The Kraken is a host-based IOC collection framework, crucial in the identification phase of any incident response.
The Kraken is built around two main components:
Lightweight agent that is installed on each individual system
A central repository (or C2 server) where evidence is collected and invidual commands can be issued to the agents
The Kraken is in a very early alpha state. Lots of features have been developed in a "quick and dirty" fashion, but are easy to implement in pure python when time permits.
more here.........https://github.com/certsocietegenerale/kraken
The Kraken is built around two main components:
Lightweight agent that is installed on each individual system
A central repository (or C2 server) where evidence is collected and invidual commands can be issued to the agents
The Kraken is in a very early alpha state. Lots of features have been developed in a "quick and dirty" fashion, but are easy to implement in pure python when time permits.
more here.........https://github.com/certsocietegenerale/kraken