CHIRP
CHIRP copied to clipboard
cisagov
A DFIR tool written in Python.
# π Summary # Requires visual studio to run, not all systems can have that on the system. ## To reproduce ## Steps to reproduce the behavior: 1. Tried to...
Do you have any tips for running chirp via SCCM? It seems like it doesnβt run properly from an SMB share and also there doesnβt seem to be a way...
# π Summary # Seems like CHIRP tool scanning it's own resources and showing them as hit counts in final scan output. ## To reproduce ## Steps to reproduce the...
# π Summary # What's wrong? Please be specific. ## To reproduce ## Steps to reproduce the behavior: 1. Run the CHIRP tool on a server 2. Look at the...
# π Summary # For dynamic plugins, we have to: - Include the package in setup.py - Require the install of packages in setup.py - Import the packages from run.py...
# π‘ Summary # "chirp" is already registered as a package name on PYPI, meaning someone may erroneously believe they're installing CISA's CHIRP but end up with https://pypi.org/project/chirp/ instead. In...
# π‘ Summary # A plugin to inspect process memory would be helpful to detect a variety of injections including Cobalt Strike beacons and the like. ## Motivation and context...
# π‘ Summary # Write a translation layer, allowing STIX indicators to be directly ingested and queried. ## Motivation and context ## This would allow CISA to release threat packages...