Nethive Project : Restructured & Collaborated SIEM & CVSS Infrastructure

The Nethive Project provides a Security Information and Event Management (SIEM) insfrastructure empowered by CVSS automatic measurements.

Features

• Machine Learning powered SQL Injection Detection
• Server-side XSS Detection based on Chrome’s XSS Auditor
• Post-exploitation Detection powered by Auditbeat
• Bash Command History Tracker
• CVSS Measurement on Detected Attacks
• Realtime Log Storing powered by Elasticsearch and Logstash
• Basic System Monitoring
• Resourceful Dashboard UI
• Notify Suspicious Activity via Email

Installation

Before installing, please make sure to install the pre-requisites.

You can install Nethive from PyPi package manager using the following command:

[Coming Soon!]

or

You can install Nethive using the latest repository:

$ git clone https://github.com/chrisandoryan/Nethive-Project.git
$ cd Nethive-Project/
$ sudo bash install.sh
$ sudo pip3 install -r requirements.txt

Please make sure all dependencies are installed if anyone of the above fails. For more detailed information, refer to the installation guide.

Quick Start

• Fetch and start nethive-cvss docker container $ git clone https://github.com/Falanteris/docker-nethive-cvss/ $ cd docker-nethive-cvss/ $ docker build -t nethive-cvss . $ ./cvss
• Start Nethive and copy default configuration $ cd Nethive-Project/ $ cp .env.example .env
• Activate all Nethive processing engines: $ sudo python3 main.py .
  On the menu prompt, choose [3] Just-Run-This-Thing, then wait for the engines to be initialized.
• Start Nethive UI Server $ cd Nethive-Project/dashboard/ $ npm install && npm start
• Go to http://localhost:3000/