LogoLogo
Back to binalyze.com
  • Welcome | Binalyze Knowledge Base
  • AIR
    • AIR
    • Introduction
      • What is AIR?
      • Terminology
      • Architecture
        • AIR Responder Architecture; overview and performance analysis
        • AIR Task Flow and Management
      • Network Communication
      • Cloud Forensics with Binalyze AIR
    • AIR Setup
      • Console Hardware Requirements
      • Console Pre-Installation
      • Console Installation
      • Microsoft Azure Cloud Platform Integration
      • AIR Relay Server
        • What is AIR Relay Server?
        • Requirements for installation
        • How to install a Relay Server on different Linux platforms
        • How to change IP address of Relay Server
        • How to install a Responder with Relay Server support
        • Proxy configurations
          • Adding proxy to Relay Server
          • Adding proxy to Responder
        • Service Management for Relay Server
        • Whitelisting for Relay Server
        • Retrieving metrics from Relay Server
        • Updating and Uninstalling Relay Server
        • Troubleshooting
      • AIR Responder - Supported Operating Systems
        • AIR Responder - MS Windows supported systems
        • AIR Responder - Apple macOS supported systems
        • AIR Responder - Linux (DEB/RPM) supported systems
        • AIR - ESXi Standalone Collector
        • AIR Responder - Chrome supported systems
          • AIR For Chrome
      • AIR Responder Hardware Requirements
      • AIR Responder Deployment
        • Golden Image
        • Responder & Active Directory OUs
        • AIR Responder Exception Rules
          • Binalyze AIR Watchdog Folder
        • FDA via Jamf and Apple’s PPPC utility
        • AIR Responder in Windows 'Safe Mode'
      • Uninstalling AIR Responders
      • Security
        • AIR Console Access Control
        • AIR SSL Enforcement
          • SSL Certificate Management in Binalyze AIR
        • Two-factor authentication (2FA)
      • Post-Deployment Configuration Guide
        • Using AIR CLI on Binalyze AIR Console
    • AIR's User Settings
      • General
      • Assets
      • Security
      • Features
      • Evidence Repositories
      • Policies
      • User Management
        • User Groups
        • User Roles
      • Backup
      • Investigation Hub Disk Usage
      • Danger Zone
    • Updating AIR
      • Single-Tier Systems
      • 2-Tier Systems
      • AIR Console Updating - SaaS
    • Backup
      • Restore AIR Backup using the CLI
    • Features
      • Acquisition
        • Task Creation
          • Regex in AIR/DRONE:
          • Asset Management with Persistent Saved Filters
          • Task Cancellation and Deletion
        • Acquisition Profiles
        • Supported Evidence
          • Windows Collections
          • macOS Collections
          • Linux Collections
          • IBM AIX Collections
        • Scheduling Tasks
        • Disk and Volume Imaging
          • Imaging with interACT
        • Chain Of Custody in AIR
      • Auto Tagging
      • Triage
        • Triage Rule Templates
          • YARA Templates
          • Sigma Templates
          • osquery Templates
        • Schedule Triage Tasks
      • interACT
        • interACT Commands
        • PowerShell commands in interACT
      • Compare
      • Timeline
      • Integrations
        • SSO Integrations
          • Microsoft Azure SSO Integration
          • Okta SAML 2.0 SSO Integration
        • Webhooks
          • Mattermost Integration
          • Splunk Integration
          • IBM QRadar Integration
          • Wazuh Integration
          • Cortex XSOAR Integration
          • Elasticsearch Logstash Kibana Integration
          • ServiceNow Integration
          • Sumo Logic Integration
          • Crowdstrike Integration
          • Microsoft Sentinel Integration
          • Slack Integration
          • Carbon Black Cloud Integration
          • Rapid7 InsightIDR Integration
          • LogicHub SOAR (DEVO) Integration
