------------------------------------------------------- /analyzers/C1fApp/README: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/C1fApp/README -------------------------------------------------------------------------------- /analyzers/C1fApp/cifquery.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/C1fApp/cifquery.py -------------------------------------------------------------------------------- /analyzers/C1fApp/input: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/C1fApp/input -------------------------------------------------------------------------------- /analyzers/C1fApp/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests -------------------------------------------------------------------------------- /analyzers/CERTatPassiveDNS/Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/CERTatPassiveDNS/Dockerfile -------------------------------------------------------------------------------- /analyzers/CERTatPassiveDNS/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/CERTatPassiveDNS/README.md -------------------------------------------------------------------------------- /analyzers/CERTatPassiveDNS/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | -------------------------------------------------------------------------------- /analyzers/CERTatPassiveDNS/whois.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | whois -h pdns.cert.at " $1" 3 | -------------------------------------------------------------------------------- /analyzers/CERTatPassiveDNS/whois_wrapper.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/CERTatPassiveDNS/whois_wrapper.py -------------------------------------------------------------------------------- /analyzers/CIRCLHashlookup/requirements.txt: -------------------------------------------------------------------------------- 1 | requests 2 | cortexutils -------------------------------------------------------------------------------- /analyzers/CIRCLPassiveDNS/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/CIRCLPassiveDNS/README.md -------------------------------------------------------------------------------- /analyzers/CIRCLPassiveDNS/circl_passivedns.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/CIRCLPassiveDNS/circl_passivedns.py -------------------------------------------------------------------------------- /analyzers/CIRCLPassiveDNS/requirements.txt: -------------------------------------------------------------------------------- 1 | pypdns 2 | cortexutils 3 | -------------------------------------------------------------------------------- /analyzers/CIRCLPassiveSSL/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/CIRCLPassiveSSL/README.md -------------------------------------------------------------------------------- /analyzers/CIRCLPassiveSSL/assets/pssl.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/CIRCLPassiveSSL/assets/pssl.png -------------------------------------------------------------------------------- /analyzers/CIRCLPassiveSSL/circl_passivessl.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/CIRCLPassiveSSL/circl_passivessl.py -------------------------------------------------------------------------------- /analyzers/CIRCLPassiveSSL/requirements.txt: -------------------------------------------------------------------------------- 1 | pypssl 2 | cortexutils 3 | -------------------------------------------------------------------------------- /analyzers/CIRCLVulnerabilityLookup/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/CIRCLVulnerabilityLookup/README.md -------------------------------------------------------------------------------- /analyzers/CIRCLVulnerabilityLookup/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | pyvulnerabilitylookup -------------------------------------------------------------------------------- /analyzers/CISMCAP/CISMCAP.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/CISMCAP/CISMCAP.json -------------------------------------------------------------------------------- /analyzers/CISMCAP/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/CISMCAP/README.md -------------------------------------------------------------------------------- /analyzers/CISMCAP/assets/CISMCAP_IP.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/CISMCAP/assets/CISMCAP_IP.png -------------------------------------------------------------------------------- /analyzers/CISMCAP/assets/CISMCAP_file.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/CISMCAP/assets/CISMCAP_file.png -------------------------------------------------------------------------------- /analyzers/CISMCAP/assets/cis_mcap_logo.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/CISMCAP/assets/cis_mcap_logo.png -------------------------------------------------------------------------------- /analyzers/CISMCAP/mcap.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/CISMCAP/mcap.py -------------------------------------------------------------------------------- /analyzers/CISMCAP/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests 3 | -------------------------------------------------------------------------------- /analyzers/Capa/CHANGELOG.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Capa/CHANGELOG.md -------------------------------------------------------------------------------- /analyzers/Capa/Capa.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Capa/Capa.json -------------------------------------------------------------------------------- /analyzers/Capa/CapaAnalyze.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Capa/CapaAnalyze.py -------------------------------------------------------------------------------- /analyzers/Capa/Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Capa/Dockerfile -------------------------------------------------------------------------------- /analyzers/Capa/assets/capa.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Capa/assets/capa.png -------------------------------------------------------------------------------- /analyzers/Capa/assets/long_report.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Capa/assets/long_report.png -------------------------------------------------------------------------------- /analyzers/Capa/fetch_capa.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Capa/fetch_capa.sh -------------------------------------------------------------------------------- /analyzers/Capa/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | -------------------------------------------------------------------------------- /analyzers/Censys/Censys.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Censys/Censys.json -------------------------------------------------------------------------------- /analyzers/Censys/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Censys/README.md -------------------------------------------------------------------------------- /analyzers/Censys/assets/censys.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Censys/assets/censys.png -------------------------------------------------------------------------------- /analyzers/Censys/assets/long_report.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Censys/assets/long_report.png -------------------------------------------------------------------------------- /analyzers/Censys/censys_analyzer.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Censys/censys_analyzer.py -------------------------------------------------------------------------------- /analyzers/Censys/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | censys~=2.2 3 | iocextract -------------------------------------------------------------------------------- /analyzers/ChainAbuse/ChainAbuse.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/ChainAbuse/ChainAbuse.json -------------------------------------------------------------------------------- /analyzers/ChainAbuse/ChainAbuse.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/ChainAbuse/ChainAbuse.py -------------------------------------------------------------------------------- /analyzers/ChainAbuse/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests -------------------------------------------------------------------------------- /analyzers/CheckPhish/CheckPhish.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/CheckPhish/CheckPhish.json -------------------------------------------------------------------------------- /analyzers/CheckPhish/CheckPhish.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/CheckPhish/CheckPhish.py -------------------------------------------------------------------------------- /analyzers/CheckPhish/CheckPhish_Submit.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/CheckPhish/CheckPhish_Submit.json -------------------------------------------------------------------------------- /analyzers/CheckPhish/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests -------------------------------------------------------------------------------- /analyzers/ClamAV/ClamAV_FileInfo.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/ClamAV/ClamAV_FileInfo.json -------------------------------------------------------------------------------- /analyzers/ClamAV/Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/ClamAV/Dockerfile -------------------------------------------------------------------------------- /analyzers/ClamAV/entrypoint.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/ClamAV/entrypoint.sh -------------------------------------------------------------------------------- /analyzers/ClamAV/pyclam_analyzer.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/ClamAV/pyclam_analyzer.py -------------------------------------------------------------------------------- /analyzers/ClamAV/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | pyclamd 3 | -------------------------------------------------------------------------------- /analyzers/Cluster25/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Cluster25/README.md -------------------------------------------------------------------------------- /analyzers/Cluster25/assets/cluster25_logo.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Cluster25/assets/cluster25_logo.png -------------------------------------------------------------------------------- /analyzers/Cluster25/c25_cortex_analyzer.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Cluster25/c25_cortex_analyzer.py -------------------------------------------------------------------------------- /analyzers/Cluster25/requirements.txt: -------------------------------------------------------------------------------- 1 | requests 2 | cortexutils 3 | -------------------------------------------------------------------------------- /analyzers/ClusterHawk/ClusterHawk.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/ClusterHawk/ClusterHawk.json -------------------------------------------------------------------------------- /analyzers/ClusterHawk/ClusterHawk.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/ClusterHawk/ClusterHawk.py -------------------------------------------------------------------------------- /analyzers/ClusterHawk/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/ClusterHawk/README.md -------------------------------------------------------------------------------- /analyzers/ClusterHawk/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests -------------------------------------------------------------------------------- /analyzers/Crowdsec/Crowdsec_analyzer.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Crowdsec/Crowdsec_analyzer.json -------------------------------------------------------------------------------- /analyzers/Crowdsec/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Crowdsec/README.md -------------------------------------------------------------------------------- /analyzers/Crowdsec/assets/crowdsec-logo.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Crowdsec/assets/crowdsec-logo.png -------------------------------------------------------------------------------- /analyzers/Crowdsec/crowdsec_analyzer.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Crowdsec/crowdsec_analyzer.py -------------------------------------------------------------------------------- /analyzers/Crowdsec/crowdsec_api.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Crowdsec/crowdsec_api.py -------------------------------------------------------------------------------- /analyzers/Crowdsec/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests -------------------------------------------------------------------------------- /analyzers/CrowdstrikeFalcon/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/CrowdstrikeFalcon/README.md -------------------------------------------------------------------------------- /analyzers/CrowdstrikeFalcon/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | crowdstrike-falconpy -------------------------------------------------------------------------------- /analyzers/Crtsh/Crtsh.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Crtsh/Crtsh.json -------------------------------------------------------------------------------- /analyzers/Crtsh/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Crtsh/README.md -------------------------------------------------------------------------------- /analyzers/Crtsh/assets/logo.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Crtsh/assets/logo.png -------------------------------------------------------------------------------- /analyzers/Crtsh/assets/long_report.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Crtsh/assets/long_report.png -------------------------------------------------------------------------------- /analyzers/Crtsh/crtshquery.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Crtsh/crtshquery.py -------------------------------------------------------------------------------- /analyzers/Crtsh/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests 3 | 4 | -------------------------------------------------------------------------------- /analyzers/CuckooSandbox/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/CuckooSandbox/README.md -------------------------------------------------------------------------------- /analyzers/CuckooSandbox/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests 3 | -------------------------------------------------------------------------------- /analyzers/CyberChef/CyberChef_FromBase64.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/CyberChef/CyberChef_FromBase64.json -------------------------------------------------------------------------------- /analyzers/CyberChef/CyberChef_FromHex.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/CyberChef/CyberChef_FromHex.json -------------------------------------------------------------------------------- /analyzers/CyberChef/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/CyberChef/README.md -------------------------------------------------------------------------------- /analyzers/CyberChef/assets/cyberchef.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/CyberChef/assets/cyberchef.png -------------------------------------------------------------------------------- /analyzers/CyberChef/assets/long_report.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/CyberChef/assets/long_report.png -------------------------------------------------------------------------------- /analyzers/CyberChef/cyberchef.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/CyberChef/cyberchef.py -------------------------------------------------------------------------------- /analyzers/CyberChef/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests 3 | -------------------------------------------------------------------------------- /analyzers/CyberCrime-Tracker/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/CyberCrime-Tracker/README.md -------------------------------------------------------------------------------- /analyzers/CyberCrime-Tracker/cct.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/CyberCrime-Tracker/cct.py -------------------------------------------------------------------------------- /analyzers/CyberCrime-Tracker/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | cybercrimetracker 3 | -------------------------------------------------------------------------------- /analyzers/Cyberprotect/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Cyberprotect/README.md -------------------------------------------------------------------------------- /analyzers/Cyberprotect/assets/long_report.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Cyberprotect/assets/long_report.png -------------------------------------------------------------------------------- /analyzers/Cyberprotect/assets/threatscore.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Cyberprotect/assets/threatscore.jpg -------------------------------------------------------------------------------- /analyzers/Cyberprotect/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests -------------------------------------------------------------------------------- /analyzers/Cylance/Cylance.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Cylance/Cylance.json -------------------------------------------------------------------------------- /analyzers/Cylance/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Cylance/README.md -------------------------------------------------------------------------------- /analyzers/Cylance/assets/cylance_logo.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Cylance/assets/cylance_logo.png -------------------------------------------------------------------------------- /analyzers/Cylance/cylance.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Cylance/cylance.py -------------------------------------------------------------------------------- /analyzers/Cylance/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | cyapi 3 | setuptools 4 | -------------------------------------------------------------------------------- /analyzers/DNSDB/DNSDB_DomainName.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/DNSDB/DNSDB_DomainName.json -------------------------------------------------------------------------------- /analyzers/DNSDB/DNSDB_IPHistory.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/DNSDB/DNSDB_IPHistory.json -------------------------------------------------------------------------------- /analyzers/DNSDB/DNSDB_NameHistory.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/DNSDB/DNSDB_NameHistory.json -------------------------------------------------------------------------------- /analyzers/DNSDB/dnsdb.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/DNSDB/dnsdb.py -------------------------------------------------------------------------------- /analyzers/DNSDB/dnsdb_query.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/DNSDB/dnsdb_query.py -------------------------------------------------------------------------------- /analyzers/DNSDB/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests 3 | -------------------------------------------------------------------------------- /analyzers/DNSLookingglass/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/DNSLookingglass/README.md -------------------------------------------------------------------------------- /analyzers/DNSLookingglass/assets/dshield.