Sooty is a SOC analysts tool that would also work well for an individual intrusion analyst. It’s available at https://github.com/TheresAFewConors/Sooty. I’ve installed it on a Fedora test box at my day job; I’m going to install it on one of my laptops at home and go through the steps here as I had to track down a couple of dependencies to get it installed correctly on Fedora 32.
*** This is a Security Bloggers Network syndicated blog from JeffSoh on NetSec authored by JeffSoh. Read the original post at: https://jeffsoh.blogspot.com/2020/10/sooty-soc-analysts-tool-part-i.html