From b9aa396f9d8a87a50d1d6d48abe363832cfbb3fe Mon Sep 17 00:00:00 2001 From: terceranexus6 Date: Thu, 18 May 2023 16:54:15 +0200 Subject: [PATCH] updating the readme --- README.md | 48 ++++++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 46 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 9d28c88..d4b1a41 100644 --- a/README.md +++ b/README.md @@ -2,8 +2,10 @@ These are just some simple useful scripts to look for indicators. +## ALIEN VAULT -## Search pulse + +### Search pulse This script allows searching for pulses related to an input: @@ -17,7 +19,8 @@ For example: python3 search_pulses.py XHIDE ``` -# Search HASH +### Search HASH + This scripts allows searching details about a hash: ``` @@ -31,3 +34,44 @@ python3 search_HASH.py SHA256 46b501600a4ee30d014c5356bad83ad2107ba9b9c58ffc717f ``` Note: remember to use your own API key! change the "otx" variable content. + + +## VIRUSTOTAL + +### Get report + +This script will give you a fast report using a hash: + +``` +./get_report.sh +``` + +For example: + +``` +./get_report fcdec9d9b195b8ed827fb46f1530502816fe6a04b1f5e740fda2b126df2d9fd5 example +``` + +This will produce a `example.json` file and a `readable_example` file. The `.json` is the whole VT report, while `readable_` is a fast-readable version with key values. In the example above, the readable would look like: + +``` +Threat label: +hacktool + + +Tags: +executable +windows +win32 +pe +peexe + + +Meaningful name: +smb2os.exe + + +Imports: +mscoree.dll +``` +This way it's easy to see in a first glance what it is. \ No newline at end of file -- 2.45.2