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/DNSLookingglass/assets/dshield.png -------------------------------------------------------------------------------- /analyzers/DNSLookingglass/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests 3 | iocextract -------------------------------------------------------------------------------- /analyzers/DNSSinkhole/DNSSinkhole.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/DNSSinkhole/DNSSinkhole.json -------------------------------------------------------------------------------- /analyzers/DNSSinkhole/dnssinkhole.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/DNSSinkhole/dnssinkhole.py -------------------------------------------------------------------------------- /analyzers/DNSSinkhole/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | dnspython 3 | -------------------------------------------------------------------------------- /analyzers/DNSdumpster/DNSdumpster.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/DNSdumpster/DNSdumpster.json -------------------------------------------------------------------------------- /analyzers/DNSdumpster/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/DNSdumpster/README.md -------------------------------------------------------------------------------- /analyzers/DNSdumpster/dnsdumpster.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/DNSdumpster/dnsdumpster.py -------------------------------------------------------------------------------- /analyzers/DNSdumpster/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests 3 | iocextract 4 | beautifulsoup4 5 | -------------------------------------------------------------------------------- /analyzers/DShield/DShield_lookup.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/DShield/DShield_lookup.json -------------------------------------------------------------------------------- /analyzers/DShield/DShield_lookup.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/DShield/DShield_lookup.py -------------------------------------------------------------------------------- /analyzers/DShield/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/DShield/README.md -------------------------------------------------------------------------------- /analyzers/DShield/assets/dshield.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/DShield/assets/dshield.png -------------------------------------------------------------------------------- /analyzers/DShield/assets/long_report.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/DShield/assets/long_report.png -------------------------------------------------------------------------------- /analyzers/DShield/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests 3 | -------------------------------------------------------------------------------- /analyzers/Diario/Diario_Scan.json.disabled: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Diario/Diario_Scan.json.disabled -------------------------------------------------------------------------------- /analyzers/Diario/assets/diario_scan_long.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Diario/assets/diario_scan_long.png -------------------------------------------------------------------------------- /analyzers/Diario/assets/diario_scan_short.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Diario/assets/diario_scan_short.png -------------------------------------------------------------------------------- /analyzers/Diario/assets/logo.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Diario/assets/logo.png -------------------------------------------------------------------------------- /analyzers/Diario/diario_analyzer.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Diario/diario_analyzer.py -------------------------------------------------------------------------------- /analyzers/Diario/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | diario 3 | -------------------------------------------------------------------------------- /analyzers/DomainMailSPFDMARC/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | checkdmarc 3 | -------------------------------------------------------------------------------- /analyzers/DomainTools/DomainTools_Risk.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/DomainTools/DomainTools_Risk.json -------------------------------------------------------------------------------- /analyzers/DomainTools/domaintools_analyzer.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/DomainTools/domaintools_analyzer.py -------------------------------------------------------------------------------- /analyzers/DomainTools/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | domaintools_api==0.6.2 3 | -------------------------------------------------------------------------------- /analyzers/DomainToolsIris/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/DomainToolsIris/README.md -------------------------------------------------------------------------------- /analyzers/DomainToolsIris/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | domaintools_api==0.6.2 3 | -------------------------------------------------------------------------------- /analyzers/EchoTrail/EchoTrail.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/EchoTrail/EchoTrail.json -------------------------------------------------------------------------------- /analyzers/EchoTrail/README: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/EchoTrail/README -------------------------------------------------------------------------------- /analyzers/EchoTrail/assets/echotrail_logo.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/EchoTrail/assets/echotrail_logo.png -------------------------------------------------------------------------------- /analyzers/EchoTrail/echotrail.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/EchoTrail/echotrail.py -------------------------------------------------------------------------------- /analyzers/EchoTrail/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests 3 | -------------------------------------------------------------------------------- /analyzers/EclecticIQ/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/EclecticIQ/README.md -------------------------------------------------------------------------------- /analyzers/EclecticIQ/assets/logo.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/EclecticIQ/assets/logo.png -------------------------------------------------------------------------------- /analyzers/EclecticIQ/eclecticiq.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/EclecticIQ/eclecticiq.py -------------------------------------------------------------------------------- /analyzers/EclecticIQ/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests -------------------------------------------------------------------------------- /analyzers/Elasticsearch/elk.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Elasticsearch/elk.py -------------------------------------------------------------------------------- /analyzers/Elasticsearch/requirements.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Elasticsearch/requirements.txt -------------------------------------------------------------------------------- /analyzers/EmailRep/EmailRep.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/EmailRep/EmailRep.json -------------------------------------------------------------------------------- /analyzers/EmailRep/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/EmailRep/README.md -------------------------------------------------------------------------------- /analyzers/EmailRep/assets/emailrep.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/EmailRep/assets/emailrep.png -------------------------------------------------------------------------------- /analyzers/EmailRep/assets/long_report.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/EmailRep/assets/long_report.png -------------------------------------------------------------------------------- /analyzers/EmailRep/emailrep_analyzer.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/EmailRep/emailrep_analyzer.py -------------------------------------------------------------------------------- /analyzers/EmailRep/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests 3 | emailrep -------------------------------------------------------------------------------- /analyzers/EmergingThreats/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/EmergingThreats/README.md -------------------------------------------------------------------------------- /analyzers/EmergingThreats/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests 3 | -------------------------------------------------------------------------------- /analyzers/EmlParser/Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/EmlParser/Dockerfile -------------------------------------------------------------------------------- /analyzers/EmlParser/EmlParser.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/EmlParser/EmlParser.json -------------------------------------------------------------------------------- /analyzers/EmlParser/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/EmlParser/README.md -------------------------------------------------------------------------------- /analyzers/EmlParser/assets/sb-logo.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/EmlParser/assets/sb-logo.jpg -------------------------------------------------------------------------------- /analyzers/EmlParser/parse.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/EmlParser/parse.py -------------------------------------------------------------------------------- /analyzers/EmlParser/requirements.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/EmlParser/requirements.txt -------------------------------------------------------------------------------- /analyzers/FalconSandbox/FalconSandbox.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/FalconSandbox/FalconSandbox.json -------------------------------------------------------------------------------- /analyzers/FalconSandbox/FalconSandbox.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/FalconSandbox/FalconSandbox.py -------------------------------------------------------------------------------- /analyzers/FalconSandbox/requirements.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/FalconSandbox/requirements.txt -------------------------------------------------------------------------------- /analyzers/FileInfo/Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/FileInfo/Dockerfile -------------------------------------------------------------------------------- /analyzers/FileInfo/FileInfo.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/FileInfo/FileInfo.json -------------------------------------------------------------------------------- /analyzers/FileInfo/README.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/FileInfo/README.txt -------------------------------------------------------------------------------- /analyzers/FileInfo/fileinfo_analyzer.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/FileInfo/fileinfo_analyzer.py -------------------------------------------------------------------------------- /analyzers/FileInfo/requirements.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/FileInfo/requirements.txt -------------------------------------------------------------------------------- /analyzers/FileInfo/submodules/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/FileInfo/submodules/__init__.py -------------------------------------------------------------------------------- /analyzers/FireEyeiSight/FireEyeiSight.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/FireEyeiSight/FireEyeiSight.json -------------------------------------------------------------------------------- /analyzers/FireEyeiSight/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/FireEyeiSight/README.md -------------------------------------------------------------------------------- /analyzers/FireEyeiSight/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests 3 | -------------------------------------------------------------------------------- /analyzers/FireHOLBlocklists/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/FireHOLBlocklists/README.md -------------------------------------------------------------------------------- /analyzers/ForcepointWebsensePing/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/ForcepointWebsensePing/README.md -------------------------------------------------------------------------------- /analyzers/ForcepointWebsensePing/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils -------------------------------------------------------------------------------- /analyzers/Fortiguard/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Fortiguard/README.md -------------------------------------------------------------------------------- /analyzers/Fortiguard/assets/fortiguard.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Fortiguard/assets/fortiguard.png -------------------------------------------------------------------------------- /analyzers/Fortiguard/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests 3 | -------------------------------------------------------------------------------- /analyzers/Fortiguard/urlcategory.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Fortiguard/urlcategory.py -------------------------------------------------------------------------------- /analyzers/FoxIO/JA4_FoxIO.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/FoxIO/JA4_FoxIO.json -------------------------------------------------------------------------------- /analyzers/FoxIO/JA4_FoxIO.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/FoxIO/JA4_FoxIO.py -------------------------------------------------------------------------------- /analyzers/FoxIO/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests 3 | -------------------------------------------------------------------------------- /analyzers/GRR/GRR.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/GRR/GRR.json -------------------------------------------------------------------------------- /analyzers/GRR/grrclient.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/GRR/grrclient.py -------------------------------------------------------------------------------- /analyzers/GRR/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | grr-api-client 3 | setuptools -------------------------------------------------------------------------------- /analyzers/Gatewatcher_CTI/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Gatewatcher_CTI/README.md -------------------------------------------------------------------------------- /analyzers/Gatewatcher_CTI/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests -------------------------------------------------------------------------------- /analyzers/GoogleDNS/DNS_records.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/GoogleDNS/DNS_records.py -------------------------------------------------------------------------------- /analyzers/GoogleDNS/GoogleDNS_resolve.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/GoogleDNS/GoogleDNS_resolve.json -------------------------------------------------------------------------------- /analyzers/GoogleDNS/GoogleDNS_resolve.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/GoogleDNS/GoogleDNS_resolve.py -------------------------------------------------------------------------------- /analyzers/GoogleDNS/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests 3 | -------------------------------------------------------------------------------- /analyzers/GoogleSafebrowsing/requirements.txt: -------------------------------------------------------------------------------- 1 | requests 2 | cortexutils 3 | -------------------------------------------------------------------------------- /analyzers/GoogleVisionAPI/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests 3 | -------------------------------------------------------------------------------- /analyzers/GreyNoise/GreyNoise.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/GreyNoise/GreyNoise.json -------------------------------------------------------------------------------- /analyzers/GreyNoise/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/GreyNoise/README.md -------------------------------------------------------------------------------- /analyzers/GreyNoise/assets/greynoise.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/GreyNoise/assets/greynoise.png -------------------------------------------------------------------------------- /analyzers/GreyNoise/assets/long_report.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/GreyNoise/assets/long_report.png -------------------------------------------------------------------------------- /analyzers/GreyNoise/greynoisev3.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/GreyNoise/greynoisev3.py -------------------------------------------------------------------------------- /analyzers/GreyNoise/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | greynoise==3.0.1 -------------------------------------------------------------------------------- /analyzers/HIBP/HIBP_Query.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/HIBP/HIBP_Query.json -------------------------------------------------------------------------------- /analyzers/HIBP/hibpquery_analyzer.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/HIBP/hibpquery_analyzer.py -------------------------------------------------------------------------------- /analyzers/HIBP/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests 3 | -------------------------------------------------------------------------------- /analyzers/Hashdd/Hashdd.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Hashdd/Hashdd.py -------------------------------------------------------------------------------- /analyzers/Hashdd/Hashdd_Detail.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Hashdd/Hashdd_Detail.json -------------------------------------------------------------------------------- /analyzers/Hashdd/Hashdd_Status.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Hashdd/Hashdd_Status.json -------------------------------------------------------------------------------- /analyzers/Hashdd/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Hashdd/README.md -------------------------------------------------------------------------------- /analyzers/Hashdd/assets/hashdd.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Hashdd/assets/hashdd.png -------------------------------------------------------------------------------- /analyzers/Hashdd/assets/long_report.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Hashdd/assets/long_report.png -------------------------------------------------------------------------------- /analyzers/Hashdd/requirements.txt: -------------------------------------------------------------------------------- 1 | requests 2 | cortexutils 3 | -------------------------------------------------------------------------------- /analyzers/Hippocampe/Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Hippocampe/Dockerfile -------------------------------------------------------------------------------- /analyzers/Hippocampe/hippo.