kestrel-core


Namekestrel-core JSON
Version 1.8.2 PyPI version JSON
download
home_pageNone
SummaryKestrel Threat Hunting Language
upload_time2024-04-22 18:07:28
maintainerNone
docs_urlNone
authorNone
requires_python>=3.8
licenseApache 2.0 License
keywords kestrel language dsl cybersecurity threat hunting huntflow entity
VCS
bugtrack_url
requirements No requirements were recorded.
Travis-CI No Travis.
coveralls test coverage No coveralls.
            .. image:: https://github.com/opencybersecurityalliance/kestrel-lang/raw/develop/logo/logo_w_text.png
   :width: 460
   :alt: Kestrel Threat Hunting Language

|

|readthedocs| |pypi| |downloads| |codecoverage| |black|

|

Kestrel is a threat hunting language aiming to make cyber threat hunting *fast*
by providing a layer of abstraction to build reusable, composable, and
shareable hunt-flow. Starting with:

#. `Black Hat USA 2022 session recording`_
#. `Black Hat USA 2022 Kestrel hunting lab`_
#. `Kestrel live tutorial in a cloud sandbox`_

The Goal
========

Software developers write Python or Swift than machine code to quickly turn
business logic into applications. Threat hunters write Kestrel to quickly turn
threat hypotheses into hunt-flow. We see threat hunting as an interactive
procedure to create customized intrusion detection systems on the fly, and
hunt-flow is to hunts as control-flow is to ordinary programs.

What does it mean by *hunt fast*?

- Do NOT write the same IoB pattern in different data source queries.
- Do NOT write one-time-use adapaters to connect hunt steps.
- Do NOT waste your existing analytic scripts/programs in future hunts.
- Do construct your hunt-flow from smaller reuseable hunt-flow.
- Do share your huntbook with your future self and your colleagues.
- Do get interactive feedback and revise hunt-flow on the fly.

|

.. image:: https://github.com/opencybersecurityalliance/data-bucket-kestrel/raw/main/images/github_homepage_animation.gif
   :width: 90%
   :target: https://www.youtube.com/watch?v=tASFWZfD7l8
   :alt: Kestrel Hunting Demo

Kestrel in a Nutshell
=====================

.. image:: https://github.com/opencybersecurityalliance/kestrel-lang/raw/develop/docs/images/overview.png
   :width: 100%
   :alt: Kestrel overview.

- **Kestrel language**: a threat hunting language for a human to express *what to
  hunt*.

  - expressing the knowledge of *what* in patterns, analytics, and hunt flows.
  - composing reusable hunting flows from individual hunting steps.
  - reasoning with human-friendly entity-based data representation abstraction.
  - thinking across heterogeneous data and threat intelligence sources.
  - applying existing public and proprietary detection logic as analytic hunt steps.
  - reusing and sharing individual hunting steps, hunt-flow, and entire huntbooks.

- **Kestrel runtime**: a machine interpreter that deals with *how to hunt*.

  - compiling the *what* against specific hunting platform instructions.
  - executing the compiled code locally and remotely.
  - assembling raw logs and records into entities for entity-based reasoning.
  - caching intermediate data and related records for fast response.
  - prefetching related logs and records for link construction between entities.
  - defining extensible interfaces for data sources and analytics execution.

Basic Concepts and Howto
========================

Visit `Kestrel documentation`_ to learn Kestrel:

- Learn concepts and syntax:

  - `A comprehensive introduction to Kestrel`_
  - `The two key concepts of Kestrel`_
  - `Interactive tutorial with quiz`_
  - `Language reference book`_

- Hunt in your environment:

  - `Kestrel runtime installation`_
  - `How to connect to your data sources`_
  - `How to execute an analytic hunt step in Python/Docker`_
  - `How to use Kestrel via API`_
  - `How to launch Kestrel as a Docker container`_

Kestrel Huntbooks And Analytics
===============================

- `Kestrel huntbook`_: community-contributed Kestrel huntbooks
- `Kestrel analytics`_: community-contributed Kestrel analytics

