Fibratus¶

Category: OS / Windows

Source: GitHub Release

Profiles: Full (not included in Basic profile)

File Extensions: .etl

Tags: windows, monitoring

Adversary tradecraft detection, protection, and hunting

Usage¶

Fibratus detects, protects, and eradicates advanced adversary tradecraft by scrutinizing and asserting a wide spectrum of system events against a behavior-driven rule engine and YARA memory scanner.