Yeti is a platform meant to organize observables, indicators of compromise, TTPs, and knowledge on threats in a single, unified repository. Yeti will also automatically enrich observables (e.g. resolve domains, geolocate IPs) so that you don't have to. Yeti provides an interface for humans (shiny Bootstrap-based UI) and one for machines (web API) so that your other tools can talk nicely to it.
Yeti was born out of frustration of having to answer the question "where have I seen this artifact before?" or Googling shady domains to tie them to a malware family.
In a nutshell, Yeti allows you to:
- Submit observables and get a pretty good guess on the nature of the threat.
- Inversely, focus on a threat and quickly list all TTPs, Observables, and associated malware.
- Let responders skip the "Google the artifact" stage of incident response.
- Let analysts focus on adding intelligence rather than worrying about machine-readable export formats.
- Visualize relationship graphs between different threats.
- Collecting and processing observables from a wide array of different sources (MISP instances, malware trackers, XML feeds, JSON feeds...)
- Providing a web API to automate queries (think incident management platform) and enrichment (think malware sandbox).
- Export the data in user-defined formats so that they can be ingested by third-party applications (think blocklists, SIEM).
Installation
There's are a few handy bootstrap scripts in /extras that you can use to install a production instance of Yeti.
If you're really in a hurry, you can
curl | bash them.$ curl https://raw.githubusercontent.com/yeti-platform/yeti/master/extras/ubuntu_bootstrap.sh | sudo /bin/bashDocker images
Yeti has a
docker-compose script to get up and running even faster; this is useful for testing or even running production instances of Yeti should your infrastructure support it. Full instructions here, but in a nutshell:$ git clone https://github.com/yeti-platform/yeti.git
$ cd yeti/extras/docker/dev
$ docker-compose upUseful links
via KitPloit
Related articles
- Hack And Tools
- Hacker Tools Free
- Hacking Tools For Beginners
- Game Hacking
- Pentest Tools Website Vulnerability
- Bluetooth Hacking Tools Kali
- Tools 4 Hack
- World No 1 Hacker Software
- Hacking Tools Hardware
- World No 1 Hacker Software
- Pentest Recon Tools
- Hack Tools Pc
- Hacking Tools For Windows Free Download
- Hacker Tools For Windows
- How To Make Hacking Tools
- How To Hack
- Hacking Tools Software
- Hacking Tools For Mac
- Hacker Tools Free Download
- Hacking Tools For Mac
- Hacking Tools Kit
- Hacking Tools For Kali Linux
- Kik Hack Tools
- Hacker Tools Software
- Tools For Hacker
- Pentest Box Tools Download
- Tools For Hacker
- Hacker Tools Free
- Tools For Hacker
- New Hacker Tools
- Hacker Security Tools
- Hacking Tools Online
- Pentest Tools Website
- Install Pentest Tools Ubuntu
- Hack Tools Pc
- Pentest Tools List
- Hacking Tools For Mac
- Pentest Tools For Android
- Pentest Tools Alternative
- Install Pentest Tools Ubuntu
- How To Make Hacking Tools
- Pentest Tools Android
- What Is Hacking Tools
- Hack Tools
- Hacking Tools And Software
- Hacker Tools Hardware
- Tools For Hacker
- Hacking Tools For Windows 7
- Pentest Tools Url Fuzzer
- Android Hack Tools Github
- Hacking Tools Download
- Hacker Tool Kit
- Hack Website Online Tool
- New Hacker Tools
- Pentest Tools Alternative
- Black Hat Hacker Tools
- Hack Tools Online
- How To Hack
- Pentest Tools For Ubuntu
- Hacker Tools Online
- Hacker Tools Software
- Hack Tools For Pc
- Hacker Tools Free Download
- Pentest Tools For Android
- Pentest Tools Subdomain
- Wifi Hacker Tools For Windows
- Hacking App
- Hacker Tools For Mac
- Hackers Toolbox
- Growth Hacker Tools
- What Are Hacking Tools
- Bluetooth Hacking Tools Kali
- Hacker Tools 2020
- Pentest Tools Subdomain
- Best Hacking Tools 2019
- Pentest Tools Kali Linux
- Hacker Hardware Tools
- Growth Hacker Tools
- Hacker Techniques Tools And Incident Handling
No comments:
Post a Comment