Xiaokui Shu
Xiaokui Shu
Ideas for what to show are welcome :-)
**Is your feature request related to a problem? Please describe.** The current [auto-complete function](https://github.com/opencybersecurityalliance/kestrel-lang/blob/develop/src/kestrel/session.py#L340) scans variable names (in the session), data source names, and analytics interface names. And it will...
**Is your feature request related to a problem? Please describe.** Explore good ways to connection knowledge from https://www.misp-project.org/ **Describe the solution you'd like** A possible solution is to go through...
**Describe the bug** If a query gets more than 10k returns, then it will fail. **Details of the bug** In this case, Kestrel will report error (in Jupyter): ``` [ERROR]...
**Is your feature request related to a problem? Please describe.** A hunter may need to call virustotal to enrich the entities with detection results. **Describe the solution you'd like** Maybe...
doc updates plus new blog on data-flow tracking
**Describe the bug** Current logic in entity prefetch (process) is to filter processes in `codegen.relations.fine_grained_relational_process_filtering()` that only ones within time range defined in config: `process_name_change_timerange_start_offset` and `process_name_change_timerange_stop_offset` are the same...
**Is your feature request related to a problem? Please describe.** Some EDR like CBR/CBcloud provides GUID/UUID for processes, which are good identifier than `pid` and others. We may want to...
**Is your feature request related to a problem? Please describe.** A new feature that takes #140 to the next level: automatically summarize the hunt in the huntbook and generate a...
**Is your feature request related to a problem? Please describe.** Hunt flow is a graph. May want to visualize it to get a better idea of the entire hunt. Jupyter...