Intezer v2

Malware detection and analysis based on code reuse.

Forensics & Malware Analysis · Intezer

Configuration parameters

  • APIKey — API Key (required)
  • AnalyzeBaseURL — Intezer Analyze Base URL
  • proxy — Use system proxy settings
  • insecure — Trust any certificate (not secure)

Commands (16)

  • intezer-analyze-by-file

    Checks file reputation for uploaded file (up to 150MB).

  • intezer-analyze-by-hash

    Checks file reputation of the given hash, supports SHA256, SHA1 and MD5.

  • intezer-analyze-url

    Checks reputation of an Url.

  • intezer-get-alert-result

    Get an ingested alert triage and response information using alert ID.

  • intezer-get-analysis-code-reuse

    Get All code reuse report for an analysis. To get a sub analysis code-reuse you need to specify an analysis_id and a sub_analysis id!.

  • intezer-get-analysis-iocs

    Gets the list of network and files IOCs of a specific analysis id.

  • intezer-get-analysis-metadata

    Get analysis metadata. To get a sub analysis metadata you need to specify an analysis_id and a sub_analysis id!.

  • intezer-get-analysis-result

    Check the analysis status and get analysis result, support file and endpoint analysis.

  • intezer-get-endpoint-analysis-result

    Returns the analysis result.

  • intezer-get-family-info

    Get family information from Intezer Analyze.

  • intezer-get-file-analysis-result

    Returns the analysis result.

  • intezer-get-latest-report

    Checks file reputation of the given hash, supports SHA256, SHA1 and MD5 by looking at the latest available report.

  • intezer-get-sub-analyses

    Get a list of the analysis sub analyses.

  • intezer-get-url-analysis-result

    Returns the analysis result.

  • intezer-submit-alert

    Submit a new alert, including the raw alert information, to Intezer for processing.

  • intezer-submit-suspected-phishing-email

    Submit a suspicious phishing email in a raw format (.MSG or .EML) to Intezer for processing.