StoQ

From GCA ACT

Jump to navigation Jump to search

Description

stoQ is a framework that allows cyber analysts to organize and automate repetitive, data-driven tasks. It features plugins for many other systems to interact with. One use case is the extraction of IOCs from documents, an example of which is shown here, but it can also be used for deobfuscationg and decoding of content and automated scanning with YARA, for example.

More Information

URL: https://github.com/PUNCH-Cyber/stoq

Maintenance Status: Active

Last Updated Date: Ongoing

Formats Available: See website.

Social Media Links: Unknown

Contact Information: Unknown

License Information: https://stoq-framework.readthedocs.io/en/latest/

Retrieved from ‘https://act.globalcyberalliance.org/index.php?title=StoQ&oldid=12980’

Frameworks & Platforms - T3C

Navigation menu