This is the Windows app named DeepBlueCLI whose latest release can be downloaded as DeepBlueCLIsourcecode.tar.gz. It can be run online in the free hosting provider OnWorks for workstations.
Download and run online this app named DeepBlueCLI with OnWorks for free.
Ikut arahan ini untuk menjalankan apl ini:
- 1. Memuat turun aplikasi ini dalam PC anda.
- 2. Masukkan dalam pengurus fail kami https://www.onworks.net/myfiles.php?username=XXXXX dengan nama pengguna yang anda mahukan.
- 3. Muat naik aplikasi ini dalam pengurus filem tersebut.
- 4. Mulakan mana-mana emulator dalam talian OS OnWorks daripada tapak web ini, tetapi emulator dalam talian Windows yang lebih baik.
- 5. Daripada OS Windows OnWorks yang baru anda mulakan, pergi ke pengurus fail kami https://www.onworks.net/myfiles.php?username=XXXX dengan nama pengguna yang anda mahukan.
- 6. Muat turun aplikasi dan pasangnya.
- 7. Muat turun Wine dari repositori perisian pengedaran Linux anda. Setelah dipasang, anda kemudian boleh mengklik dua kali aplikasi untuk menjalankannya dengan Wine. Anda juga boleh mencuba PlayOnLinux, antara muka mewah melalui Wine yang akan membantu anda memasang program dan permainan Windows yang popular.
Wain ialah cara untuk menjalankan perisian Windows pada Linux, tetapi tanpa Windows diperlukan. Wain ialah lapisan keserasian Windows sumber terbuka yang boleh menjalankan program Windows secara langsung pada mana-mana desktop Linux. Pada asasnya, Wine cuba untuk melaksanakan semula Windows yang mencukupi dari awal supaya ia boleh menjalankan semua aplikasi Windows tersebut tanpa memerlukan Windows.
SKRIN:
DeepBlueCLI
HURAIAN:
DeepBlueCLI is a PowerShell-centric threat-hunting toolkit built to extract, normalize, and flag suspicious activity from Windows event logs and Sysmon telemetry. It parses common sources—including Windows Security, System, Application, PowerShell logs, and Sysmon event ID 1—then applies a rich set of detection heuristics for things like suspicious account changes, password guessing and spraying, service tampering, PowerShell obfuscation and download-string usage, long or unusual command lines, and credential dumping attempts. Output is emitted as native PowerShell objects so analysts can pipe results to CSV, JSON, HTML, GridView, or custom pipelines for further triage and reporting. The codebase includes helpers for command-line decoding and de-obfuscation (automatic base64/deflate handling), safelisting/hash workflows (DeepBlueHash), and sample EVTX files so teams can test the tool on realistic attack traces.
Ciri-ciri
- Interactive web or Electron GUI that previews results, timelines, and raw event context
- Native connectors and output templates for SIEMs (Splunk, Elastic, Microsoft Sentinel) to ingest findings
- Threat-intelligence enrichment (virus-total, MISP, URL reputation) for file hashes and command URLs
- Sigma/YARA rule import to expand detections and map alerts to MITRE ATT&CK techniques
- Continuous "watch" mode with scheduled scans, email/Slack alerting, and change tracking for drift
- Parallel EVTX processing and timeline stitching with per-host correlation and estimated noise metrics
Bahasa Pengaturcaraan
PowerShell
Kategori
This is an application that can also be fetched from https://sourceforge.net/projects/deepbluecli.mirror/. It has been hosted in OnWorks in order to be run online in an easiest way from one of our free Operative Systems.