enigma-1.5 release

Rating: No reviews yet
Downloads: 639
Released: Sep 6, 2011
Updated: Sep 13, 2011 by rstew
Dev status: Stable Help Icon

Recommended Download

Application enigma-1.5
application, 25K, uploaded Sep 6, 2011 - 639 downloads

Release Notes

Project Description
  • Use at your own risk ***

Enigma is a bash script that parses known suspicious email address senders, email subjects, email sender and attached files, suspicious files, IP addresses, domains, web requested URLs, URL file names, top requested news feeds, suspicious user agent strings, and suspicious MD5 file hashes from open and custom close source intelligence feeds. Enigma also calculates entropy (measures the randomness of possible outcome) against the relevant data it parses for advance heuristics detection within ArcSight. All parsed data is then brought into ArcSight via CEF syslog. Please refer to the enigma-X.Y-changeLog file for the changes made or features introduced in the relevant Enigma release. *NOTE: Ensure the open source intel (OSI) sites are not being blocked by an access control component (i.e. Proxy, Firewall) and that text and csv files are not blocked from being downloaded. Future build will be fully ported to Perl as time permits me.

Thank you, Rashaad Steward

Reviews for this release

No reviews yet for this release.