KoreLogic has published a number of open-source projects. Most are hosted on GitHub, and have a project-specific PGP key for release signing. Some are no longer being actively developed.
|FTimes||A forensic system baselining, searching, and evidence collection tool. Its primary purpose is to gather and/or develop topographical information and attributes about specified directories and files in a manner conducive to integrity monitoring, intrusion detection, and forensic analysis.||ftimes-code|
|Giles||A compiler that creates event correlation engines (production systems) represented as a SQL-based Relational Database Management System (RDBMS).||giles-project|
|KLEL||A simple expression language implemented as a library that can be embedded in other programs (e.g., FTimes).||libklel-code|
|MASTIFF||A static analysis framework that automates the process of extracting key characteristics from a number of different file formats and supports malware, intrusion, and forensic analysis.||mastiff-project|
|PathWell||A library and PAM module for measuring and dynamically enforcing password complexity across enterprise users, focusing on the uniqueness of each user password's topology.||pathwell-project|
|WebJob||A secure automation framework that can be used support arbitrary tasks on both UNIX and Windows clients, supporting encrypted and signed jobs and responses, large scale multi-tier deployments, etc.|
|WMkick||A MITM tool for WMI (135/tcp) and WSMan/WinRM (5985/tcp), used to capture NetNTLMv2 hashes in a Windows network.|