Skip to content

v2.0.0

Latest
Latest
Compare
Choose a tag to compare
@codeyourweb codeyourweb released this 30 Jan 13:46
2.0.0
3674dd0

What's new?

[v 2.0.0]

  • scan performance improvements (up to 40%)
  • configuration and yara rules RC4 cipher
  • cross-platform SFX deployment kit
  • output and file logger complete rework
  • advanced UI with openfiledialog and realtime logger view
  • triage mode and file and directory watcher
  • CI and unit testing

Ready for battle!

  • fastfinder has been tested with several CERT, CSIRT and SOC use cases
  • examples directory now include real malwares , suspect behaviors or vulnerability scan

Usage

==================================================
  ___       __  ___  ___         __   ___  __
 |__   /\  /__`  |  |__  | |\ | |  \ |__  |__)
 |    /~~\ .__/  |  |    | | \| |__/ |___ |  \

  2021-2022 | Jean-Pierre GARNIER | @codeyourweb
  https://github.com/codeyourweb/fastfinder
==================================================
usage: fastfinder [-h|--help] [-c|--configuration "<value>"] [-b|--build
                  "<value>"] [-o|--output "<value>"] [-n|--no-window]
                  [-u|--no-userinterface] [-v|--verbosity <integer>]
                  [-t|--triage]

                  Incident Response - Fast suspicious file finder

Arguments:

  -h  --help              Print help information
  -c  --configuration     Fastfind configuration file. Default:
  -b  --build             Output a standalone package with configuration and
                          rules in a single binary
  -o  --output            Save fastfinder logs in the specified file
  -n  --no-window         Hide fastfinder window
  -u  --no-userinterface  Hide advanced user interface
  -v  --verbosity         File log verbosity
                                 | 4: Only alert
                                 | 3: Alert and errors
                                 | 2: Alerts,errors and I/O operations
                                 | 1: Full verbosity)
                                . Default: 3
  -t  --triage            Triage mode (infinite run - scan every new file in
                          the input path directories). Default: false

Scan and export file match according to your needs

configuration examples are available under examples/ folder

Future release

I don't plan to add any additional features right now. The next release will be focused on:

  • Stability / performance improvements
  • Unit testing / Code testing coverage / CI
  • Build more examples based on live malwares tradecraft and threat actor campaigns

What's Changed

Contributors

codeyourweb
Assets 4