Tools
KoreLogic has published a number of open-source projects.
Project | Synopsis |
---|---|
FTimes | A forensic system baselining, searching, and evidence collection tool. Its primary purpose is to gather and/or develop topographical information and attributes about specified directories and files in a manner conducive to intrusion and forensic analysis. |
Giles | A compiler that creates event correlation engines (production systems) represented as a SQL-based Relational Database Management System (RDBMS). |
KLEL | A simple expression language implemented as a library that can be embedded in other programs (e.g., FTimes). |
PathWell | A library for measuring and dynamically enforcing password complexity, focusing on the uniqueness of each user password's topology. |
MASTIFF | A static analysis framework that automates the process of extracting key characteristics from a number of different file formats and supports malware, intrusion, and forensic analysis. |
WebJob | A secure automation framework that can be used support arbitrary tasks on both UNIX and Windows clients, supporting encrypted and signed jobs and responses, large scale multi-tier deployments, etc. |