Giters

hm-seclab / YAFRA

YAFRA is a semi-automated framework for analyzing and representing reports about IT Security incidents.

Home Page:https://seclab.cs.hm.edu/oss-projects/yafra/

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

iocincident-responsecybersecuritythreatintelthreat-intelligencethreat-huntingindicatorsindicators-of-compromiseioacyber-threat-intelligencecyberthreatintelligencecyber-threatscyber-threat-analystintelligencethreat-intelmalware-researchmispgitgitlabgithub

YAFRA

Maintenance PRs Welcome Open Source Love png1

YAFRA stands for [y]et [a]nother [f]ramework for [r]eport [a]nalysis

Description

YAFRA is a semi-automated framework for analysing and representing reports about IT security incidents. Users can provide reports as PDF and YAFRA will extract IOCs (indicators of compromise). After extraction these IOCs will be enriched by external sources such as VirusTotal or MITRE in order to provide more context.

Installation and Configuration

For information about the installation and configuration have a look in the docs folder.

Examples

Example reports can be found on the website of the US-CERT (CISA): https://us-cert.cisa.gov/ncas/analysis-reports

Extensions

YAFRA provides a simple to use extension system called YAFRA-Extensions. For more information, have a look at the extensions folder.

About

YAFRA is a semi-automated framework for analyzing and representing reports about IT Security incidents.

https://seclab.cs.hm.edu/oss-projects/yafra/

iocincident-responsecybersecuritythreatintelthreat-intelligencethreat-huntingindicatorsindicators-of-compromiseioacyber-threat-intelligencecyberthreatintelligencecyber-threatscyber-threat-analystintelligencethreat-intelmalware-researchmispgitgitlabgithub

License:Apache License 2.0

Languages

Language:Python 98.3%Language:Dockerfile 0.7%Language:HTML 0.5%Language:Shell 0.3%Language:Makefile 0.2%