Skip to content
The Seeker of IOC
Python HTML JavaScript CSS C++ Batchfile Shell
Branch: master
Clone or download

Latest commit

Fetching latest commit…
Cannot retrieve the latest commit at this time.

Files

Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
_log
components Removed old resources Dec 28, 2017
helpers Removed old resources Dec 28, 2017
ssl
utils Moved utils Nov 24, 2017
.gitignore Removed old resources Dec 28, 2017
.gitmodules Yara 1/3 - The Phantom Menace - Adding yara rules to the DB May 3, 2017
LICENSE
README.md
available_modules.py chmod +x Apr 13, 2017
config.py
crossbokeh.py Removed old resources Dec 28, 2017
main.py
requirements.txt Removed old resources Dec 28, 2017

README.md

CERTitude - The seeker of IOC

CERTitude logo

Description

CERTitude is a Python-based tool which aims at assessing the compromised perimeter during incident response assignments. It allows analysts to perform large scale scans of Windows-based information systems by searching for behavioural patterns described in IOC (Indicator Of Compromise) files.

Notable features:

  • Ability to scan hosts in a way that prevents the target workstation from knowing what the investigator is searching for
  • Ability to retrieve some pieces of data from the hosts
  • Multiple scanner instances (for IOCs and/or hash scans) can be run at the same time for parallel scanning
  • Built with security considerations in mind (protected database, secure communications with hosts using IPSec)

Documentation: https://github.com/CERT-W/certitude/wiki

Contributors

Developers

  • Aurélien BAUD
  • Adrien DEGRANGE
  • Thomas LABADIE
  • Jean MARSAULT
  • Vincent NGUYEN
  • Fabien SCHWEBEL
  • Antoine VALLEE

External dependencies

Copyright © Wavestone 2017

You can’t perform that action at this time.