GithubHelp home page GithubHelp logo

ilcapone / net.security Goto Github PK

View Code? Open in Web Editor NEW

This project forked from r-net-tools/net.security

0.0 2.0 0.0 191.08 MB

Security R package with a set of utils to analyse the different industry standards, e.g. CVE, CWE, CPE, CAPEC etc

License: GNU Lesser General Public License v3.0

R 100.00%

net.security's Introduction

Alt text

Project Status: WIP - Initial development is in progress, but there has not yet been a stable, usable release suitable for the public. Build Status Coverage Status

Package for Data Driven Security purposes.

Install

From R console just type:
devtools::install_github(repo = "r-net-tools/net.security")

If you want to test future features, just add branch as parameter:
devtools::install_github(repo = "r-net-tools/net.security", ref = "devel")

Usage

Load package using library("net.security") then you can access directly to security standards data frames. It also includes an API server mapping data driven security functions defined in ddsecurity.R

Security Standards

CVE

Reference: http://cve.mitre.org/about/faqs.html
Raw Data:

Update dataset: UpdateDataSets(path = "data", stnd = "v")
Data Frame: View(cves)
API: /cveinfo/<cve-code>

CWE

Reference: http://cwe.mitre.org/data/index.html#documentation
Raw Data: https://cwe.mitre.org/data
Update dataset: UpdateDataSets(path = "data", stnd = "w")
Data Frame: View(cwes)
API: /cweinfo/<cwe-code>

CAPEC

Reference: https://capec.mitre.org/data/index.html
Reference: https://capec.mitre.org/data/xsd/ap_schema_v2.7.1.xsd
Raw Data: https://capec.mitre.org/data/xml/capec_v2.8.xml
Update dataset: UpdateDataSets(path = "data", stnd = "a")
Data Frame: View(capec$views) or View(capec$categories) or View(capec$attacks)
API: /capec/view/<number>
API: /capec/category/<number>
API: /capec/attack/<number>

CPE

Reference: https://nvd.nist.gov/cpe.cfm
Reference: http://nvlpubs.nist.gov/nistpubs/Legacy/IR/nistir7695.pdf
Raw Data: http://static.nvd.nist.gov/feeds/xml/cpe/dictionary/official-cpe-dictionary_v2.3.xml.gz
Update dataset: UpdateDataSets(path = "data", stnd = "p")
Data Frame: View(cpes)
API: /cpe?name="<character>"

OVAL

Reference: https://oval.cisecurity.org/
Raw Data: https://oval.cisecurity.org/repository/download/5.11.1/all/oval.xml
Update dataset: UpdateDataSets(path = "data", stnd = "o")
Data Frame: View(oval)

API

Start Server

Ensure that Rscript is in your PATH. Open system command line, go to this package and run the api.R script.

net.security$ Rscript api.R
Starting server to listen on port 8000

Examples

CVE

http://127.0.0.1:8000/cveinfo/CVE-2010-2012

Alt text

CWE

http://127.0.0.1:8000/cweinfo/CWE-200

Alt text

CPE

http://localhost:8000/cpe?name="winamp 5.6"

Alt text

CAPEC View

http://127.0.0.1:8000/capec/view/1000

Alt text

CAPEC Category

http://127.0.0.1:8000/capec/category/100

Alt text

CAPEC Attack

http://127.0.0.1:8000/capec/attack/256

Alt text

net.security's People

Contributors

humbertcostas avatar arnsangra avatar

Watchers

James Cloos avatar 4lc4p0n3 avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.