XposedOrNot for TheHive / Cortex
Pull request under review TheHive-Project/Cortex-Analyzers#1471
The XposedOrNot Cortex analyzer is complete and its pull request is under community review at
TheHive-Project/Cortex-Analyzers#1471.
This page will carry the full installation guide once it merges.
What it does
- Two analyzer flavors for
mail observables: a fast breach-names check and a detailed breach-analytics report.
- Taxonomies for triage: breach count, overall risk, and a malicious flag when plaintext-password exposure is found.
- Rich long reports: per-breach logos, dates, records, exposed data classes and password-risk badges.
- Breached-site domains extracted as artifacts for pivoting.
- Works keyless out of the box; optional commercial API key for volume. TLP/PAP-gated.
In the meantime
← All integrations