资 源 简 介
PT-Sguil is a client for Sguil written in C#. Where I was able to, I"ve directly ported large portions of the TCL/Tk client to C# to ease development between the two languages.
Note: Due to a back-up procedure "oversight", I deleted my entire codebase during a laptop rebuild before creating this SVN repository. I thankfully had a complied binary that I was able to extract the source from by using Reflector and FileDisassembler. This however produced some very ugly variable names and loop routines which I"ll be refactoring over time.
Current Functionality
Event Categorization/Validation/Escalation
Packet View
Rule View
Text Report Exports (excluding PortScan events)
Additional Features
Encoder/Decoder Tool (Base64, URL)
System Tray Notification of Events While Sleeping
In Progress