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Hippocampe/hippo.py -------------------------------------------------------------------------------- /analyzers/Hippocampe/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | future -------------------------------------------------------------------------------- /analyzers/Hunterio/README.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Hunterio/README.txt -------------------------------------------------------------------------------- /analyzers/Hunterio/assets/hunter.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Hunterio/assets/hunter.png -------------------------------------------------------------------------------- /analyzers/Hunterio/assets/long_report.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Hunterio/assets/long_report.png -------------------------------------------------------------------------------- /analyzers/Hunterio/hunterio_analyzer.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Hunterio/hunterio_analyzer.py -------------------------------------------------------------------------------- /analyzers/Hunterio/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests -------------------------------------------------------------------------------- /analyzers/HybridAnalysis/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests 3 | -------------------------------------------------------------------------------- /analyzers/IBMXForce/IBMXForce_Lookup.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/IBMXForce/IBMXForce_Lookup.json -------------------------------------------------------------------------------- /analyzers/IBMXForce/README: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/IBMXForce/README -------------------------------------------------------------------------------- /analyzers/IBMXForce/ibmxforce_lookup.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/IBMXForce/ibmxforce_lookup.py -------------------------------------------------------------------------------- /analyzers/IBMXForce/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests 3 | -------------------------------------------------------------------------------- /analyzers/IP-API/IP-API.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/IP-API/IP-API.json -------------------------------------------------------------------------------- /analyzers/IP-API/IP-API.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/IP-API/IP-API.py -------------------------------------------------------------------------------- /analyzers/IP-API/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests -------------------------------------------------------------------------------- /analyzers/IPVoid/IPVoid.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/IPVoid/IPVoid.json -------------------------------------------------------------------------------- /analyzers/IPVoid/ipvoid.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/IPVoid/ipvoid.py -------------------------------------------------------------------------------- /analyzers/IPVoid/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests 3 | -------------------------------------------------------------------------------- /analyzers/IPinfo/IPinfo_Details.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/IPinfo/IPinfo_Details.json -------------------------------------------------------------------------------- /analyzers/IPinfo/ipinfo.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/IPinfo/ipinfo.py -------------------------------------------------------------------------------- /analyzers/IPinfo/ipinfo_analyzer.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/IPinfo/ipinfo_analyzer.py -------------------------------------------------------------------------------- /analyzers/IPinfo/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests 3 | -------------------------------------------------------------------------------- /analyzers/IVRE/IVRE.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/IVRE/IVRE.json -------------------------------------------------------------------------------- /analyzers/IVRE/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/IVRE/README.md -------------------------------------------------------------------------------- /analyzers/IVRE/assets/ivre_logo.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/IVRE/assets/ivre_logo.png -------------------------------------------------------------------------------- /analyzers/IVRE/ivre_analyzer.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/IVRE/ivre_analyzer.py -------------------------------------------------------------------------------- /analyzers/IVRE/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | ivre 3 | -------------------------------------------------------------------------------- /analyzers/Inoitsu/Inoitsu.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Inoitsu/Inoitsu.json -------------------------------------------------------------------------------- /analyzers/Inoitsu/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Inoitsu/README.md -------------------------------------------------------------------------------- /analyzers/Inoitsu/assets/Inoitsu_long.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Inoitsu/assets/Inoitsu_long.png -------------------------------------------------------------------------------- /analyzers/Inoitsu/assets/Inoitsu_short.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Inoitsu/assets/Inoitsu_short.png -------------------------------------------------------------------------------- /analyzers/Inoitsu/assets/inoitsu_logo.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Inoitsu/assets/inoitsu_logo.png -------------------------------------------------------------------------------- /analyzers/Inoitsu/inoitsu_analyzer.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Inoitsu/inoitsu_analyzer.py -------------------------------------------------------------------------------- /analyzers/Inoitsu/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests 3 | -------------------------------------------------------------------------------- /analyzers/IntezerCommunity/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/IntezerCommunity/README.md -------------------------------------------------------------------------------- /analyzers/IntezerCommunity/requirements.txt: -------------------------------------------------------------------------------- 1 | requests 2 | cortexutils -------------------------------------------------------------------------------- /analyzers/Investigate/requirements.txt: -------------------------------------------------------------------------------- 1 | investigate 2 | cortexutils 3 | requests 4 | -------------------------------------------------------------------------------- /analyzers/JoeSandbox/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/JoeSandbox/README.md -------------------------------------------------------------------------------- /analyzers/JoeSandbox/assets/IP_URL.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/JoeSandbox/assets/IP_URL.png -------------------------------------------------------------------------------- /analyzers/JoeSandbox/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests 3 | jbxapi==3.2.0 4 | -------------------------------------------------------------------------------- /analyzers/Jupyter_Analyzer/Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Jupyter_Analyzer/Dockerfile -------------------------------------------------------------------------------- /analyzers/Jupyter_Analyzer/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Jupyter_Analyzer/README.md -------------------------------------------------------------------------------- /analyzers/Jupyter_Analyzer/jupyter.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Jupyter_Analyzer/jupyter.py -------------------------------------------------------------------------------- /analyzers/KasperskyTIP/KasperskyTIP.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/KasperskyTIP/KasperskyTIP.json -------------------------------------------------------------------------------- /analyzers/KasperskyTIP/KasperskyTIP.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/KasperskyTIP/KasperskyTIP.py -------------------------------------------------------------------------------- /analyzers/KasperskyTIP/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests -------------------------------------------------------------------------------- /analyzers/LdapQuery/LdapQuery.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/LdapQuery/LdapQuery.json -------------------------------------------------------------------------------- /analyzers/LdapQuery/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/LdapQuery/README.md -------------------------------------------------------------------------------- /analyzers/LdapQuery/ldapQuery.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/LdapQuery/ldapQuery.py -------------------------------------------------------------------------------- /analyzers/LdapQuery/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | ldap3 3 | -------------------------------------------------------------------------------- /analyzers/Lookyloo/Lookyloo.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Lookyloo/Lookyloo.json -------------------------------------------------------------------------------- /analyzers/Lookyloo/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Lookyloo/README.md -------------------------------------------------------------------------------- /analyzers/Lookyloo/assets/not_resolved.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Lookyloo/assets/not_resolved.PNG -------------------------------------------------------------------------------- /analyzers/Lookyloo/assets/report1.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Lookyloo/assets/report1.PNG -------------------------------------------------------------------------------- /analyzers/Lookyloo/assets/report2.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Lookyloo/assets/report2.PNG -------------------------------------------------------------------------------- /analyzers/Lookyloo/lookyloo.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Lookyloo/lookyloo.py -------------------------------------------------------------------------------- /analyzers/Lookyloo/requirements.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Lookyloo/requirements.txt -------------------------------------------------------------------------------- /analyzers/LupovisProwl/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/LupovisProwl/README.md -------------------------------------------------------------------------------- /analyzers/LupovisProwl/requirements.txt: -------------------------------------------------------------------------------- 1 | requests 2 | cortexutils 3 | -------------------------------------------------------------------------------- /analyzers/MISP/MISP.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/MISP/MISP.json -------------------------------------------------------------------------------- /analyzers/MISP/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/MISP/README.md -------------------------------------------------------------------------------- /analyzers/MISP/assets/long_report.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/MISP/assets/long_report.png -------------------------------------------------------------------------------- /analyzers/MISP/assets/misp.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/MISP/assets/misp.png -------------------------------------------------------------------------------- /analyzers/MISP/misp.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/MISP/misp.py -------------------------------------------------------------------------------- /analyzers/MISP/mispclient.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/MISP/mispclient.py -------------------------------------------------------------------------------- /analyzers/MISP/requirements.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/MISP/requirements.txt -------------------------------------------------------------------------------- /analyzers/MISPWarningLists/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/MISPWarningLists/README.md -------------------------------------------------------------------------------- /analyzers/MISPWarningLists/assets/misp.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/MISPWarningLists/assets/misp.png -------------------------------------------------------------------------------- /analyzers/MSEntraID/MSEntraID.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/MSEntraID/MSEntraID.py -------------------------------------------------------------------------------- /analyzers/MSEntraID/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/MSEntraID/README.md -------------------------------------------------------------------------------- /analyzers/MSEntraID/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests 3 | datetime -------------------------------------------------------------------------------- /analyzers/Malpedia/Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Malpedia/Dockerfile -------------------------------------------------------------------------------- /analyzers/Malpedia/Malpedia.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Malpedia/Malpedia.json -------------------------------------------------------------------------------- /analyzers/Malpedia/malpedia_analyzer.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Malpedia/malpedia_analyzer.py -------------------------------------------------------------------------------- /analyzers/Malpedia/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests 3 | yara-python -------------------------------------------------------------------------------- /analyzers/Maltiverse/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Maltiverse/README.md -------------------------------------------------------------------------------- /analyzers/Maltiverse/assets/maltiverse.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Maltiverse/assets/maltiverse.png -------------------------------------------------------------------------------- /analyzers/Maltiverse/maltiverse-client.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Maltiverse/maltiverse-client.py -------------------------------------------------------------------------------- /analyzers/Maltiverse/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | future 3 | requests 4 | maltiverse 5 | PyJWT -------------------------------------------------------------------------------- /analyzers/MalwareBazaar/MalwareBazaar.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/MalwareBazaar/MalwareBazaar.json -------------------------------------------------------------------------------- /analyzers/MalwareBazaar/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/MalwareBazaar/README.md -------------------------------------------------------------------------------- /analyzers/MalwareBazaar/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests 3 | -------------------------------------------------------------------------------- /analyzers/MalwareClustering/Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/MalwareClustering/Dockerfile -------------------------------------------------------------------------------- /analyzers/MalwareClustering/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/MalwareClustering/README.md -------------------------------------------------------------------------------- /analyzers/MalwareClustering/pylouvain.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/MalwareClustering/pylouvain.py -------------------------------------------------------------------------------- /analyzers/Malwares/Malwares_GetReport.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Malwares/Malwares_GetReport.json -------------------------------------------------------------------------------- /analyzers/Malwares/Malwares_Scan.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Malwares/Malwares_Scan.json -------------------------------------------------------------------------------- /analyzers/Malwares/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Malwares/README.md -------------------------------------------------------------------------------- /analyzers/Malwares/assets/long_report.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Malwares/assets/long_report.png -------------------------------------------------------------------------------- /analyzers/Malwares/assets/malwares.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Malwares/assets/malwares.png -------------------------------------------------------------------------------- /analyzers/Malwares/malwares.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Malwares/malwares.py -------------------------------------------------------------------------------- /analyzers/Malwares/malwares_api.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Malwares/malwares_api.py -------------------------------------------------------------------------------- /analyzers/Malwares/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests 3 | -------------------------------------------------------------------------------- /analyzers/MaxMind/GeoLite2-City.mmdb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/MaxMind/GeoLite2-City.mmdb -------------------------------------------------------------------------------- /analyzers/MaxMind/GeoLite2-Country.mmdb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/MaxMind/GeoLite2-Country.mmdb -------------------------------------------------------------------------------- /analyzers/MaxMind/MaxMind_GeoIP.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/MaxMind/MaxMind_GeoIP.json -------------------------------------------------------------------------------- /analyzers/MaxMind/geo.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/MaxMind/geo.py -------------------------------------------------------------------------------- /analyzers/MaxMind/geoip2/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/MaxMind/geoip2/__init__.py -------------------------------------------------------------------------------- /analyzers/MaxMind/geoip2/database.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/MaxMind/geoip2/database.py -------------------------------------------------------------------------------- /analyzers/MaxMind/geoip2/errors.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/MaxMind/geoip2/errors.py -------------------------------------------------------------------------------- /analyzers/MaxMind/geoip2/models.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/MaxMind/geoip2/models.py -------------------------------------------------------------------------------- /analyzers/MaxMind/geoip2/records.