The Nethive Project provides a Security Information and Event Management (SIEM) insfrastructure empowered by CVSS automatic measurements.
Features
- Machine Learning powered SQL Injection Detection
- Server-side XSS Detection based on Chrome’s XSS Auditor
- Post-exploitation Detection powered by Auditbeat
- Bash Command History Tracker
- CVSS Measurement on Detected Attacks
- Realtime Log Storing powered by Elasticsearch and Logstash
- Basic System Monitoring
- Resourceful Dashboard UI
- Notify Suspicious Activity via Email
Installation
Before installing, please make sure to install the pre-requisites.
You can install Nethive from PyPi package manager using the following command:
[Coming Soon!]
or
You can install Nethive using the latest repository:
$ git clone https://github.com/chrisandoryan/Nethive-Project.git
$ cd Nethive-Project/
$ sudo bash install.sh
$ sudo pip3 install -r requirements.txt
Please make sure all dependencies are installed if anyone of the above fails. For more detailed information, refer to the installation guide.
Quick Start
- Fetch and start nethive-cvss docker container
$ git clone https://github.com/Falanteris/docker-nethive-cvss/ $ cd docker-nethive-cvss/ $ docker build -t nethive-cvss . $ ./cvss - Start Nethive and copy default configuration
$ cd Nethive-Project/ $ cp .env.example .env - Activate all Nethive processing engines:
$ sudo python3 main.py.
On the menu prompt, choose [3] Just-Run-This-Thing, then wait for the engines to be initialized. - Start Nethive UI Server
$ cd Nethive-Project/dashboard/ $ npm install && npm start - Go to http://localhost:3000/
 insfrastructure empowered by CVSS automatic measurements.){kind=link}