Monte Copilot supported tools

Monte Copilot comes equipped with specific tools to help answer questions you are asking in real-time.

Monte Copilot comes equipped with specific tools to help answer questions you are asking in real-time. Tools are used to collect information across different security resources so that each answer is as accurate as possible.

Anvilogic will constantly add more tools and capabilities over time. Refer to the table below to see what's upcoming.

If you have tools in mind that we do not cover, add your feedback in Anvilogic Ideas.

Ask Monte Copilot questions about IP addresses, URLs, domains, processes and commands with and without arguments, encoded and plain text processes and commands, and file hashes.

For example, you can ask whether or not a specific IP address is suspicious, ask for an explanation of a particular PowerShell command, or ask Monte Copilot to write a specific command for you.

Current tools

Current tools used by Monte Copilot, in alphabetical order:

Tool

Description

AnvilogicAllowlistProcessRegexGenerator

Generates regex patterns for allowlisting benign processes to reduce alert volume.

Base64Decoder

Used to decode Base64-encoded strings.

CommandAnalyzer

Explains the details of full operating system command calls and analyzes malicious activity.

Deobfuscator

A custom powerful open-ended Deobfuscator with the ability to decode arbitrary inputs, from Base64, to hex, to binary and more. This tool can even unravel nested combinations of obfuscation used by bad actors.

DomainReputation

Checks the reputation and popularity of a domain based on the Cisco Umbrella Popularity List

Entity Analyzer

IoC

Checks if a URL or IP address is listed as an Indicator of Compromise (IoC) against multiple sources including

PhishTank
Feodo Tracker
VirusTotal
Phishstats
TOR Exit Nodes
FireHOL
URLHaus

IPInfo

Provides information about IP addresses, including geolocation, autonomous system information, and more.

LOLBAS

Provides insights regarding binaries, scripts, and libraries that are part of the Windows OS.

QnA

Offers details on a specific question, topic, or keyword. Utilizes:

Google search APIs (SerpAPI)
Anvilogic Forge Threat Reports
Anvilogic Armory Content
- Threat Identifiers
- Threat Scenarios

You can ask questions about Threat Actors, Vulnerabilities, Exploits, TTPs and more.

Shodan

Offers insights into listening services and ports associated with a given IP address.

Threat Identifier Alert Analyzer

Virustotal

Analyzes URLs, domains, IP addresses, and files for threats like viruses, worms, trojans.

Whois

Retrieves and parses WHOIS data about a URL.

WindowsCommands

Provides information regarding Windows OS commands.

Last updated 26 days ago

Was this helpful?

Monte Copilot supported tools

Monte Copilot comes equipped with specific tools to help answer questions you are asking in real-time.

Anvilogic will constantly add more tools and capabilities over time. Refer to the table below to see what's upcoming.

If you have tools in mind that we do not cover, add your feedback in Anvilogic Ideas.

Ask Monte Copilot questions about IP addresses, URLs, domains, processes and commands with and without arguments, encoded and plain text processes and commands, and file hashes.

For example, you can ask whether or not a specific IP address is suspicious, ask for an explanation of a particular PowerShell command, or ask Monte Copilot to write a specific command for you.

Current tools

Current tools used by Monte Copilot, in alphabetical order:

Tool

Description

AnvilogicAllowlistProcessRegexGenerator

Generates regex patterns for allowlisting benign processes to reduce alert volume.

Base64Decoder

Used to decode Base64-encoded strings.

CommandAnalyzer

Explains the details of full operating system command calls and analyzes malicious activity.

Deobfuscator

DomainReputation

Checks the reputation and popularity of a domain based on the Cisco Umbrella Popularity List

Entity Analyzer

Analyze a string, such as a process or IP address, and determine a verdict (benign, suspicious, malicious) with documentation.

IoC

Checks if a URL or IP address is listed as an Indicator of Compromise (IoC) against multiple sources including

PhishTank
Feodo Tracker
VirusTotal
Phishstats
TOR Exit Nodes
FireHOL
URLHaus

IPInfo

Provides information about IP addresses, including geolocation, autonomous system information, and more.

LOLBAS

Provides insights regarding binaries, scripts, and libraries that are part of the Windows OS.

QnA

Offers details on a specific question, topic, or keyword. Utilizes:

Google search APIs (SerpAPI)
Anvilogic Forge Threat Reports
Anvilogic Armory Content
- Threat Identifiers
- Threat Scenarios

You can ask questions about Threat Actors, Vulnerabilities, Exploits, TTPs and more.

Shodan

Offers insights into listening services and ports associated with a given IP address.

Threat Identifier Alert Analyzer

Analyze the outputs from a threat identifier (ex. an EOI) and determine a verdict (benign, suspicious, malicious) with documentation.

Virustotal

Analyzes URLs, domains, IP addresses, and files for threats like viruses, worms, trojans.

Whois

Retrieves and parses WHOIS data about a URL.

WindowsCommands

Provides information regarding Windows OS commands.

Last updated 26 days ago

Was this helpful?