SHARE
Nethive Project : Restructured & Collaborated SIEM & CVSS Infrastructure

The Nethive Project provides a Security Information and Event Management (SIEM) insfrastructure empowered by CVSS automatic measurements.

Features

  • Machine Learning powered SQL Injection Detection
  • Server-side XSS Detection based on Chrome’s XSS Auditor
  • Post-exploitation Detection powered by Auditbeat
  • Bash Command History Tracker
  • CVSS Measurement on Detected Attacks
  • Realtime Log Storing powered by Elasticsearch and Logstash
  • Basic System Monitoring
  • Resourceful Dashboard UI
  • Notify Suspicious Activity via Email

Installation

Before installing, please make sure to install the pre-requisites.

You can install Nethive from PyPi package manager using the following command:

[Coming Soon!]

or

You can install Nethive using the latest repository:

$ git clone https://github.com/chrisandoryan/Nethive-Project.git
$ cd Nethive-Project/
$ sudo bash install.sh
$ sudo pip3 install -r requirements.txt

Please make sure all dependencies are installed if anyone of the above fails. For more detailed information, refer to the installation guide.

Quick Start

Start Nethive
  • Fetch and start nethive-cvss docker container $ git clone https://github.com/Falanteris/docker-nethive-cvss/ $ cd docker-nethive-cvss/ $ docker build -t nethive-cvss . $ ./cvss
  • Start Nethive and copy default configuration $ cd Nethive-Project/ $ cp .env.example .env
  • Activate all Nethive processing engines: $ sudo python3 main.py .
    On the menu prompt, choose [3] Just-Run-This-Thing, then wait for the engines to be initialized.
  • Start Nethive UI Server $ cd Nethive-Project/dashboard/ $ npm install && npm start
  • Go to http://localhost:3000/