Kraken is a simple cross-platform Yara scanner that can be built for Windows, Mac, FreeBSD and Linux. It is primarily intended for incident response, research and ad-hoc detections (not for endpoint protection). Following are the core features:
Some features are still under work or almost completed:
Screenshots
How to use?
Launch Kraken with any of the available options:
sage of kraken:
–backend string Specify a particular hostname to the backend to connect to (overrides the default)
–daemon Enable daemon mode (this will also enable the report flag)
–debug Enable debug logs
–folder string Specify a particular folder to be scanned (overrides the default full filesystem)
–no-autoruns Disable scanning of autoruns
–no-filesystem Disable scanning of filesystem
–no-process Disable scanning of running processes
–report Enable reporting of events to the backend
–rules Specify a particular path to a file or folder containing the Yara rules to use
User Guide
For details on how to install, use and build Kraken you should refer to the User Guide. The original source files for the documentation are available here, please open any issue or pull request pertinent to documentation there.
License
Kraken is released under the GNU General Public License v3.0 and is copyrighted to Claudio Guarnieri.
Docker is a powerful open-source containerization platform that allows developers to build, test, and deploy…
Docker is one of the most widely used containerization platforms. But there may come a…
Introduction Google Dorking is a technique where advanced search operators are used to uncover information…
Introduction In cybersecurity and IT operations, logging fundamentals form the backbone of monitoring, forensics, and…
What is Networking? Networking brings together devices like computers, servers, routers, and switches so they…
Introduction In the world of Open Source Intelligence (OSINT), anonymity and operational security (OPSEC) are…