SOC Multi-tool 作者： zdhenard42

The SOC Multi-tool is a powerful and user-friendly tool that streamlines investigations for security professionals. With a range of features and capabilities, this open-source tool allows you to quickly and easily investigate text that you have highlighted, using a variety of different resources.

Some of the key features of the SOC Multi-tool include:

• IP Reputation Lookup using VirusTotal & AbuseIPDB
• IP Info Lookup using Tor relay checker & WHOIS
• Hash Reputation Lookup using VirusTotal
• Domain Reputation Lookup using VirusTotal & AbuseIPDB
• Domain Info Lookup using Alienvault
• Living off the land binaries Lookup using the LOLBas project
• Decoding of Base64 & HEX using CyberChef
• File Extension & Filename Lookup using fileinfo.com & File.net
• MAC Address manufacturer Lookup using maclookup.com
• Parsing of UserAgent using user-agents.net
• Microsoft Error code Lookup using Microsoft's DB
• Event ID Lookup (Windows, Sharepoint, SQL Server, Exchange, and Sysmon)


Using the SOC Multi-tool is simple, just highlight the text you want to investigate, right-click and navigate to the type of data highlighted, and select your desired investigation.
New tabs will open with the results of your investigation, making it easy to work with multiple investigations at once.

SOC Multi-tool is a community-driven project, and the developer encourages users to contribute and share better resources.