Strelka
0
Free
Strelka is a real-time, container-based file scanning system used for threat hunting, threat detection, and incident response. Originally based on the design established by Lockheed Martin's Laika BOSS and similar projects (see: related projects), Strelka's purpose is to perform file extraction and metadata collection at enterprise scale. Strelka differs from its sibling projects in a few significant ways: Core codebase is Go and Python3.10+ Server components run in containers for ease and flexibility of deployment OS-native client applications for Windows, Mac, and Linux Built using libraries and formats that allow cross-platform, cross-language support Features Strelka is a modular data scanning platform, allowing users or systems to submit files for the purpose of analyzing, extracting, and reporting file content and metadata. Coupled with a SIEM, Strelka is able to aggregate, alert, and provide analysts with the capability to better understand their environment without having to perform direct data gathering or time-consuming file analysis. Quickstart Running a file through Strelka is simple. In this section, Strelka capabilities are showcased.
FEATURES
The author has not provided features for this tool yet. If you are the author, please sign in or claim the tool to add features by clicking the icon above.
ALTERNATIVES
Knowledge base workflow management dashboard for YARA rules and C2 artifacts.
Provides advanced external threat intelligence to help organizations proactively identify and mitigate potential security threats.
Commercial
A curated list of resources for learning about deploying, managing, and hunting with Microsoft Sysmon.
A Linux distribution designed for threat emulation and threat hunting, integrating attacker and defender tools for identifying threats in your environment.
A python3 application for querying sites hosting publicly pasted data and scanning for sensitive information.
Platform providing community-driven threat intelligence on cyber threats with a focus on malware and botnets.
A project focusing on understanding and combating threats to the Internet economy and net citizens.
A sophisticated npm attack attributed to North Korean threat actors, targeting technology firms and their employees.
PINNED
Fabric Platform by BlackStork
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Free
Security Operations
Mandos Brief Newsletter
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
Free
Blogs and News
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Commercial
Cloud Security
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.
Commercial
AI Security