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/MaxMind/geoip2/records.py -------------------------------------------------------------------------------- /analyzers/MaxMind/geoip2/webservice.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/MaxMind/geoip2/webservice.py -------------------------------------------------------------------------------- /analyzers/MaxMind/ipaddr.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/MaxMind/ipaddr.py -------------------------------------------------------------------------------- /analyzers/MaxMind/maxminddb/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/MaxMind/maxminddb/__init__.py -------------------------------------------------------------------------------- /analyzers/MaxMind/maxminddb/compat.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/MaxMind/maxminddb/compat.py -------------------------------------------------------------------------------- /analyzers/MaxMind/maxminddb/decoder.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/MaxMind/maxminddb/decoder.py -------------------------------------------------------------------------------- /analyzers/MaxMind/maxminddb/errors.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/MaxMind/maxminddb/errors.py -------------------------------------------------------------------------------- /analyzers/MaxMind/maxminddb/reader.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/MaxMind/maxminddb/reader.py -------------------------------------------------------------------------------- /analyzers/MaxMind/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests -------------------------------------------------------------------------------- /analyzers/MetaDefender/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests 3 | -------------------------------------------------------------------------------- /analyzers/MnemonicPDNS/pdns.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/MnemonicPDNS/pdns.py -------------------------------------------------------------------------------- /analyzers/MnemonicPDNS/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests 3 | -------------------------------------------------------------------------------- /analyzers/MsgParser/Msg_Parser.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/MsgParser/Msg_Parser.json -------------------------------------------------------------------------------- /analyzers/MsgParser/lib/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/MsgParser/lib/__init__.py -------------------------------------------------------------------------------- /analyzers/MsgParser/lib/msgParser.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/MsgParser/lib/msgParser.py -------------------------------------------------------------------------------- /analyzers/MsgParser/parse.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/MsgParser/parse.py -------------------------------------------------------------------------------- /analyzers/MsgParser/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | olefile 3 | -------------------------------------------------------------------------------- /analyzers/NERD/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/NERD/README.md -------------------------------------------------------------------------------- /analyzers/NERD/assets/NERD_logo.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/NERD/assets/NERD_logo.png -------------------------------------------------------------------------------- /analyzers/NERD/assets/NERD_long.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/NERD/assets/NERD_long.png -------------------------------------------------------------------------------- /analyzers/NERD/assets/NERD_short.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/NERD/assets/NERD_short.png -------------------------------------------------------------------------------- /analyzers/NERD/nerd.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/NERD/nerd.json -------------------------------------------------------------------------------- /analyzers/NERD/nerd_analyzer.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/NERD/nerd_analyzer.py -------------------------------------------------------------------------------- /analyzers/NERD/requirements.txt: -------------------------------------------------------------------------------- 1 | requests 2 | cortexutils -------------------------------------------------------------------------------- /analyzers/NSRL/NSRL.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/NSRL/NSRL.json -------------------------------------------------------------------------------- /analyzers/NSRL/create_db.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/NSRL/create_db.py -------------------------------------------------------------------------------- /analyzers/NSRL/nsrl.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/NSRL/nsrl.py -------------------------------------------------------------------------------- /analyzers/NSRL/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | sqlalchemy 3 | psycopg2-binary 4 | -------------------------------------------------------------------------------- /analyzers/Nessus/Nessus.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Nessus/Nessus.json -------------------------------------------------------------------------------- /analyzers/Nessus/nessus.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Nessus/nessus.py -------------------------------------------------------------------------------- /analyzers/Nessus/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | nessrest 3 | netaddr 4 | -------------------------------------------------------------------------------- /analyzers/ONYPHEActiveScan/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests 3 | python-dateutil 4 | -------------------------------------------------------------------------------- /analyzers/ONYPHEActiveScan/scanyphe_api.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/ONYPHEActiveScan/scanyphe_api.py -------------------------------------------------------------------------------- /analyzers/OTXQuery/OTXQuery.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/OTXQuery/OTXQuery.json -------------------------------------------------------------------------------- /analyzers/OTXQuery/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/OTXQuery/README.md -------------------------------------------------------------------------------- /analyzers/OTXQuery/assets/OTX.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/OTXQuery/assets/OTX.png -------------------------------------------------------------------------------- /analyzers/OTXQuery/assets/long_report.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/OTXQuery/assets/long_report.png -------------------------------------------------------------------------------- /analyzers/OTXQuery/otxquery.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/OTXQuery/otxquery.py -------------------------------------------------------------------------------- /analyzers/OTXQuery/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests -------------------------------------------------------------------------------- /analyzers/OktaUserLookup/requirements.txt: -------------------------------------------------------------------------------- 1 | asyncio 2 | cortexutils 3 | okta 4 | -------------------------------------------------------------------------------- /analyzers/Onyphe/ONYPHE_ASM.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Onyphe/ONYPHE_ASM.json -------------------------------------------------------------------------------- /analyzers/Onyphe/ONYPHE_Ctiscan.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Onyphe/ONYPHE_Ctiscan.json -------------------------------------------------------------------------------- /analyzers/Onyphe/ONYPHE_Search.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Onyphe/ONYPHE_Search.json -------------------------------------------------------------------------------- /analyzers/Onyphe/ONYPHE_Summary_API.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Onyphe/ONYPHE_Summary_API.json -------------------------------------------------------------------------------- /analyzers/Onyphe/ONYPHE_Vulnscan.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Onyphe/ONYPHE_Vulnscan.json -------------------------------------------------------------------------------- /analyzers/Onyphe/assets/onyphe_logo.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Onyphe/assets/onyphe_logo.png -------------------------------------------------------------------------------- /analyzers/Onyphe/onyphe_analyzer.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Onyphe/onyphe_analyzer.py -------------------------------------------------------------------------------- /analyzers/Onyphe/onyphe_api.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Onyphe/onyphe_api.py -------------------------------------------------------------------------------- /analyzers/Onyphe/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests 3 | python-dateutil -------------------------------------------------------------------------------- /analyzers/OpenCTI/Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/OpenCTI/Dockerfile -------------------------------------------------------------------------------- /analyzers/OpenCTI/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/OpenCTI/README.md -------------------------------------------------------------------------------- /analyzers/OpenCTI/assets/logo_opencti.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/OpenCTI/assets/logo_opencti.png -------------------------------------------------------------------------------- /analyzers/OpenCTI/opencti.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/OpenCTI/opencti.py -------------------------------------------------------------------------------- /analyzers/OpenCTI/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | pycti 3 | six>=1.14.0 -------------------------------------------------------------------------------- /analyzers/PaloAltoWildFire/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/PaloAltoWildFire/README.md -------------------------------------------------------------------------------- /analyzers/PaloAltoWildFire/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests 3 | xmltodict 4 | -------------------------------------------------------------------------------- /analyzers/PaloAltoWildFire/wildfire.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/PaloAltoWildFire/wildfire.py -------------------------------------------------------------------------------- /analyzers/PassiveTotal/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | passivetotal 3 | -------------------------------------------------------------------------------- /analyzers/Patrowl/Patrowl_GetReport.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Patrowl/Patrowl_GetReport.json -------------------------------------------------------------------------------- /analyzers/Patrowl/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Patrowl/README.md -------------------------------------------------------------------------------- /analyzers/Patrowl/assets/logo.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Patrowl/assets/logo.png -------------------------------------------------------------------------------- /analyzers/Patrowl/patrowl.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Patrowl/patrowl.py -------------------------------------------------------------------------------- /analyzers/Patrowl/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests 3 | -------------------------------------------------------------------------------- /analyzers/PayloadSecurity/requirements.txt: -------------------------------------------------------------------------------- 1 | requests 2 | cortexutils 3 | -------------------------------------------------------------------------------- /analyzers/PhishTank/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/PhishTank/README.md -------------------------------------------------------------------------------- /analyzers/PhishTank/assets/long_report.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/PhishTank/assets/long_report.png -------------------------------------------------------------------------------- /analyzers/PhishTank/assets/phish_tank.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/PhishTank/assets/phish_tank.png -------------------------------------------------------------------------------- /analyzers/PhishTank/phishtank_checkurl.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/PhishTank/phishtank_checkurl.py -------------------------------------------------------------------------------- /analyzers/PhishTank/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests 3 | -------------------------------------------------------------------------------- /analyzers/PhishingInitiative/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/PhishingInitiative/README.md -------------------------------------------------------------------------------- /analyzers/PhishingInitiative/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | pyeupi 3 | -------------------------------------------------------------------------------- /analyzers/Proofpoint/proofpoint_lookup.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Proofpoint/proofpoint_lookup.py -------------------------------------------------------------------------------- /analyzers/Proofpoint/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests 3 | -------------------------------------------------------------------------------- /analyzers/Pulsedive/pulsedive.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Pulsedive/pulsedive.py -------------------------------------------------------------------------------- /analyzers/Pulsedive/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests 3 | -------------------------------------------------------------------------------- /analyzers/QrDecode/Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/QrDecode/Dockerfile -------------------------------------------------------------------------------- /analyzers/QrDecode/QrDecode.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/QrDecode/QrDecode.json -------------------------------------------------------------------------------- /analyzers/QrDecode/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/QrDecode/README.md -------------------------------------------------------------------------------- /analyzers/QrDecode/qrdecode.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/QrDecode/qrdecode.py -------------------------------------------------------------------------------- /analyzers/QrDecode/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | pyzbar 3 | pdf2image 4 | pillow 5 | -------------------------------------------------------------------------------- /analyzers/RecordedFuture/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/RecordedFuture/README.md -------------------------------------------------------------------------------- /analyzers/RecordedFuture/recordedfuture.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/RecordedFuture/recordedfuture.py -------------------------------------------------------------------------------- /analyzers/RecordedFuture/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | -------------------------------------------------------------------------------- /analyzers/RiskIQ/RiskIQ_Articles.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/RiskIQ/RiskIQ_Articles.json -------------------------------------------------------------------------------- /analyzers/RiskIQ/RiskIQ_Artifacts.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/RiskIQ/RiskIQ_Artifacts.json -------------------------------------------------------------------------------- /analyzers/RiskIQ/RiskIQ_Certificates.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/RiskIQ/RiskIQ_Certificates.json -------------------------------------------------------------------------------- /analyzers/RiskIQ/RiskIQ_Components.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/RiskIQ/RiskIQ_Components.json -------------------------------------------------------------------------------- /analyzers/RiskIQ/RiskIQ_Cookies.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/RiskIQ/RiskIQ_Cookies.json -------------------------------------------------------------------------------- /analyzers/RiskIQ/RiskIQ_Malware.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/RiskIQ/RiskIQ_Malware.json -------------------------------------------------------------------------------- /analyzers/RiskIQ/RiskIQ_Projects.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/RiskIQ/RiskIQ_Projects.json -------------------------------------------------------------------------------- /analyzers/RiskIQ/RiskIQ_Reputation.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/RiskIQ/RiskIQ_Reputation.json -------------------------------------------------------------------------------- /analyzers/RiskIQ/RiskIQ_Resolutions.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/RiskIQ/RiskIQ_Resolutions.json -------------------------------------------------------------------------------- /analyzers/RiskIQ/RiskIQ_Services.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/RiskIQ/RiskIQ_Services.json -------------------------------------------------------------------------------- /analyzers/RiskIQ/RiskIQ_Subdomains.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/RiskIQ/RiskIQ_Subdomains.json -------------------------------------------------------------------------------- /analyzers/RiskIQ/RiskIQ_Summary.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/RiskIQ/RiskIQ_Summary.json -------------------------------------------------------------------------------- /analyzers/RiskIQ/RiskIQ_Trackers.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/RiskIQ/RiskIQ_Trackers.json -------------------------------------------------------------------------------- /analyzers/RiskIQ/RiskIQ_Whois.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/RiskIQ/RiskIQ_Whois.json -------------------------------------------------------------------------------- /analyzers/RiskIQ/_analyzer.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/RiskIQ/_analyzer.py -------------------------------------------------------------------------------- /analyzers/RiskIQ/_services.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/RiskIQ/_services.py -------------------------------------------------------------------------------- /analyzers/RiskIQ/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | passivetotal>=2.5.2 -------------------------------------------------------------------------------- /analyzers/Robtex/.gitignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Robtex/.gitignore -------------------------------------------------------------------------------- /analyzers/Robtex/Robtex_IP_Query.