Kestrel Hunting Blogs
=====================

#. `Building a Huntbook to Discover Persistent Threats from Scheduled Windows Tasks`_
#. `Practicing Backward And Forward Tracking Hunts on A Windows Host`_
#. `Building Your Own Kestrel Analytics and Sharing With the Community`_
#. `Setting Up The Open Hunting Stack in Hybrid Cloud With Kestrel and SysFlow`_
#. `Try Kestrel in a Cloud Sandbox`_
#. `Fun with securitydatasets.com and the Kestrel PowerShell Deobfuscator`_
#. `Kestrel Data Retrieval Explained`_

Talks And Demos
===============

Talk summary (visit `Kestrel documentation on talks`_ to learn details):

- 2023/08 `Black Hat USA 2023`_
- 2022/12 `Infosec Jupyterthon 2022`_ [`IJ'22 live hunt recording`_]
- 2022/08 `Black Hat USA 2022`_ [`BH'22 recording`_ | `BH'22 hunting lab`_]
- 2022/06 `Cybersecurity Automation Workshop`_
- 2022/04 `SC eSummit on Threat Hunting & Offense Security`_ (free to register/playback)
- 2021/12 `Infosec Jupyterthon 2021`_ [`IJ'21 live hunt recording`_]
- 2021/11 `BlackHat Europe 2021`_
- 2021/10 `SANS Threat Hunting Summit 2021`_: [`SANS'21 session recording`_]
- 2021/05 `RSA Conference 2021`_: [`RSA'21 session recording`_]

Connecting With The Community
=============================

- Join Kestrel slack channel:
  
  - Get a `slack invitation`_ to join `Open Cybersecurity Alliance workspace`_
  
    .. image:: https://opencyberallia.wpengine.com/wp-content/uploads/2022/03/OCA-logo-e1646689234325.png
       :width: 20%
       :alt: OCA logo
     
  - Join the *kestrel* channel to ask questions and connect with other hunters
  
- Contribute to the language development (`Apache License 2.0`_):

  - Create a `GitHub Issue`_ to report bugs and suggest new features
  - Follow the `contributing guideline`_ to submit your pull request
  - Refer to the `governance documentation`_ regarding PR merge, release, and vulnerability disclosure

- Share your huntbook and analytics:

  - `Kestrel huntbook`_
  - `Kestrel analytics`_




.. _Kestrel live tutorial in a cloud sandbox: https://mybinder.org/v2/gh/opencybersecurityalliance/kestrel-huntbook/HEAD?filepath=tutorial
.. _Kestrel documentation: https://kestrel.readthedocs.io/

.. _A comprehensive introduction to Kestrel: https://kestrel.readthedocs.io/en/stable/overview/
.. _The two key concepts of Kestrel: https://kestrel.readthedocs.io/en/stable/language/tac.html#key-concepts
.. _Interactive tutorial with quiz: https://mybinder.org/v2/gh/opencybersecurityalliance/kestrel-huntbook/HEAD?filepath=tutorial
.. _Kestrel runtime installation: https://kestrel.readthedocs.io/en/stable/installation/runtime.html
.. _How to connect to your data sources: https://kestrel.readthedocs.io/en/stable/installation/datasource.html
.. _How to execute an analytic hunt step in Python/Docker: https://kestrel.readthedocs.io/en/stable/installation/analytics.html
.. _Language reference book: https://kestrel.readthedocs.io/en/stable/language/commands.html
.. _How to use Kestrel via API: https://kestrel.readthedocs.io/en/stable/source/kestrel.session.html
.. _How to launch Kestrel as a Docker container: https://kestrel.readthedocs.io/en/stable/deployment/
.. _Kestrel documentation on talks: https://kestrel.readthedocs.io/en/stable/talks.html

.. _Kestrel huntbook: https://github.com/opencybersecurityalliance/kestrel-huntbook
.. _Kestrel analytics: https://github.com/opencybersecurityalliance/kestrel-analytics

.. _Building a Huntbook to Discover Persistent Threats from Scheduled Windows Tasks: https://opencybersecurityalliance.org/huntbook-persistent-threat-discovery-kestrel/
.. _Practicing Backward And Forward Tracking Hunts on A Windows Host: https://opencybersecurityalliance.org/backward-and-forward-tracking-hunts-on-a-windows-host/
.. _Building Your Own Kestrel Analytics and Sharing With the Community: https://opencybersecurityalliance.org/kestrel-custom-analytics/
.. _Setting Up The Open Hunting Stack in Hybrid Cloud With Kestrel and SysFlow: https://opencybersecurityalliance.org/kestrel-sysflow-open-hunting-stack/
.. _Try Kestrel in a Cloud Sandbox: https://opencybersecurityalliance.org/try-kestrel-in-a-cloud-sandbox/
.. _Fun with securitydatasets.com and the Kestrel PowerShell Deobfuscator: https://opencybersecurityalliance.org/fun-with-securitydatasets-com-and-the-kestrel-powershell-deobfuscator/
.. _Kestrel Data Retrieval Explained: https://opencybersecurityalliance.org/kestrel-data-retrieval-explained/

