Home Unlabelled Graphenex - Automated Organisation Hardening Framework

Graphenex - Automated Organisation Hardening Framework

By
Monday, June 03, 2013
Read
Add Comment

grapheneX
In computing, hardening is normally the procedure of securing a organization yesteryear reducing its surface of vulnerability, which is larger when a organization performs to a greater extent than functions; inward regulation a single-function organization is to a greater extent than secure than a multipurpose one. Reducing available ways of fix on typically includes changing default passwords, the removal of unnecessary software, unnecessary usernames or logins, too the disabling or removal of unnecessary services.

Although the electrical flow technology tries to pattern systems every bit prophylactic every bit possible, safety flaws too situations that tin atomic number 82 to vulnerabilities caused yesteryear unconscious utilization too missing configurations notwithstanding exist. The user must live on knowledgeable close the technical side of organization architecture too should live on aware of the importance of securing his/her organization from vulnerabilities similar this. Unfortunately, it's non possible to know all the details close hardening too necessary commands for every ordinary user too the hardening remains to live on a technical resultant due to the difficulty of agreement operating organization internals. Therefore at that topographic point are hardening checklists that incorporate diverse commands too rules of the specified operating organization available such every bit trimstray/linux-hardening-checklist & Windows Server Hardening Checklist on the cyberspace for providing a fix of commands amongst their sections too of course of didactics simplifying the concept for the destination user. But still, the user must know the commands too apply the hardening manually depending on the system. That's where the grapheneX just comes inward play.
The projection mention is derived from the 'graphene'. Graphene is a one-atom-thick layer of carbon atoms arranged inward a hexagonal lattice. In proportion to its thickness, it is close 100 times stronger than the strongest steel.
grapheneX projection aims to render a framework for securing the organization amongst hardening commands automatically. It's designed for the destination user every bit good every bit the Linux too Windows developers due to the interface options. (interactive shell/web interface) In improver to that, grapheneX tin live on used to secure a spider web server/application.
Hardening commands too the scopes of those commands are referred to modules too the namespaces inward the project. They be at the modules.json file afterwards installation. ($PYPATH/site-packages/graphenex/modules.json) Additionally, it's possible to add, edit or take modules too namespaces. Also, the hardening functioning tin live on automated amongst the presets that incorporate a listing of modules.
Currently, grapheneX back upwards the hardening sections below. Each of these namespaces contains to a greater extent than than i module.

  • Firewall
  • User
  • Network
  • Services
  • Kernel
  • Filesystem
  • Other


Installation
You tin install grapheneX amongst pip. Usually this is the easiest way:
pip install graphenex
Also it's possible to run the setup.py for installation every bit follows:
python setup.py install
The commands below tin live on used for testing the projection without installation:
cd grapheneX pipenv install pipenv run python -m graphenex

Dependencies

Usage

Command Line Arguments
usage: grapheneX [-h] [-v] [-w] [--open] [host:port]
positional arguments:   host:port      host too port to run the spider web interface  optional arguments:   -h, --help     present this assistance message too larn out   -v, --version  present version information   -w, --web      run the grapheneX spider web server   --open         opened upwards browser on spider web server start

Interactive Shell
Execute the grapheneX.py inward gild to showtime the interactive shell.


  • Animated gifs too screenshots added for demonstration too include the seek execution of the unversioned grapheneX. Use grapheneX or python -m graphenex ascendence for the execution.
  • grapheneX currently supports Python3.7
  • Project's unopen to functions (such every bit hardening) mightiness non piece of occupation without root access. So reckon running the grapheneX amongst sudo/administrative access.


Web Interface
Execute the grapheneX.py amongst the -w or --web declaration inward gild to showtime the spider web server.





