Change Hash artifact to "File" artifact #18

deadbits · 2018-08-19T18:36:37Z

File artifact will still be identified by its has but can then contain more additional data such as PE features automatically upon creation if file exists on disk
If file not on disk, user can download it from VT (or other sources I'm working on adding for scanning / downloading files and reports)
Users can run newly created YARA scan rule against file and store results
Users can scan files against external services like VT, Hybrid Analysis, Anlyz, etc.
- Modules for these need to be created

deadbits · 2018-08-28T00:46:24Z

In progress.. Artifacts are being re-worked so instead of one Artifact object each type will have it's own object with fields specific to it's type.

deadbits self-assigned this Aug 19, 2018

deadbits added enhancement module New module or module enhancement labels Aug 19, 2018

deadbits added this to To do in Version 1.0 via automation Aug 19, 2018

deadbits added in-progess testing Features being tested before deployment labels Aug 28, 2018

deadbits moved this from To do to Needs review in Version 1.0 Aug 28, 2018

Provide feedback