This is the Windows app named DeepBlueCLI whose latest release can be downloaded as DeepBlueCLIsourcecode.tar.gz. It can be run online in the free hosting provider OnWorks for workstations.
Download and run online this app named DeepBlueCLI with OnWorks for free.
Siga estas instruções para executar este aplicativo:
- 1. Baixe este aplicativo em seu PC.
- 2. Entre em nosso gerenciador de arquivos https://www.onworks.net/myfiles.php?username=XXXXX com o nome de usuário que você deseja.
- 3. Carregue este aplicativo em tal gerenciador de arquivos.
- 4. Inicie qualquer emulador on-line OS OnWorks a partir deste site, mas um emulador on-line melhor do Windows.
- 5. No sistema operacional OnWorks Windows que você acabou de iniciar, acesse nosso gerenciador de arquivos https://www.onworks.net/myfiles.php?username=XXXXX com o nome de usuário que deseja.
- 6. Baixe o aplicativo e instale-o.
- 7. Baixe o Wine de seus repositórios de software de distribuição Linux. Depois de instalado, você pode clicar duas vezes no aplicativo para executá-lo com o Wine. Você também pode experimentar o PlayOnLinux, uma interface sofisticada do Wine que o ajudará a instalar programas e jogos populares do Windows.
Wine é uma forma de executar software Windows no Linux, mas sem a necessidade de Windows. Wine é uma camada de compatibilidade do Windows de código aberto que pode executar programas do Windows diretamente em qualquer desktop Linux. Essencialmente, o Wine está tentando reimplementar o suficiente do Windows do zero para que possa executar todos os aplicativos do Windows sem realmente precisar do Windows.
SCREENSHOTS
Ad
DeepBlueCLI
DESCRIÇÃO
DeepBlueCLI is a PowerShell-centric threat-hunting toolkit built to extract, normalize, and flag suspicious activity from Windows event logs and Sysmon telemetry. It parses common sources—including Windows Security, System, Application, PowerShell logs, and Sysmon event ID 1—then applies a rich set of detection heuristics for things like suspicious account changes, password guessing and spraying, service tampering, PowerShell obfuscation and download-string usage, long or unusual command lines, and credential dumping attempts. Output is emitted as native PowerShell objects so analysts can pipe results to CSV, JSON, HTML, GridView, or custom pipelines for further triage and reporting. The codebase includes helpers for command-line decoding and de-obfuscation (automatic base64/deflate handling), safelisting/hash workflows (DeepBlueHash), and sample EVTX files so teams can test the tool on realistic attack traces.
Recursos
- Interactive web or Electron GUI that previews results, timelines, and raw event context
- Native connectors and output templates for SIEMs (Splunk, Elastic, Microsoft Sentinel) to ingest findings
- Threat-intelligence enrichment (virus-total, MISP, URL reputation) for file hashes and command URLs
- Sigma/YARA rule import to expand detections and map alerts to MITRE ATT&CK techniques
- Continuous "watch" mode with scheduled scans, email/Slack alerting, and change tracking for drift
- Parallel EVTX processing and timeline stitching with per-host correlation and estimated noise metrics
Linguagem de Programação
PowerShell
Categorias
This is an application that can also be fetched from https://sourceforge.net/projects/deepbluecli.mirror/. It has been hosted in OnWorks in order to be run online in an easiest way from one of our free Operative Systems.
