|
| 1 | + _____ __ |
| 2 | + /#####\ /##\ __ |
| 3 | + /##__ ##| ____ |__| |##| |
| 4 | + | ## \ #| /####| __ ________ __|##|__ |
| 5 | + | ## | #| /##/__ | #|| ##__###||_ ####_/ |
| 6 | + | ## | #||######|| #|| #| \##| | ##| |
| 7 | + | ## | #| \____#|| #|| #| | #| | ##|__ |
| 8 | + | #####//#######|| #|| #| | #| | ####/ |
| 9 | + \_____/ |______/ |__||__/ |__/ \___/ |
| 10 | + ________ |
| 11 | + |_####_/ _____ ______ |
| 12 | + | #| /#####\ /######| |
| 13 | + | #| |## __##| /##____/ |
| 14 | + | #| |##| |#|| #| |
| 15 | + /####\ | ######|| ######| |
| 16 | + |______| \_____/ \______/ |
| 17 | + _____ |
| 18 | + /#####\ |
| 19 | + /##__###| _______ ______ _______ _______ _______ ________ |
| 20 | + |##| \__/ /######| /######| /#######| /#######| /##__## ||##___ ##| |
| 21 | + |##\____ /##_____/ |____|#|| ##__###|| ##__###||##|__|#/ |##| \__/ |
| 22 | + \____##\| ## /#__##|| ## \##|| ## \##||###___/ |##| |
| 23 | + _____\##| ## /#|__|#|| ## |##|| ## |##||##|_____ |##| |
| 24 | + |########| ######|| ######|| ## |##|| ## |##||########\|##| |
| 25 | + \______/ \_______/\_______||__/ |__||__/ |__/ \_______||__/ |
| 26 | + |
| 27 | +OSINT IOC Scanner (OIS) By Suchit |
| 28 | + |
| 29 | +Welcome, Sherlock! The game is on! |
| 30 | + |
| 31 | +Overview: |
| 32 | +1) Analysts can give their IOCs (Domain, IP, URL, Hash). The IOC type will be auto-validated by the script. Defanged IOCs are also processed. |
| 33 | +2) Maximum of 4 IOCs are recommended to limit excessive resource consumption if you opt for opening results in browser. If more than four are given, a confirmation to proceed will be displayed. |
| 34 | +3) The delimiters that can be used between two IOCs are: Space ( ), OR operator ( OR )( or ), and Comma (,). |
| 35 | +4) The links for results will be displayed in terminal for analysts to copy paste as references. |
| 36 | +5) After the process is done, the script asks again for IOCs until terminated manually. |
| 37 | +6) The executable can be run from anywhere, but the config file created needs to be in the same directory. |
| 38 | +7) If you submit Virus Total API Key, you can get many details directly in console. IOCs will be submitted to VT for reanalyzing when the script is run. |
| 39 | +8) If you have URLScan account, you can use the API to get a live screenshot for the URL. You will be prompted to choose if you want to use it or not in the beginning. If you want to change the choice later, you can edit it from e. |
| 40 | + |
| 41 | +Known Issues: |
| 42 | +--> IOCs can't be seperated by new line character as powershell works differently in those cases. |
| 43 | +--> When user selects clear screen, it doesn't clear the whole history which can be seen by scrolling up. But it does clear up the window. |
0 commit comments