BigBrainSecurity - a forensics scripts that will eventually turn into an IDS

BigBrainSecurity/cleanMFT.py filters master file tables and makes them more bearable to deal with. The primary use of the program is to import a text file made up of values separated by new lines that you can filter the program by. For example, you can import a text file made up of directories you want included in the updated CSV file, file extensions (.exe, .dll, .sys), and/or programs (powershell). cleanMFT.py will search the Master File Table CSV file and create a new CSV file that only includes matching rows.
enter image description here
Dependencies:
+ Python 2.7.x
+ Pandas Python Module
NOTE: This program accepts a pipe separated value file–it’s like a csv but with “|” inbetween the values.
Sample usage:
git clone https://github.com/glassCodeBender/BigBrainSecurity && cd BigBrainSecurity
pip install pandas
python cleanMFT.py -f MFTDump.csv -r filterlist.txt -d updated_mft.csv -s 2016-06-10 -e 2016-06-13
Powered by Blogger.