.. _RSA Conference 2021: https://www.rsaconference.com/Library/presentation/USA/2021/The%20Game%20of%20Cyber%20Threat%20Hunting%20The%20Return%20of%20the%20Fun
.. _RSA'21 session recording: https://www.youtube.com/watch?v=-Xb086R0JTk
.. _SANS Threat Hunting Summit 2021: https://www.sans.org/blog/a-visual-summary-of-sans-threat-hunting-summit-2021/
.. _SANS'21 session recording: https://www.youtube.com/watch?v=gyY5DAWLwT0
.. _BlackHat Europe 2021: https://www.blackhat.com/eu-21/arsenal/schedule/index.html#an-open-stack-for-threat-hunting-in-hybrid-cloud-with-connected-observability-25112
.. _Infosec Jupyterthon 2021: https://infosecjupyterthon.com/2021/agenda.html
.. _IJ'21 live hunt recording: https://www.youtube.com/embed/nMnHBnYfIaI?start=20557&end=22695
.. _Infosec Jupyterthon 2022: https://infosecjupyterthon.com/2022/agenda.html
.. _IJ'22 live hunt recording: https://www.youtube.com/embed/8Mw1yyYkeqM?start=23586&end=26545
.. _SC eSummit on Threat Hunting & Offense Security: https://www.scmagazine.com/esummit/automating-the-hunt-for-advanced-threats
.. _Cybersecurity Automation Workshop: http://www.cybersecurityautomationworkshop.org/
.. _Black Hat USA 2023: https://www.blackhat.com/us-23/arsenal/schedule/index.html#identity-threat-hunting-with-kestrel-33662
.. _Black Hat USA 2022: https://www.blackhat.com/us-22/arsenal/schedule/index.html#streamlining-and-automating-threat-hunting-with-kestrel-28014
.. _BH'22 recording: https://www.youtube.com/watch?v=tf1VLIpFefs
.. _Black Hat USA 2022 session recording: https://www.youtube.com/watch?v=tf1VLIpFefs
.. _BH'22 hunting lab: https://mybinder.org/v2/gh/opencybersecurityalliance/black-hat-us-2022/HEAD?filepath=demo
.. _Black Hat USA 2022 Kestrel hunting lab: https://mybinder.org/v2/gh/opencybersecurityalliance/black-hat-us-2022/HEAD?filepath=demo

.. _slack invitation: https://join.slack.com/t/open-cybersecurity/shared_invite/zt-19pliofsm-L7eSSB8yzABM2Pls1nS12w
.. _Open Cybersecurity Alliance workspace: https://open-cybersecurity.slack.com/
.. _GitHub Issue: https://github.com/opencybersecurityalliance/kestrel-lang/issues
.. _contributing guideline: CONTRIBUTING.rst
.. _governance documentation: GOVERNANCE.rst
.. _Apache License 2.0: LICENSE.md


.. |readthedocs| image:: https://readthedocs.org/projects/kestrel/badge/?version=latest
        :target: https://kestrel.readthedocs.io/en/latest/?badge=latest
        :alt: Documentation Status

.. |pypi| image:: https://img.shields.io/pypi/v/kestrel-jupyter
        :target: https://pypi.python.org/pypi/kestrel-jupyter
        :alt: Latest Version

.. |downloads| image:: https://img.shields.io/pypi/dm/kestrel-core
        :target: https://pypistats.org/packages/kestrel-core
        :alt: PyPI Downloads

.. |codecoverage| image:: https://codecov.io/gh/opencybersecurityalliance/kestrel-lang/branch/develop/graph/badge.svg?token=HM4ax10IW3
        :target: https://codecov.io/gh/opencybersecurityalliance/kestrel-lang
        :alt: Code Coverage

.. |black| image:: https://img.shields.io/badge/code%20style-black-000000.svg
        :target: https://github.com/psf/black
        :alt: Code Style: Black

