AshES Cybersecurity

AshES CTI - Documentation

AshES CTI is a Windows-native, offline-first Threat Intelligence platform designed to keep things simple. No servers, no cloud accounts, no external dependencies. Just install, activate, and use.

1. Download & Installation

System Requirements:

  • Windows 10 / 11 (64-bit)
  • No internet connection required
  • Runs under normal user accounts (admin only for installation)

Download:
https://ashes-cybersecurity.com/ashescti

Install Steps:

  • Run the installer (AshesCTIv100.exe).
  • Follow the on-screen instructions.
  • Launch ashes-ti-ui.exe from the Start Menu or the Installation folder.
  • Enter your license key when prompted.

2. First Run & License Activation

On first launch, you will see a license activation window.

  • Select your License file or Paste your license key
  • Activation is instant and local
  • No cloud verification at any point
  • Your activation persists on this machine

3. Quick Start Guide

A) Using the Graphical Interface

  • Open AshES TI
  • Click Ingest OSINT Feeds
  • Click Enrich IOCs
  • View Summaries, Stats & MITRE ATT&CK mapping
  • Use Export for STIX, JSON, CSV

B) Using the Command-Line Interface (CLI)

Run from PowerShell or Command Prompt:

ashes-ti.exe ingest-yesterday-only
ashes-ti.exe enrich-iocs
ashes-ti.exe ioc-add
ashes-ti.exe --help
ashes-ti.exe --version

4. Key Features

  • OSINT Feed Ingestion: Extracts indicators, malware names, techniques.
  • Offline Enrichment: All enrichment is local; no external APIs.
  • MITRE ATT&CK Mapping: Quickly understand adversary techniques.
  • Exports: TAXII 2.1, STIX 2.1, JSON, CSV, internal formats.
  • Daily Routine: Run Ingest Yesterday once per day.

5. Notes & Tips

  • AshES TI runs offline.
  • No telemetry or network calls.
  • Reinstalling Windows on the same hardware preserves your license.
  • The app is lightweight and simple to operate.

Support: support@ashes-cybersecurity.com

6. Checksums & Verification

SHA-256 checksums come with every release. Digitally-signed offline bundles are available on request.

7. Frequently Asked Questions

Does AshES TI require internet?
Yes, only during OSINT ingestion and live enrichment. All analysis, viewing, exporting, MITRE mapping, and usage run fully offline. AshES TI is perfectly suited for air-gapped and isolated networks when feeds are preloaded.

Does it send telemetry?
No. Nothing leaves your machine.

Is there a server?
No, it's a self-contained Windows application.

Do I need special hardware?
No, any modern Windows system works.

8. Support

If you need help installing, activating, or using AshES TI:

Email: support@ashes-cybersecurity.com