RECENT POSTS
- AIL Project v6.1 released with new features including unsafe filter for Tor crawling, many bugs fixed and Telegram attachment analysis (2025-02-06)
- AIL Project v6.0.1 - Improved usability in social network monitoring and many bugs fixed
- AIL Project v6.0: Improved Dark Web Analysis with a New Dashboard
- AIL Framework v5.9 Released – New Features such as dom-hash correlation, improvements and many bug fixes
- First release of onion-lookup version 0.1 - gathering metadata from Tor onion addresses
- AIL Framework v5.8 Released – New Features such as QR code extraction, improvements and fixes
- AIL Project version 5.7 released with many improvements with 2FA support, multi-organisation support, improved chat monitoring and more.
- AIL Project version 5.6 released with many improvements in the OCR and correlation functions and many updates.
- AIL Framework 5.5 Released: New OCR Module for Images, Report Generator for Tracker Module, and Numerous Improvements.
- AIL framework 5.4 released with many semantic improvements in chat channels, new Tor vanity domain explorer, Favicon Correlations and various improvements.
- All posts ...
AIL Framework version 5.0 released - Major Rewrite, Kvrocks Database, and Lacus Crawler Migration
Jun 6, 2023 • adulau
AIL v5.0 introduces significant improvements and new features:
- Codebase Rewrite: The codebase has undergone a substantial rewrite resulting in enhanced performance and speed improvements.
- Database Upgrade: The database has been migrated from ARDB to Kvrocks.
- New Correlation Engine: AIL v5.0 introduces a new powerful correlation engine with two new correlation types: CVE and Title.
- Enhanced Logging: The logging system has been improved to provide better troubleshooting capabilities.
- Tagging Support: AIL objects now support tagging, allowing users to categorize and label extracted information for easier analysis and organization.
- Trackers: Improved objects filtering, PGP and decoded tracking added.
- UI Leak Visualization: The user interface has been upgraded to visualize extracted and tracked information.
- New Crawler Lacus: improve crawling capabilities.
- Modular Importers and Exporters: New importers (ZMQ, AIL Feeders) and exporters (MISP, Mail, TheHive) modular design. Allow easy creation and customization by extending an abstract class.
- Module Queues: improved the queuing mechanism between detection modules.
- New Object CVE and Title: Extract an correlate CVE IDs and web page titles.
Correlation:
UI Extracted/Tracked content:
JTAN
Development of the AIL framework is co-funded by the European Union CEF program and CIRCL.
The Action will establish a Joint Threat Analysis Network, an open collaboration group of European computer security incident response teams (CSIRTs) with the focus on collecting, sharing and analysis of technical, operational and strategic threat intelligence. The purpose of this collaboration is to combine unique advantages of different teams to obtain comprehensive situational awareness and actionable information to effectively defend constituencies in each Member State, from critical infrastructure operators targeted by state-sponsored actors to individual citizens affected by cybercrime. The main part of the Action addresses gaps in the Cyber Threat Intelligence (CTI) tooling that is currently used by the national level CSIRTs in Europe. By strengthening individual tools and interconnecting them, the beneficiaries will achieve a new level of common situational awareness and they will benefit from shared knowledge and tooling.