Strelka

Strelka is a real-time, container-based file scanning system designed for threat hunting, threat detection, and incident response operations. The platform performs file extraction and metadata collection at enterprise scale, allowing users and systems to submit files for analysis and reporting purposes. Built with a core codebase using Go and Python 3.10+, Strelka operates through server components that run in containers to provide deployment flexibility. The system includes OS-native client applications supporting Windows, Mac, and Linux platforms, utilizing cross-platform and cross-language compatible libraries and formats. The platform functions as a modular data scanning system that analyzes, extracts, and reports file content and metadata. When integrated with SIEM systems, Strelka can aggregate data, generate alerts, and provide analysts with environmental insights without requiring direct data gathering or manual file analysis processes. Originally based on the design principles established by Lockheed Martin's Laika BOSS and similar projects, Strelka distinguishes itself through its containerized architecture, cross-platform client support, and modern programming language implementation.