GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → elysium-suite → aeacus

elysium-suite / aeacus

Licence: GPL-2.0 License
🔐 Vulnerability remediation scoring system

Programming Languages

go
31211 projects - #10 most used programming language
shell
77523 projects
Makefile
30231 projects

Labels

windowslinuxcybersecuritycyberpatriotvulnerability-assessmentelysium-suite

Projects that are alternatives of or similar to aeacus

H4cker
This repository is primarily maintained by Omar Santos and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more.
Stars: ✭ 10,451 (+19998.08%)
Mutual labels:  cybersecurity, vulnerability-assessment
Vuls
Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
Stars: ✭ 8,844 (+16907.69%)
Mutual labels:  cybersecurity, vulnerability-assessment
Malware-Machine-Learning
Malware Machine Learning
Stars: ✭ 26 (-50%)
Mutual labels:  cybersecurity
Sherlock
This script is designed to help expedite a web application assessment by automating some of the assessment steps (e.g., running nmap, sublist3r, metasploit, etc.)
Stars: ✭ 36 (-30.77%)
Mutual labels:  cybersecurity
CyberICS.github.io
News and publication on cybersecurity in industry
Stars: ✭ 29 (-44.23%)
Mutual labels:  cybersecurity
goblin
一款适用于红蓝对抗中的仿真钓鱼系统
Stars: ✭ 844 (+1523.08%)
Mutual labels:  cybersecurity
RecoverPy
🙈 Interactively find and recover deleted or 👉 overwritten 👈 files from your terminal
Stars: ✭ 189 (+263.46%)
Mutual labels:  cybersecurity
AwesomeMoroccanHackers
An Awesome List of Moroccan Cyber Security Researchers, Pentesters, Bug Hunters.
Stars: ✭ 69 (+32.69%)
Mutual labels:  cybersecurity
awesome-list-of-secrets-in-environment-variables
🦄🔒 Awesome list of secrets in environment variables 🖥️
Stars: ✭ 538 (+934.62%)
Mutual labels:  cybersecurity
awesome-security-feed
A semi-curated list of Security Feeds
Stars: ✭ 64 (+23.08%)
Mutual labels:  cybersecurity
Libellux-Up-and-Running
Libellux: Up & Running provides documentation on how-to install open-source software from source. The focus is Zero Trust Network to enhance the security for existing applications or install tools to detect and prevent threats.
Stars: ✭ 19 (-63.46%)
Mutual labels:  vulnerability-assessment
Webspoilt
This script will you help to find the information about the website and to help in penetrating testing
Stars: ✭ 34 (-34.62%)
Mutual labels:  cybersecurity
CTF-Write-UP
澳門網絡安全暨奪旗競賽協會(Macau Cyber Security and Capture The Flag Association)MOCSCTF/MOCTF
Stars: ✭ 27 (-48.08%)
Mutual labels:  cybersecurity
domfind
A Python DNS crawler to find identical domain names under different TLDs.
Stars: ✭ 22 (-57.69%)
Mutual labels:  cybersecurity
dorothy
Dorothy is a tool to test security monitoring and detection for Okta environments
Stars: ✭ 85 (+63.46%)
Mutual labels:  cybersecurity
CTF-Writeups
Repository of my CTF writeups
Stars: ✭ 25 (-51.92%)
Mutual labels:  cybersecurity
pyc2bytecode
A Python Bytecode Disassembler helping reverse engineers in dissecting Python binaries by disassembling and analyzing the compiled python byte-code(.pyc) files across all python versions (including Python 3.10.*)
Stars: ✭ 70 (+34.62%)
Mutual labels:  cybersecurity
security-guidance
Security guidance from the MOJ Digital & Technology Cybersecurity team
Stars: ✭ 14 (-73.08%)
Mutual labels:  cybersecurity
idsa
This is the main repository of International Data Spaces Association on GitHub, where you can find general overview and required information on IDS Open Source Landscape.
Stars: ✭ 22 (-57.69%)
Mutual labels:  cybersecurity
WiFi-Project
Pre-connection attacks, gaining access & post-connection attacks on WEP, WPA & WPA2. 🛰✔️
Stars: ✭ 22 (-57.69%)
Mutual labels:  cybersecurity
View All Similar Projects ➔

aeacus Go Report Card build test format

aeacus is a vulnerability scoring engine for Windows and Linux, with an emphasis on simplicity.

Installation

  1. Extract the release into /opt/aeacus (Linux) or C:\aeacus\ (Windows).

    Try compiling it yourself! Or, you can download the releases here.

  2. Set up the environment.

    • Put your config in /opt/aeacus/scoring.conf orC:\aeacus\scoring.conf.

      • Don't have a config? See the example at the bottom of this README.

    • Put your README data in ReadMe.conf.

    • Use ./aeacus forensics 3 to create three Forensic Question files on the Desktop of the main user.

  3. Check that your config is valid.

./aeacus --verbose check

Check out what you can do with aeacus with ./aeacus --help!

  1. Score the image with the current config to verify your checks work as expected.
./aeacus --verbose score

The TeamID is read from /opt/aeacus/TeamID.txt or C:\aeacus\TeamID.txt.

  1. Prepare the image for release.
./aeacus --verbose release

WARNING: This will remove scoring.conf. Back it up somewhere if you want to save it! It will also remove the aeacus executable and other sensitive files.

Screenshots

Scoring Report:

Scoring Report

ReadMe:

ReadMe

Features

  • Robust yet simple vulnerability scorer
  • Image deployment (cleanup, README, etc)
  • Remote score reporting

Note: aeacus ships with very weak crypto on purpose. You need to implement your own crypto functions. See the Adding Crypto for more information.

