Original release date: November 1, 2019
November is National Critical Infrastructure Security and Resilience Month. The Nation’s critical infrastructure (CI) relies on a highly interdependent environment, in which physical and cyber systems converge. CI plays a vital role in keeping our Nation and communities safe and secure. Everyone is involved in the mission to protect CI and can help by using cybersecurity best practices, reporting cybersecurity incidents and phishing attempts, and submitting malware for review.
The Cybersecurity and Infrastructure Security Agency (CISA) encourages critical infrastructure owners and operators to download the Critical Infrastructure Security and Resilience Month Toolkit and to visit CISA’s Critical Infrastructure Security and Resilience Month resource page throughout November for information and updates.
This product is provided subject to this Notification and this Privacy & Use policy.
Sooty is a tool developed with the task of aiding a SOC analyst to automate parts of their workflow and speed up their process.
The main goal of Sooty is to perform as much of the routine checks as possible which allows the analyst more time to spend on deeper analysis.
Features of Sooty SOC Analyst CLI Tool
- Sanitise URL’s to be safe to send in emails
- Perform reverse DNS and DNS lookups
- Perform reputation checks from:
- Abuse IPDB
- Check if an IP address is a TOR exit node
- Decode Proofpoint URL’s, UTF-8 encoded URLS, Office SafeLink URL’s and Base64 Strings
- Get file hashes and compare them against VirusTotal (see requirements)
- Perform WhoIs Lookups
- Check Usernames and Emails against HaveIBeenPwned to see if a breach has occurred.
Read the rest of Sooty – SOC Analyst All-In-One CLI Tool now! Only available at Darknet.