CIRTKit is a tools for the computer incident response team. One DFIR console to rule them all. Built on top of the Viper Framework.
Installation
Database Setup
lib/core/database.py
It requires a database to store malware artifacts and investigation data. Currently, it is equipped to use SQLite and Postgres SQL databases.
If you need to have multiple analysts collaborate on investigations, then you need to setup it to use Postgres, otherwise if you want to store information locally, you can use SQLite.
For SQLite, you can simply run CIRTKit, and it will create and connect to a local SQLite file. Or you can specify the connection string to use a different file.
Setup your Postgres database and edit the lines at the top of the database.py with the credentials for the database you just configured.
Also Read : Fwknop : Single Packet Authorization Port Knocking
DB_USER = ”
DB_PASSWD = ”
Install Dependencies
You can install decencies with pip (Python packaging system) using the provided requirements.txt file “pip install -r requirements.txt”
Execute
python cirtkity.py
You can also specify the ‘-i’ flag and specify a specific investigation. If it does not exist, CIRTKit will create a new investigation
Credit : Bob
Introduction Google Dorking is a technique where advanced search operators are used to uncover information…
Linux is renowned for its versatility, open-source nature, and security. Whether you're a beginner, developer,…
Cyber insurance helps businesses and individuals mitigate financial losses from data breaches, ransomware, extortion, legal…
Ransomware is one of the most dangerous and destructive forms of cybercrime today. With cybercriminals…
Social media is a key part of our daily lives, with millions of users sharing…
What Are Data Brokers? Data brokers are companies that collect, aggregate, and sell personal information,…