LookingGlass Cyber

A Tool is an Intelligence Object sharing many Relationships with other objects.

According to STIX Version 2.1, tools are legitimate software used by Threat Actors to attack. It's important to know when Threat Actors use these tools because it can provide you with greater insight into how campaigns are executed.

Unlike malware, these tools or software packages are often found on a system and have legitimate purposes for power users, system administrators, network administrators, or even normal users.

Remote access tools (e.g., RDP) and network scanning tools (e.g., Nmap, RustScan, etc.) are examples of Tools that may be used by a Threat Actor during an attack.

___________________________________________________________

<a href="https://support.lookingglasscyber.com/en/articles/6185187-scoutthreat-creating-a-tool-object" target="_blank">Creating a Tool Object</a>

<a href="https://support.lookingglasscyber.com/en/articles/6185202-scoutthreat-deactivating-and-sharing-a-tool-object" target="_blank">Deactivating and Sharing a Tool Object</a>

- <a href="https://support.lookingglasscyber.com/en/articles/6185187-scoutthreat-creating-a-tool-object" target="_blank">Creating a Tool Object</a>
- <a href="https://support.lookingglasscyber.com/en/articles/6185202-scoutthreat-deactivating-and-sharing-a-tool-object" target="_blank">Deactivating and Sharing a Tool Object</a>

<a href="https://support.lookingglasscyber.com/en/articles/6177471-scoutthreat-user-documentation-table-of-contents" target="_blank">scoutTHREAT User Documentation Table of Contents</a>

scoutTHREAT - Tool Objects Overview

LookingGlassCyber.com

Find answers and get help from Intercom Support and Community Experts

Empty Help Center

Uh oh. That page doesn’t exist.

Disappointed

Neutral

Smiley

Title

Track the progress of all tickets related to your company.

Tickets portal.

{assigneeName} needs more information from you