Tools

CrowdStrike Heartbleed Scanner

Network Scan for OpenSSL Vulnerability

CrowdStrike Heartbleed Scanner is a free tool aimed to help alert you to the presence of systems (such as web servers, VPNs, secure FTP servers, databases, routers, etc.) on your network that are vulnerable to the OpenSSL Heartbleed vulnerability.

Supported Operating Systems: The tool runs on both 32 bit and 64 bit versions of Windows from XP and above.

Download Integrity Hashes
  • CSHeartbleedScanner.zip

  • MD5 6021ff1fa5e462b24564a2c37a35ec0b

  • SHA1 43fb3f52523c37b3043ba00c12fd64396b50419b

  • SHA256 380b16fac02fc92654f8c76b01bb8376f539c10019172e18ab758d7e7cdd95e7

  • CSHeartbleedScanner.exe

  • MD5 13f95f8e7edb6c0e4a27098fdc91b5fc

  • SHA1 c6b9d50946ae8fdc81741e76c54231481511ac35

  • SHA256 9809a8baea853b013edc2fcbc084464efb600c750f8f97119fabf7a2a284fbbe

Crowd Response

Static Host Data Collection Tool

Crowd Response is a lightweight Windows console application designed to aid in the gathering of system information for incident response and security engagements. The application contains numerous modules, each of them invoked by providing specific command line parameters to the main application. Modules are all built into the main application in C++ language utilizing the Win32 API to achieve their functionality.

Crowd Response results may be viewed in a variety of ways, particularly when leveraging CrowdStrike’s CRconvert. By default, output from Crowd Response is provided in an XML file. CRconvert will flatten this XML to CSV, TSV or HTML, if desired. The various format options were created to support the different needs and analysis preferences of the end user.

Supported Operating Systems: The tool runs on 32 bit and 64 bit versions of Windows from XP and above.

Download Integrity Hashes
  • CrowdResponse.zip

  • MD5

  • 953236054981896f484dc7aa3c6e5d23

  • SHA1

  • 9231d7ecadd0fc7298817a50ac0a900ea1ed1bb7

  • SHA256

  • f81edc5c0ddc2a3f62dc6058ef318f64048909eb75694713b090d3d5271ac52f

Tortilla

Anonymous Security Research through Tor

Tortilla is an open source tool that allows users to securely, anonymously, and transparently route all TCP/IP and DNS traffic through Tor, regardless of the client software, and without relying on VPNs or additional hardware or virtual machines.

Supported Operating Systems: The tool runs on 32 bit and 64 bit versions of Windows from XP and above.

Download Source Code Integrity Hashes
  • https://github.com/CrowdStrike/Tortilla

  • Tortilla_v1.1.0_Beta.zip

  • SHA256 150eb477cd8a48daa792fbb610345e9c0aa981597106a02db03b06e71f56b586

Crowd Detox

Decompilation Deobfuscator

The CrowdDetox plugin for Hex-Rays automatically removes junk code and variables from Hex-Rays function decompilations. This allows security researchers to analyze malware more easily, efficiently, and effectively.

Supported Operating Systems: This distribution comes with pre-built versions of the plugin for Windows, Mac OS, and Linux.

Download Source Code Integrity Hashes
  • CrowdDetox_v1.0.2_Beta.zip

  • SHA256 6aae11f34ed47d502754e274aef464bb8c4b0196f4117f0bc70db70f072039eb

  • https://github.com/CrowdStrike/CrowdDetox

Crowd Inspect

Host-Based Process Inspection

CrowdInspect is a free community tool for Microsoft Windows systems that is aimed to help alert you to the presence of potential malware are on your computer that may be communicating over the network. It is a host-based process inspection tool utilizing multiple sources of information to detect untrusted or malicious network-active process. The tool is leveraging intelligence from VirusTotal, Web of Trust (WOT), and Team Cymru's Malware Hash Registry.

Supported Operating Systems: The tool runs on both 32 bit and 64 bit versions of Windows from XP and above.

Download Integrity Hashes
  • CrowdInspect.zip

  • MD5 4cf651675e3eafc0c50a5ac20ceab235

  • SHA1 2d6ff0a7842d204a0c8d0d35bf52ce8cf25f362d

  • SHA256 fb61ca68a921a8101ad07ac5264aacdda17301002c006162f862b716acb5736a

  • CrowdInspect.exe

  • MD5 2c2ee14c77cda049fe9fc16a49711a14

  • SHA1 a7d9217b70cfd40e0aed74e21f1de0fa94569685

  • SHA256 08a5fe8c057c047708784fe6b820a8ebce086ecce9ef696d6690014b20a9ae5e

Crowd RE

Crowdsourced Reverse Engineering

Join the crowd! Quickly reversing complex software is extremely challenging due to the lack of professional tools that support collaborative analysis. CrowdRE fills this gap, by leveraging architecture to organize source code repositories, a system that manages a history of change sets as commit messages. The central component is a cloud based server that keeps track of commits in a database. Each commit covers one or more functions of an analyzed binary and contains information like annotations, comments, prototype, struct and enum definitions. Users can search the database for commits of functions by constructing a query of the analyzed binary's hash and the function offset.

CrowdRE is available free as an IDA Pro plugin.

Supported Operating Systems: Windows, Linux, and OS X

Download