The Cybersecurity and Infrastructure Security Agency (CISA) announced today that they have released RedEye, an open-source analytics tool for use by Red and Blue Teams to visualize and report command and control activities. The tool was developed in partnership with the Pacific Northwest National Laboratory.
The tool is available now for anyone to download on GitHub.
According to the GitHub readme, RedEye “allows an operator to assess and display complex data, evaluate mitigation strategies, and enable effective decision making in response to a Red Team assessment.”
RedEye is capable of parsing logs, and presenting the data in a user-friendly dashboard. A presentation mode is available for presenting findings or reporting to stakeholders. Whether it’s used for Red Team penetration testing or Blue Team defense analysis, the goal is to improve cybersecurity posture.
A Blue Team mode is also available in the same application binary.
CISA also provided a full video walkthrough of the tool available on YouTube. You can also watch it below:
