CarbonGraphiti turns Carbon Black process reports into a format that can be rendered by opengraphiti.com

Carbon Graphiti

enterprise-response enterprise-protect

<< back to Showcase

Carbon Graphiti

CarbonGraphiti turns Carbon Black process reports into a format that can be rendered by opengraphiti.com

Published by droptables

View source code for this contribution

usage:

./Carbon-Graphiti.py -l https://cb-server-url.com/#analyze/00001b23-0000-1fd4-01d0-d69a136419e0/1 -c servers.config -o output-name.json

Plot process activity by time nodes:

  • Modules Loaded
  • File Modifications
  • Registry Edits
  • Network Connections
  • Threat Intel

Tool is used to help explore the “Molecular Makeup” of malicious process activities.
View threats in a new way in order to better threat hunting techniques and spot new indicators. More to come…

Last modified on February 1, 2016