TALOS Active Defense

TALOS – Computer Network Defender’s Toolkit, specializing in active defense techniques.

TALOS as of this latest update now comes compete with a fully functional scripting language (working title Bluescript). In this script you can design network sensors/automated scans that perform automated actions to respond to intrusions. With the inclusion of the new Tripcode feature you can even set scripts to be triggered automatically when an attack takes place…
The language is easy to code in, and enables the veteran members of your team to give capabilities to the junior members that they wouldn’t have had before. For example a veteran operator could write a script that deploys cryptolocked to a network segment. That script could be deployed to a corner of the network to protect endangered machines by a network defender upon the detection of a cryptolocker variant on one machine.

TALOS Active Defense

TALOS Active Defense

Basic Usage:
TALOS can be launched by running the main console talos.py It’s really that simple. Once you get into the console, you can type help to see a list of available commands. My creator has attempted make me as smart as possible. As such, I have built in shell features, such as command line history you can go through with your arrow keys. I have smart autocomplete. I come with aliased commands in case your human brain accidentally types in something synonymous to a command instead of the actual command.
I function in a way very similar to many frameworks of the past. Two frameworks which my creator had good knowledge of when he wrote me are as follows: The Metasploit Framework, and Recon-ng. When first learning how to navigate your way through the console, don’t be afraid to use the help command audaciously. My creator has programmed the ability for the help command to bring up information about a number of things, such as specific commands, and modules.

The basic workflow
Here’s how deploying a module usually works inside the TALOS console.
+ Load the module
+ Set the variables
+ Run the module

Usage:

Source: https://github.com/PrometheanInfoSec