BigBrainSecurity - a forensics scripts that will eventually turn into an IDS.

BigBrainSecurity – a forensics scripts that will eventually turn into an IDS.

BigBrainSecurity/cleanMFT.py filters master file tables and makes them more bearable to deal with. The primary use of the program is to import a text file made up of values separated by new lines that you can filter the program by. For example, you can import a text file made up of directories you want included in the updated CSV file, file extensions (.exe, .dll, .sys), and/or programs (powershell). cleanMFT.py will search the Master File Table CSV file and create a new CSV file that only includes matching rows.

BigBrainSecurity

Dependencies:
+ Python 2.7.x
+ Pandas Python Module

NOTE: This program accepts a pipe separated value file–it’s like a csv but with “|” inbetween the values.

Sample usage:

Source: https://github.com/glassCodeBender