AIL Framework version 5.0 released - Major Rewrite, Kvrocks Database, and Lacus Crawler Migration

Jun 6, 2023 • adulau

AIL v5.0 introduces significant improvements and new features:

  • Codebase Rewrite: The codebase has undergone a substantial rewrite resulting in enhanced performance and speed improvements.
  • Database Upgrade: The database has been migrated from ARDB to Kvrocks.
  • New Correlation Engine: AIL v5.0 introduces a new powerful correlation engine with two new correlation types: CVE and Title.
  • Enhanced Logging: The logging system has been improved to provide better troubleshooting capabilities.
  • Tagging Support: AIL objects now support tagging, allowing users to categorize and label extracted information for easier analysis and organization.
  • Trackers: Improved objects filtering, PGP and decoded tracking added.
  • UI Leak Visualization: The user interface has been upgraded to visualize extracted and tracked information.
  • New Crawler Lacus: improve crawling capabilities.
  • Modular Importers and Exporters: New importers (ZMQ, AIL Feeders) and exporters (MISP, Mail, TheHive) modular design. Allow easy creation and customization by extending an abstract class.
  • Module Queues: improved the queuing mechanism between detection modules.
  • New Object CVE and Title: Extract an correlate CVE IDs and web page titles.



UI Extracted/Tracked content: