The Nethive Project provides a Security Information and Event Management (SIEM) insfrastructure empowered by CVSS automatic measurements.
- Machine Learning powered SQL Injection Detection
- Server-side XSS Detection based on Chrome's XSS Auditor
- Post-exploitation Detection powered by Auditbeat
- Bash Command History Tracker
- CVSS Measurement on Detected Attacks
- Realtime Log Storing powered by Elasticsearch and Logstash
- Basic System Monitoring
- Resourceful Dashboard UI
- Notify Suspicious Activity via Email
Installation
Before installing, please make sure to install the pre-requisites.
You can install Nethive from PyPi package manager using the following command:
[Coming Soon!]
or
You can install Nethive using the latest repository:
$ git clone https://github.com/chrisandoryan/Nethive-Project.git
$ cd Nethive-Project/
$ sudo bash install.sh
$ sudo pip3 install -r requirements.txt
Please make sure all dependencies are installed if anyone of the above fails. For more detailed information, refer to the installation guide.
Quick Start
Fetch and start nethive-cvss docker container
$ git clone https://github.com/Falanteris/docker-nethive-cvss/
$ cd docker-nethive-cvss/
$ docker build -t nethive-cvss .
$ ./cvssStart Nethive and copy default configuration
$ cd Nethive-Project/
$ cp .env.example .envActivate all Nethive processing engines:
$ sudo python3 main.py
.
On the menu prompt, choose [3] Just-Run-This-Thing, then wait for the engines to be initialized.Start Nethive UI Server
$ cd Nethive-Project/dashboard/
$ npm install && npm startGo to http://localhost:3000/