          • Fortigate SIEM Integration
          • Dynatrace Integration
          • Stellar XDR Integration
          • SentinelOne Integration
          • Microsoft 365 Defender Integration
          • Cisco XDR Integration
      • Event Subscription
      • AIR API
        • API in AIR is likely to be more effective than Webhooks
      • DRONE
        • What is DRONE?
        • What is an Analysis Pipeline?
        • Analyzers
          • Cross Platform Analyzers
            • MITRE ATT&CK Analyzer
              • MITRE ATT&CK Analyzer changelog
            • Dynamo Analyzer
            • Browser History Analyzer
            • Generic WebShell Analyzer
          • Windows Analyzers
            • Windows Event Records and how AIR handles them
              • Windows Event Logs in AIR v4.21 and older versions
              • Event Records Summary vs. Event Records
            • Prefetch Analyzer
            • Shellbag Data Fields
          • Linux Analyzers
          • macOS Analyzers
            • Audit Event Analyzer
      • AIR Investigation Hub
        • Using the AIR Investigation Hub
        • Investigation Hub – Data Usage Statistics Dashboard
      • AIR File Explorer
        • File Explorer - FAQs
      • Tornado (Preview Version)
        • Tornado Installation Guide
          • Tornado Operating System Support
        • Updating Tornado
        • Tornado demo video
        • Getting Started with Tornado
          • Tornado Terminology
        • Tornado Collectors
          • Accessing Google Workspace
            • Service Account Creation
              • Enable Service Account Key Creation
          • Access Modes in O365
            • O365 license types
        • Tornado Troubleshooting & Feedback
        • Tornado FAQs
      • Frank.AI
      • Asset Isolation
      • Evidence Repositories
      • Policies
      • Tags
      • Off-Network Responder
        • Setting Up a Custom Case Directory
        • biunzip
          • biunzip password file
      • Binalyze AIR Responder Proxy Support
      • Proxy Configuration on Binalyze AIR Console
      • Binalyze AIR Audit Logs
    • Troubleshooting
      • Binalyze AIR Console CPU Profiling for Performance Issues
      • Understanding MSI Error Code 1618
      • How to gather Binalyze AIR logs for Troubleshooting
        • Collecting Binalyze AIR Console Log Files
        • Collecting Binalyze AIR Responder Log Files
        • Collecting Binalyze AIR Off-Network Responder Log Files
    • FAQs
      • Binalyze AIR Console Migration Procedure For Single-Tier Setup
      • Binalyze AIR Console Migration Procedure For 2-Tier Installation
      • Binalyze AIR Console Backup Procedure
      • Resolving the “Invalid Host Header. Host must be the Console Address” Error
      • How to download the collected evidence and artifacts in Binalyze AIR?
      • How to gather Binalyze AIR logs for Troubleshooting
        • Collecting Binalyze AIR Console Log Files
        • Collecting Binalyze AIR Responder Log Files
        • Collecting Binalyze AIR Off-Network Responder Log Files
      • AIR responder troubleshooting
      • Understanding Port Usage in Binalyze AIR
      • How many assets can connect to a single Console instance?
      • How do I enable SSL on AIR?
      • Can I use AIR with EDR/XDR Products?
      • Can I integrate AIR with my SOAR/SIEM?
      • What (sub)domains are used by AIR?
      • Docker & Host System IP Conflict
      • Monitoring Responder and UI API's
      • How do I update AIR Console?
      • How do I update AIR Responders on assets?
      • How to reset the password of a user via the AIR-CLI?
      • Is there a way to move an asset from one Organization or Case to another?
      • Creating exclusions/exception rules for Binalyze AIR Responder on EPP and EDR Solutions
      • Anything missing?
      • How can I install a version of AIR that isn't the latest?
  • General
    • Licenses - Open-source Software List
Powered by GitBook
On this page

