v1.4.2
What's new?
[v1.4.2]
- HTTP(S) distant config file
- distant yara files in configuration (example here)
- Github workflow and actions for future CI & CD
- Several minor fixes and performances improvements
- UI/UX and logging improvements
Ready for battle!
- fastfinder has been tested in real cases in multiple CERT, CSIRT and SOC
- examples directory now include real malwares , suspect behaviors or vulnerability scan
Usage
==================================================
___ __ ___ ___ __ ___ __
|__ /\ /__` | |__ | |\ | | \ |__ |__)
| /~~\ .__/ | | | | \| |__/ |___ | \
2021-2022 | Jean-Pierre GARNIER | @codeyourweb
https://github.com/codeyourweb/fastfinder
==================================================
usage: fastfinder [-h|--help] [-c|--configuration "<value>"] [-b|--build
"<value>"] [-o|--output "<value>"] [-n|--nowindow]
[-p|--showprogress] [-v|--version]
Incident Response - Fast suspicious file finder
Arguments:
-h --help Print help information
-c --configuration Fastfind configuration file. Default: configuration.yaml
-b --build Output a standalone package with configuration and rules
in a single binary
-o --output Save fastfinder logs in the specified file
-n --nowindow Hide fastfinder window
-p --showprogress Display I/O analysis progress
-v --version Display fastfinder version
Scan and export file match according to your needs
configuration examples are available under examples/ folder
Future release
I don't plan to add any additional features right now. The next release will be focused on:
- Stability / performance improvements
- Unit testing / Code testing coverage / CI
- Build more examples based on live malwares tradecraft and threat actor campaigns
Full Changelog: 1.4.1...1.4.2