c_meyer/KasperskyLab-TinyCheck
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Update README.md

Browse Source
This commit is contained in:
Félix Aimé 2020-11-25 15:16:40 +01:00 committed by GitHub
parent 8a9c800c0a
commit 9f1eb6d29e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 6 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
README.md
View File

@ -117,6 +117,12 @@ On the [Suricata](https://suricata-ids.org/) part, the network capture is analys
- Device name exfiltred in clear-text;
- Access point SSID exfiltred in clear-text;
### Watchers?
In order to keep IOCs and whitelist updated constantly, TinyCheck integrates something called "watchers". It is a very simple service with few lines of Python which grabs new formated IOCs or whitelist elements from public URLs. As of today, TinyCheck integrates two urls, one for the whitelist and one for the IOCs (The formated files are present in the assets folder).
If you have seen something very suspicious and/or needs to be investigated/integrated in one of these two lists, don't hesitate to ping us. You can also do you own watcher. Remember, sharing is caring.
### Possible updates for next releases
- Centralized server for IOC/whitelist management (aka. Remote Analysis).