Open Source Tool - Cybersecurity Graph Database in Neo4j

Overview

GraphKer

Open Source Tool - Cybersecurity Graph Database in Neo4j

|G|r|a|p|h|K|e|r|

{ open source tool for a cybersecurity graph database in neo4j }

With GraphKer you can have the most recent update of cyber-security vulnerabilities, weaknesses, attack patterns and platforms from MITRE and NIST, in an very useful and user friendly way provided by Neo4j graph databases!

Prerequisites

3 + 1 Steps to run GraphKer Tool

1) Download and Install Neo4j Desktop

  • Windows Users: https://neo4j.com/download/

    Create an account to get the license (totally free), download and install Neo4j Desktop.

    Useful Video: https://tinyurl.com/yjjbn8jx

  • Linux Users:

    sudo apt update
    sudo apt install apt-transport-https ca-certificates curl software-properties-common
    curl -fsSL https://debian.neo4j.com/neotechnology.gpg.key | sudo apt-key add -
    sudo add-apt-repository "deb https://debian.neo4j.com stable 4.1"
    sudo apt install neo4j
    sudo systemctl enable neo4j.service
    sudo systemctl status neo4j.service
    

    You should have output that is similar to the following:

    ● neo4j.service - Neo4j Graph Database
    Loaded: loaded (/lib/systemd/system/neo4j.service; enabled; vendor preset: enabled)
    Active: active (running) since Fri 2020-08-07 01:43:00 UTC; 6min ago
    Main PID: 21915 (java)
    Tasks: 45 (limit: 1137)
    Memory: 259.3M
    CGroup: /system.slice/neo4j.service
    . . .
    

    Useful Video: https://tinyurl.com/vvpjf3dr

2) Create and Configure the Database

  • Create Database:
    • Windows Users:

      You can create databases in whatever version you want (latest version preferable) through GUI or Neo4j Terminal.

    • Linux Users: When you start neo4j through systemctl, type cypher-shell, then create database NAME;. Now you have to set this database, as default so when you start neo4j you start automatically this database. Go to /etc/neo4j/neo4j.conf and uncomment dbms.default_database=neo4j and change it with your new database name. Restart neo4j service and you are ready.

  • Configure Database:
    • Install APOC Plugin:

      • Windows Users: In Neo4j Desktop Main Page --> Choose your Database --> Click Plugins --> APOC --> Install
      • Linux Users:
    • Configure Database Settings File:

      • Windows Users: In Neo4j Desktop Main Page --> Choose your Database --> ... (Three Dots) --> Settings --> Go to last line and set the commands below --> Apply and Restart the Database

        apoc.export.file.enabled=true
        apoc.import.file.enabled=true
        apoc.import.file.user_neo4j_config=false
        cypher.lenient_create_relationship = true
        
      • Linux Users: Same as above, in the neo4j.conf file --> check every folder path in Neo4j: https://neo4j.com/docs/operations-manual/current/configuration/file-locations/

    • Configure Memory Usage:

      In Neo4j Configuration File (neo4j.conf): For 16GB RAM you can use 8G + 4G for heap. For 8GB RAM you can use 4G + 2G etc.

      dbms.memory.heap.initial_size=4G
      dbms.memory.heap.max_size=8G
      dbms.memory.pagecache.size=4G
      

3) Install requirements.txt

  • GraphKer Uses: xmltodict, neo4j, requests, beautifulsoup4
  • pip install -r requirements.txt

4) Install Applications Created for Neo4j

  • There are several applications created especially for Neo4j that you can use for better experience and work.
    • Neo4j Bloom: Application for better graph presentations. Free and Easy to use.
    • Graphlytic: Third-Party App, better graph presentations, but most important auto-analytics and statistics. Free and Paid Editions. We can do the most locally with free edition. Learn More: https://graphlytic.biz/
    • Neo4j Database Analyzer: Third-Party App, Free, provides great analysis tools for our Data and our Schema. Learn More: https://community.neo4j.com/t/introducing-the-neo4j-database-analyzer/6197

Run GraphKer

// Default
python main.py -u BOLT_URL -n USERNAME -p PASSWORD -d IMPORT_PATH
// Run and Open Neo4j Browser
python main.py -u BOLT_URL -n USERNAME -p PASSWORD -d IMPORT_PATH -b y
// Run and Open Graphlytic App
python main.py -u BOLT_URL -n USERNAME -p PASSWORD -d IMPORT_PATH -g y
// Default Run Example in Ubuntu
sudo python3 main.py -u BOLT_URL -n USERNAME -p PASSWORD -d /var/lib/neo4j/import/

Default Bolt URL for Neo4j: bolt://localhost:7687

Default Username in Neo4j Databases: neo4j

For Neo4j Import Folder check the link above with File Locations.

Estimated RunTime: 6-15 Minutes. Depends on hardware.

At least 8GB in your hard drive.

You can access the CVE and CPE Datasets in National Vulnerability Database by NIST (https://nvd.nist.gov/vuln/data-feeds), CWE Dataset in MITRE (https://cwe.mitre.org/data/downloads.html) and CAPEC Dataset in MITRE (https://capec.mitre.org/data/downloads.html).

--Search, Export Data and Analytics, Enrich your Skills--

Created by Adamantios - Marios Berzovitis, Cybersecurity Expert MSc, BSc

Diploma Research - MSc @ Distributed Systems, Security and Emerging Information Technologies | University Of Piraeus --> https://www.cs.unipi.gr/distributed/

Co-Working with Cyber Security Research Lab | University Of Piraeus --> https://seclab.cs.unipi.gr/

Facebook: https://www.facebook.com/GraphKerTool/

LinkedIn: https://tinyurl.com/p57w4ntu

Github: https://github.com/amberzovitis

Enjoy! Provide Feedback!