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Robtex/Robtex_IP_Query.json -------------------------------------------------------------------------------- /analyzers/Robtex/requirements.txt: -------------------------------------------------------------------------------- 1 | requests 2 | cortexutils 3 | -------------------------------------------------------------------------------- /analyzers/Robtex/robtex.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Robtex/robtex.py -------------------------------------------------------------------------------- /analyzers/SEKOIAIntelligenceCenter/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests 3 | -------------------------------------------------------------------------------- /analyzers/SecurityTrails/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests 3 | -------------------------------------------------------------------------------- /analyzers/SecurityTrails/securitytrails.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/SecurityTrails/securitytrails.py -------------------------------------------------------------------------------- /analyzers/SentinelOne/SentinelOne.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/SentinelOne/SentinelOne.py -------------------------------------------------------------------------------- /analyzers/SentinelOne/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests 3 | -------------------------------------------------------------------------------- /analyzers/Shodan/Shodan_DNSResolve.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Shodan/Shodan_DNSResolve.json -------------------------------------------------------------------------------- /analyzers/Shodan/Shodan_Host.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Shodan/Shodan_Host.json -------------------------------------------------------------------------------- /analyzers/Shodan/Shodan_Host_History.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Shodan/Shodan_Host_History.json -------------------------------------------------------------------------------- /analyzers/Shodan/Shodan_InfoDomain.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Shodan/Shodan_InfoDomain.json -------------------------------------------------------------------------------- /analyzers/Shodan/Shodan_ReverseDNS.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Shodan/Shodan_ReverseDNS.json -------------------------------------------------------------------------------- /analyzers/Shodan/Shodan_Search.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Shodan/Shodan_Search.json -------------------------------------------------------------------------------- /analyzers/Shodan/requirements.txt: -------------------------------------------------------------------------------- 1 | shodan 2 | cortexutils 3 | requests -------------------------------------------------------------------------------- /analyzers/Shodan/shodan_analyzer.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Shodan/shodan_analyzer.py -------------------------------------------------------------------------------- /analyzers/Shodan/shodan_api.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Shodan/shodan_api.py -------------------------------------------------------------------------------- /analyzers/SinkDB/SinkDB.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/SinkDB/SinkDB.json -------------------------------------------------------------------------------- /analyzers/SinkDB/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests 3 | -------------------------------------------------------------------------------- /analyzers/SinkDB/sinkdb.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/SinkDB/sinkdb.py -------------------------------------------------------------------------------- /analyzers/SoltraEdge/Soltra_search.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/SoltraEdge/Soltra_search.json -------------------------------------------------------------------------------- /analyzers/SoltraEdge/requirements.txt: -------------------------------------------------------------------------------- 1 | requests 2 | cortexutils 3 | -------------------------------------------------------------------------------- /analyzers/SoltraEdge/soltra.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/SoltraEdge/soltra.py -------------------------------------------------------------------------------- /analyzers/SophosIntelix/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests 3 | intelix 4 | -------------------------------------------------------------------------------- /analyzers/SpamAssassin/SpamAssassin.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/SpamAssassin/SpamAssassin.json -------------------------------------------------------------------------------- /analyzers/SpamAssassin/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils -------------------------------------------------------------------------------- /analyzers/SpamAssassin/spamassassin.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/SpamAssassin/spamassassin.py -------------------------------------------------------------------------------- /analyzers/SpamhausDBL/SpamhausDBL.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/SpamhausDBL/SpamhausDBL.json -------------------------------------------------------------------------------- /analyzers/SpamhausDBL/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | dnspython 3 | -------------------------------------------------------------------------------- /analyzers/SpamhausDBL/spamhausdbl.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/SpamhausDBL/spamhausdbl.py -------------------------------------------------------------------------------- /analyzers/Splunk/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Splunk/README.md -------------------------------------------------------------------------------- /analyzers/Splunk/Splunk_Search_hash.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Splunk/Splunk_Search_hash.json -------------------------------------------------------------------------------- /analyzers/Splunk/Splunk_Search_ip.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Splunk/Splunk_Search_ip.json -------------------------------------------------------------------------------- /analyzers/Splunk/Splunk_Search_other.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Splunk/Splunk_Search_other.json -------------------------------------------------------------------------------- /analyzers/Splunk/Splunk_Search_user.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Splunk/Splunk_Search_user.json -------------------------------------------------------------------------------- /analyzers/Splunk/assets/splunk_ip_logo.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Splunk/assets/splunk_ip_logo.png -------------------------------------------------------------------------------- /analyzers/Splunk/credits.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Splunk/credits.txt -------------------------------------------------------------------------------- /analyzers/Splunk/requirements.txt: -------------------------------------------------------------------------------- 1 | splunk-sdk 2 | cortexutils 3 | -------------------------------------------------------------------------------- /analyzers/Splunk/splunk.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Splunk/splunk.py -------------------------------------------------------------------------------- /analyzers/StamusNetworks/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests 3 | -------------------------------------------------------------------------------- /analyzers/StaxxSearch/StaxxSearch.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/StaxxSearch/StaxxSearch.json -------------------------------------------------------------------------------- /analyzers/StaxxSearch/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests 3 | -------------------------------------------------------------------------------- /analyzers/StaxxSearch/staxx-cortex.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/StaxxSearch/staxx-cortex.py -------------------------------------------------------------------------------- /analyzers/StopForumSpam/StopForumSpam.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/StopForumSpam/StopForumSpam.json -------------------------------------------------------------------------------- /analyzers/StopForumSpam/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests 3 | -------------------------------------------------------------------------------- /analyzers/TalosReputation/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | cloudscraper 3 | -------------------------------------------------------------------------------- /analyzers/TeamCymruMHR/TeamCymruMHR.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/TeamCymruMHR/TeamCymruMHR.json -------------------------------------------------------------------------------- /analyzers/TeamCymruMHR/TeamCymruMHR.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/TeamCymruMHR/TeamCymruMHR.py -------------------------------------------------------------------------------- /analyzers/TeamCymruMHR/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | dnspython 3 | -------------------------------------------------------------------------------- /analyzers/TestAnalyzer/DevTools_Echo.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/TestAnalyzer/DevTools_Echo.json -------------------------------------------------------------------------------- /analyzers/TestAnalyzer/TestAnalyzer.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/TestAnalyzer/TestAnalyzer.json -------------------------------------------------------------------------------- /analyzers/TestAnalyzer/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils -------------------------------------------------------------------------------- /analyzers/TestAnalyzer/testing.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/TestAnalyzer/testing.py -------------------------------------------------------------------------------- /analyzers/ThreatGrid/ThreatGrid.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/ThreatGrid/ThreatGrid.json -------------------------------------------------------------------------------- /analyzers/ThreatGrid/ThreatGrid.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/ThreatGrid/ThreatGrid.py -------------------------------------------------------------------------------- /analyzers/ThreatGrid/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests 3 | simplejson 4 | -------------------------------------------------------------------------------- /analyzers/ThreatMiner/ThreatMiner.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/ThreatMiner/ThreatMiner.json -------------------------------------------------------------------------------- /analyzers/ThreatMiner/ThreatMiner.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/ThreatMiner/ThreatMiner.py -------------------------------------------------------------------------------- /analyzers/ThreatMiner/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests -------------------------------------------------------------------------------- /analyzers/ThreatResponse/ThreatResponse.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/ThreatResponse/ThreatResponse.py -------------------------------------------------------------------------------- /analyzers/ThreatResponse/requirements.txt: -------------------------------------------------------------------------------- 1 | requests 2 | cortexutils 3 | threatresponse 4 | -------------------------------------------------------------------------------- /analyzers/Threatcrowd/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests -------------------------------------------------------------------------------- /analyzers/Thunderstorm/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Thunderstorm/README.md -------------------------------------------------------------------------------- /analyzers/Thunderstorm/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests 3 | thunderstormAPI 4 | -------------------------------------------------------------------------------- /analyzers/Thunderstorm/thunderstorm.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Thunderstorm/thunderstorm.py -------------------------------------------------------------------------------- /analyzers/TorBlutmagie/TorBlutmagie.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/TorBlutmagie/TorBlutmagie.json -------------------------------------------------------------------------------- /analyzers/TorBlutmagie/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests 3 | diskcache 4 | -------------------------------------------------------------------------------- /analyzers/TorBlutmagie/tor_blutmagie.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/TorBlutmagie/tor_blutmagie.py -------------------------------------------------------------------------------- /analyzers/TorProject/TorProject.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/TorProject/TorProject.json -------------------------------------------------------------------------------- /analyzers/TorProject/requirements.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/TorProject/requirements.txt -------------------------------------------------------------------------------- /analyzers/TorProject/tor_project.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/TorProject/tor_project.py -------------------------------------------------------------------------------- /analyzers/Triage/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Triage/README.md -------------------------------------------------------------------------------- /analyzers/Triage/Triage.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Triage/Triage.json -------------------------------------------------------------------------------- /analyzers/Triage/assets/triage_verdict.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Triage/assets/triage_verdict.png -------------------------------------------------------------------------------- /analyzers/Triage/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | hatching-triage 3 | -------------------------------------------------------------------------------- /analyzers/Triage/triage_analyzer.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Triage/triage_analyzer.py -------------------------------------------------------------------------------- /analyzers/URLhaus/URLhaus.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/URLhaus/URLhaus.json -------------------------------------------------------------------------------- /analyzers/URLhaus/URLhaus_analyzer.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/URLhaus/URLhaus_analyzer.py -------------------------------------------------------------------------------- /analyzers/URLhaus/URLhaus_client.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/URLhaus/URLhaus_client.py -------------------------------------------------------------------------------- /analyzers/URLhaus/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests 3 | -------------------------------------------------------------------------------- /analyzers/Umbrella/Umbrella.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Umbrella/Umbrella.py -------------------------------------------------------------------------------- /analyzers/Umbrella/Umbrella_Report.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Umbrella/Umbrella_Report.json -------------------------------------------------------------------------------- /analyzers/Umbrella/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests 3 | -------------------------------------------------------------------------------- /analyzers/UnshortenLink/UnshortenLink.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/UnshortenLink/UnshortenLink.json -------------------------------------------------------------------------------- /analyzers/UnshortenLink/requirements.txt: -------------------------------------------------------------------------------- 1 | requests 2 | cortexutils 3 | -------------------------------------------------------------------------------- /analyzers/UnshortenLink/unshortenlink.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/UnshortenLink/unshortenlink.py -------------------------------------------------------------------------------- /analyzers/Urlscan.io/Urlscan_Scan.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Urlscan.io/Urlscan_Scan.json -------------------------------------------------------------------------------- /analyzers/Urlscan.io/Urlscan_Search.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Urlscan.io/Urlscan_Search.json -------------------------------------------------------------------------------- /analyzers/Urlscan.io/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests 3 | -------------------------------------------------------------------------------- /analyzers/Urlscan.io/urlscan.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Urlscan.io/urlscan.py -------------------------------------------------------------------------------- /analyzers/Urlscan.io/urlscan_analyzer.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Urlscan.io/urlscan_analyzer.py -------------------------------------------------------------------------------- /analyzers/VMRay/VMRay.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/VMRay/VMRay.json -------------------------------------------------------------------------------- /analyzers/VMRay/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests 3 | -------------------------------------------------------------------------------- /analyzers/VMRay/vmray.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/VMRay/vmray.py -------------------------------------------------------------------------------- /analyzers/VMRay/vmrayclient.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/VMRay/vmrayclient.py -------------------------------------------------------------------------------- /analyzers/Valhalla/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Valhalla/README.md -------------------------------------------------------------------------------- /analyzers/Valhalla/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests 3 | valhallaAPI 4 | -------------------------------------------------------------------------------- /analyzers/Valhalla/valhalla.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Valhalla/valhalla.py -------------------------------------------------------------------------------- /analyzers/ValidateObservable/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/ValidateObservable/README.md -------------------------------------------------------------------------------- /analyzers/ValidateObservable/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | validators 3 | idna -------------------------------------------------------------------------------- /analyzers/Verifalia/Verifalia.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Verifalia/Verifalia.json -------------------------------------------------------------------------------- /analyzers/Verifalia/Verifalia.