src/data/tools.yaml aktualisiert
This commit is contained in:
parent
dc9f52fb7c
commit
8a6d9d3324
@ -57,6 +57,44 @@ tools:
|
|||||||
accessType: download
|
accessType: download
|
||||||
license: Apache-2.0
|
license: Apache-2.0
|
||||||
knowledgebase: false
|
knowledgebase: false
|
||||||
|
- name: Thorium
|
||||||
|
icon: ⚛️
|
||||||
|
type: software
|
||||||
|
description: >-
|
||||||
|
CISAs portable Hybrid-Analyse-Tool für die schnelle Untersuchung von Windows-
|
||||||
|
Systemen auf bösartige Aktivitäten. Scannt mit kuratierten YARA- und
|
||||||
|
Sigma-Regeln Arbeitsspeicher, Prozesse, Dateisystem, Netzwerkverbindungen und
|
||||||
|
Systemprotokolle. Ideal für schnelle Triage im Incident Response, sowohl live als auch
|
||||||
|
auf gemounteten Images. Die Ausgabe erfolgt in strukturierten JSON-Reports.
|
||||||
|
domains:
|
||||||
|
- incident-response
|
||||||
|
- malware-analysis
|
||||||
|
phases:
|
||||||
|
- examination
|
||||||
|
- analysis
|
||||||
|
platforms:
|
||||||
|
- Linux
|
||||||
|
related_software:
|
||||||
|
- Loki
|
||||||
|
- YARA
|
||||||
|
- Velociraptor
|
||||||
|
skillLevel: intermediate
|
||||||
|
accessType: download
|
||||||
|
url: https://github.com/cisagov/thorium
|
||||||
|
license: MIT
|
||||||
|
knowledgebase: false
|
||||||
|
tags:
|
||||||
|
- cli
|
||||||
|
- triage
|
||||||
|
- fast-scan
|
||||||
|
- ioc-matching
|
||||||
|
- yara-scan
|
||||||
|
- sigma-rules
|
||||||
|
- memory-analysis
|
||||||
|
- process-analysis
|
||||||
|
- filesystem-scanning
|
||||||
|
- log-analysis
|
||||||
|
- portable
|
||||||
- name: Volatility 3
|
- name: Volatility 3
|
||||||
type: software
|
type: software
|
||||||
description: >-
|
description: >-
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user