A framework for simplifying analysis.
stoQ is a automation framework that helps to simplify the more mundane and repetitive tasks an analyst is required to do. It allows analysts and DevSecOps teams the ability to quickly transition from different data sources, databases, decoders/encoders, and numerous other tasks. stoQ was designed to be enterprise ready and scalable, while also being lean enough for individual security researchers.
Want to learn more? Read some of the blog posts we've written to learn more.
stoQ currently has over 40 publicly available plugins. These plugins are available separately in the plugin repository
Don't see a plugin you need? Check out the plugin development documentation, or contact us.
Installation and Documenation
Want to get started quickly? Check out the docker image.
stoQ requires a minimum of python 3.6. Installation on Debian based systems is as simple as running a script. For detailed instructions on how to install stoQ, to include the installation script, please visit stoQ's install documentation. If you're interested in learning more about stoQ, to include how to develop your own plugins, checkout the full documentation.