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Verifalia/Verifalia.py -------------------------------------------------------------------------------- /analyzers/Verifalia/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests -------------------------------------------------------------------------------- /analyzers/VirusTotal/Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/VirusTotal/Dockerfile -------------------------------------------------------------------------------- /analyzers/VirusTotal/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/VirusTotal/README.md -------------------------------------------------------------------------------- /analyzers/VirusTotal/VirusTotal_Scan.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/VirusTotal/VirusTotal_Scan.json -------------------------------------------------------------------------------- /analyzers/VirusTotal/requirements.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/VirusTotal/requirements.txt -------------------------------------------------------------------------------- /analyzers/VirusTotal/virustotal.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/VirusTotal/virustotal.py -------------------------------------------------------------------------------- /analyzers/Virusshare/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Virusshare/README.md -------------------------------------------------------------------------------- /analyzers/Virusshare/Virusshare.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Virusshare/Virusshare.json -------------------------------------------------------------------------------- /analyzers/Virusshare/assets/virusshare.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Virusshare/assets/virusshare.png -------------------------------------------------------------------------------- /analyzers/Virusshare/getHashes.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Virusshare/getHashes.sh -------------------------------------------------------------------------------- /analyzers/Virusshare/requirements.txt: -------------------------------------------------------------------------------- 1 | requests 2 | progressbar2 3 | cortexutils 4 | -------------------------------------------------------------------------------- /analyzers/Virusshare/virusshare.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Virusshare/virusshare.py -------------------------------------------------------------------------------- /analyzers/Vulners/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Vulners/README.md -------------------------------------------------------------------------------- /analyzers/Vulners/Vulners_CVE.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Vulners/Vulners_CVE.json -------------------------------------------------------------------------------- /analyzers/Vulners/Vulners_IOC.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Vulners/Vulners_IOC.json -------------------------------------------------------------------------------- /analyzers/Vulners/assets/vulners_api.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Vulners/assets/vulners_api.png -------------------------------------------------------------------------------- /analyzers/Vulners/assets/vulners_logo.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Vulners/assets/vulners_logo.png -------------------------------------------------------------------------------- /analyzers/Vulners/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | vulners -------------------------------------------------------------------------------- /analyzers/Vulners/vulners_analyzer.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Vulners/vulners_analyzer.py -------------------------------------------------------------------------------- /analyzers/WOT/WOT_lookup.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/WOT/WOT_lookup.json -------------------------------------------------------------------------------- /analyzers/WOT/WOT_lookup.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/WOT/WOT_lookup.py -------------------------------------------------------------------------------- /analyzers/WOT/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests -------------------------------------------------------------------------------- /analyzers/Watcher/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Watcher/README.md -------------------------------------------------------------------------------- /analyzers/Watcher/Watcher_CheckDomain.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Watcher/Watcher_CheckDomain.json -------------------------------------------------------------------------------- /analyzers/Watcher/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests -------------------------------------------------------------------------------- /analyzers/Watcher/watcher.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Watcher/watcher.py -------------------------------------------------------------------------------- /analyzers/Yara/Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Yara/Dockerfile -------------------------------------------------------------------------------- /analyzers/Yara/Yara.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Yara/Yara.json -------------------------------------------------------------------------------- /analyzers/Yara/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | yara-python 3 | requests -------------------------------------------------------------------------------- /analyzers/Yara/yara_analyzer.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Yara/yara_analyzer.py -------------------------------------------------------------------------------- /analyzers/Yeti/Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Yeti/Dockerfile -------------------------------------------------------------------------------- /analyzers/Yeti/Yeti.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Yeti/Yeti.json -------------------------------------------------------------------------------- /analyzers/Yeti/requirements.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Yeti/requirements.txt -------------------------------------------------------------------------------- /analyzers/Yeti/yeti.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Yeti/yeti.py -------------------------------------------------------------------------------- /analyzers/Zscaler/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Zscaler/README.md -------------------------------------------------------------------------------- /analyzers/Zscaler/Zscaler.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Zscaler/Zscaler.json -------------------------------------------------------------------------------- /analyzers/Zscaler/assets/zscaler_logo.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Zscaler/assets/zscaler_logo.png -------------------------------------------------------------------------------- /analyzers/Zscaler/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests 3 | 4 | -------------------------------------------------------------------------------- /analyzers/Zscaler/zscaler.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/analyzers/Zscaler/zscaler.py -------------------------------------------------------------------------------- /code_of_conduct.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/code_of_conduct.md -------------------------------------------------------------------------------- /docs/dev_guides/analyzers_definition.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/docs/dev_guides/analyzers_definition.md -------------------------------------------------------------------------------- /docs/dev_guides/how-to-test-an-analyzer.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/docs/dev_guides/how-to-test-an-analyzer.md -------------------------------------------------------------------------------- /docs/images/cortex-logo.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/docs/images/cortex-logo.png -------------------------------------------------------------------------------- /docs/images/cortex-main.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/docs/images/cortex-main.png -------------------------------------------------------------------------------- /docs/images/cortex-refresh-analyzers.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/docs/images/cortex-refresh-analyzers.png -------------------------------------------------------------------------------- /docs/images/cortex-ui.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/docs/images/cortex-ui.png -------------------------------------------------------------------------------- /docs/images/enable-analyzer.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/docs/images/enable-analyzer.png -------------------------------------------------------------------------------- /docs/images/obsolete-analyzer-refresh.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/docs/images/obsolete-analyzer-refresh.png -------------------------------------------------------------------------------- /docs/images/refresh-responders.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/docs/images/refresh-responders.png -------------------------------------------------------------------------------- /docs/images/sc-long-vt.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/docs/images/sc-long-vt.jpg -------------------------------------------------------------------------------- /docs/images/sc-short-vt.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/docs/images/sc-short-vt.png -------------------------------------------------------------------------------- /docs/images/update-analyzers-template.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/docs/images/update-analyzers-template.png -------------------------------------------------------------------------------- /images/cortex-main.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/images/cortex-main.png -------------------------------------------------------------------------------- /images/cortex-ui.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/images/cortex-ui.png -------------------------------------------------------------------------------- /responders/AMPforEndpoints/requirements.txt: -------------------------------------------------------------------------------- 1 | requests 2 | cortexutils 3 | -------------------------------------------------------------------------------- /responders/AWSLambda/AWSInvokeLambda.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/responders/AWSLambda/AWSInvokeLambda.json -------------------------------------------------------------------------------- /responders/AWSLambda/AWSInvokeLambda.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/responders/AWSLambda/AWSInvokeLambda.py -------------------------------------------------------------------------------- /responders/AWSLambda/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/responders/AWSLambda/README.md -------------------------------------------------------------------------------- /responders/AWSLambda/assets/awslambda.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/responders/AWSLambda/assets/awslambda.png -------------------------------------------------------------------------------- /responders/AWSLambda/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | boto3 -------------------------------------------------------------------------------- /responders/AWX/awx.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/responders/AWX/awx.json -------------------------------------------------------------------------------- /responders/AWX/awx.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/responders/AWX/awx.py -------------------------------------------------------------------------------- /responders/AWX/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests 3 | -------------------------------------------------------------------------------- /responders/BinalyzeAIR/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/responders/BinalyzeAIR/README.md -------------------------------------------------------------------------------- /responders/BinalyzeAIR/binalyze.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/responders/BinalyzeAIR/binalyze.py -------------------------------------------------------------------------------- /responders/BinalyzeAIR/requirements.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/responders/BinalyzeAIR/requirements.txt -------------------------------------------------------------------------------- /responders/CheckPoint/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/responders/CheckPoint/README.md -------------------------------------------------------------------------------- /responders/CheckPoint/checkpoint.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/responders/CheckPoint/checkpoint.py -------------------------------------------------------------------------------- /responders/CheckPoint/requirements.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/responders/CheckPoint/requirements.txt -------------------------------------------------------------------------------- /responders/Cloudflare_IP_Blocker/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests 3 | datetime -------------------------------------------------------------------------------- /responders/CrowdstrikeFalcon/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/responders/CrowdstrikeFalcon/README.md -------------------------------------------------------------------------------- /responders/CrowdstrikeFalcon/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | crowdstrike-falconpy -------------------------------------------------------------------------------- /responders/DNS-RPZ/DNS-RPZ.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/responders/DNS-RPZ/DNS-RPZ.json -------------------------------------------------------------------------------- /responders/DNS-RPZ/dns-rpz.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/responders/DNS-RPZ/dns-rpz.py -------------------------------------------------------------------------------- /responders/DNS-RPZ/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | dnspython 3 | -------------------------------------------------------------------------------- /responders/DomainToolsIris_AddRiskyDNSTag/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils -------------------------------------------------------------------------------- /responders/DomainToolsIris_CheckMaliciousTags/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils -------------------------------------------------------------------------------- /responders/Duo_Security/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/responders/Duo_Security/README.md -------------------------------------------------------------------------------- /responders/Duo_Security/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests 3 | datetime 4 | duo_client 5 | -------------------------------------------------------------------------------- /responders/EclecticIQIndicator/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests 3 | -------------------------------------------------------------------------------- /responders/Gatewatcher_CTI_Identity/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests -------------------------------------------------------------------------------- /responders/Gmail/Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/responders/Gmail/Dockerfile -------------------------------------------------------------------------------- /responders/Gmail/Gmail.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/responders/Gmail/Gmail.py -------------------------------------------------------------------------------- /responders/Gmail/Gmail_BlockDomain.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/responders/Gmail/Gmail_BlockDomain.json -------------------------------------------------------------------------------- /responders/Gmail/Gmail_BlockSender.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/responders/Gmail/Gmail_BlockSender.json -------------------------------------------------------------------------------- /responders/Gmail/Gmail_DeleteMessage.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/responders/Gmail/Gmail_DeleteMessage.json -------------------------------------------------------------------------------- /responders/Gmail/Gmail_UnblockDomain.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/responders/Gmail/Gmail_UnblockDomain.json -------------------------------------------------------------------------------- /responders/Gmail/Gmail_UnblockSender.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/responders/Gmail/Gmail_UnblockSender.json -------------------------------------------------------------------------------- /responders/Gmail/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/responders/Gmail/README.md -------------------------------------------------------------------------------- /responders/Gmail/requirements.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/responders/Gmail/requirements.txt -------------------------------------------------------------------------------- /responders/HarfangLab/.gitignore: -------------------------------------------------------------------------------- 1 | .vscode/* 2 | test.py 3 | -------------------------------------------------------------------------------- /responders/HarfangLab/HarfangLab.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/responders/HarfangLab/HarfangLab.py -------------------------------------------------------------------------------- /responders/HarfangLab/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/responders/HarfangLab/README.md -------------------------------------------------------------------------------- /responders/HarfangLab/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests 3 | -------------------------------------------------------------------------------- /responders/JAMFProtect/JAMFProtect_IOC.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/responders/JAMFProtect/JAMFProtect_IOC.py -------------------------------------------------------------------------------- /responders/JAMFProtect/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/responders/JAMFProtect/README.md -------------------------------------------------------------------------------- /responders/JAMFProtect/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests -------------------------------------------------------------------------------- /responders/Jupyter_Responder/Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/responders/Jupyter_Responder/Dockerfile -------------------------------------------------------------------------------- /responders/Jupyter_Responder/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/responders/Jupyter_Responder/README.md -------------------------------------------------------------------------------- /responders/Jupyter_Responder/jupyter.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/responders/Jupyter_Responder/jupyter.py -------------------------------------------------------------------------------- /responders/KnowBe4/KnowBe4.