Skip to content

MITRECND/chopshop

9 Branches11 Tags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

malwarefrankmalwarefrank
Merge pull request #69 from malwarefrank/netwire
Dec 19, 2022
8bdd393 · Dec 19, 2022

History

444 Commits
docker
docker
Mar 27, 2017
docs
docs
Dec 19, 2022
ext_libs
ext_libs
Nov 19, 2021
modules
modules
Dec 19, 2022
shop
shop
Oct 24, 2018
tests
tests
Feb 12, 2016
webroot
webroot
Feb 19, 2014
.gitignore
.gitignore
Mar 16, 2018
Dockerfile
Dockerfile
Mar 28, 2017
Makefile
Makefile
Feb 2, 2016
README.md
README.md
Mar 1, 2016
chopshop
chopshop
Jan 6, 2015
chopweb
chopweb
Feb 19, 2014
dev-requirements.txt
dev-requirements.txt
Feb 10, 2016
newmod.sh
newmod.sh
Jan 21, 2016
suture
suture
Feb 19, 2014

Repository files navigation

ChopShop 4

Protocol Analysis/Decoder Framework

Description

ChopShop is a MITRE developed framework to aid analysts in the creation and execution of pynids based decoders and detectors of APT tradecraft.

Note that ChopShop is still in perpetual beta and is dependent on libnids/pynids for the majority of its underlying functionality.

Documentation for ChopShop can be found on ReadTheDocs.

Note: There is a known issue when running ChopShop on Ubuntu where the version of pynids obtained via apt causes an ImportError. Per https://bugs.launchpad.net/ubuntu/+source/python-nids/+bug/795991, this issue affects some variants of at least 11.10 and 12.04. A workaround is to compile pynids from source which can be obtained from https://github.com/MITRECND/pynids/.

About

Protocol Analysis/Decoder Framework

chopshop.readthedocs.org/

Resources

Readme
Activity
Custom properties

Stars

492 stars

Watchers

70 watching

Forks

111 forks
Report repository

Releases 2

RELEASE_4.4 Latest
Apr 10, 2019
+ 1 release

Packages

No packages published

Contributors 18

+ 4 contributors

Languages