Hello there,

not so long ago I published a post about Cyberbro,

a FOSS tool I am developing, now has 70+ stars (I'm so happy, didn't expect it).

I made a public demo if you want to try it (careful, all info is public, do not put anything sensitive).

Here: demo.cyberbro.net

Original project: https://github.com/stanfrbd/cyberbro

Features:

• Effortless Input Handling: Paste raw logs, IoCs, or fanged IoCs, and let our regex parser do the rest.

• Multi-Service Reputation Checks: Verify observables (IP, hash, domain, URL) across multiple services like VirusTotal, AbuseIPDB, IPInfo, Spur.us, MDE, Google Safe Browsing, Shodan, Abusix, Phishtank, ThreatFox, Github, Google…

• Detailed Reports: Generate comprehensive reports with advanced search and filter options.

• High Performance: Leverage multithreading for faster processing.

• Automated Observable Pivoting: Automatically pivot on domains, URL and IP addresses using reverse DNS and RDAP.

• Accurate Domain Info: Retrieve precise domain information from ICANN RDAP (next generation whois).

• Abuse Contact Lookup: Accurately find abuse contacts for IPs, URLs, and domains.

• Export Options: Export results to CSV and autofiltered well formatted Excel files.

• MDE Integration: Check if observables are flagged on your Microsoft Defender for Endpoint (MDE) tenant.

• Proxy Support: Use a proxy if required.

• Data Storage: Store results in a SQLite database.

• Analysis History: Maintain a history of analyses with easy retrieval and search functionality.

I hope it can help the community :)

Thank you for reading and Happy New Year!