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/responders/KnowBe4/KnowBe4.json -------------------------------------------------------------------------------- /responders/KnowBe4/KnowBe4.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/responders/KnowBe4/KnowBe4.py -------------------------------------------------------------------------------- /responders/KnowBe4/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests 3 | -------------------------------------------------------------------------------- /responders/MSDefenderEndpoints/.gitignore: -------------------------------------------------------------------------------- 1 | .vscode/* 2 | test.py 3 | -------------------------------------------------------------------------------- /responders/MSDefenderEndpoints/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/responders/MSDefenderEndpoints/README.md -------------------------------------------------------------------------------- /responders/MSDefenderEndpoints/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests 3 | datetime 4 | urllib3 5 | regex -------------------------------------------------------------------------------- /responders/MSDefenderOffice365/Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/responders/MSDefenderOffice365/Dockerfile -------------------------------------------------------------------------------- /responders/MSDefenderOffice365/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/responders/MSDefenderOffice365/README.md -------------------------------------------------------------------------------- /responders/MSDefenderOffice365/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | -------------------------------------------------------------------------------- /responders/MSEntraID/MSEntraID.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/responders/MSEntraID/MSEntraID.py -------------------------------------------------------------------------------- /responders/MSEntraID/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/responders/MSEntraID/README.md -------------------------------------------------------------------------------- /responders/MSEntraID/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests 3 | datetime -------------------------------------------------------------------------------- /responders/MailIncidentStatus/Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/responders/MailIncidentStatus/Dockerfile -------------------------------------------------------------------------------- /responders/MailIncidentStatus/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | thehive4py~=1.8.1 3 | -------------------------------------------------------------------------------- /responders/Mailer/Mailer.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/responders/Mailer/Mailer.json -------------------------------------------------------------------------------- /responders/Mailer/mailer.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/responders/Mailer/mailer.py -------------------------------------------------------------------------------- /responders/Mailer/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | -------------------------------------------------------------------------------- /responders/Minemeld/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/responders/Minemeld/README.md -------------------------------------------------------------------------------- /responders/Minemeld/assets/MM-logo.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/responders/Minemeld/assets/MM-logo.png -------------------------------------------------------------------------------- /responders/Minemeld/minemeld.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/responders/Minemeld/minemeld.json -------------------------------------------------------------------------------- /responders/Minemeld/minemeld.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/responders/Minemeld/minemeld.py -------------------------------------------------------------------------------- /responders/Minemeld/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | ipaddress 3 | requests 4 | -------------------------------------------------------------------------------- /responders/Netcraft/Netcraft.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/responders/Netcraft/Netcraft.py -------------------------------------------------------------------------------- /responders/Netcraft/NetcraftTakedown.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/responders/Netcraft/NetcraftTakedown.json -------------------------------------------------------------------------------- /responders/Netcraft/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/responders/Netcraft/README.md -------------------------------------------------------------------------------- /responders/Netcraft/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests 3 | -------------------------------------------------------------------------------- /responders/PaloAltoCortexXDR/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/responders/PaloAltoCortexXDR/README.md -------------------------------------------------------------------------------- /responders/PaloAltoCortexXDR/cortex_xdr.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/responders/PaloAltoCortexXDR/cortex_xdr.py -------------------------------------------------------------------------------- /responders/PaloAltoCortexXDR/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests 3 | -------------------------------------------------------------------------------- /responders/PaloAltoNGFW/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/responders/PaloAltoNGFW/README.md -------------------------------------------------------------------------------- /responders/PaloAltoNGFW/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests 3 | pan-os-python 4 | thehive4py~=1.8.1 5 | setuptools 6 | -------------------------------------------------------------------------------- /responders/PaloAltoWildfire/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/responders/PaloAltoWildfire/README.md -------------------------------------------------------------------------------- /responders/PaloAltoWildfire/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests 3 | -------------------------------------------------------------------------------- /responders/QRadarAutoClose/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/responders/QRadarAutoClose/README.md -------------------------------------------------------------------------------- /responders/QRadarAutoClose/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests 3 | -------------------------------------------------------------------------------- /responders/RT4/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/responders/RT4/README.md -------------------------------------------------------------------------------- /responders/RT4/__init__.py: -------------------------------------------------------------------------------- 1 | """ 2 | Allow imports from this dir 3 | """ 4 | -------------------------------------------------------------------------------- /responders/RT4/config.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/responders/RT4/config.py -------------------------------------------------------------------------------- /responders/RT4/requirements.txt: -------------------------------------------------------------------------------- 1 | defang 2 | jinja2 3 | rt 4 | requests 5 | cortexutils 6 | -------------------------------------------------------------------------------- /responders/RT4/rt4.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/responders/RT4/rt4.json -------------------------------------------------------------------------------- /responders/RT4/rt4.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/responders/RT4/rt4.py -------------------------------------------------------------------------------- /responders/RT4/template.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/responders/RT4/template.py -------------------------------------------------------------------------------- /responders/RT4/templates/malware.j2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/responders/RT4/templates/malware.j2 -------------------------------------------------------------------------------- /responders/Redmine/Redmine_Issue.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/responders/Redmine/Redmine_Issue.json -------------------------------------------------------------------------------- /responders/Redmine/redmine.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/responders/Redmine/redmine.py -------------------------------------------------------------------------------- /responders/Redmine/redmine_client.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/responders/Redmine/redmine_client.py -------------------------------------------------------------------------------- /responders/Redmine/requirements.txt: -------------------------------------------------------------------------------- 1 | requests 2 | cortexutils 3 | -------------------------------------------------------------------------------- /responders/RiskIQ/_responder.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/responders/RiskIQ/_responder.py -------------------------------------------------------------------------------- /responders/RiskIQ/_services.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/responders/RiskIQ/_services.py -------------------------------------------------------------------------------- /responders/RiskIQ/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | passivetotal 3 | -------------------------------------------------------------------------------- /responders/SendGrid/SendGrid.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/responders/SendGrid/SendGrid.json -------------------------------------------------------------------------------- /responders/SendGrid/SendGrid.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/responders/SendGrid/SendGrid.py -------------------------------------------------------------------------------- /responders/SendGrid/requirements.txt: -------------------------------------------------------------------------------- 1 | sendgrid 2 | cortexutils 3 | -------------------------------------------------------------------------------- /responders/SentinelOne/SentinelOne.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/responders/SentinelOne/SentinelOne.py -------------------------------------------------------------------------------- /responders/SentinelOne/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests 3 | -------------------------------------------------------------------------------- /responders/Shuffle/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests 3 | -------------------------------------------------------------------------------- /responders/Shuffle/shuffle.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/responders/Shuffle/shuffle.json -------------------------------------------------------------------------------- /responders/Shuffle/shuffle.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/responders/Shuffle/shuffle.py -------------------------------------------------------------------------------- /responders/Slack/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/responders/Slack/README.md -------------------------------------------------------------------------------- /responders/Slack/Slack_CreateChannel.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/responders/Slack/Slack_CreateChannel.json -------------------------------------------------------------------------------- /responders/Slack/Slack_SyncChannel.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/responders/Slack/Slack_SyncChannel.json -------------------------------------------------------------------------------- /responders/Slack/assets/slack-history.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/responders/Slack/assets/slack-history.png -------------------------------------------------------------------------------- /responders/Slack/assets/slack-logo.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/responders/Slack/assets/slack-logo.png -------------------------------------------------------------------------------- /responders/Slack/image.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/responders/Slack/image.png -------------------------------------------------------------------------------- /responders/Slack/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests 3 | thehive4py>=2.0.0b 4 | -------------------------------------------------------------------------------- /responders/Slack/slack.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/responders/Slack/slack.py -------------------------------------------------------------------------------- /responders/Telegram/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/responders/Telegram/README.md -------------------------------------------------------------------------------- /responders/Telegram/Telegram.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/responders/Telegram/Telegram.json -------------------------------------------------------------------------------- /responders/Telegram/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests 3 | -------------------------------------------------------------------------------- /responders/Telegram/telegram.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/responders/Telegram/telegram.py -------------------------------------------------------------------------------- /responders/Test/DevTools_Echo.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/responders/Test/DevTools_Echo.json -------------------------------------------------------------------------------- /responders/Test/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | -------------------------------------------------------------------------------- /responders/Test/test.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/responders/Test/test.json -------------------------------------------------------------------------------- /responders/Test/test.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/responders/Test/test.py -------------------------------------------------------------------------------- /responders/UmbrellaBlacklister/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests 3 | datetime 4 | -------------------------------------------------------------------------------- /responders/Velociraptor/Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/responders/Velociraptor/Dockerfile -------------------------------------------------------------------------------- /responders/Velociraptor/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/responders/Velociraptor/README.md -------------------------------------------------------------------------------- /responders/Velociraptor/requirements.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/responders/Velociraptor/requirements.txt -------------------------------------------------------------------------------- /responders/VirustotalDownloader/Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/responders/VirustotalDownloader/Dockerfile -------------------------------------------------------------------------------- /responders/VirustotalDownloader/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/responders/VirustotalDownloader/README.md -------------------------------------------------------------------------------- /responders/Watcher/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/responders/Watcher/README.md -------------------------------------------------------------------------------- /responders/Watcher/Watcher_AddDomain.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/responders/Watcher/Watcher_AddDomain.json -------------------------------------------------------------------------------- /responders/Watcher/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests -------------------------------------------------------------------------------- /responders/Watcher/watcher.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/responders/Watcher/watcher.py -------------------------------------------------------------------------------- /responders/Wazuh/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests 3 | -------------------------------------------------------------------------------- /responders/Wazuh/wazuh.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/responders/Wazuh/wazuh.json -------------------------------------------------------------------------------- /responders/Wazuh/wazuh.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/responders/Wazuh/wazuh.py -------------------------------------------------------------------------------- /responders/ZEROFOX_Close_alert/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests 3 | 4 | -------------------------------------------------------------------------------- /responders/ZEROFOX_Takedown_request/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils 2 | requests 3 | 4 | -------------------------------------------------------------------------------- /responders/n8n/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/responders/n8n/README.md -------------------------------------------------------------------------------- /responders/n8n/n8n.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/responders/n8n/n8n.json -------------------------------------------------------------------------------- /responders/n8n/n8n.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/responders/n8n/n8n.py -------------------------------------------------------------------------------- /responders/n8n/requirements.txt: -------------------------------------------------------------------------------- 1 | cortexutils>=2.0.0 2 | requests 3 | 4 | -------------------------------------------------------------------------------- /thehive-templates/AbuseIPDB_1_1/long.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/thehive-templates/AbuseIPDB_1_1/long.html -------------------------------------------------------------------------------- /thehive-templates/AbuseIPDB_1_1/short.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/thehive-templates/AbuseIPDB_1_1/short.html -------------------------------------------------------------------------------- /thehive-templates/Axur_1_0/long.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/thehive-templates/Axur_1_0/long.html -------------------------------------------------------------------------------- /thehive-templates/Axur_1_0/short.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/thehive-templates/Axur_1_0/short.html -------------------------------------------------------------------------------- /thehive-templates/C1fApp_1_0/long.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/thehive-templates/C1fApp_1_0/long.html -------------------------------------------------------------------------------- /thehive-templates/C1fApp_1_0/short.