This website www.ds4n6.io uses its own and third party cookies to collect information that helps to optimize your visit to their web pages. Cookies will not be used to collect personal information. You can either allow or reject their use. You can also change their settings at any time. You will find more information on our Cookie Policy page.

OK

[CHRYSALIS] Documentation (v0.8.2)

[CHRYSALIS] Documentation (v0.8.2)

CHRYSALIS Download & Installation
 User Manual
 Cheat Sheet
 Sample Notebooks

Previous version v0.5.

v0.8.2 Highlights

Tools Supported autoruns, kape, kansa, plaso, mactime, macrobber, volatility, sabonis
Advanced Artifact Support (HAM) svclist, pslist, flist, amcache, evtx, winreg, fstl

New Machine Learning Module

The main purpose of the project has been doing your job as easier as possible, this time creating a new module for applying Machine Learning on graphs.

Function Usage Type Description
build_lm_dataset() build_lm_dataset(options) CLI Build a lateral movement dataset from a log event dataset.
find_lm_anomalies() find_lm_anomalies(options) CLI Identify anomalous lateral movements (LM) in a LM dataset.

There are other functions available in ds4n6_lib, but we have selected the ones that are more user-friendly as the “Core” ones, which allow you to access most of the functionalities of the framework with minimum effort. In the future we will be publishing more low level details for those users who need more flexibility in order to create scripts, analysis pipelines, etc.

You can find examples on how to use core functions here.