            

Raw data

            {
    "_id": null,
    "home_page": null,
    "name": "kestrel-core",
    "maintainer": null,
    "docs_url": null,
    "requires_python": ">=3.8",
    "maintainer_email": "Xiaokui Shu <xiaokui.shu@ibm.com>, Paul Coccoli <pcoccoli@us.ibm.com>",
    "keywords": "kestrel, language, DSL, cybersecurity, threat hunting, huntflow, entity",
    "author": null,
    "author_email": null,
    "download_url": "https://files.pythonhosted.org/packages/db/d6/e205dc5871112157424cecbb828a2fa06f5a8c1a3c180a8f54ae8dda02f5/kestrel_core-1.8.2.tar.gz",
    "platform": null,
    "description": ".. image:: https://github.com/opencybersecurityalliance/kestrel-lang/raw/develop/logo/logo_w_text.png\n   :width: 460\n   :alt: Kestrel Threat Hunting Language\n\n|\n\n|readthedocs| |pypi| |downloads| |codecoverage| |black|\n\n|\n\nKestrel is a threat hunting language aiming to make cyber threat hunting *fast*\nby providing a layer of abstraction to build reusable, composable, and\nshareable hunt-flow. Starting with:\n\n#. `Black Hat USA 2022 session recording`_\n#. `Black Hat USA 2022 Kestrel hunting lab`_\n#. `Kestrel live tutorial in a cloud sandbox`_\n\nThe Goal\n========\n\nSoftware developers write Python or Swift than machine code to quickly turn\nbusiness logic into applications. Threat hunters write Kestrel to quickly turn\nthreat hypotheses into hunt-flow. We see threat hunting as an interactive\nprocedure to create customized intrusion detection systems on the fly, and\nhunt-flow is to hunts as control-flow is to ordinary programs.\n\nWhat does it mean by *hunt fast*?\n\n- Do NOT write the same IoB pattern in different data source queries.\n- Do NOT write one-time-use adapaters to connect hunt steps.\n- Do NOT waste your existing analytic scripts/programs in future hunts.\n- Do construct your hunt-flow from smaller reuseable hunt-flow.\n- Do share your huntbook with your future self and your colleagues.\n- Do get interactive feedback and revise hunt-flow on the fly.\n\n|\n\n.. image:: https://github.com/opencybersecurityalliance/data-bucket-kestrel/raw/main/images/github_homepage_animation.gif\n   :width: 90%\n   :target: https://www.youtube.com/watch?v=tASFWZfD7l8\n   :alt: Kestrel Hunting Demo\n\nKestrel in a Nutshell\n=====================\n\n.. image:: https://github.com/opencybersecurityalliance/kestrel-lang/raw/develop/docs/images/overview.png\n   :width: 100%\n   :alt: Kestrel overview.\n\n- **Kestrel language**: a threat hunting language for a human to express *what to\n  hunt*.\n\n  - expressing the knowledge of *what* in patterns, analytics, and hunt flows.\n  - composing reusable hunting flows from individual hunting steps.\n  - reasoning with human-friendly entity-based data representation abstraction.\n  - thinking across heterogeneous data and threat intelligence sources.\n  - applying existing public and proprietary detection logic as analytic hunt steps.\n  - reusing and sharing individual hunting steps, hunt-flow, and entire huntbooks.\n\n- **Kestrel runtime**: a machine interpreter that deals with *how to hunt*.\n\n  - compiling the *what* against specific hunting platform instructions.\n  - executing the compiled code locally and remotely.\n  - assembling raw logs and records into entities for entity-based reasoning.\n  - caching intermediate data and related records for fast response.\n  - prefetching related logs and records for link construction between entities.\n  - defining extensible interfaces for data sources and analytics execution.