This repository was archived by the owner on Jun 10, 2021. It is now read-only.
Releases: cisagov/CHIRP
Releases · cisagov/CHIRP
v1.0.7
v1.0.7 (#40)
- Fixes Unicode error in network and yara modules
- Adds
-a/--activityswitch to allow the user to specify the alert IoCs to run - Adds PDFs of alerts to indicators directory to remove ambiguity to previous bullet
- Adds constants for log levels to make logging more explicit
- Updates README
v1.0.6
Non-zero Exit on IOC's Discovered in Non-interactive Mode (#33)
- Seeks IOC detection count from run and exits with non-zero status in non-interactive mode, retaining existing functionality in interactive mode. Addresses #31
v1.0.6 (#36)
- Increases performance of yara by using an iterative mapping (28 minutes for 600k+ records in testing)
- Properly catches keyboard interrupts with yara
- Catches unicode decode errors in the networking module
- Catches unicode encode errors in the yara module
v1.0.5
v1.0.4
v1.0.4 (#30)
- Provides a
--non-interactiveswitch and actually accepts any key to exit. (#20) - Properly catches cases when not ran on Windows, removes mountvol as dependency. (#22)
- Compiling with mvsc and python3.8 should remove some unknowns (#13)
- Changing the python dll to 3.8 should allow CHIRP to run on Server 2008 R2. (#4)
Added indicator for AA21062A and updated iocs.yaml (#29)
- Compiled IOCs in AA21-062A into a single alert. Removed network addresses associated with this alert from iocs.yaml and added them to the alert indicator.
Add Target Filepaths Argument for Yara Plugin IOC Override (#28)
- Adds target filepath argument for CISA CHIRP which overrides IOC "files" specifications at runtime to increase tool flexibility and performance where desired.
v1.0.3
v1.0.2b
- Hashes now included
v1.0.2
v1.0.1
- Adds dynamic drive pathing for events plugin
- Fixes FileNotFound Exception in events plugin
- Adds cwd to yara ignorelist
v1.0.0
Automatic release of v1.0.0