Yeti is a platform meant to organize observables, indicators of compromise, TTPs, and knowledge on threats in a single, unified repository. Yeti will also automatically enrich observables (e.g. resolve domains, geolocate IPs) so that you don't have to. Yeti provides an interface for humans (shiny Bootstrap-based UI) and one for machines (web API) so that your other tools can talk nicely to it.
Yeti was born out of frustration of having to answer the question "where have I seen this artifact before?" or Googling shady domains to tie them to a malware family.
In a nutshell, Yeti allows you to:
- Submit observables and get a pretty good guess on the nature of the threat.
- Inversely, focus on a threat and quickly list all TTPs, Observables, and associated malware.
- Let responders skip the "Google the artifact" stage of incident response.
- Let analysts focus on adding intelligence rather than worrying about machine-readable export formats.
- Visualize relationship graphs between different threats.
- Collecting and processing observables from a wide array of different sources (MISP instances, malware trackers, XML feeds, JSON feeds...)
- Providing a web API to automate queries (think incident management platform) and enrichment (think malware sandbox).
- Export the data in user-defined formats so that they can be ingested by third-party applications (think blocklists, SIEM).
Installation
There's are a few handy bootstrap scripts in /extras that you can use to install a production instance of Yeti.
If you're really in a hurry, you can
curl | bash them.$ curl https://raw.githubusercontent.com/yeti-platform/yeti/master/extras/ubuntu_bootstrap.sh | sudo /bin/bashDocker images
Yeti has a
docker-compose script to get up and running even faster; this is useful for testing or even running production instances of Yeti should your infrastructure support it. Full instructions here, but in a nutshell:$ git clone https://github.com/yeti-platform/yeti.git
$ cd yeti/extras/docker/dev
$ docker-compose upUseful links
via KitPloit
Related news
- Hack Tools
- Hacker Tools Software
- Hack Website Online Tool
- Pentest Tools Windows
- Wifi Hacker Tools For Windows
- Hacking Tools For Mac
- Pentest Tools For Android
- Pentest Tools List
- Hacker Tools Windows
- Hacker Tools 2020
- Hacker Tools For Ios
- Pentest Tools Open Source
- Hacker Tools For Mac
- Hacking Tools Windows 10
- Hack Website Online Tool
- Ethical Hacker Tools
- Install Pentest Tools Ubuntu
- Pentest Tools Online
- Pentest Tools Open Source
- Pentest Tools Linux
- Hacker Tools For Windows
- Game Hacking
- Hackrf Tools
- Termux Hacking Tools 2019
- Hacking Tools For Windows Free Download
- Pentest Reporting Tools
- Best Hacking Tools 2020
- Hacking Tools For Kali Linux
- Hacking Apps
- Hackers Toolbox
- Game Hacking
- What Are Hacking Tools
- Black Hat Hacker Tools
- Game Hacking
- Hacker Security Tools
- Pentest Tools Website Vulnerability
- Hacking Tools For Windows Free Download
- Termux Hacking Tools 2019
- Pentest Tools Free
- Pentest Tools Alternative
- Hack Tools
- Beginner Hacker Tools
- Hack App
- Hacker Tools Linux
- Pentest Tools Online
- Pentest Tools Linux
- New Hacker Tools
- What Are Hacking Tools
- Hacking Tools Github
- Blackhat Hacker Tools
- Pentest Tools
- Pentest Tools Url Fuzzer
- Hacking Tools For Beginners
- Hacker Tools Software
- What Are Hacking Tools
- Hackrf Tools
- Hacker Tool Kit
- Hacking Tools For Kali Linux
- Kik Hack Tools
- Hack Website Online Tool
- Github Hacking Tools
- Pentest Tools Bluekeep
- Hacking Tools Github
- Pentest Tools Port Scanner
- Hack Tools For Mac
- Hacker Techniques Tools And Incident Handling
- Pentest Tools Android
- Pentest Tools Subdomain
- Pentest Tools Port Scanner
- Install Pentest Tools Ubuntu
- Hacking Tools Pc
No comments:
Post a Comment