The Nethive Project provides a Security Information and Event Management (SIEM) insfrastructure empowered by CVSS automatic measurements.

Features

• Machine Learning powered SQL Injection Detection
• Server-side XSS Detection based on Chrome's XSS Auditor
• Post-exploitation Detection powered by Auditbeat
• Bash Command History Tracker
• CVSS Measurement on Detected Attacks
• Realtime Log Storing powered by Elasticsearch and Logstash
• Basic System Monitoring
• Resourceful Dashboard UI
• Notify Suspicious Activity via Email

Installation

Before installing, please make sure to install the pre-requisites.

You can install Nethive from PyPi package manager using the following command:

[Coming Soon!]

or

You can install Nethive using the latest repository:

$ git clone https://github.com/chrisandoryan/Nethive-Project.git
$ cd Nethive-Project/
$ sudo bash install.sh
$ sudo pip3 install -r requirements.txt

Please make sure all dependencies are installed if anyone of the above fails. For more detailed information, refer to the installation guide.

Quick Start

1. Fetch and start nethive-cvss docker container

   $ git clone https://github.com/Falanteris/docker-nethive-cvss/
   $ cd docker-nethive-cvss/
   $ docker build -t nethive-cvss .
   $ ./cvss
   

2. Start Nethive and copy default configuration

   $ cd Nethive-Project/
   $ cp .env.example .env
   

3. Activate all Nethive processing engines: $ sudo python3 main.py .
   On the menu prompt, choose [3] Just-Run-This-Thing, then wait for the engines to be initialized.

4. Start Nethive UI Server

   $ cd Nethive-Project/dashboard/
   $ npm install && npm start
   

5. Go to http://localhost:3000/