  • The default host too port value are 0.0.0.0:8080. It tin live on changed via the host:port declaration every bit shown below.

python grapheneX.py -w 192.168.1.36:8090

  • Use --open declaration to opened upwards the browser afterwards the server start.

python grapheneX.py -w --open

CLI Commands
Command Description
back Go dorsum from namespace or module
clear Clear the terminal
exit Exit interactive shell
harden Execute the hardening command
help List available commands amongst "help" or present detailed assistance amongst "help "
info Show information close the module
list List available hardening modules
manage Add, edit or delete module
preset Show/execute the hardening module presets
search Search for modules
switch Switch betwixt modules or namespaces
use Use a hardening module
web Start the grapheneX spider web server

help
help or ? shows the commands listing above.
help [CMD] shows the detailed usage of given command.

list
Show the available modules inward a table. For example:



switch
switch ascendence tin live on used to switch to a namespace or utilization a module. It's helpful if y'all desire to run across a listing of modules inward a namespace.
switch [NAMESPACE]



  • Supports autocomplete for namespaces.

Also, using the switch ascendence similar this is possible:
switch [NAMESPACE]/[MODULE]
It's the equivalent of the use ascendence inward this situation.

use
Serves the purpose of selecting a hardening module.
use [MODULE]


  • Supports autocomplete for modules.


info
Shows information (namespace, description, OS command) close the selected module.


harden
Executes the hardening ascendence of the selected module.


preset
grapheneX has presets that incorporate exceptional modules for automating the hardening operation. Presets tin live on customized amongst the modules.json file too they tin incorporate whatever supported module. preset ascendence shows the available module presets too preset [PRESET] runs the hardening commands inward a preset.


An instance preset ascendence output is shown above. Below, a preset that contains 2 modules is selected too hardening modules executed.


preset ascendence supports autocomplete for preset names. Also, it supports an selection for scream for permission betwixt each hardening ascendence execution too thus that the user knows what he/she is doing.

  • Adding module presets

Presets are stored inward the presets chemical constituent within the modules.json file. This JSON file tin live on edited for updating the presets.
"presets": [         {             "name": "Preset_1",             "modules": [                 "namespace1/Module_Name1",                 "namespace2/Module_Name2",             ],             "target_os": "linux/win"         },         {             "name": "Preset_2",             "modules": [                 "namespace/All"             ],             "target_os": "linux/win"         }     ]
namespace/All way every hardening ascendence inward that namespace volition live on executed.

search
search [QUERY]


manage
manage ascendence allows to add, edit or take modules.

  • Adding modules amongst manage

Follow the instructions for adding a novel module. Choose the 'new' selection inward the namespace prompt for creating a novel namespace.


  • Adding modules manually

grapheneX stores the modules too namespaces inward modules.json file. It volition present upwards every bit a novel module when a novel chemical constituent is created inward this JSON file. An instance chemical constituent is given below.
"namespace": [         {             "name": "Module_Name",             "desc": "This is the module description.",             "command": "echo 'hardening command'",             "require_superuser": "True/False",             "target_os": "linux/win"         }     ]
It's recommended to add together modules from CLI or the Web interface other than editing the modules.json file.

  • Editing modules

Choose the edit selection afterwards the manage ascendence for the editing the module properties.


Or edit the modules.json manually.

  • Removing modules

Choosing the remove selection inward the manage card volition live on plenty for removing the specified module. It's besides possible to take the module from modules.json manually.


web
Starts the grapheneX spider web server amongst the optional host:port argument.
web [host:port]


back
Go dorsum from selected namespace or module.

clear
Clear terminal

exit
Exit interactive shell

Web
Most of the command line features are accessible amongst the Web interface.

Namespaces & Modules
It's tardily to switch betwixt namespaces too run across details of modules.


Hardening
Just click run nether the module properties for executing the hardening command.


Adding Modules
There's a card available inward the spider web interface for adding novel modules.


Screenshots






TODO(s)
  • Add novel modules for Linux too Windows.



Tags :

Created By Nexus · Powered by Blogger
© All Rights Reserved

Terms Of Service · Privacy Policy · Disclaimer · Contact Us · About Us