msticpy
v2.13.0
Getting Started
Querying and Importing Data
Enriching Data
Analyzing Data
Base64 Decoding and Unpacking
IoC Extraction
Event Clustering
Anomalous Sessions
Pivot Functions
Displaying/Visualizing Data
msticpy API
Extending MSTICPy
MSTICPy Development Guidelines
Notebook Examples
Articles, Labs and other Resources
Releases
Contributing
License
msticpy
Analyzing Data
Edit on GitHub
Analyzing Data
Base64 Decoding and Unpacking
Base64 decode an input string
Using a DataFrame as input
Interpreting the DataFrame output
Decoding Nested Base64/Archives
IPython magic
Pandas Extension
IoC Extraction
Looking for IoC in a String
Using a DataFrame as Input
IoCExtractor API
Predefined Regex Patterns
Adding your own pattern(s)
Merging output with source data
IPython magic
Pandas Extension
Event Clustering
Processes on Host - Clustering
Host Logons
Anomalous Sessions
Creating the Sessions
Model the sessions
Visualise the Modelled Sessions
Other Log Types + KQL
Pivot Functions
What are Pivot Functions?
Sample notebooks
Changes in V2.0.0
What is “Pivoting”?
Getting started
Running a pivot function
Data query pivot functions
Threat Intelligence lookups
Pandas processing pipeline with pivot functions
Customizing and managing Pivots