Jager Logo

Jager

0
Free
Visit Website

Jager is a tool for pulling useful IOCs (indicators of compromise) out of various input sources (PDFs for now, plain text really soon, webpages eventually) and putting them into an easy to manipulate JSON format. Short Comings: - Doesn't do OCR, so CrowdStrike's 'Images only' PDFs don't work well. - Text analysis feature is planned for OCR by hand. - Regex's need improvement for better performance. - Some manual work needed for group names or attribution. Use: To analyze a PDF: python jager.py -i foo.pdf -o bar.json To analyze a directory of PDFs: python jager.py -d ~/foo -o ~/bar Features for the Future: - New Analysis Modes - Webpages - Plain Text - New Indicator Types: URLs, File Paths, Registry Keys - More Useful Output

FEATURES

ALTERNATIVES

Amazon GuardDuty is a threat detection service for AWS accounts.

Get insights into the latest cybersecurity trends and expert advice on enhancing organizational security.

A community-driven list of sample security analytics for auditing cloud usage and detecting threats in Google Cloud.

IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol, with a focus on incident handling automation and threat intelligence processing.

AbuseIPDB offers tools and APIs to report and check abusive IPs, enhancing network security.

Threat intelligence platform providing real-time threat data and insights.

TIH is an intelligence tool that helps you search for IOCs across multiple security feeds and APIs.

Repository of YARA rules for identifying and classifying malware.