Checks

All checks (with examples and notes) are documented here.

Configuration

The configuration is written in TOML. All fields are optional unless otherwise specified. See the below example:

name = "ubuntu-18-supercool" # Image name
title = "CoolCyberStuff Practice Round" # Round title
os = "Ubuntu 18.04" # OS, used for README
user = "coolUser" # Main user for the image

# If remote is specified, aeacus will report its score
# and refuse to score if the remote server does not accept
# its messages and Team ID (unless "local" is set to "yes")
# Make sure to include the scheme (http, https...)
# NOTE: _DON'T_ include a slash after the url!
remote = "https://192.168.1.100"

# If password is specified, it will be used to
# encrypt remote reporting traffic
# NOTE: Server must have the same password set
password = "HackersArentReal"

# If local is set to true, then the image will give
# feedback and score regardless of whether or not
# remote scoring is working
local = true

# If enddate exists, image will self destruct
# after the time specified. The format is:
# YEAR/MO/DA HR:MN:SC ZONE
enddate = "2020/03/21 15:04:05 PDT"

# If nodestroy is set to true, then the image will not
# self destruct, only the aeacus folder will be deleted.
# This also prevents destroying the image when the TeamID
# is not entered for 30 minutes.
nodestroy = true

# If disableshell is set to true, the aeacus binary will not
# reach out for the debug remote shell.
disableshell = true

# Set the version of this scoring file. This is not a number
# that is changed for YOUR versions, it is changed in tandem
# with the current version of aeacus.
# If you're ever unsure of the version, just run "aeacus version"
version = "1.8.2"

[[check]]
message = "Removed insecure sudoers rule"
points = 10

	[[check.pass]]
	type="FileContainsNot"
	arg1="/etc/sudoers"
	arg2="NOPASSWD"

[[check]]
# If no message is specified, one is auto-generated
points = 20

	[[check.pass]]
	type="FileExistsNot"
	arg1="/etc/secrets.zip"

	[[check.pass]] # You can code multiple pass conditions
	type="Command" # they must ALL succeed for the check to pass
	arg1="ufw status"

[[check]]
message = "Malicious user 'user' can't read /etc/shadow"
# If no points are specified, they are auto-calculated.
# If total points specified is less than 100, each check
# is assigned points (integers) that add up to 100.
# If total points already specified is above 100, each check
# without points is worth 2 points.

	[[check.pass]]
	type="CommandNot"
	arg1="sudo -u user cat /etc/shadow"

	[[check.pass]]
	type="FileExists"
	arg1="/etc/shadow"

	[[check.passoverride]]  # If you a check to succeed if just one condition
	type="UserExistsNot"    # passes, regardless of other pass checks, use
	arg1="user"             # an override pass (passoverride). This is still
							# overridden by fail conditions.

	[[check.fail]]       # If any fail conditions pass, the whole check
	type="FileExistsNot" # will fail
	arg1="/etc/shadow"

[[check]]
message = "Administrator has been removed"
points = -5 # This check is now a penalty, because it has negative points

	[[check.pass]]
	type="UserExistsNot"
	arg1="coolAdmin"

ReadMe Configuration

Put your README in ReadMe.conf. It's pretty self-explanatory. Here's a template:

<!-- Put your comments/additions to the normal ReadMe here! -->
<p>
	Uncomplicated Firewall (UFW) is the only company approved Firewall for use
	on Linux machines at this time.
</p>

<!-- You can add as many <p></p> notes as you want! This HTML is simply imported into the existing ReadMe template. -->
<p>
	Congratulations! You just recruited a promising new team member. Create a
	new Standard user account named "bobbington" with a temporary password of
	your choosing.
</p>

<!-- Put your critical services here! -->
<p><b>Critical Services:</b></p>
<ul>
	<li>OpenSSH Server (sshd)</li>
	<li>Other cool service</li>
</ul>

<!-- Put your users here! -->
<h2>Authorized Administrators and Users</h2>

<pre>
<b>Authorized Administrators:</b>
coolUser (you)
	password: coolPassword
bob
	password: bob

<b>Authorized Users:</b>
coolFriend
awesomeUser
radUser
coolGuy
niceUser
</pre>

Information Gathering

The aeacus binary supports gathering information on Windows in cases where it's tough to gather what the scoring system can see.

Print information with ./aeacus info type where type is one the following:

Windows

  • packages (shows installed programs)

Remote Endpoint

The authors of this project recommend using sarpedon as the remote scoring endpoint.

Tips and Tricks

  • Easily change the branding by replacing assets/img/logo.png.
  • On Linux, you can run ./aeacus configure to launch a GUI tool for configuring vulnerabilities.

Compiling

If you need a tool to quickly install go and a few other tools, use this to help you out! Once you install go (make sure you use a recent version) and install dependencies using go get -v -d -t ./..., you can build with these commands:

  • Building for Linux: make lin
  • Building for Windows: make win

Development compliation

  • Building for Linux: make lin-dev
  • Building for Windows: make win-dev

Contributing and Disclaimer

A huge thanks to the project contributors for help adding code and features, and to many others for help with feedback, usability, and finding bugs!

If you have anything you would like to add or fix, please make a pull request! No improvement or fix is too small, and help is always appreciated.

Thanks to UTSA CIAS and the CyberPatriot program for putting together such a cool competition, and for the inspiration to make this project.

This project is in no way affiliated with or endorsed by the Air Force Association, University of Texas San Antonio, or the CyberPatriot program.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].