Was this helpful?

Export as PDF
  1. General

Licenses - Open-source Software List

This page lists open-source solutions that are used with Binalyze products.

Name
Category
Website
Description

NodeJS

Runtime

Node.js® is an open-source, cross-platform JavaScript runtime environment.

NestJS

Framework

A progressive Node.js framework for building efficient, reliable and scalable server-side applications.

MongoDB

Database

The developer data platform that provides the services and tools necessary to build distributed applications fast, at the performance and scale users demand.

PostgreSQL

Database

PostgreSQL is a powerful, open source object-relational database system with over 35 years of active development that has earned it a strong reputation for reliability, feature robustness, and performance.

Docker

Deployment Tool

Docker is a set of platform as a service products that use OS-level virtualization to deliver software in packages called containers

Redis

Database

The open source, in-memory data store used by millions of developers as a database, cache, streaming engine, and message broker.

Nats

Messaging

NATS is an open-source messaging system (sometimes called message-oriented middleware). The NATS server is written in the Go programming language. License: Apache 2.0.

AWS SDK Go V2

Package

License: Apache 2.0

Azure Blob Storage Libraries

Package

License: MIT

Coreos systemd

Package

License: Apache 2.0

Golang Libraries

Packages

License: BSD-3

YARA

Package

License: BSD-3

Osquery

Package

License: Apache 2.0 / GPL 2.0

cURL

Package

License: A modified MIT License

SQLite

Database

SQLite is a database engine written in the C programming language.

GORM

Package

License: MIT

AVML (Acquire Volatile Memory for Linux)

Package

License: MIT

Elastic beats Library

Package

License: Apache 2.0/Elastic Licenses

Elastic go-libaudit

Package

License: Apache 2.0

uGO (Scripting Engine)

Package

License: MIT

TypeORM

Package

TypeORM is an ORM that can run in NodeJS, Browser, Cordova, PhoneGap, Ionic, React Native, NativeScript, Expo, and Electron platforms and can be used with TypeScript and JavaScript (ES5, ES6, ES7, ES8).

Bull

Package

Bull is a Node library that implements a fast and robust queue system based on redis.

VueJS

Framework

An approachable, performant and versatile framework for building web user interfaces.

Go

Programming Language

JavaScript

Programming Language

TypeScript

Programming Language

Libyal

Package

License: Apache 2.0

FireEye Red Team Tool Countermeasures

IOC Rule

BSD 2-Clause License

FireEye Sunburst Countermeasures YARA Rules

IOC Rule

BSD 2-Clause License

Google Cloud YARA Rules

IOC Rule

License: Apache 2.0

Volexity threat intel

IOC Rule

BSD 2-Clause License

Avast threat intel

IOC Rule

Detection Rule License (DRL) 1.1

SigmaHQ/sigma

IOC Rule

Detection Rule License (DRL) 1.2

Hayabusa

Package

Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.

Microsoft/AVML

Package

AVML - Acquire Volatile Memory for Linux

LOL drivers project

Package

License: Apache 2.0

Velocidex/go-ntfs

Package

An NTFS file parser in Go

PreviousHow can I install a version of AIR that isn't the latest?

Last updated 1 year ago

Was this helpful?

https://nodejs.org/
https://nestjs.com/
https://www.mongodb.com/
https://www.postgresql.org/
https://www.docker.com/
https://redis.io/
https://nats.io/
https://github.com/aws/aws-sdk-go-v2
https://learn.microsoft.com/en-us/azure/storage/blobs/storage-quickstart-blobs-dotnet
https://github.com/coreos/go-systemd
https://github.com/VirusTotal/yara
https://github.com/osquery/osquery
https://curl.se/docs/copyright.html
https://sqlite.org/index.html
https://github.com/go-gorm/gorm
(
https://github.com/microsoft/avml
https://github.com/elastic/beats
https://github.com/elastic/go-libaudit
https://github.com/ozanh/ugo
https://typeorm.io/
https://github.com/OptimalBits/bull
https://vuejs.org/
https://go.dev/
https://en.wikipedia.org/wiki/JavaScript
https://www.typescriptlang.org/
https://github.com/libyal/libyal/blob/main/LICENSE
https://github.com/fireeye/red_team_tool_countermeasures/blob/master/LICENSE.txt
https://github.com/fireeye/sunburst_countermeasures/blob/main/LICENSE.txt
https://github.com/chronicle/GCTI/blob/main/LICENSE
https://github.com/volexity/threat-intel
https://github.com/avast/ioc
https://github.com/SigmaHQ/sigma
https://github.com/Yamato-Security/hayabusa
https://github.com/microsoft/avml
https://github.com/magicsword-io/LOLDrivers
https://github.com/Velocidex/go-ntfs