A collection of small security utilities, including tools for parsing Loki IOC logs, configuring host-based IDS, timestomping files, and more.
Module that provides functions for timestomping files (modifying file object MACE properties) on Windows and generating random dates.
Module that provides a function for pairing a Windows OSSEC agent with an OSSEC server. Modifies client.keys. Uses WSMAN on Windows to partially emulate the function of agent-auth of Unix.
Utility for parsing the output of a Loki IOC log and generating reports.
Utility for parsing a LogRhythm Mediator log for instances of agents whose heartbeat offset falls outside of a specified range, indicating the local time on these agents should be corrected.