A DFIR tool written in Python

🧐 About

The CISA Hunt and Incident Response Program (CHIRP) is a tool created to
dynamically query Indicators of Compromise (IoCs) on hosts with a single
package, outputting data in a JSON format for further analysis in a SIEM
or other tool. CHIRP does not modify any system data.

🏁 Getting Started

We build and release CHIRP via
Releases.
However, if you wish to run with Python3.6+, follow these instructions.

You can also write new
indicators
or plugins
for CHIRP.

Prerequisites

Python 3.6 or greater is required to run CHIRP with Python. If you need help
installing Python in your

 

 

 

To finish reading, please visit source site