Owner
Adamantios - Marios Berzovitis
Cybersecurity Expert MSc, BSc | Hacking, Gaming, Fencing
Adamantios - Marios Berzovitis
🐝 ℹ️ Honeybee extension for export to IES-VE gem file format

honeybee-ies Honeybee extension for export a HBJSON file to IES-VE GEM file format Installation pip install honeybee-ies QuickStart import pathlib fro

Ladybug Tools 4 Jul 12, 2022
HTTP Protocol Stack Remote Code Execution Vulnerability CVE-2022-21907

CVE-2022-21907 Description POC for CVE-2022-21907: HTTP Protocol Stack Remote Code Execution Vulnerability. create by antx at 2022-01-17. Detail HTTP

赛欧思网络安全研究实验室 365 Nov 30, 2022
OpenPort scanner GUI tool (CNMAP)

CNMAP-GUI- OpenPort scanner GUI tool (CNMAP) as you know it is the advanced tool to find open port, firewalls and we also added here heartbleed scanni

9 Mar 05, 2022
Log4j minecraft with python

Apache-Log4j Apache Log4j 远程代码执行 攻击者可直接构造恶意请求,触发远程代码执行漏洞。漏洞利用无需特殊配置,经阿里云安全团队验证,Apache Struts2、Apache Solr、Apache Druid、Apache Flink等均受影响 Steps 【Import

manmade 57 Oct 03, 2022
CVE-2022-23046 - SQL Injection Vulnerability on PhpIPAM v1.4.4

CVE-2022-23046 PhpIPAM v1.4.4 allows an authenticated admin user to inject SQL s

2 Feb 15, 2022
GRR Rapid Response: remote live forensics for incident response

GRR Rapid Response is an incident response framework focused on remote live forensics. Build Type Status Tests End-to-end Tests Windows Templates Linu

Google 4.3k Jan 05, 2023
adb - A tool that allows you to search for vulnerable android devices across the world and exploit them.

adb - An exploitation tool for android devices. A tool that allows you to search for vulnerable android devices across the world and exploit them. Fea

136 Jan 02, 2023
Utility for Extracting all passwords from ConnectWise Automate

CWA Password Extractor Utility for Extracting all passwords from ConnectWise Automate (E.g. while migrating to a new system). Outputs a csv file with

Matthew Kyles 1 Dec 09, 2021
Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user

About Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user Changed from sam-the-admin. Usage SAM THE ADMIN CVE-202

Evi1cg 500 Jan 06, 2023
Malware for Discord, designed to steal passwords, tokens, and inject discord folders for long-term use.

Vital What is Vital? Vital is malware primarily used to collect and extract information from the Discord desktop client. While it has other features (

HellSec 59 Dec 01, 2022
Python tool for exploiting CVE-2021-35616

OracleOTM Python tool for exploiting CVE-2021-35616 The script works in modules, which I implemented in the following order: ► Username enumeration ►

11 Dec 06, 2022
Infoga is a tool gathering email accounts informations (ip,hostname,country,...) from different public source

Infoga - Email OSINT Infoga is a tool gathering email accounts informations (ip,hostname,country,...) from different public source (search engines, pg

m4ll0k (mallok) 1.8k Jan 04, 2023
A quick script to spot the usage of Unicode Bidi (bidirectional) characters that could lead to an Invisible Backdoor

Invisible Backdoor Detector is a little Python script that allows you to spot and remove Bidi characters that could lead to an invisible backdoor. If you don't know what that is you should check the

SecSI 28 Dec 29, 2022
Exploiting CVE-2021-44228 in vCenter for remote code execution and more

Log4jCenter Exploiting CVE-2021-44228 in vCenter for remote code execution and more. Blog post detailing exploitation linked below: COMING SOON Why? P

81 Dec 20, 2022
Proof of concept of CVE-2022-21907 Double Free in http.sys driver, triggering a kernel crash on IIS servers

CVE-2022-21907 - Double Free in http.sys driver Summary An unauthenticated attacker can send an HTTP request with an "Accept-Encoding" HTTP request he

Podalirius 71 Dec 22, 2022
Privacy-respecting metasearch engine

Privacy-respecting, hackable metasearch engine / pronunciation səːks. If you are looking for running instances, ready to use, then visit searx.space.

Searx engine 12.4k Jan 08, 2023
NexScanner is a tool which allows you to scan a website and find the admin login panel and sub-domains

NexScanner NexScanner is a tool which helps you scan a website for sub-domains and also to find login pages in the website like the admin login panel

8 Sep 03, 2022
Mass Check Vulnerable Log4j CVE-2021-44228

Log4j-CVE-2021-44228 Mass Check Vulnerable Log4j CVE-2021-44228 Introduction Actually I just checked via Vulnerable Application from https://github.co

Justakazh 6 Dec 28, 2022
This repository detects a system vulnerable to CVE-2022-21907 and protects against this vulnerability if desired

This repository detects a system vulnerable to CVE-2022-21907 and protects against this vulnerability if desired

26 Dec 26, 2022
For educational purposes only. (Uzbek Edition)

DISCLAIMER 💣 Ushbu skriptdagi materiallar bilan bog'liq har qanday xatti-harakatlar faqat sizning javobgarligingizdir. Ushbu skriptdagi ma'lumotlarda

Husniddin Murodov 1 Feb 12, 2022