The Seeker of IOC
Python HTML JavaScript CSS C++ Batchfile Shell
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.

README.md

CERTitude - The seeker of IOC

CERTitude logo

Description

CERTitude is a Python-based tool which aims at assessing the compromised perimeter during incident response assignments. It allows analysts to perform large scale scans of Windows-based information systems by searching for behavioural patterns described in IOC (Indicator Of Compromise) files.

Notable features:

  • Ability to scan hosts in a way that prevents the target workstation from knowing what the investigator is searching for
  • Ability to retrieve some pieces of data from the hosts
  • Multiple scanner instances (for IOCs and/or hash scans) can be run at the same time for parallel scanning
  • Built with security considerations in mind (protected database, secure communications with hosts using IPSec)

Documentation: https://github.com/CERT-W/certitude/wiki

Contributors

Developers

  • Aurélien BAUD
  • Adrien DEGRANGE
  • Thomas LABADIE
  • Jean MARSAULT
  • Vincent NGUYEN
  • Fabien SCHWEBEL
  • Antoine VALLEE

External dependencies

Copyright © Wavestone 2017