Giter Club home page Giter Club logo

yeti's Introduction

Yeti Platform

Yeti aims to bridge the gap between CTI and DFIR practitioners by providing a Forensics Intelligence platform and pipeline for DFIR teams. It was born out of frustration of having to answer the question "where have I seen this artifact before?" or "how do I search for IOCs related to this threat (or all threats?) in my timeline?"

Documentation links:

What is Yeti?

In a nutshell, Yeti allows you to:

  • Bulk search observables and get a pretty good guess on the nature of the threat, and how to find it on a system.
  • Inversely, focus on a threat and quickly list all TTPs, malware, and related DFIR artifacts.
  • Let CTI analysts focus on adding intelligence rather than worrying about machine-readable export formats.
  • Incorporate your own data sources, analytics, and logic very easily.

This is done by:

  • Storing technical and tactical CTI (observables, TTPs, campagins, etc.) from internal or external systems.
  • Being a backend for DFIR-related queries: Yara signatures, Sigma rules, DFIQ.
  • Providing a web API to automate queries (think incident management platform) and enrichment (think malware sandbox).
  • Export the data in user-defined formats so that they can be ingested by third-party applications (SIEM, DFIR platforms).

yeti's People

Contributors

chenerlich avatar dependabot[bot] avatar doomedraven avatar dumprop avatar firehak avatar fr0gger avatar gaelmuller avatar heat-miser avatar ikoniaris avatar itsmvd avatar jipegit avatar johnfromthefuture avatar kfaber avatar lucebac avatar m3047 avatar mbonino avatar ngws avatar ninoseki avatar p-l- avatar peasead avatar sebdraven avatar srilumpa avatar threathive avatar tomchop avatar trolldbois avatar udgover avatar williamsdr avatar y0m avatar yuningmiao avatar zcatbear avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.