Skip to content

hackerking085/certitude

 
 

Repository files navigation

CERTitude - The seeker of IOC

CERTitude logo

Description

CERTitude is a Python-based tool which aims at assessing the compromised perimeter during incident response assignments. It allows analysts to perform large scale scans of Windows-based information systems by searching for behavioural patterns described in IOC (Indicator Of Compromise) files.

Notable features:

  • Ability to scan hosts in a way that prevents the target workstation from knowing what the investigator is searching for
  • Ability to retrieve some pieces of data from the hosts
  • Multiple scanner instances (for IOCs and/or hash scans) can be run at the same time for parallel scanning
  • Built with security considerations in mind (protected database, secure communications with hosts using IPSec)

Documentation: https://github.com/CERT-W/certitude/wiki

Contributors

Developers

  • Aurélien BAUD
  • Adrien DEGRANGE
  • Thomas LABADIE
  • Jean MARSAULT
  • Vincent NGUYEN
  • Fabien SCHWEBEL
  • Antoine VALLEE

External dependencies

Copyright © Wavestone 2017

Thank You

About

The Seeker of IOC

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • Python 64.4%
  • HTML 18.1%
  • JavaScript 12.4%
  • CSS 2.1%
  • C++ 1.4%
  • Batchfile 1.3%
  • Shell 0.3%