Skip to content

AIL framework version 5.0: Major Rewrite, Kvrocks Database, and Lacus Crawler Migration.
Compare
Choose a tag to compare
@Terrtia Terrtia released this 06 Jun 12:52
· 675 commits to master since this release
v5.0
175963e
This commit was signed with the committer’s verified signature.
Terrtia Thirion Aurélien
GPG key ID: 1E1B1F50D84613D0
Verified
Learn about vigilant mode.

AIL v5.0 introduces significant improvements and new features:

  • Codebase Rewrite: The codebase has undergone a substantial rewrite resulting in enhanced performance and speed improvements.
  • Database Upgrade: The database has been migrated from ARDB to Kvrocks.
  • New Correlation Engine: AIL v5.0 introduces a new powerful correlation engine with two new correlation types: CVE and Title.
  • Enhanced Logging: The logging system has been improved to provide better troubleshooting capabilities.
  • Tagging Support: AIL objects now support tagging, allowing users to categorize and label extracted information for easier analysis and organization.
  • Trackers: Improved objects filtering, PGP and decoded tracking added.
  • UI Leak Visualization: The user interface has been upgraded to visualize extracted and tracked information.
  • New Crawler Lacus: improve crawling capabilities.
  • Modular Importers and Exporters: New importers (ZMQ, AIL Feeders) and exporters (MISP, Mail, TheHive) modular design.
    Allow easy creation and customization by extending an abstract class.
  • Module Queues: improved the queuing mechanism between detection modules.
  • New Object CVE and Title: Extract an correlate CVE IDs and web page titles.

Correlation:

correlation

UI Extracted/Tracked content:

Extracted_content

Assets 2
Loading