\n\nBasic Concepts and Howto\n========================\n\nVisit `Kestrel documentation`_ to learn Kestrel:\n\n- Learn concepts and syntax:\n\n  - `A comprehensive introduction to Kestrel`_\n  - `The two key concepts of Kestrel`_\n  - `Interactive tutorial with quiz`_\n  - `Language reference book`_\n\n- Hunt in your environment:\n\n  - `Kestrel runtime installation`_\n  - `How to connect to your data sources`_\n  - `How to execute an analytic hunt step in Python/Docker`_\n  - `How to use Kestrel via API`_\n  - `How to launch Kestrel as a Docker container`_\n\nKestrel Huntbooks And Analytics\n===============================\n\n- `Kestrel huntbook`_: community-contributed Kestrel huntbooks\n- `Kestrel analytics`_: community-contributed Kestrel analytics\n\nKestrel Hunting Blogs\n=====================\n\n#. `Building a Huntbook to Discover Persistent Threats from Scheduled Windows Tasks`_\n#. `Practicing Backward And Forward Tracking Hunts on A Windows Host`_\n#. `Building Your Own Kestrel Analytics and Sharing With the Community`_\n#. `Setting Up The Open Hunting Stack in Hybrid Cloud With Kestrel and SysFlow`_\n#. `Try Kestrel in a Cloud Sandbox`_\n#. `Fun with securitydatasets.com and the Kestrel PowerShell Deobfuscator`_\n#. `Kestrel Data Retrieval Explained`_\n\nTalks And Demos\n===============\n\nTalk summary (visit `Kestrel documentation on talks`_ to learn details):\n\n- 2023/08 `Black Hat USA 2023`_\n- 2022/12 `Infosec Jupyterthon 2022`_ [`IJ'22 live hunt recording`_]\n- 2022/08 `Black Hat USA 2022`_ [`BH'22 recording`_ | `BH'22 hunting lab`_]\n- 2022/06 `Cybersecurity Automation Workshop`_\n- 2022/04 `SC eSummit on Threat Hunting & Offense Security`_ (free to register/playback)\n- 2021/12 `Infosec Jupyterthon 2021`_ [`IJ'21 live hunt recording`_]\n- 2021/11 `BlackHat Europe 2021`_\n- 2021/10 `SANS Threat Hunting Summit 2021`_: [`SANS'21 session recording`_]\n- 2021/05 `RSA Conference 2021`_: [`RSA'21 session recording`_]\n\nConnecting With The Community\n=============================\n\n- Join Kestrel slack channel:\n  \n  - Get a `slack invitation`_ to join `Open Cybersecurity Alliance workspace`_\n  \n    .. image:: https://opencyberallia.wpengine.com/wp-content/uploads/2022/03/OCA-logo-e1646689234325.png\n       :width: 20%\n       :alt: OCA logo\n     \n  - Join the *kestrel* channel to ask questions and connect with other hunters\n  \n- Contribute to the language development (`Apache License 2.0`_):\n\n  - Create a `GitHub Issue`_ to report bugs and suggest new features\n  - Follow the `contributing guideline`_ to submit your pull request\n  - Refer to the `governance documentation`_ regarding PR merge, release, and vulnerability disclosure\n\n- Share your huntbook and analytics:\n\n  - `Kestrel huntbook`_\n  - `Kestrel analytics`_\n\n\n\n\n.. _Kestrel live tutorial in a cloud sandbox: https://mybinder.org/v2/gh/opencybersecurityalliance/kestrel-huntbook/HEAD?filepath=tutorial\n.. _Kestrel documentation: https://kestrel.readthedocs.io/\n\n.. _A comprehensive introduction to Kestrel: https://kestrel.readthedocs.io/en/stable/overview/\n.. _The two key concepts of Kestrel: https://kestrel.readthedocs.io/en/stable/language/tac.html#key-concepts\n.. _Interactive tutorial with quiz: https://mybinder.org/v2/gh/opencybersecurityalliance/kestrel-huntbook/HEAD?filepath=tutorial\n.. _Kestrel runtime installation: https://kestrel.readthedocs.io/en/stable/installation/runtime.html\n.. _How to connect to your data sources: https://kestrel.readthedocs.io/en/stable/installation/datasource.html\n.. _How to execute an analytic hunt step in Python/Docker: https://kestrel.readthedocs.io/en/stable/installation/analytics.html\n.. _Language reference book: https://kestrel.readthedocs.io/en/stable/language/commands.html\n.. _How to use Kestrel via API: https://kestrel.readthedocs.io/en/stable/source/kestrel.session.html\n.. _How to launch Kestrel as a Docker container: