Cisco AMP/TG/Umbrella/CTR Intelligence Search

2025年02月20日 生产工具

插件截图

Cisco AMP/TG/Umbrella/CTR Intelligence Search

插件概述

Right click URL or select test to search on Cisco AMP/TG (including Threat Response) and Umbrella. Requires respective portal accts

插件详情

V0.0.14
- Fixed Investigate in Cisco Threat Response to use the respective regional AMP cloud configured in extension options settings.
V0.0.13
- Rebranded AMP Visibility to Cisco Threat Response.
- Cisco Threat Response should be the primary search interface... Moved it to top
- Updated selected text search to Cisco Threat Response with better input validation/sanitization
- Additional selected text input parsing to automatically change hxxp(s) to http(s) for directly pivoting from Talos Blog posts
- Additional selected text input parsing to automatically change IP Addresses and domains from w[.]x[.]y[.]z to w.x.y.z for directly pivoting from Talos Blog posts.
- Added support for AMP APJC Cloud in options menu
V0.0.12
- Updated search to include strings any selected text to Cisco AMP Visibility
V0.0.11
- Updated search to Sourcefire AMP to reflect branding change to Cisco AMP
V0.0.10
- Updated Opendns/ODNS to reflect branding change to Cisco Umbrella
- Also updated Investigate lookups to investigate.umbrella.com
v0.0.9
- Added an extension Options page that allows:
o selection of AMP US or EU Clouds
Direct EU Console search will soon be deprecated in favor of options
o definition of an AMP Private Cloud server to extend search into
Supports FQDN (e.g. private-amp.example.com) or IP Address
V0.0.8
- Added hash search into OpenDNS Investigate
V0.0.7
- Added Context Based search to search back within Cisco AMP for Endpoints console for selected text by Hash, filename, device name, URL or IP Address.
v0.0.6
- Added OpenDNS Investigate search options
---
Context Menu enabled Threat Intelligence search of selected text
URL - Searches Cisco AMP Threat Grid for any known threat intelligence associated to the URL
URL - Searches Cisco OpenDNS for any known threat intelligence associated to the FQDN in URL
IP/Domain - Searches Cisco AMP Threat Grid and OpenDNS Investigate for any known threat intelligence
MD5/SHA Hash - Searches Cisco AMP Threat Grid for any known threat intelligence associated to the file. Does not search OpenDNS since hashes are not indexed there.

其他信息

官方唯一标识:hieoklfl****************jcbcgbbm

官方最后更新日期:2018年10月11日

分类:生产工具

大小:49.55KiB

版本:0.0.14.1

语言:English (United States)

提供方:none

星级:4.9

插件下载

下载链接一     下载链接二
Chrome插件离线安装教程

温馨提示

本站中的部份内容来源网络和网友发布,纯属个人收集并供大家交流学习参考之用,版权归版权原作者所有

如果您发现网站上有侵犯您的知识产权的作品,请与我们取得联系,我们会及时修改或删除。

如果您觉得网多鱼对您有帮助,欢迎收藏我们 Ctrl+D