CRITs is a web-based tool which combines an analytic engine with a cyber threat database that not only serves as a repository for attack data and malware, but also provides analysts with a powerful platform for conducting malware analyses, correlating malware, and for targeting data. These analyses and correlations can also be saved and exploited within CRITs. CRITs employs a simple but very useful hierarchy to structure cyber threat information. This structure gives analysts the power to 'pivot' on metadata to discover previously unknown related content.
Visit our website for more information, documentation, and links to community content such as our mailing lists and IRC channel.
CRITs is designed to work on a 64-bit architecture of Ubuntu or RHEL6 using Python 2.7. Installation has beta support for OSX using Homebrew. It is also possible to install CRITs on CentOS.
If you require the use of a 32-bit OS, you will need to download 32-bit versions of the pre-compiled dependencies.
The following instructions assume you are running Ubuntu or RHEL6 64-bit with Python 2.7. If you are on RHEL which does not come with Python 2.7, you will need to install it. If you do, ensure all python library dependencies are installed using Python 2.7. Also, make sure you install mod_wsgi against the Python 2.7 install if you are looking to use Apache. More information on this can be found in the Github wiki at https://github.com/crits/crits/wiki/Common-Questions.
CRITs comes with a bootstrap script which will help you:
- Install all of the dependencies.
- Configure CRITs for database connectivity and your first admin user.
- Get MongoDB running with default settings.
- Use Django's runserver to quickly get you up and running with the CRITs interface.
Just run the following:
sh script/bootstrap
Once you've run bootstrap once, do not use it again to get the runserver going, you'll be going through the install process again. Instead use the server script:
sh script/server
If you are looking for a more permanent and performant CRITs installation or just interested in tweaking things, read more about setting up CRITs for production.
We recommend adding services to your CRITs install. Services extend the features and functionality of the core project allowing you to enhance CRITs based on your needs. You can find more information about how to do this here.
Thanks for using CRITs!