Version 1 Alpha 2 Release
·
451 commits
to master
since this release
Why Alpha-2?
We are consistently rolling out new features, squashing bugs, and planning the future of RITA. Currently, we are rapidly iterating on the framework. Due to this rapid development, breaking changes are constantly rolling out. Once the framework settles, version 1.0.0 will be released and RITA will follow semantic versioning.
Installation
From Source
- Follow these instructions
- Before running
make install, rungit checkout tags/v1.0.0-alpha2
Binary
The attached binary is built for AMD64 Linux.
How to install RITA using the binary.
- Download the binary
chmod +x ritamkdir ~/.rita- Download the config.yaml file
mv config.yaml ~/.rita- Edit the config file according to the README
- Ensure MongoDB is running
Example Run
NAME:
rita - Look for evil needles in big haystacks.
USAGE:
rita [global options] command [command options] [arguments...]
VERSION:
v1.0.0-alpha2-0-g5321fb6
COMMANDS:
analyze Analyze imported databases, if no [database,d] flag is specified will attempt all
delete-database Delete an imported database
import Import bro logs into the database
html-report Write analysis information to html output
reset-analysis Reset analysis of one or more databases
show-beacons Print beacon information to standard out
show-blacklisted Print blacklisted information to standard out
show-databases Print the databases currently stored
show-exploded-dns Print dns analysis. Exposes covert dns channels.
show-long-connections Print long connections and relevant information
show-scans Print scanning information
show-long-urls Print the longest urls
show-most-visited-urls Print the most visited urls
show-user-agents Print user agent information
test-config Check the configuration file for validity
help, h Shows a list of commands or help for one command
GLOBAL OPTIONS:
--help, -h show help
--version, -v print the version