Skip to content
/ Nethive-Project Public

Restructured and Collaborated SIEM and CVSS Infrastructure. Presented at Blackhat Asia Arsenal 2020.

1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

chrisandoryan/Nethive-Project

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

214 Commits
.vscode
.vscode
 
 
__pycache__
__pycache__
 
 
activators
activators
 
 
dashboard
dashboard
 
 
doc
doc
 
 
graphics
graphics
 
 
models
models
 
 
observers
observers
 
 
parsers
parsers
 
 
processors
processors
 
 
serviceguards
serviceguards
 
 
sniffers
sniffers
 
 
storage
storage
 
 
tests
tests
 
 
thirdparties
thirdparties
 
 
threlk_engine
threlk_engine
 
 
ui
ui
 
 
.env
.env
 
 
.env.example
.env.example
 
 
.gitignore
.gitignore
 
 
CHANGELOG.md
CHANGELOG.md
 
 
Dockerfile.save
Dockerfile.save
 
 
README.md
README.md
 
 
documentation.txt
documentation.txt
 
 
install.sh
install.sh
 
 
main.py
main.py
 
 
references.txt
references.txt
 
 
requirements.txt
requirements.txt
 
 
settings.py
settings.py
 
 
settings.pyc
settings.pyc
 
 
threlk.log
threlk.log
 
 
utils.py
utils.py
 
 
utils.pyc
utils.pyc
 
 

Repository files navigation

Nethive-Project


nethive-logo

Zero to Low Latency Monitoring System

FeaturesInstallationQuick StartContributorsUser Guide

The Nethive Project provides a Security Information and Event Management (SIEM) insfrastructure empowered by CVSS automatic measurements.

Dashboard Preview

Features

  • Machine Learning powered SQL Injection Detection
  • Server-side XSS Detection based on Chrome's XSS Auditor
  • Post-exploitation Detection powered by Auditbeat
  • Bash Command History Tracker
  • CVSS Measurement on Detected Attacks
  • Realtime Log Storing powered by Elasticsearch and Logstash
  • Basic System Monitoring
  • Resourceful Dashboard UI
  • Notify Suspicious Activity via Email

Installation

Before installing, please make sure to install the pre-requisites.

You can install Nethive from PyPi package manager using the following command:

[Coming Soon!]

or

You can install Nethive using the latest repository:

$ git clone https://github.com/chrisandoryan/Nethive-Project.git
$ cd Nethive-Project/
$ sudo bash install.sh
$ sudo pip3 install -r requirements.txt

Please make sure all dependencies are installed if anyone of the above fails. For more detailed information, refer to the installation guide.

Quick Start

Start Nethive

  1. Fetch and start nethive-cvss docker container

    $ git clone https://github.com/Falanteris/docker-nethive-cvss/
$ cd docker-nethive-cvss/
$ docker build -t nethive-cvss .
$ ./cvss

  2. Start Nethive and copy default configuration

    $ cd Nethive-Project/
$ cp .env.example .env

  3. Activate all Nethive processing engines: $ sudo python3 main.py .
    On the menu prompt, choose [3] Just-Run-This-Thing, then wait for the engines to be initialized.

  4. Start Nethive UI Server

    $ cd Nethive-Project/dashboard/
$ npm install && npm start

  5. Go to http://localhost:3000/

Contributors

About

Restructured and Collaborated SIEM and CVSS Infrastructure. Presented at Blackhat Asia Arsenal 2020.

Resources

Readme
Activity

Stars

1 star

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 4

  •  
  •  
  •  
  •  

Languages