⚠️ Group-IB

⚠️ Unpublished: This item is from a solution that is not yet published on Azure Marketplace or not installed in Content Hub.

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊

↑ Back to Solutions Index

Attribute	Value
Publisher
Support Tier
Solution Folder	Group-IB

Data Connectors
Tables Used
Content Items

Data Connectors

This solution does not include data connectors.

This solution may contain other components such as analytics rules, workbooks, hunting queries, or playbooks.

Tables Used

This solution queries 21 table(s) from its content items:

Table	Used By Content
`GIBTIAAPTThreatActor_CL`	Playbooks (writes)
`GIBTIAAPTThreatReports_CL`	Playbooks (writes)
`GIBTIAAttacksDDoS_CL`	Playbooks (writes)
`GIBTIAAttacksDeface_CL`	Playbooks (writes)
`GIBTIAAttacksPhishingKit_CL`	Playbooks (writes)
`GIBTIABPPhishingKit_CL`	Playbooks (writes)
`GIBTIABPPhishing_CL`	Playbooks (writes)
`GIBTIACompromisedCard_CL`	Playbooks (writes)
`GIBTIACompromisedIMEI_CL`	Playbooks (writes)
`GIBTIACompromisedMule_CL`	Playbooks (writes)
`GIBTIAHIThreatActor_CL`	Playbooks (writes)
`GIBTIAHIThreatReports_CL`	Playbooks (writes)
`GIBTIAMalwareCNC_CL`	Playbooks (writes)
`GIBTIAOSIGitLeak_CL`	Playbooks (writes)
`GIBTIAOSIPublicLeak_CL`	Playbooks (writes)
`GIBTIAOSIVulnerability_CL`	Playbooks (writes)
`GIBTIASuspiciousIPOpenProxy_CL`	Playbooks (writes)
`GIBTIASuspiciousIPSocksProxy_CL`	Playbooks (writes)
`GIBTIASuspiciousIPTorNode_CL`	Playbooks (writes)
`GIBTIATargetedMalware_CL`	Playbooks (writes)
`GIBTechTable_CL`	Playbooks (writes)

Content Items

This solution includes 23 content item(s) (0 in solution, 23 discovered 🔍):

Content Type	Total	In Solution	Discovered
Playbooks	23	0	23

Playbooks

Name	Description	Tables Used
GIBIndicatorProcessor ⚠️	Author: Hesham Saad	-
GIBTIA_APT_ThreatActor ⚠️	Author: Hesham Saad	`GIBTIAAPTThreatActor_CL` (write) `GIBTechTable_CL` (read/write)
GIBTIA_APT_Threats ⚠️	Author: Hesham Saad	`GIBTIAAPTThreatReports_CL` (write) `GIBTechTable_CL` (read/write)
GIBTIA_Attacks_ddos ⚠️	Author: Hesham Saad	`GIBTIAAttacksDDoS_CL` (write) `GIBTechTable_CL` (read/write)
GIBTIA_Attacks_deface ⚠️	Author: Hesham Saad	`GIBTIAAttacksDeface_CL` (write) `GIBTechTable_CL` (read/write)
GIBTIA_Attacks_phishing ⚠️	Author: Hesham Saad	`GIBTIAAttacksPhishingKit_CL` (write) `GIBTechTable_CL` (read/write)
GIBTIA_Attacks_phishing_kit ⚠️	Author: Hesham Saad	`GIBTIAAttacksPhishingKit_CL` (write) `GIBTechTable_CL` (read/write)
GIBTIA_BP_phishing ⚠️	Author: Hesham Saad	`GIBTIABPPhishing_CL` (write) `GIBTechTable_CL` (read/write)
GIBTIA_BP_phishing_kit ⚠️	Author: Hesham Saad	`GIBTIABPPhishingKit_CL` (write) `GIBTechTable_CL` (read/write)
GIBTIA_Compromised_account ⚠️	Author: Hesham Saad	`GIBTIABPPhishingKit_CL` (write) `GIBTechTable_CL` (read/write)
GIBTIA_Compromised_card ⚠️	Author: Hesham Saad	`GIBTIACompromisedCard_CL` (write) `GIBTechTable_CL` (read/write)
GIBTIA_Compromised_imei ⚠️	Author: Hesham Saad	`GIBTIACompromisedIMEI_CL` (write) `GIBTechTable_CL` (read/write)
GIBTIA_Compromised_mule ⚠️	Author: Hesham Saad	`GIBTIACompromisedMule_CL` (write) `GIBTechTable_CL` (read/write)
GIBTIA_HI_Threat ⚠️	Author: Hesham Saad	`GIBTIAHIThreatReports_CL` (write) `GIBTechTable_CL` (read/write)
GIBTIA_HI_Threat_Actor ⚠️	Author: Hesham Saad	`GIBTIAHIThreatActor_CL` (write) `GIBTechTable_CL` (read/write)
GIBTIA_Malware_Targeted_Malware ⚠️	Author: Hesham Saad	`GIBTIATargetedMalware_CL` (write) `GIBTechTable_CL` (read/write)
GIBTIA_Malware_cnc ⚠️	Author: Hesham Saad	`GIBTIAMalwareCNC_CL` (write) `GIBTechTable_CL` (read/write)
GIBTIA_OSI_GitLeak ⚠️	Author: Hesham Saad	`GIBTIAOSIGitLeak_CL` (write) `GIBTechTable_CL` (read/write)
GIBTIA_OSI_PublicLeak ⚠️	Author: Hesham Saad	`GIBTIAOSIPublicLeak_CL` (write) `GIBTechTable_CL` (read/write)
GIBTIA_OSI_Vulnerability ⚠️	Author: Hesham Saad	`GIBTIAOSIVulnerability_CL` (write) `GIBTechTable_CL` (read/write)
GIBTIA_Suspicious_ip_open_proxy ⚠️	Author: Hesham Saad	`GIBTIASuspiciousIPOpenProxy_CL` (write) `GIBTechTable_CL` (read/write)
GIBTIA_Suspicious_ip_socks_proxy ⚠️	Author: Hesham Saad	`GIBTIASuspiciousIPSocksProxy_CL` (write) `GIBTechTable_CL` (read/write)
GIBTIA_Suspicious_ip_tor_node ⚠️	Author: Hesham Saad	`GIBTIASuspiciousIPTorNode_CL` (write) `GIBTechTable_CL` (read/write)

⚠️ Items marked with ⚠️ are not listed in the Solution JSON file. They were discovered by scanning the solution folder and may be legacy items, under development, or excluded from the official solution package.