FEATURE: Pivot from SOC PCAP to CyberChef #1596

defensivedepth · 2020-10-21T22:20:54Z

Would love to be able to have Hunt-esque pivots on arbitrary data fields in PCAP transcripts to CyberChef -

For instance, be able to pivot on this base64 value over to CyberChef to decode:

dougburks · 2021-05-19T17:05:28Z

Initial proof of concept:

Clicking the CyberChef link results in:

dougburks · 2021-05-26T21:35:08Z

Both pull requests have been merged and I've tested the latest dev installation in a local VM to verify everything is working as intended.

defensivedepth added the enhancement New feature or request label Oct 21, 2020

jertel added PCAP SOC labels Feb 26, 2021

jertel self-assigned this Feb 26, 2021

dougburks mentioned this issue May 3, 2021

FEATURE: Pivot from Alerts/Hunt to CyberChef #4081

Closed

dougburks changed the title ~~Feature Request - SOC PCAP - Pivot to CyberChef~~ FEATURE: Pivot from SOC PCAP to CyberChef May 3, 2021

dougburks self-assigned this May 19, 2021

This was referenced May 26, 2021

add menu.actions.json and update soc.json #4304

Merged

FEATURE: Pivot from SOC PCAP to CyberChef #1596 Security-Onion-Solutions/securityonion-soc#31

Merged

dougburks closed this as completed May 26, 2021

github-actions bot locked as resolved and limited conversation to collaborators Mar 14, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

FEATURE: Pivot from SOC PCAP to CyberChef #1596

FEATURE: Pivot from SOC PCAP to CyberChef #1596

defensivedepth commented Oct 21, 2020 •

edited

dougburks commented May 19, 2021

dougburks commented May 26, 2021

FEATURE: Pivot from SOC PCAP to CyberChef #1596

FEATURE: Pivot from SOC PCAP to CyberChef #1596

Comments

defensivedepth commented Oct 21, 2020 • edited

dougburks commented May 19, 2021

dougburks commented May 26, 2021

defensivedepth commented Oct 21, 2020 •

edited