Blue Team Auxiliary Script
BTAS is a browser auxiliary script developed for Security Operations Center (SOC) analysts, designed to fully simplify workflows and significantly enhance efficiency. The script runs on the Tampermonkey extension and integrates multiple practical functions, including rapid response, threat intelligence search, log parsing, and automation, greatly improving the efficiency of analysts.
- Quick Reply: Include many reply templates for common scenarios, supports one-click quick replies, and allows for custom reply content.
- Convenience Menu: Integrates shortcuts for commonly used tools such as JIRA Search, VirusTotal, AbuseIPDB, and Base64 decoding.
- Anomaly Detection: Detects based on keyword rules and more than abnormal behaviors, improving analysis accuracy and ensuring no major security alerts are missed.
- Log Parsing: Supports parsing log formats from mainstream security and cloud products (e.g., Cortex XDR, Microsoft Endpoint Defender, and Azure Cloud). It quickly parses raw logs and generates alert description; it also integrates a one-click jump function to security platforms.
- Prompt Sound Notification: Monitors ticket lists in real-time and plays a notification sound for new or updated tickets.
- Ticket Tracking: Provides visual reminders for tickets that have not been processed or responded to for a long time.
- Reminders: Analysts will be prompted with relevant information when opening specific ticket pages, including customer requirements and SOPs, guiding standardized operations.
Barry, Jack, Xingyu, Mike
License: MIT