This website uses cookies to enhance your browsing experience. Please note that by continuing to use this site you consent to the terms of our Privacy Notice.

ACCEPT
Experienced a Breach?

NEED IMMEDIATE ASSISTANCE?
Contact Us for Pre and Post Incident Response Services

855.276.9347

Learn More

Community Tools

F_OR

CROWDSTRIKE FALCON™ ORCHESTRATOR

Extendable Workflow Automation & Real-Time Security Forensics and Remediation

Falcon Orchestrator is an open source tool built on CrowdStrike’s Falcon Connect APIs. Customers can take advantage of powerful workflow automation and case management capabilities, as well as extendable wide range of security forensics and remediation actions which work in conjunction with and complement the capabilities of CrowdStrike Falcon Host.

Download Learn More Watch Video

tool-scanner

CROWDSTRIKE SHELLSHOCK SCANNER

Network Scan for Bash Vulnerability

CrowdStrike ShellShock Scanner is a free tool aimed to help alert you to the presence of systems on your network that are vulnerable to the Bash ShellShock vulnerability.

Supported Operating Systems: The tool runs on both 32 bit and 64 bit versions of Windows from XP and above.

Download Integrity Hashes

CSShellShockScanner.zip

  • MD5 4C5082101C87BB38BE9A659CCB1844D6
  • SHA1 730A27FEDBC0884D020F5FE075A751BF7EFBA85D
  • SHA256 61744C1405F92A7BA551D0969B2C20A928DE87F54ED3C2AC5F0B7CFF09A55BBB

CSShellShockScanner.exe

  • MD5 290EE8C5EA6A055E6DE58FFE28C1F9FC
  • SHA1 B7A778FB7951BEE617755ECB7ED297DCC97157C3
  • SHA256 775EEDCC67A62632E9A585182B1854643F2B116C500760DB4F8EB86570F6FCB3
tool-heartbleed

CROWDSTRIKE HEARTBLEED SCANNER

Network Scan for OpenSSL Vulnerability

CrowdStrike Heartbleed Scanner is a free tool aimed to help alert you to the presence of systems (such as web servers, VPNs, secure FTP servers, databases, routers, etc.) on your network that are vulnerable to the OpenSSL Heartbleed vulnerability.

Supported Operating Systems: The tool runs on both 32 bit and 64 bit versions of Windows from XP and above.

Download   Integrity Hashes

CSHeartbleedScanner.zip

  • MD5
    5AA490B7FABFD523411586459CB44571
  • SHA1 A9B47160745A4BC7D6A7E043B001F2F6A5C3FAE4
  • SHA256
    54B5DC89DB3221B20E6EB5AB1B68AB8EB9D95F2A9A7EDC9E9EB04A438B92B5CC

CSHeartbleedScanner.exe

  • MD5 DAAC0A10E341468A3A27788647066EF1
  • SHA1 DEA595C7A92D14A2B6328A87EFE954BAB1289AB0
  • SHA256 3CD34EB55C5570B38AE126C0D4E053586B55CF7B964A03BFDFB6935C24432E48
tool-response

CROWD RESPONSE

Static Host Data Collection Tool

Crowd Response is a lightweight Windows console application designed to aid in the gathering of system information for incident response and security engagements. The application contains numerous modules, each of them invoked by providing specific command line parameters to the main application. Modules are all built into the main application in C++ language utilizing the Win32 API to achieve their functionality.

Crowd Response results may be viewed in a variety of ways, particularly when leveraging CrowdStrike’s CRconvert. By default, output from Crowd Response is provided in an XML file. CRconvert will flatten this XML to CSV, TSV or HTML, if desired. The various format options were created to support the different needs and analysis preferences of the end user.

Supported Operating Systems: The tool runs on 32 bit and 64 bit versions of Windows from XP and above.

Download    INTEGRITY HASHES

CrowdResponse.zip

  • MD5 65bfdf1f52ee05f6c717b246bf862794
  • SHA1 d6addb1ac73343ec55b3de497957447419ff41c9
  • SHA256 6aa2aa39efee84851f261b90cfad482d0dd06e297c918eb7f77f1ae1c00aa813
tool-tortilla

TORTILLA

Anonymous Security Research through Tor

Tortilla is an open source tool that allows users to securely, anonymously, and transparently route all TCP/IP and DNS traffic through Tor, regardless of the client software, and without relying on VPNs or additional hardware or virtual machines.

Supported Operating Systems: The tool runs on 32 bit and 64 bit versions of Windows from XP and above.

Download    Source Code    Integrity Hashes

Tortilla_v1.1.0_Beta.zip

  • SHA256 5c6e8caa200850d44e6dbaf187f238e24ada2de7e394b5d4d5f5d04f524bd899
tool-detox

CROWD DETOX

Decompilation Deobfuscator

The CrowdDetox plugin for Hex-Rays automatically removes junk code and variables from Hex-Rays function decompilations. This allows security researchers to analyze malware more easily, efficiently, and effectively.

Supported Operating Systems: This distribution comes with pre-built versions of the plugin for Windows, Mac OS, and Linux.

Download    Source Code    Integrity Hashes

CrowdDetox_v1.0.2_Beta.zip

  • SHA256 f04c6253f737a3bf3d7096840be082097523e521ca57c79533b8ceb979c8a6eb
tool-inspect

CROWD INSPECT

Host-Based Process Inspection

CrowdInspect is a free community tool for Microsoft Windows systems that is aimed to help alert you to the presence of potential malware are on your computer that may be communicating over the network. It is a host-based process inspection tool utilizing multiple sources of information to detect untrusted or malicious network-active process. The tool is leveraging intelligence from VirusTotal, Web of Trust (WOT), and Team Cymru’s Malware Hash Registry.

Supported Operating Systems: The tool runs on both 32 bit and 64 bit versions of Windows from XP and above.

CrowdInspect. Version 1.0.0.3:

  • CrowdInspect now analyzes all processes, not just those communicating over the network. Uncheck the TCP and UDP buttons to see only those processes not communicating on the network.
  • Bug fixes, including better parsing of VirtusTotal results.

Download    Integrity Hashes

CrowdInspect.zip

  • MD5 334B9BF33CE1B1E9899B179397094627
  • SHA1 0C1D6EF4354A5B9E0B4D9E3DFFB3C108FDDFE418
  • SHA256 0FAA2360D6D14BB83EF45545825F52F382D6D47BF1D168495ED207A359DCD4B8

CrowdInspect.exe

  • MD5 38AC17757EB710350FF389FAB43D6900
  • SHA1 77B7D727691AB2EBE70A6ABE4534840C54D19B69
  • SHA256 ADCAF4BFD954F46D05C3F9DBF9A1A057B28D8870B7C54C30455D2742C0AF0F71