gfhomppaadldngjnmbefmmiokgefjddd
Powered Suit puts the MITRE ATT&CK® knowledge base at your fingertips. Instantly search ATT&CK techniques, groups, and more. ATT&CK Powered Suit puts the MITRE ATT&CK® knowledge base at your fingertips. Instantly search ATT&CK techniques, groups, and more without disrupting your workflow. Copy snippets into a notebook to streamline your research. Export selected techniques to ATT&CK navigator. The extension supports context menus, omnibar support, and more. This extension is provided by the Center for Threat-Informed Defense as free and open source code in service of our mission: to advance the state of the art and the state of the practice in threat-informed defense globally. The Center for Threat-Informed Defense does not collect or share any data about users or their usage of ATT&CK Powered Suit. Search queries and other features are performed locally in the browser. If you are signed into Chrome using a Google account, then your bookmarks data is synced via your Google account. Copyright 2021-2026 MITRE. Approved for public release. Document number CT0052. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
CrowdScrape
Scrape web content for indicators of interest and integrate CrowdStrike Intelligence information The CrowdStrike Intelligence Team is proud to announce the release of CrowdScrape version 1.5.0. CrowdScrape is a Chrome Plugin designed to allow you to be able to scrape indicators from various websites and in-browser documents such as PDF reports while matching the data up against CrowdStrike Intelligence. This release provides bug fixes and enables support for customers in all cloud environments, and includes support for the OAuth2-based Intel API, which has replaced the deprecated legacy key-based APIs (see https://falcon.crowdstrike.com/support/documentation for further information on our API). This easy to use tool produces indicator lists that collect: · Domain, IP addresses, URLs, hashes (MD5, SHA1, SHA256) and Bitcoin addresses · On-Screen Tagging of CrowdStrike known indicators, and links to Indicator Search · Matches to CrowdStrike Intelligence with links to reports in CrowdStrike Intel Portal · Integrations with the CrowdStrike Indicator Graph to visualise intelligence In addition, you can use CrowdScrape to copy any indicators to clipboard making it easier to pull OSINT from different sources and converting this to a text file for implementation into your systems.
Intezer Analyze
The Intezer Analyze Chrome Extension now comes with even more features to help you stay safe. With the Genetic Software Mapping technology of Intezer Analyze, you can quickly analyze file hashes and URLs for potential cyber threats. Intezer Analyze offers insight into the What, Who, & How of a potential cyber incident by identifying even the smallest pieces of code reuse. With our Chrome Extension, you can easily analyze a file and check the safety of a URL with just a few clicks. For more information on our terms of service, please visit: https://analyze.intezer.com/enterprise_terms_of_use.html
Sputnik
OSINT web extension Sputnik is an extension to quickly and easily search IPs, Domains, File Hashes, and URLs using free Open Source Intelligence (OSINT) resources. • Text - Select the artifact you wish to search and right click • Links - Right click on links, audio, images, videos • Select an OSINT tool • In most cases, you will be redirected straight to results • For tools that require user interaction such as captchas: • The highlighted artifact will be saved to your clipboard • You will be directed to the submission page
SOCMaster
Get info on OS Commands, IPs, Domains, URLs, Hashes, Windows Events and Registry keys, Strings, and Files with one click. In-browser threat intelligence companion that streamlines artifact analysis—IPs, domains, URLs, and beyond—through one-click lookups across leading security vendors. SOCMaster integrates with leading threat intelligence platforms such as VirusTotal, AbuseIPDB, and others, allowing users to swiftly transform data into actionable insights. 1. From the web browser, select or highlight an artifact and right-click 3. Click one of the options available 4. Menu will appear on lower right side containing information on the artifacts Bulk lookups --allows you to quickly assess multiple artifacts at once, saving time during intensive investigations. 1. From the web browser, gather a list of either IP addresses, Domains, URLs, File Hashes, File Names. Each entry separated by new line or spaces For example: 2. Highlight all of the objects to be scanned, right-click, and select "SOCMaster" 3. Click one of the options available (IP/Domain/URL/Hash scan using vendor API keys or Get file (Linux/Windows) information) - Uses Threat intelligence vendors such as AbuseIPDB, VirusTotal, AlienVaultOTX, HybridAnalysis and others to obtain the reputation and information on an IP address, Domain, Hash. Data available is dependent on the vendor. - Submits URLs to URLscan.io, VirusTotal, AlienVault, HybridAnalysis and others for analysis using API keys. - Click the vendor link to view the URL scan result. - Get information on over 3,300 Powershell cmdlets from Powershell modules, almost all Linux commands (Man Sections 1-8), Windows commands, and OSX commands. - Shows information on Operating System binaries and commands. For example, Windows commands such as "ipconfig" or "tasklist", "Set-ExecutionPolicy" for Powershell, and "rm" for Linux. - Retrieve information on known files such as "kernel32.dll" for Windows or "passwd" for Linux. To query an IP, Domain, and Hash using vendor API keys, an API key is required. Follow the steps: 2. Click the "SOCMaster" icon > Settings 3. On the settings page, on the upper right corner click "Add API key" 5. Paste vendor API key on the API key field A user can highlight the above command and select the "Find command information" option and will be able to view the syntax and parameters of the command. 2. Suspicious IP address from the firewall logs: x.x.x.x A user can highlight the IP and select the "IP scan using vendor API keys" option and will be able to view IP reputation and data from vendors. A user can highlight the above command and select the "Find command information" option and will be able to view the syntax and parameters of the command. 4. Windows Event IDs on the SIEM show: eventID 4624 A user can highlight the event ID number and select the "Get event ID information" option and will be able to view the fields and description of the Windows event Supports the following vendors: VirusTotal AbuseIPDB AlienVaultOTX Twitter URLscan HybridAnalysis GoogleSearch Pulsedive