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/thehive-templates/C1fApp_1_0/short.html -------------------------------------------------------------------------------- /thehive-templates/CISMCAP_1_0/long.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/thehive-templates/CISMCAP_1_0/long.html -------------------------------------------------------------------------------- /thehive-templates/CISMCAP_1_0/short.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/thehive-templates/CISMCAP_1_0/short.html -------------------------------------------------------------------------------- /thehive-templates/Capa_1_0/long.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/thehive-templates/Capa_1_0/long.html -------------------------------------------------------------------------------- /thehive-templates/Capa_1_0/short.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/thehive-templates/Capa_1_0/short.html -------------------------------------------------------------------------------- /thehive-templates/Censys_2_0/long.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/thehive-templates/Censys_2_0/long.html -------------------------------------------------------------------------------- /thehive-templates/Censys_2_0/short.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/thehive-templates/Censys_2_0/short.html -------------------------------------------------------------------------------- /thehive-templates/ChainAbuse_1_1/long.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/thehive-templates/ChainAbuse_1_1/long.html -------------------------------------------------------------------------------- /thehive-templates/CheckPhish_1_0/long.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/thehive-templates/CheckPhish_1_0/long.html -------------------------------------------------------------------------------- /thehive-templates/ClamAV_1_0/long.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/thehive-templates/ClamAV_1_0/long.html -------------------------------------------------------------------------------- /thehive-templates/ClamAV_1_0/short.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/thehive-templates/ClamAV_1_0/short.html -------------------------------------------------------------------------------- /thehive-templates/Cluster25_1_0/long.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/thehive-templates/Cluster25_1_0/long.html -------------------------------------------------------------------------------- /thehive-templates/Crowdsec_1_1/long.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/thehive-templates/Crowdsec_1_1/long.html -------------------------------------------------------------------------------- /thehive-templates/Cylance_1_0/long.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/thehive-templates/Cylance_1_0/long.html -------------------------------------------------------------------------------- /thehive-templates/Cylance_1_0/short.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/thehive-templates/Cylance_1_0/short.html -------------------------------------------------------------------------------- /thehive-templates/EchoTrail_1_0/long.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/thehive-templates/EchoTrail_1_0/long.html -------------------------------------------------------------------------------- /thehive-templates/EchoTrail_1_0/short.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/thehive-templates/EchoTrail_1_0/short.html -------------------------------------------------------------------------------- /thehive-templates/EmailRep_1_0/long.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/thehive-templates/EmailRep_1_0/long.html -------------------------------------------------------------------------------- /thehive-templates/EmailRep_1_0/short.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/thehive-templates/EmailRep_1_0/short.html -------------------------------------------------------------------------------- /thehive-templates/EmlParser_2_1/long.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/thehive-templates/EmlParser_2_1/long.html -------------------------------------------------------------------------------- /thehive-templates/FileInfo_8_0/long.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/thehive-templates/FileInfo_8_0/long.html -------------------------------------------------------------------------------- /thehive-templates/FileInfo_8_0/short.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/thehive-templates/FileInfo_8_0/short.html -------------------------------------------------------------------------------- /thehive-templates/File_Info_2_0/long.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/thehive-templates/File_Info_2_0/long.html -------------------------------------------------------------------------------- /thehive-templates/File_Info_2_0/short.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/thehive-templates/File_Info_2_0/short.html -------------------------------------------------------------------------------- /thehive-templates/GreyNoise_3_1/long.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/thehive-templates/GreyNoise_3_1/long.html -------------------------------------------------------------------------------- /thehive-templates/GreyNoise_3_1/short.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/thehive-templates/GreyNoise_3_1/short.html -------------------------------------------------------------------------------- /thehive-templates/HIBP_Query_2_0/long.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/thehive-templates/HIBP_Query_2_0/long.html -------------------------------------------------------------------------------- /thehive-templates/HippoMore_2_0/long.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/thehive-templates/HippoMore_2_0/long.html -------------------------------------------------------------------------------- /thehive-templates/HippoMore_2_0/short.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/thehive-templates/HippoMore_2_0/short.html -------------------------------------------------------------------------------- /thehive-templates/Hipposcore_2_0/long.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/thehive-templates/Hipposcore_2_0/long.html -------------------------------------------------------------------------------- /thehive-templates/IP-API_1_0/long.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/thehive-templates/IP-API_1_0/long.html -------------------------------------------------------------------------------- /thehive-templates/IP-API_1_0/short.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/thehive-templates/IP-API_1_0/short.html -------------------------------------------------------------------------------- /thehive-templates/IP-API_1_1/long.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/thehive-templates/IP-API_1_1/long.html -------------------------------------------------------------------------------- /thehive-templates/IP-API_1_1/short.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/thehive-templates/IP-API_1_1/short.html -------------------------------------------------------------------------------- /thehive-templates/IPVoid_1_0/long.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/thehive-templates/IPVoid_1_0/long.html -------------------------------------------------------------------------------- /thehive-templates/IPVoid_1_0/short.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/thehive-templates/IPVoid_1_0/short.html -------------------------------------------------------------------------------- /thehive-templates/IVRE_1_0/long.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/thehive-templates/IVRE_1_0/long.html -------------------------------------------------------------------------------- /thehive-templates/IVRE_1_0/short.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/thehive-templates/IVRE_1_0/short.html -------------------------------------------------------------------------------- /thehive-templates/Inoitsu_1_0/long.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/thehive-templates/Inoitsu_1_0/long.html -------------------------------------------------------------------------------- /thehive-templates/Inoitsu_1_0/short.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/thehive-templates/Inoitsu_1_0/short.html -------------------------------------------------------------------------------- /thehive-templates/JA4_FoxIO_1_0/long.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/thehive-templates/JA4_FoxIO_1_0/long.html -------------------------------------------------------------------------------- /thehive-templates/LdapQuery_1_0/long.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/thehive-templates/LdapQuery_1_0/long.html -------------------------------------------------------------------------------- /thehive-templates/LdapQuery_1_0/short.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/thehive-templates/LdapQuery_1_0/short.html -------------------------------------------------------------------------------- /thehive-templates/Ldap_Query_3_0/long.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/thehive-templates/Ldap_Query_3_0/long.html -------------------------------------------------------------------------------- /thehive-templates/MISP_2_1/long.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/thehive-templates/MISP_2_1/long.html -------------------------------------------------------------------------------- /thehive-templates/MISP_2_1/short.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/thehive-templates/MISP_2_1/short.html -------------------------------------------------------------------------------- /thehive-templates/Malpedia_1_0/long.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/thehive-templates/Malpedia_1_0/long.html -------------------------------------------------------------------------------- /thehive-templates/Malpedia_1_0/short.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/thehive-templates/Malpedia_1_0/short.html -------------------------------------------------------------------------------- /thehive-templates/Msg_Parser_3_0/long.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/thehive-templates/Msg_Parser_3_0/long.html -------------------------------------------------------------------------------- /thehive-templates/NERD_1_0/long.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/thehive-templates/NERD_1_0/long.html -------------------------------------------------------------------------------- /thehive-templates/NERD_1_0/short.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/thehive-templates/NERD_1_0/short.html -------------------------------------------------------------------------------- /thehive-templates/Nessus_2_0/long.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/thehive-templates/Nessus_2_0/long.html -------------------------------------------------------------------------------- /thehive-templates/Nessus_2_0/short.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/thehive-templates/Nessus_2_0/short.html -------------------------------------------------------------------------------- /thehive-templates/ONYPHE_ASM_1_1/long.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/thehive-templates/ONYPHE_ASM_1_1/long.html -------------------------------------------------------------------------------- /thehive-templates/OTXQuery_2_0/long.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/thehive-templates/OTXQuery_2_0/long.html -------------------------------------------------------------------------------- /thehive-templates/OTXQuery_2_0/short.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/thehive-templates/OTXQuery_2_0/short.html -------------------------------------------------------------------------------- /thehive-templates/QrDecode_1_0/long.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/thehive-templates/QrDecode_1_0/long.html -------------------------------------------------------------------------------- /thehive-templates/QrDecode_1_0/short.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/thehive-templates/QrDecode_1_0/short.html -------------------------------------------------------------------------------- /thehive-templates/SinkDB_1_0/long.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/thehive-templates/SinkDB_1_0/long.html -------------------------------------------------------------------------------- /thehive-templates/SinkDB_1_0/short.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/thehive-templates/SinkDB_1_0/short.html -------------------------------------------------------------------------------- /thehive-templates/SoltraEdge_1_0/long.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/thehive-templates/SoltraEdge_1_0/long.html -------------------------------------------------------------------------------- /thehive-templates/ThreatGrid_1_0/long.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/thehive-templates/ThreatGrid_1_0/long.html -------------------------------------------------------------------------------- /thehive-templates/TorProject_1_0/long.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/thehive-templates/TorProject_1_0/long.html -------------------------------------------------------------------------------- /thehive-templates/Triage_2_0/long.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/thehive-templates/Triage_2_0/long.html -------------------------------------------------------------------------------- /thehive-templates/Triage_2_0/short.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/thehive-templates/Triage_2_0/short.html -------------------------------------------------------------------------------- /thehive-templates/URLhaus_2_0/long.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/thehive-templates/URLhaus_2_0/long.html -------------------------------------------------------------------------------- /thehive-templates/URLhaus_2_0/short.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/thehive-templates/URLhaus_2_0/short.html -------------------------------------------------------------------------------- /thehive-templates/VMRay_4_1/long.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/thehive-templates/VMRay_4_1/long.html -------------------------------------------------------------------------------- /thehive-templates/VMRay_4_1/short.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/thehive-templates/VMRay_4_1/short.html -------------------------------------------------------------------------------- /thehive-templates/Verifalia_1_0/long.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/thehive-templates/Verifalia_1_0/long.html -------------------------------------------------------------------------------- /thehive-templates/Verifalia_1_0/short.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/thehive-templates/Verifalia_1_0/short.html -------------------------------------------------------------------------------- /thehive-templates/Virusshare_2_0/long.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/thehive-templates/Virusshare_2_0/long.html -------------------------------------------------------------------------------- /thehive-templates/WOT_Lookup_2_0/long.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/thehive-templates/WOT_Lookup_2_0/long.html -------------------------------------------------------------------------------- /thehive-templates/Yara_3_0/long.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/thehive-templates/Yara_3_0/long.html -------------------------------------------------------------------------------- /thehive-templates/Yara_3_0/short.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/thehive-templates/Yara_3_0/short.html -------------------------------------------------------------------------------- /thehive-templates/Yeti_1_0/long.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/thehive-templates/Yeti_1_0/long.html -------------------------------------------------------------------------------- /thehive-templates/Yeti_1_0/short.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/thehive-templates/Yeti_1_0/short.html -------------------------------------------------------------------------------- /thehive-templates/Zscaler_1_3/long.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/thehive-templates/Zscaler_1_3/long.html -------------------------------------------------------------------------------- /thehive-templates/Zscaler_1_3/short.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/thehive-templates/Zscaler_1_3/short.html -------------------------------------------------------------------------------- /utils/analyzer-runlocal.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/utils/analyzer-runlocal.py -------------------------------------------------------------------------------- /utils/compile-manalyze.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/utils/compile-manalyze.sh -------------------------------------------------------------------------------- /utils/docker/Dockerfile_template: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/utils/docker/Dockerfile_template -------------------------------------------------------------------------------- /utils/docker/build-customimage.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/utils/docker/build-customimage.sh -------------------------------------------------------------------------------- /utils/docker/build.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/utils/docker/build.sh -------------------------------------------------------------------------------- /utils/flavors/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/utils/flavors/README.md -------------------------------------------------------------------------------- /utils/flavors/check_json_schema.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/utils/flavors/check_json_schema.py -------------------------------------------------------------------------------- /utils/flavors/flavor_schema.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/utils/flavors/flavor_schema.json -------------------------------------------------------------------------------- /utils/flavors/requirements.txt: -------------------------------------------------------------------------------- 1 | jsonschema -------------------------------------------------------------------------------- /utils/test_doc/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/utils/test_doc/README.md -------------------------------------------------------------------------------- /utils/test_doc/requirements.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/utils/test_doc/requirements.txt -------------------------------------------------------------------------------- /utils/test_doc/testdoc-venv.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/utils/test_doc/testdoc-venv.sh -------------------------------------------------------------------------------- /utils/test_doc/testdoc.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TheHive-Project/Cortex-Analyzers/HEAD/utils/test_doc/testdoc.sh --------------------------------------------------------------------------------