HarfangLab
Subscription Information
- Subscription Required: Yes
- Free Subscription Available: No
Responders (31)
HarfangLab-GetArtifactUSN v1.0
Get USN logs artifact
- Author: HarfangLab Product Team
- License: AGPL-V3
- Data Types:
thehive:case - Configuration: .upstream/cortex/responders/HarfangLab/HarfangLab_GetArtifactUSN.json (raw)
HarfangLab-IsolateHost v1.0
Isolate machine with HarfangLab EDR
- Author: HarfangLab Product Team
- License: AGPL-V3
- Data Types:
thehive:case,thehive:alert - Configuration: .upstream/cortex/responders/HarfangLab/HarfangLab_Isolate.json (raw)
HarfangLab-KillProcess v1.0
Kill a process
- Author: HarfangLab Product Team
- License: AGPL-V3
- Data Types:
thehive:case,thehive:alert - Configuration: .upstream/cortex/responders/HarfangLab/HarfangLab_KillProcess.json (raw)
HarfangLab-GetScheduledTasks v1.0
Get scheduled tasks on a host
- Author: HarfangLab Product Team
- License: AGPL-V3
- Data Types:
thehive:case - Configuration: .upstream/cortex/responders/HarfangLab/HarfangLab_GetScheduledTasks.json (raw)
HarfangLab-GetArtifactMFT v1.0
Get MFT artifact
- Author: HarfangLab Product Team
- License: AGPL-V3
- Data Types:
thehive:case - Configuration: .upstream/cortex/responders/HarfangLab/HarfangLab_GetArtifactMFT.json (raw)
HarfangLab-GetArtifactEvtx v1.0
Get Windows event logs artifact
- Author: HarfangLab Product Team
- License: AGPL-V3
- Data Types:
thehive:case - Configuration: .upstream/cortex/responders/HarfangLab/HarfangLab_GetArtifactEvtx.json (raw)
HarfangLab-DumpProcess v1.0
Dump process memory
- Author: HarfangLab Product Team
- License: AGPL-V3
- Data Types:
thehive:case - Configuration: .upstream/cortex/responders/HarfangLab/HarfangLab_DumpProcess.json (raw)
HarfangLab-GetSessions v1.0
Get sessions on a host
- Author: HarfangLab Product Team
- License: AGPL-V3
- Data Types:
thehive:case - Configuration: .upstream/cortex/responders/HarfangLab/HarfangLab_GetSessions.json (raw)
HarfangLab-GetDrivers v1.0
Get drivers loaded on a host
- Author: HarfangLab Product Team
- License: AGPL-V3
- Data Types:
thehive:case - Configuration: .upstream/cortex/responders/HarfangLab/HarfangLab_GetDrivers.json (raw)
HarfangLab-GetRunKeys v1.0
Get RUN keys on a host
- Author: HarfangLab Product Team
- License: AGPL-V3
- Data Types:
thehive:case - Configuration: .upstream/cortex/responders/HarfangLab/HarfangLab_GetRunKeys.json (raw)
HarfangLab-GetNetworkShares v1.0
Get network shares on a host
- Author: HarfangLab Product Team
- License: AGPL-V3
- Data Types:
thehive:case - Configuration: .upstream/cortex/responders/HarfangLab/HarfangLab_GetNetworkShares.json (raw)
HarfangLab-GetArtifactLogs v1.0
Get Linux logs artifact
- Author: HarfangLab Product Team
- License: AGPL-V3
- Data Types:
thehive:case - Configuration: .upstream/cortex/responders/HarfangLab/HarfangLab_GetArtifactLogs.json (raw)
HarfangLab-SearchDestinationIP v1.0
Search an IP in HarfangLab EDR's telemetry
- Author: HarfangLab Product Team
- License: AGPL-V3
- Data Types:
thehive:case_artifact - Configuration: .upstream/cortex/responders/HarfangLab/HarfangLab_SearchDestinationIP.json (raw)
HarfangLab_SearchDriverByHash v1.0
Search a driver load in HarfangLab EDR's telemetry per hash
- Author: HarfangLab Product Team
- License: AGPL-V3
- Data Types:
thehive:case_artifact - Configuration: .upstream/cortex/responders/HarfangLab/HarfangLab_SearchDriverByHash.json (raw)
HarfangLab-GetPipes v1.0
Get pipes on a host
- Author: HarfangLab Product Team
- License: AGPL-V3
- Data Types:
thehive:case - Configuration: .upstream/cortex/responders/HarfangLab/HarfangLab_GetPipes.json (raw)
HarfangLab_SearchDriverByFileName v1.0
Search a driver load in HarfangLab EDR's telemetry per filename
- Author: HarfangLab Product Team
- License: AGPL-V3
- Data Types:
