This is the Windows app named DeepBlueCLI whose latest release can be downloaded as DeepBlueCLIsourcecode.tar.gz. It can be run online in the free hosting provider OnWorks for workstations.
Download and run online this app named DeepBlueCLI with OnWorks for free.
Sundin ang mga tagubiling ito upang patakbuhin ang app na ito:
- 1. Na-download ang application na ito sa iyong PC.
- 2. Ipasok sa aming file manager https://www.onworks.net/myfiles.php?username=XXXXX kasama ang username na gusto mo.
- 3. I-upload ang application na ito sa naturang filemanager.
- 4. Magsimula ng anumang OS OnWorks online emulator mula sa website na ito, ngunit mas mahusay na Windows online emulator.
- 5. Mula sa OnWorks Windows OS na kasisimula mo pa lang, pumunta sa aming file manager https://www.onworks.net/myfiles.php?username=XXXX gamit ang username na gusto mo.
- 6. I-download ang application at i-install ito.
- 7. I-download ang Wine mula sa iyong mga Linux distributions software repository. Kapag na-install na, maaari mong i-double click ang app upang patakbuhin ang mga ito gamit ang Wine. Maaari mo ring subukan ang PlayOnLinux, isang magarbong interface sa ibabaw ng Wine na tutulong sa iyong mag-install ng mga sikat na programa at laro sa Windows.
Ang alak ay isang paraan upang patakbuhin ang software ng Windows sa Linux, ngunit walang kinakailangang Windows. Ang alak ay isang open-source na layer ng compatibility ng Windows na maaaring direktang magpatakbo ng mga program sa Windows sa anumang desktop ng Linux. Sa totoo lang, sinusubukan ng Wine na muling ipatupad ang sapat na Windows mula sa simula upang mapatakbo nito ang lahat ng mga Windows application na iyon nang hindi talaga nangangailangan ng Windows.
MGA LALAKI
Ad
DeepBlueCLI
DESCRIPTION
DeepBlueCLI is a PowerShell-centric threat-hunting toolkit built to extract, normalize, and flag suspicious activity from Windows event logs and Sysmon telemetry. It parses common sources—including Windows Security, System, Application, PowerShell logs, and Sysmon event ID 1—then applies a rich set of detection heuristics for things like suspicious account changes, password guessing and spraying, service tampering, PowerShell obfuscation and download-string usage, long or unusual command lines, and credential dumping attempts. Output is emitted as native PowerShell objects so analysts can pipe results to CSV, JSON, HTML, GridView, or custom pipelines for further triage and reporting. The codebase includes helpers for command-line decoding and de-obfuscation (automatic base64/deflate handling), safelisting/hash workflows (DeepBlueHash), and sample EVTX files so teams can test the tool on realistic attack traces.
Mga tampok
- Interactive web or Electron GUI that previews results, timelines, and raw event context
- Native connectors and output templates for SIEMs (Splunk, Elastic, Microsoft Sentinel) to ingest findings
- Threat-intelligence enrichment (virus-total, MISP, URL reputation) for file hashes and command URLs
- Sigma/YARA rule import to expand detections and map alerts to MITRE ATT&CK techniques
- Continuous "watch" mode with scheduled scans, email/Slack alerting, and change tracking for drift
- Parallel EVTX processing and timeline stitching with per-host correlation and estimated noise metrics
Wika ng Programming
PowerShell
Kategorya
This is an application that can also be fetched from https://sourceforge.net/projects/deepbluecli.mirror/. It has been hosted in OnWorks in order to be run online in an easiest way from one of our free Operative Systems.
