CrowdStrike Introduces Sandbox Scryer: A Free Threat-Hunting Tool for Generating MITRE ATT&CK and Navigator Data>
CrowdStrike Blog – Greg Dalcher – Joel Spurlock
Sandbox Scryer is an open-source tool for producing threat hunting and intelligence data from public sandbox detonation output The tool leverages the MITRE ATT&CK Framework to organize and prioritize findings, assisting in assembling indicators of compromise (IOCs), understanding attack movement and hunting threats By allowing researchers to send thousands of samples to a sandbox for building a profile for use with the ATT&CK technique, Sandbox Scryer can help solve use cases at scale The tool is intended for cybersecurity professionals who are interested in threat hunting and attack analysis leveraging sandbox output data Sandbox Scryer consumes output from the free and public Hybrid Analysis malware analysis service to help analysts expedite and scale threat hunting as part of security operations center (SOC) operations
Link: https://www.crowdstrike.com/blog/sandbox-scryer-free-threat-hunting-tool/