kraken - Cross-platform Yara scanner written in Go Resources

(557 views)

Kraken is a simple cross-platform Yara scanner that can be built for Windows, Mac, FreeBSD and Linux. It is primarily intended for incident response, research and ad-hoc detections (not for endpoint protection). Following are the core features: Scan running executables and memory of running processes with provided Yara rules (leveraging go-yara). Scan executables installed for autorun (leveraging go-autoruns). Scan the filesystem with the provided Yara rules. Report any detection to a remote server provided with a Django-based web interface. Run continuously and periodically check for new autoruns and scan any newly-executed processes. Kraken will store events in a local SQLite3 database and will keep copies of autorun and detected executables. Some features are still under work or almost completed: Installer and launcher to automatically start Kraken at startup. Download updated Yara rules from the server. https://github.com/botherder/kraken How to use Once the binaries are compiled you will have a kraken-launcher and....

November 6, 2020
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments
© HAKIN9 MEDIA SP. Z O.O. SP. K. 2023
What certifications or qualifications do you hold?
Max. file size: 150 MB.
What level of experience should the ideal candidate have?
What certifications or qualifications are preferred?

Download Free eBook

Step 1 of 4

Name(Required)

We’re committed to your privacy. Hakin9 uses the information you provide to us to contact you about our relevant content, products, and services. You may unsubscribe from these communications at any time. For more information, check out our Privacy Policy.