CERTITUDE – AN OPEN-SOURCE AND AGENTLESS COMPROMISE ASSESSMENT TOOLDefensive Cyber Security

Begin Learning Cyber Security for FREE Now!

FREE REGISTRATION
Already a Member Login Here

Home Forums Cyber Security Defensive Cyber Security CERTITUDE – AN OPEN-SOURCE AND AGENTLESS COMPROMISE ASSESSMENT TOOL

This topic contains 0 replies, has 1 voice, and was last updated by  MD Khurshid Alam 1 year, 9 months ago.

Viewing 1 post (of 1 total)
  • Author
    Posts
  • #101589

    MD Khurshid Alam
    Participant

    USAEuropeAsiaTrainingsArchivesSponsorshipsPressAbout Black Hat: Mailing ListBlack Hat: Mailing ListBlack Hat: facebookBlack Hat: facebookBlack Hat: twitterBlack Hat: twitterBlack Hat: LinkedInBlack Hat: LinkedInBlack Hat: YoutubeBlack Hat: YoutubeBlack Hat: Google PlusBlack Hat: Google PlusBlack Hat: FlickrBlack Hat: Flickr
    Black Hat Home

    ALL TOOLS
    PRESENTERS
    CERTITUDE – AN OPEN-SOURCE AND AGENTLESS COMPROMISE ASSESSMENT TOOL

    Jean Marsault
    Vincent NGUYEN
    Location: Business Hall, Arsenal Station 5
    Date: Wednesday, December 6 | 1:30pm-3:05pm
    Track: Data Forensics and Incident Response
    Session Type: Arsenal

    CERTitude is a Python-based tool which aims at assessing the compromised perimeter during incident response assignments. It allows analysts to perform large scale scans of Windows-based information systems by searching for behavioural patterns described in IOC (Indicator of Compromise) files.

    Notable features include:
    Ability to scan hosts in a way that prevents the target workstation from knowing what the investigator is searching for
    Ability to retrieve some pieces of data from the hosts
    Multiple scanner instances (for IOCs and/or hash scans) can be run at the same time for parallel scanning
    Built with security considerations in mind (protected database, secure communications with hosts using IPSec)

    UBM Tech
    Technology Group
    Black Hat
    Content Marketing Institute
    Content Marketing World
    Dark Reading
    Enterprise Connect
    Fusion
    GDC
    Gamasutra
    HDI
    ICMI
    InformationWeek
    Interop ITX
    Network Computing
    No Jitter
    VRDC
    COMMUNITIES SERVED
    Content Marketing
    Enterprise IT
    Enterprise Communications
    Game Development
    Information Security
    IT Services & Support
    WORKING WITH US
    Advertising Contacts
    Event Calendar
    Tech Marketing
    Solutions
    Contact Us
    Licensing

Viewing 1 post (of 1 total)

You must be logged in to reply to this topic.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play
 

Support Cybrary

Donate Here to Get This Month's Donor Badge

 
Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel