ThreatZone

ThreatZone malware analysis sandboxing.

Forensics & Malware Analysis · ThreatZone

Configuration parameters

  • url — Server URL (e.g. https://app.threat.zone) (required)
  • apikey — ThreatZone API Key (required)
  • integrationReliability — Source Reliability
  • insecure — Trust any certificate (not secure)
  • proxy — Use system proxy settings

Commands (13)

  • tz-cdr-upload-sample

    Submits a sample to ThreatZone for CDR.

  • tz-check-limits

    Check the plan limits from ThreatZone API.

  • tz-download-html-report

    Downloads the HTML report for a submission and uploads it to the War Room.

  • tz-get-artifact-result

    Retrieves analysis artifacts for a submission from ThreatZone.

  • tz-get-config-result

    Retrieves configuration extractor results for a submission from ThreatZone.

  • tz-get-indicator-result

    Retrieves dynamic behaviour indicators for a submission from ThreatZone.

  • tz-get-ioc-result

    Retrieves Indicators of Compromise for a submission from ThreatZone.

  • tz-get-result

    Retrieve the analysis result from ThreatZone.

  • tz-get-sanitized

    Downloads and uploads sanitized file from ThreatZone API to WarRoom & Context Data.

  • tz-get-yara-result

    Retrieves matched YARA rules for a submission from ThreatZone.

  • tz-sandbox-upload-sample

    Submits a sample to ThreatZone for sandbox analysis.

  • tz-static-upload-sample

    Submits a sample to ThreatZone for static analysis.

  • tz-url-analysis

    Submits a URL to ThreatZone for analysis.