From ebbe6e89fe930c04e07d622b2059aae1f0b03a73 Mon Sep 17 00:00:00 2001 From: Matthew Iverson Date: Thu, 28 Nov 2024 00:56:18 -0500 Subject: [PATCH] Upload files to "Modules/Investigate" --- Modules/Investigate/domain.py | 15 +++++++++++++++ Modules/Investigate/filehash.py | 14 ++++++++++++++ Modules/Investigate/ip.py | 15 +++++++++++++++ Modules/Investigate/malware.py | 14 ++++++++++++++ Modules/Investigate/threat.py | 16 ++++++++++++++++ 5 files changed, 74 insertions(+) create mode 100644 Modules/Investigate/domain.py create mode 100644 Modules/Investigate/filehash.py create mode 100644 Modules/Investigate/ip.py create mode 100644 Modules/Investigate/malware.py create mode 100644 Modules/Investigate/threat.py diff --git a/Modules/Investigate/domain.py b/Modules/Investigate/domain.py new file mode 100644 index 0000000..b7d9ca4 --- /dev/null +++ b/Modules/Investigate/domain.py @@ -0,0 +1,15 @@ +def get_domain_content(): + """ + Returns content for the Domain Analysis page. + """ + return { + "title": "Domain Analysis", + "description": "Explore tools and resources for analyzing domains.", + "resources": [ + {"name": "UrlScan", "url": "https://urlscan.io/"}, + {"name": "Wannabrowser", "url": "https://www.wannabrowser.net/"}, + {"name": "Browserling", "url": "https://www.browserling.com/"}, + {"name": "Kasm", "url": "https://www.kasmweb.com/"}, + {"name": "URL2PNG", "url": "https://www.url2png.com/"} + ] + } diff --git a/Modules/Investigate/filehash.py b/Modules/Investigate/filehash.py new file mode 100644 index 0000000..8aacb5d --- /dev/null +++ b/Modules/Investigate/filehash.py @@ -0,0 +1,14 @@ +def get_filehash_content(): + """ + Returns content for the File Hash Analysis page. + """ + return { + "title": "File Hash Analysis", + "description": "Explore tools and methods for analyzing file hashes.", + "resources": [ + {"name": "VirusTotal", "url": "https://www.virustotal.com/gui/home/upload"}, + {"name": "Hybrid Analysis", "url": "https://www.hybrid-analysis.com/"}, + {"name": "Joe Security", "url": "https://www.joesecurity.org/"}, + {"name": "Intezer", "url": "https://analyze.intezer.com/"} + ] + } diff --git a/Modules/Investigate/ip.py b/Modules/Investigate/ip.py new file mode 100644 index 0000000..3e068d0 --- /dev/null +++ b/Modules/Investigate/ip.py @@ -0,0 +1,15 @@ +def get_ip_content(): + """ + Returns content for the IP Analysis page. + """ + return { + "title": "IP Analysis", + "description": "Explore tools and resources for analyzing IP addresses.", + "resources": [ + {"name": "Censys", "url": "https://search.censys.io/"}, + {"name": "Shodan", "url": "https://www.shodan.io/"}, + {"name": "Feodo Tracker", "url": "https://feodotracker.abuse.ch/browse/"}, + {"name": "IBM X-Force", "url": "https://exchange.xforce.ibmcloud.com/"}, + {"name": "GreyNoise", "url": "https://viz.greynoise.io/"} + ] + } diff --git a/Modules/Investigate/malware.py b/Modules/Investigate/malware.py new file mode 100644 index 0000000..981f2f0 --- /dev/null +++ b/Modules/Investigate/malware.py @@ -0,0 +1,14 @@ +def get_malware_content(): + """ + Returns content for the Malware Analysis page. + """ + return { + "title": "Malware Analysis", + "description": "Explore tools and resources for analyzing malware.", + "resources": [ + {"name": "Virus Total", "url": "https://www.virustotal.com/gui/home/upload"}, + {"name": "Any Run", "url": "https://any.run/"}, + {"name": "Hybrid Analysis", "url": "https://www.hybrid-analysis.com/"}, + {"name": "OTX Alienvault", "url": "https://otx.alienvault.com/"} + ] + } diff --git a/Modules/Investigate/threat.py b/Modules/Investigate/threat.py new file mode 100644 index 0000000..cbdd87d --- /dev/null +++ b/Modules/Investigate/threat.py @@ -0,0 +1,16 @@ +def get_threat_content(): + """ + Returns content for the Threat Intelligence page. + """ + return { + "title": "Threat Intelligence", + "description": "Explore tools and resources for threat intelligence.", + "resources": [ + {"name": "Threat Intel - MyDFIR (YouTube)", "url": "https://youtu.be/PyWKOG3q4P4?si=eh4Dl_40ZscQa9n8"}, + {"name": "Threat View", "url": "https://threatview.io/"}, + {"name": "Threat Miner", "url": "https://www.threatminer.org/index.php"}, + {"name": "Pulsedive", "url": "https://pulsedive.com/"}, + {"name": "OTX Alienvault", "url": "https://otx.alienvault.com/"}, + {"name": "Pyramid of Pain", "url": "https://detect-respond.blogspot.com/2013/03/the-pyramid-of-pain.html"} + ] + }