Tools

CrowdStrike Heartbleed Scanner

Network Scan for OpenSSL Vulnerability

CrowdStrike Heartbleed Scanner is a free tool aimed to help alert you to the presence of systems (such as web servers, VPNs, secure FTP servers, databases, routers, etc.) on your network that are vulnerable to the OpenSSL Heartbleed vulnerability.

Supported Operating Systems: The tool runs on both 32 bit and 64 bit versions of Windows from XP and above.

Download Integrity Hashes
  • CSHeartbleedScanner.zip

  • MD5 34b00450b9ba1a2bd394d501c220f7ae

  • SHA1 bce7cfa6e40960bca271c4012a5ee3b3d62bebdb

  • SHA256 c59dc07c27a8ad03e5ea5cab3a892fca64cbf5e5f0f2db35b5e266f4dbff96eb

  • CSHeartbleedScanner.exe

  • MD5 6de14263355cb908315239150e6572a4

  • SHA1 008ed2e7ab633f5c306d5f214031098ac9216a03

  • SHA256 cd3106731e36a8bf68a7903c98d52b6fc1a7a1c3565c04fd512aa8ac9b0e7486

Crowd Response

Static Host Data Collection Tool

Crowd Response is a lightweight Windows console application designed to aid in the gathering of system information for incident response and security engagements. The application contains numerous modules, each of them invoked by providing specific command line parameters to the main application. Modules are all built into the main application in C++ language utilizing the Win32 API to achieve their functionality.

Crowd Response results may be viewed in a variety of ways, particularly when leveraging CrowdStrike’s CRconvert. By default, output from Crowd Response is provided in an XML file. CRconvert will flatten this XML to CSV, TSV or HTML, if desired. The various format options were created to support the different needs and analysis preferences of the end user.

Supported Operating Systems: The tool runs on 32 bit and 64 bit versions of Windows from XP and above.

Download Integrity Hashes
  • CrowdResponse.zip

  • MD5

  • bd35d6b0949ca972d92330ba80e3cb28

  • SHA1

  • db9ddf4fee2bb531985630d96d0bf620fb2e2b66

  • SHA256

  • f9647f525914f70ed7dd8d075d5b11d38b22178e60621e8205d4dbae4afa7f82

Tortilla

Anonymous Security Research through Tor

Tortilla is an open source tool that allows users to securely, anonymously, and transparently route all TCP/IP and DNS traffic through Tor, regardless of the client software, and without relying on VPNs or additional hardware or virtual machines.

Supported Operating Systems: The tool runs on 32 bit and 64 bit versions of Windows from XP and above.

Download Source Code Integrity Hashes
  • https://github.com/CrowdStrike/Tortilla

  • Tortilla_v1.1.0_Beta.zip

  • SHA256 150eb477cd8a48daa792fbb610345e9c0aa981597106a02db03b06e71f56b586

Crowd Detox

Decompilation Deobfuscator

The CrowdDetox plugin for Hex-Rays automatically removes junk code and variables from Hex-Rays function decompilations. This allows security researchers to analyze malware more easily, efficiently, and effectively.

Supported Operating Systems: This distribution comes with pre-built versions of the plugin for Windows, Mac OS, and Linux.

Download Source Code Integrity Hashes
  • CrowdDetox_v1.0.2_Beta.zip

  • SHA256 6aae11f34ed47d502754e274aef464bb8c4b0196f4117f0bc70db70f072039eb

  • https://github.com/CrowdStrike/CrowdDetox

Crowd Inspect

Host-Based Process Inspection

CrowdInspect is a free community tool for Microsoft Windows systems that is aimed to help alert you to the presence of potential malware are on your computer that may be communicating over the network. It is a host-based process inspection tool utilizing multiple sources of information to detect untrusted or malicious network-active process. The tool is leveraging intelligence from VirusTotal, Web of Trust (WOT), and Team Cymru's Malware Hash Registry.

Supported Operating Systems: The tool runs on both 32 bit and 64 bit versions of Windows from XP and above.

Download Integrity Hashes
  • CrowdInspect.zip

  • MD5 4cf651675e3eafc0c50a5ac20ceab235

  • SHA1 2d6ff0a7842d204a0c8d0d35bf52ce8cf25f362d

  • SHA256 fb61ca68a921a8101ad07ac5264aacdda17301002c006162f862b716acb5736a

  • CrowdInspect.exe

  • MD5 2c2ee14c77cda049fe9fc16a49711a14

  • SHA1 a7d9217b70cfd40e0aed74e21f1de0fa94569685

  • SHA256 08a5fe8c057c047708784fe6b820a8ebce086ecce9ef696d6690014b20a9ae5e

Crowd RE

Crowdsourced Reverse Engineering

Join the crowd! Quickly reversing complex software is extremely challenging due to the lack of professional tools that support collaborative analysis. CrowdRE fills this gap, by leveraging architecture to organize source code repositories, a system that manages a history of change sets as commit messages. The central component is a cloud based server that keeps track of commits in a database. Each commit covers one or more functions of an analyzed binary and contains information like annotations, comments, prototype, struct and enum definitions. Users can search the database for commits of functions by constructing a query of the analyzed binary's hash and the function offset.

CrowdRE is available free as an IDA Pro plugin.

Supported Operating Systems: Windows, Linux, and OS X

Download