AIL framework - Analysis Information Leak framework. Project moved to https://github.com/ail-project
AIL framework v3.1 has been released including many new features such as:
The AIL project moved into a dedicated project to allow new contributions and project within the AIL project scope. If you want to join us and contribute new modules or specific feeders, don't hesitate to contact us.
Merge pull request #492 from sunil3590/master. [Thirion Aurélien]
crawler_time -> crawler_delta
Crawler_time -> crawler_delta. [Sunil D S]
Chg [telegram + correlation] new module: telegram (username + login code + join_chat) + add simple_correlation backend. [Terrtia]
Chg [telegram + correlation] new module: telegram (username + login code + join_chat) + add simple_correlation backend. [Terrtia]
Merge pull request #487 from CIRCL/crawler_v2. [Thirion Aurélien]
fix: [crawler] error catcher
Merge pull request #486 from CIRCL/crawler_v2. [Thirion Aurélien]
Crawler v2 - Add cookiejar - use cookie to bypass login form
Merge branch 'master' into crawler_v2. [Terrtia]
AIL Framework version 3.0 with full MISP format export and import has been released. AIL users can now export a set of selected items as a MISP event including objects (items, decoded, screenshot, pgp...), correlations and metadata. There is an import to allow analyst to keep a specific set of analysis in AIL for moving across AIL instances. This release also includes support for authentication of the SMTP server (thanks to Mike Peters for the contribution). Multiple bugs fixed and small improvements.
This release of AIL includes a major security fix for CVE-2020-8545. The security vulnerability was in the handler of the global feed which could allow malicious feed providers to overwrite and potentially, execute Python code in the environment. This release also includes various bugs fixed. We urge users to upgrade as soon as possible.
AIL Framework version 2.8 released with a domain screenshot browser and many bugs fixed.
There is also a "Practical Darkweb and criminal Blockchain monitoring using AIL (Framework for Analysis of Information Leaks) - free Training/Workshop" hosted by CIRCL (Luxembourg) which will take place the 20th Feb 2020. Registration link.
In the next release of AIL, only Python 3.6 and upper will be supported.
Merge pull request #453 from mangelft/master. [Thirion Aurélien]
fix: change name popper.js-1.14.3 to popper-core-1.14.3
Merge pull request #450 from CIRCL/tags_v2. [Thirion Aurélien]
Tags v2
AIL Framework version 2.7 released includes a major refactoring of the tagging system. Tagging speed has been significantly improved. Tags can now be used with items, domains and images and added in the objects. A new feature to search by tags has been also added. Multiple bugs were fixed.
Merge pull request #449 from CIRCL/tags_v2. [Alexandre Dulaunoy]
Tags v2 - Tagging system refractoring
Merge branch 'master' into tags_v2. [Terrtia]
Update README.md. [Thirion Aurélien]
AIL Framework version 2.6 released with improved correlations (hover information, screenshot hash correlation), API improvements and various fixes. Thanks to the enforce project for the feedback during the training. New features were based on constructive remarks from the users.
AIL Framework version 2.5 released with correlation and experimental support for MISP modules. The correlation is now improved to add correlation between PGP, cryptocurrencies, pastes, decoded values against any items in AIL framework. The correlation interface has been redesigned to allow filtering per type (pastes, crawled) and also limit the number of correlations. The MISP modules is still very early but the objective is gain from all MISP modules expansion within AIL. We introduced an experimental module to automatically expand BTC transactions from addresses seen in AIL and pivot to new correlations. New roles were added (read_only and users without) to improve the profile of the various AIL users.
The improvements were designed with some requirements from the ENFORCE project to better support law-enforcement usage.
AIL version 2.4 has been released including the following new features:
AIL Framework version 2.3 released with improved cryptocurrencies detection, SQLi and detection of network reconnaissance tools output. Many bugs fixed and small improvements were performed.
Fix
- [Tool] fix searchsploit regex. [Terrtia]
- [Tools] typo. [Terrtia]
- [Tools] typo. [Terrtia]
- [Tools] fix loop. [Terrtia]
- [url_prefix] add root blueprint, fix:#403. [Terrtia]
- [TermTracker] fix performance: disable token stats. [Terrtia]
- [SQL module] fix typo. [Terrtia]
# Other
- Merge branch 'master' of https://github.com/CIRCL/AIL-framework. [Terrtia]
- Merge pull request #417 from andurin/master. [Alexandre Dulaunoy]
Fix pybgpranking dependency in requirements
- Fix pybgpranking dependency in requirements. [Hendrik]
Relates #334
- Merge branch 'master' of https://github.com/CIRCL/AIL-framework.
[Terrtia]
- Merge pull request #404 from WimpyMan/master. [Thirion Aurélien]
- LAUNCH.py: Added execution of script IPAddress.py. [Bastien Schils]
- IPAddress.py: use ipaddress module. [Bastien Schils]
Improved readability, maintainability and use of standard module
- Modules.cfg: Minor: Added \n to seperate sections. [WimpyMan]
- Config.cfg.sample: Improved example for IP module. [WimpyMan]
By default, the list of networks to monitor is now empty.
The previous value is now given as example.
- Added: IP matching module. [Bastien Schils]
- Merge pull request #411 from krial057/patch-1. [Alexandre Dulaunoy]
Fixed some typos
- Fixed some typos. [krial057]
Fixed some typos in the readme
- Merge pull request #408 from stamparm/master. [Thirion Aurélien]
Adding more tools
- Adding more tools. [Miroslav Stampar]
- Merge pull request #407 from stamparm/patch-1. [Thirion Aurélien]
Covering special cases (on pastebin)
- Covering special cases (on pastebin) [Miroslav Stampar]
There is no need for checking `()` in case of (e.g.) Litecoin and Dash as those are also additionally checked with Bitcoin address verifier
- Merge pull request #406 from stamparm/master. [Thirion Aurélien]
Adding tool regexes
- Adding tool regexes. [Miroslav Stampar]
- Merge branch 'master' of https://github.com/CIRCL/AIL-framework.
[Terrtia]
- Merge pull request #405 from stamparm/master. [Thirion Aurélien]
Enforcing Base58 check on Litecoin and Dash addresses
- Enforcing Base58 check on Litecoin and Dash addresses. [Miroslav
Stampar]
- Merge branch 'master' of https://github.com/CIRCL/AIL-framework.
[Terrtia]
- Merge pull request #401 from stamparm/master. [Thirion Aurélien]
Improvement of crypto-address regexes (lesser FPs)
- Improvement of crypto-address regexes (lesser FPs) [Miroslav Stampar]
- Merge pull request #398 from stamparm/master. [Thirion Aurélien]
Implementation for different cryptocurrencies
- Implementation for different cryptocurrencies. [Miroslav Stampar]
- Merge pull request #396 from stamparm/master. [Thirion Aurélien]
Improvement of SQLi detection
- Improvement of SQLi detection. [Miroslav Stampar]