thehive:case_artifact - Configuration: .upstream/cortex/responders/HarfangLab/HarfangLab_SearchDriverByFileName.json (raw)
HarfangLab-SearchSourceIP v1.0
Search an IP in HarfangLab EDR's telemetry
- Author: HarfangLab Product Team
- License: AGPL-V3
- Data Types:
thehive:case_artifact - Configuration: .upstream/cortex/responders/HarfangLab/HarfangLab_SearchSourceIP.json (raw)
HarfangLab-GetBinary v1.0
Get binary information and download link
- Author: HarfangLab Product Team
- License: AGPL-V3
- Data Types:
thehive:case_artifact - Configuration: .upstream/cortex/responders/HarfangLab/HarfangLab_GetBinary.json (raw)
HarfangLab-GetProcesses v1.0
Get processes running on a host
- Author: HarfangLab Product Team
- License: AGPL-V3
- Data Types:
thehive:case - Configuration: .upstream/cortex/responders/HarfangLab/HarfangLab_GetProcesses.json (raw)
HarfangLab-GetWMI v1.0
Get WMI items on a host
- Author: HarfangLab Product Team
- License: AGPL-V3
- Data Types:
thehive:case - Configuration: .upstream/cortex/responders/HarfangLab/HarfangLab_GetWMI.json (raw)
HarfangLab-GetPrefetches v1.0
Get prefetches on a host
- Author: HarfangLab Product Team
- License: AGPL-V3
- Data Types:
thehive:case - Configuration: .upstream/cortex/responders/HarfangLab/HarfangLab_GetPrefetches.json (raw)
HarfangLab-GetPersistence v1.0
Get persistence items on a Linux host
- Author: HarfangLab Product Team
- License: AGPL-V3
- Data Types:
thehive:case - Configuration: .upstream/cortex/responders/HarfangLab/HarfangLab_GetPersistence.json (raw)
HarfangLab-GetArtifactRamdump v1.0
Get RAM dump artifact
- Author: HarfangLab Product Team
- License: AGPL-V3
- Data Types:
thehive:case - Configuration: .upstream/cortex/responders/HarfangLab/HarfangLab_GetArtifactRamdump.json (raw)
HarfangLab-GetArtifactAll v1.0
Get all artifacts
- Author: HarfangLab Product Team
- License: AGPL-V3
- Data Types:
thehive:case - Configuration: .upstream/cortex/responders/HarfangLab/HarfangLab_GetArtifactAll.json (raw)
HarfangLab-UnisolateHost v1.0
Isolate machine with HarfangLab EDR
- Author: HarfangLab Product Team
- License: AGPL-V3
- Data Types:
thehive:case,thehive:alert - Configuration: .upstream/cortex/responders/HarfangLab/HarfangLab_Unisolate.json (raw)
HarfangLab-GetArtifactPrefetch v1.0
Get prefetches artifact
- Author: HarfangLab Product Team
- License: AGPL-V3
- Data Types:
thehive:case - Configuration: .upstream/cortex/responders/HarfangLab/HarfangLab_GetArtifactPrefetch.json (raw)
HarfangLab-GetArtifactFilesystem v1.0
Get Linux filesystem artifact
- Author: HarfangLab Product Team
- License: AGPL-V3
- Data Types:
thehive:case - Configuration: .upstream/cortex/responders/HarfangLab/HarfangLab_GetArtifactFilesystem.json (raw)
HarfangLab-GetArtifactHives v1.0
Get Hives artifact
- Author: HarfangLab Product Team
- License: AGPL-V3
- Data Types:
thehive:case - Configuration: .upstream/cortex/responders/HarfangLab/HarfangLab_GetArtifactHives.json (raw)
HarfangLab-GetStartupFiles v1.0
Get startup files on a host
- Author: HarfangLab Product Team
- License: AGPL-V3
- Data Types:
thehive:case - Configuration: .upstream/cortex/responders/HarfangLab/HarfangLab_GetStartupFiles.json (raw)
HarfangLab-GetServices v1.0
Get services on a host
- Author: HarfangLab Product Team
- License: AGPL-V3
- Data Types:
thehive:case - Configuration: .upstream/cortex/responders/HarfangLab/HarfangLab_GetServices.json (raw)
HarfangLab-SearchHash v1.0
Search a hash in HarfangLab EDR's telemetry
- Author: HarfangLab Product Team
- License: AGPL-V3
- Data Types:
thehive:case_artifact - Configuration: .upstream/cortex/responders/HarfangLab/HarfangLab_SearchHash.json (raw)
Statistics
- Total Analyzers: 0
- Total Responders: 31
- Total Functions: 0
- Total External Integrations: 0
- Total Integrations: 31
This file is auto-generated from the integration manifest. Do not edit manually.