My name is Nedim and I'm the author of Fibratus - a security tool that detects, protects, and eradicates advanced adversary tradecraft by scrutinizing and asserting a wide spectrum of system events against a behavior-driven rule engine and YARA memory scanner.

Events can also be shipped to a wide array of output sinks or dumped to capture files for local inspection and forensics analysis. You can use filaments to extend Fibratus with your own arsenal of tools and so leverage the power of the Python ecosystem.

In a nutshell, the Fibratus mantra is defined by the pillars of real-time behavior detection, memory scanning, and forensics capabilities.

If you support me, I'll be able to allocate more time to bring new features, improvements, and bug fixes, as well as prioritize the roadmap as per your feature requests. Let's democratize the EDR space together!