https://kestrel.readthedocs.io/en/stable/deployment/\n.. _Kestrel documentation on talks: https://kestrel.readthedocs.io/en/stable/talks.html\n\n.. _Kestrel huntbook: https://github.com/opencybersecurityalliance/kestrel-huntbook\n.. _Kestrel analytics: https://github.com/opencybersecurityalliance/kestrel-analytics\n\n.. _Building a Huntbook to Discover Persistent Threats from Scheduled Windows Tasks: https://opencybersecurityalliance.org/huntbook-persistent-threat-discovery-kestrel/\n.. _Practicing Backward And Forward Tracking Hunts on A Windows Host: https://opencybersecurityalliance.org/backward-and-forward-tracking-hunts-on-a-windows-host/\n.. _Building Your Own Kestrel Analytics and Sharing With the Community: https://opencybersecurityalliance.org/kestrel-custom-analytics/\n.. _Setting Up The Open Hunting Stack in Hybrid Cloud With Kestrel and SysFlow: https://opencybersecurityalliance.org/kestrel-sysflow-open-hunting-stack/\n.. _Try Kestrel in a Cloud Sandbox: https://opencybersecurityalliance.org/try-kestrel-in-a-cloud-sandbox/\n.. _Fun with securitydatasets.com and the Kestrel PowerShell Deobfuscator: https://opencybersecurityalliance.org/fun-with-securitydatasets-com-and-the-kestrel-powershell-deobfuscator/\n.. _Kestrel Data Retrieval Explained: https://opencybersecurityalliance.org/kestrel-data-retrieval-explained/\n\n.. _RSA Conference 2021: https://www.rsaconference.com/Library/presentation/USA/2021/The%20Game%20of%20Cyber%20Threat%20Hunting%20The%20Return%20of%20the%20Fun\n.. _RSA'21 session recording: https://www.youtube.com/watch?v=-Xb086R0JTk\n.. _SANS Threat Hunting Summit 2021: https://www.sans.org/blog/a-visual-summary-of-sans-threat-hunting-summit-2021/\n.. _SANS'21 session recording: https://www.youtube.com/watch?v=gyY5DAWLwT0\n.. _BlackHat Europe 2021: https://www.blackhat.com/eu-21/arsenal/schedule/index.html#an-open-stack-for-threat-hunting-in-hybrid-cloud-with-connected-observability-25112\n.. _Infosec Jupyterthon 2021: https://infosecjupyterthon.com/2021/agenda.html\n.. _IJ'21 live hunt recording: https://www.youtube.com/embed/nMnHBnYfIaI?start=20557&end=22695\n.. _Infosec Jupyterthon 2022: https://infosecjupyterthon.com/2022/agenda.html\n.. _IJ'22 live hunt recording: https://www.youtube.com/embed/8Mw1yyYkeqM?start=23586&end=26545\n.. _SC eSummit on Threat Hunting & Offense Security: https://www.scmagazine.com/esummit/automating-the-hunt-for-advanced-threats\n.. _Cybersecurity Automation Workshop: http://www.cybersecurityautomationworkshop.org/\n.. _Black Hat USA 2023: https://www.blackhat.com/us-23/arsenal/schedule/index.html#identity-threat-hunting-with-kestrel-33662\n.. _Black Hat USA 2022: https://www.blackhat.com/us-22/arsenal/schedule/index.html#streamlining-and-automating-threat-hunting-with-kestrel-28014\n.. _BH'22 recording: https://www.youtube.com/watch?v=tf1VLIpFefs\n.. _Black Hat USA 2022 session recording: https://www.youtube.com/watch?v=tf1VLIpFefs\n.. _BH'22 hunting lab: https://mybinder.org/v2/gh/opencybersecurityalliance/black-hat-us-2022/HEAD?filepath=demo\n.. _Black Hat USA 2022 Kestrel hunting lab: https://mybinder.org/v2/gh/opencybersecurityalliance/black-hat-us-2022/HEAD?filepath=demo\n\n.. _slack invitation: https://join.slack.com/t/open-cybersecurity/shared_invite/zt-19pliofsm-L7eSSB8yzABM2Pls1nS12w\n.. _Open Cybersecurity Alliance workspace: https://open-cybersecurity.slack.com/\n.. _GitHub Issue: https://github.com/opencybersecurityalliance/kestrel-lang/issues\n.. _contributing guideline: CONTRIBUTING.rst\n.. _governance documentation: GOVERNANCE.rst\n.. _Apache License 2.0: LICENSE.md\n\n\n.. |readthedocs| image:: https://readthedocs.org/projects/kestrel/badge/?version=latest\n        :target: https://kestrel.readthedocs.io/en/latest/?badge=latest\n        :alt: Documentation Status\n\n.. |pypi| image:: https://img.shields.io/pypi/v/kestrel-jupyter\n        :target: https://pypi.python.org/pypi/kestrel-jupyter\n        :alt: Latest Version\n\n.. |downloads| image:: https://img.shields.io/pypi/dm/kestrel-core\n        :target: https://pypistats.org/packages/kestrel-core\n        :alt: PyPI Downloads\n\n.. |codecoverage| image:: https://codecov.io/gh/opencybersecurityalliance/kestrel-lang/branch/develop/graph/badge.svg?token=HM4ax10IW3\n        :target: https://codecov.io/gh/opencybersecurityalliance/kestrel-lang\n        :alt: Code Coverage\n\n.. |black| image:: https://img.shields.io/badge/code%20style-black-000000.svg\n        :target: https://github.com/psf/black\n        :alt: Code Style: Black\n",
    "bugtrack_url": null,
    "license": "Apache 2.0 License",
    "summary": "Kestrel Threat Hunting Language",
    "version": "1.8.2",
    "project_urls": {
        "Documentation": "https://kestrel.readthedocs.io/",
        "Homepage": "https://github.com/opencybersecurityalliance/kestrel-lang",
        "Repository": "https://github.com/opencybersecurityalliance/kestrel-lang.git"
    },
    "split_keywords": [
        "kestrel",
        " language",
        " dsl",
        " cybersecurity",
        " threat hunting",
        " huntflow",
        " entity"
    ],
    "urls": [
        {
            "comment_text": "",
            "digests": {
                "blake2b_256": "62e95e171664e630d38cf13be430c8bf78d497fd63319ad934ca0a734090991b",
                "md5": "2e317c47fb91f1447bebbe63392596a3",
                "sha256": "6e35dde470c6489f8aff1abebdda8b4f061f99b7aeb7a8bce6985dc7bf06f76d"
            },
            "downloads": -1,
            "filename": "kestrel_core-1.8.2-py3-none-any.whl",
            "has_sig": false,
            "md5_digest": "2e317c47fb91f1447bebbe63392596a3",
            "packagetype": "bdist_wheel",
            "python_version": "py3",
            "requires_python": ">=3.8",
            "size": 61671,
            "upload_time": "2024-04-22T18:07:26",
            "upload_time_iso_8601": "2024-04-22T18:07:26.118143Z",
            "url": "https://files.pythonhosted.org/packages/62/e9/5e171664e630d38cf13be430c8bf78d497fd63319ad934ca0a734090991b/kestrel_core-1.8.2-py3-none-any.whl",
            "yanked": false,
            "yanked_reason": null
        },
        {
            "comment_text": "",
            "digests": {
                "blake2b_256": "dbd6e205dc5871112157424cecbb828a2fa06f5a8c1a3c180a8f54ae8dda02f5",
                "md5": "4209e2d5a49a932429a4e2d6fcd7dc6c",
                "sha256": "dc43d9cefbc33afd7876c5c3e97b527bec1dc13c64f1ffd49ce246aac3674e5b"
            },
            "downloads": -1,
            "filename": "kestrel_core-1.8.2.tar.gz",
            "has_sig": false,
            "md5_digest": "4209e2d5a49a932429a4e2d6fcd7dc6c",
            "packagetype": "sdist",
            "python_version": "source",
            "requires_python": ">=3.8",
            "size": 71223,
            "upload_time": "2024-04-22T18:07:28",
            "upload_time_iso_8601": "2024-04-22T18:07:28.213094Z",
            "url": "https://files.pythonhosted.org/packages/db/d6/e205dc5871112157424cecbb828a2fa06f5a8c1a3c180a8f54ae8dda02f5/kestrel_core-1.8.2.tar.gz",
            "yanked": false,
            "yanked_reason": null
        }
    ],
    "upload_time": "2024-04-22 18:07:28",
    "github": true,
    "gitlab": false,
    "bitbucket": false,
    "codeberg": false,
    "github_user": "opencybersecurityalliance",
    "github_project": "kestrel-lang",
    "travis_ci": false,
    "coveralls": false,
    "github_actions": true,
    "lcname": "kestrel-core"
}
        
Elapsed time: 0.56307s