Skip to content
/ panrapidcheck Public

Extract useful information from PANOS support file for CVE-2024-3400

License

MIT license
2 stars 2 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

HackingLZ/panrapidcheck

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
LICENSE
LICENSE
 
 
README.md
README.md
 
 
iocs.txt
iocs.txt
 
 
panparse.py
panparse.py
 
 

Repository files navigation

PAN Rapid Check

Simple(you should probably just do this in bash with grep) PANOS support file checker that extracts some places to look for CVE-2024-3400 IoCs

Generate the support file from Device -> Support -> Generate Tech Support file

iocs.txt should include IPs/hosts from known bad for example https://github.com/volexity/threat-intel/blob/main/2024/2024-04-12%20Palo%20Alto%20Networks%20GlobalProtect/indicators/iocs.csv

Usage

Run the parser on a tech support file archive:

python panparse.py support.tgz

The script will extract the archive and search the logs based on the indicators from iocs.txt.

License

This project is licensed under the MIT License.

About

Extract useful information from PANOS support file for CVE-2024-3400

Topics

python incident-response threat-intelligence security-research palo-alto-networks globalprotect cve-2024-3400 ioc-detection

Resources

Readme

License

MIT license
Activity

Stars

2 stars

Watchers

1 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages