Home / rules / anubistask / anubistaskplugin
Name Modified Size InfoDownloads / Week
Parent folder
AnubisSubmitter.py 2012-11-26 20.8 kB
main.py 2012-11-26 1.9 kB
__init__.py 2012-11-26 33 Bytes
Totals: 3 Items   22.8 kB 0
This folder contains 3 sample ruels to be used with the Prelude Correlator Module.

** SUCCESSATTACK **
This rule triggers whenever 2 or more rules from the same source and port target the same host within the network.
Requirements:
- Prelude
- Prelude Correlator

Installation:
- python setup.py install


** GEOINFO **
This rule performs geolocalization on the source IP of every event.
Requirements:
- Prelude
- Prelude Correlator
- http://ipinfodb.com API key

Installation:
- insert API key into main.py file
- python setup.py install


** ANUBISTASK **
This rule sends the shellcode gathered from the peripheral tools (if they provide it), sends it to Anubis and retrieves the corresponding task id
Requirements:
- Prelude
- Prelude Correlator

Installation:
- python setup.py install
Source: README, updated 2012-11-26