Matthew Arnao

@Langhorne thanks for this! Before I merge, have you tried using pip to install pefile?

nice! can you update the instructions to reflect that please?

It looks like you added this to yum install instead of pip install

Sorry for the slow response. If you take a look at the code: https://github.com/lmco/laikaboss/blob/master/laikaboss/modules/log_fluent.py#L41 You'll see that by default, it sends to a local instance of fluentd. You can then...

@knowmalware thanks for the pull request.. we definitely need to increase the search area for the rich header ending, although I'm not sure what the optimal value is. Your guess...

@wxsBSD would you mind reviewing this change? You're probably more familiar with this stuff than I am given your work on yara.

Good question-- thanks for raising this. tl;dr: bad design A certain NoSQL database does not allow "." (and a few other characters) to be in the key name. This cleanup...

We do not have an IMAP client but it would be pretty easy to write one in python. Please feel free to contribute it back if you decide to take...

@decalage2 One of the problems we've encountered with oletools inside of laikaboss is the extensive use of thirdparty libraries in the project. These can conflict with the globally installed versions...

@kurtcoke cloudscan.py provides an example implementation for how to use the client library that is included in the framework. We plan to release a couple of additional clients (besides cloudscan)...