Anvilogic Website
Product Documentation

Monte Copilot supported tools

Monte Copilot comes equipped with specific tools to help answer questions you are asking in real-time.

Monte Copilot comes equipped with specific tools to help answer questions you are asking in real-time. Tools are used to collect information across different security resources so that each answer is as accurate as possible.

Anvilogic will constantly add more tools and capabilities over time. Refer to the table below to see what's upcoming.

If you have tools in mind that we do not cover, add your feedback in Anvilogic Ideas.

Ask Monte Copilot questions about IP addresses, URLs, domains, processes and commands with and without arguments, encoded and plain text processes and commands, and file hashes.

For example, you can ask whether or not a specific IP address is suspicious, ask for an explanation of a particular PowerShell command, or ask Monte Copilot to write a specific command for you.

Monte Copilot is fully integrated with the following tools to answer your questions:

Current tools

Tool
Description

IPInfo

Provides information about IP addresses, including geolocation, autonomous system information, and more.

LOLBAS

Provides insights regarding binaries, scripts, and libraries that are part of the Windows OS.

Shodan

Offers insights into listening services and ports associated with a given IP address.

Whois

Retrieves and parses WHOIS data about a URL.

Virustotal

Analyzes URLs, domains, IP addresses, and files for threats like viruses, worms, trojans.

WindowsCommands

Provides information regarding Windows OS commands.

QnA

Offers details on a specific question, topic, or keyword. Utilizes

  • Google search APIs(SerpAPI)

  • Anvilogic Forge Threat Reports

You can questions about Threat Actors, Vulnerabilities, Exploits, TTPs and more.

CommandAnalyzer

Explains the details of full operating system command calls and analyzes malicious activity.

Deobfuscator

A custom powerful open-ended Deobfuscator with the ability to decode arbitrary inputs, from Base64, to hex, to binary and more. This tool can even unravel nested combinations of obfuscation used by bad actors.

DomainReputation

Checks the reputation and popularity of a domain based on the Cisco Umbrella Popularity List

IoC

Checks if a URL or IP address is listed as an Indicator of Compromise (IoC) against multiple sources including

  • PhishTank

  • Feodo Tracker

  • VirusTotal

  • Phishstats

  • TOR Exit Nodes

  • FireHOL

  • URLHaus

AnvilogicAllowlistProcessRegexGenerator

Generates regex patterns for allowlisting benign processes to reduce alert volume.

SQLFieldMapper

Modifies and generates SQL statements based on user-provided data and requests.

Last updated