A given IOC comes to your hands, for instance a hash, URL, IP or suspicious domain. You need to find out some basic information: Is it malware? Is it in any repository? Since when? Whois? Country of origin? Is it in pastebin?
You start to open tabs, enter passwords in the different services and launch queries. Hopefully, you have an API shared with a co-worker and, after checking several systems, you open a TXT file to recopy the data to the intelligence platform. Your co-worker, who you share those APIs and passwords with but who is on your computer elsewhere in the world, does the same because the same IOC has also reached their hands. This is over with TheTHE.
The higher number of plugins, the better. It doesn’t matter if an APIKey or a password is required, anything is possible. So we encourage you to participate in this contest.
How Do I Participate?
The challenge is to develop a plugin for TheTHE that is not already done. You can see the whole list through the following link https://thethe.e-paths.com, along with the link to the tool, how to install it, etc.
Some ready-made plugins are: abuseipdb, DIARIO, emailrep, geoip, haveibeenpwned, hunterio, maltiverse, metagoofil, pastebin, phishtank, robtex, sherlock, shodan, tacyt, urlscan, verifymail, virustotal, whois, etc.
How Should I Do It?
If you wish to take part, you must be familiar with Python and Vue. The detailed instructions to develop a plugin can be found here: https://github.com/ElevenPaths/thethe/wiki/How-to-create-a-Plugin-(backend)
What Is Evaluated?
The features of the plugin that will be evaluated are its originality, how well it is programmed, its usefulness, etc. Everything related to IoCs and Threat Intelligence is valid, whether accessible by API or command line tools. Some ideas: AlienVault, CrowdStrike, Team-Cymru, MalwareCheck, blockchain.info, ThreatGrid, etc.
Please note that if a paid APIKey is required, we may not be able to evaluate the plugin.
Where Do I Send It? What Is the Deadline?
You can send your solutions to labs@11paths.com until May 15, 2020 at 12am (Spanish time). You will receive a confirmation of receipt of the plugin. We will announce the winner by the end of May.
What Is the Prize?
The prize is an Amazon Gift Card worth 111 euros. Even if you don’t win, we will publish your plugin explicitly mentioning you on our TheTHE Github.
