@@ 2,8 2,10 @@
These are just some simple useful scripts to look for indicators.
+## ALIEN VAULT
-## Search pulse
+
+### Search pulse
This script allows searching for pulses related to an input:
@@ 17,7 19,8 @@ For example:
python3 search_pulses.py XHIDE
```
-# Search HASH
+### Search HASH
+
This scripts allows searching details about a hash:
```
@@ 31,3 34,44 @@ python3 search_HASH.py SHA256 46b501600a4ee30d014c5356bad83ad2107ba9b9c58ffc717f
```
Note: remember to use your own API key! change the "otx" variable content.
+
+
+## VIRUSTOTAL
+
+### Get report
+
+This script will give you a fast report using a hash:
+
+```
+./get_report.sh <hash> <name of the output file>
+```
+
+For example:
+
+```
+./get_report fcdec9d9b195b8ed827fb46f1530502816fe6a04b1f5e740fda2b126df2d9fd5 example
+```
+
+This will produce a `example.json` file and a `readable_example` file. The `.json` is the whole VT report, while `readable_` is a fast-readable version with key values. In the example above, the readable would look like:
+
+```
+Threat label:
+hacktool
+
+
+Tags:
+executable
+windows
+win32
+pe
+peexe
+
+
+Meaningful name:
+smb2os.exe
+
+
+Imports:
+mscoree.dll
+```
+This way it's easy to see in a first glance what it is.<
\ No newline at end of file