Seamless deployment and management of cybersecurity solutions πŸ—οΈ

Overview
Cover



Description πŸ–ΌοΈ

Background πŸ‘΄πŸΌ

In today's fast-paced society, most people are unaware of the potential consequences of cyberattacks on their organizations. Furthermore, they do not invest in cybersecurity solutions due to the costs of setup, licensing, and maintenance.

Vision πŸ“œ

MutableSecurity πŸ—οΈ is a software product for making cybersecurity solution management easier and more accessible, from deployment and configuration to monitoring.

Despite the current lack of complex functionalities, we have a vision in mind that we hope to achieve in the near future. As we must begin somewhere, the first step in our progress is this command line interface for automatic management of cybersecurity solutions.

Come join the MutableSecurity journey!

Concepts πŸ’¬

MutableSecurity implements and operates on a few concepts:

  • Target host (or target machine): A computer where the actions will be performed. Can be the local machine or remote one.
  • Solution: A cybersecurity solution that needs to be set up on a target machine.
  • Operation: A manipulation of a solution that is installed or needs to be installed. Could vary from effective installation to testing.
  • Solution's lifecycle: States in which a solution exists. MutableSecurity implements a set of operations for each state.
  • Configuration: A set of parameters (in pairs of aspect and value) specific to the solution. Can be initial, if it is used in the deployment process, or production, if it accompanies the solution on the target host and stores its current configuration.
  • Logs: Logging messages generated by the solution, relevant to understand its functioning.
  • Stats: Metrics offered by the installed solution, relevant to measure the protection provided to the machine.

Solutions' Lifecycle. Operations β­•

Stage Operation Description
Deployment Initial Configuration Setting Sets an aspect of the initial configuration used during the installation process.
Install Installs the solution in the target host.
Test Tests the proper functioning of the newly installed solution.
Production* Production Configuration Retrieval Retrieves the production configuration of the running solution
Production Configuration Setting Sets an aspect of the production configuration.
Logs Retrieval Retrieves the logs generated by the solution.
Stats Retrieval Retrieves the stats generated by the solution.
Test Tests the proper functioning of the running solution.
Update Updates the solution to its latest version.
Disconnection Uninstall Uninstalls the solution from the target host.

* All the operations listed in the production stage are optional and can be executed in any order.

Functionalities πŸš€

  • Local or remote (via password-based SSH) deployment
  • One solution supported so far (and more under development)
  • Intuitive command line interface

Supported Cybersecurity Solutions πŸ“¦

Supported Solution Short Description Supported Operating Systems
Open source network intrusion detection and prevention system Ubuntu 20.04 LTS and 22.04 LTS
More coming soon...

Installation πŸ₯‘

The easiest way to install MutableSecurity is from PyPI. Just run pip install mutablesecurity and you'll have everything set!

Requirements πŸ₯’

The only requirements are Python 3.9 and pip.

To avoid warnings when using pip to install Python scripts, add /home/<username>/.local/bin (where <username> identifies the current user) to your $PATH variable.

Usage and Demos πŸͺœ

0️⃣ Get help.

Syntax

mutablesecurity --help or mutablesecurity --solution <solution> --help

Example

➜ mutablesecurity --help

              _        _     _      __                      _ _         
  /\/\  _   _| |_ __ _| |__ | | ___/ _\ ___  ___ _   _ _ __(_| |_ _   _ 
 /    \| | | | __/ _` | '_ \| |/ _ \ \ / _ \/ __| | | | '__| | __| | | |
/ /\/\ | |_| | || (_| | |_) | |  ___\ |  __| (__| |_| | |  | | |_| |_| |
\/    \/\__,_|\__\__,_|_.__/|_|\___\__/\___|\___|\__,_|_|  |_|\__|\__, |
     Seamless deployment and management of cybersecurity solutions |___/ 

Usage: mutablesecurity [OPTIONS]

Options:
  -r, --remote TEXT               Connect to remote in the
                                  [email protected]:PORT format. If ommited,
                                  the operations are executed locally.
  -s, --solution [SURICATA]       Solution to manage
  -o, --operation [GET_CONFIGURATION|GET_LOGS|GET_STATS|INSTALL|SET_CONFIGURATION|TEST|UNINSTALL|UPDATE]
                                  Operation to perform
  -a, --aspect TEXT               Configuration's aspect to modify. Available
                                  only with a value (--value)
  -v, --value TEXT                New value of the configuration's aspect.
                                  Available only with an aspect (--aspect).
  --verbose                       Increase in the logging volume
  -h, --help                      Useful information for using MutableSecurity
                                  or about a solution
➜ mutablesecurity --solution SURICATA --help

              _        _     _      __                      _ _         
  /\/\  _   _| |_ __ _| |__ | | ___/ _\ ___  ___ _   _ _ __(_| |_ _   _ 
 /    \| | | | __/ _` | '_ \| |/ _ \ \ / _ \/ __| | | | '__| | __| | | |
/ /\/\ | |_| | || (_| | |_) | |  ___\ |  __| (__| |_| | |  | | |_| |_| |
\/    \/\__,_|\__\__,_|_.__/|_|\___\__/\___|\___|\__,_|_|  |_|\__|\__, |
     Seamless deployment and management of cybersecurity solutions |___/  

Full name: Suricata Intrusion Detection and Prevention System

Description:
Suricata is the leading independent open source threat detection engine. By combining intrusion detection (IDS), intrusion prevention (IPS), network 
security monitoring (NSM) and PCAP processing, Suricata can quickly identify, stop, and assess even the most sophisticated attacks.

References:
- https://suricata.io
- https://github.com/OISF/suricata

Configuration:
┏━━━━━━━━━━━━━━━━━━━┳━━━━━━┳━━━━━━━━━━━━━━━━━━━┳━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┓
┃ Aspect            ┃ Type ┃  Possible Values  ┃ Description                          ┃
┑━━━━━━━━━━━━━━━━━━━╇━━━━━━╇━━━━━━━━━━━━━━━━━━━╇━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┩
β”‚ interface         β”‚ str  β”‚         *         β”‚ Interface on which Suricata listens  β”‚
β”‚ automatic_updates β”‚ str  β”‚ ENABLED, DISABLED β”‚ State of the automatic daily updates β”‚
β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”΄β”€β”€β”€β”€β”€β”€β”΄β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”΄β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜
1️⃣ Install a solution.

Syntax

mutablesecurity --solution <solution> --operation INSTALL

Example

➜ mutablesecurity --solution SURICATA --operation INSTALL  
πŸ” Password for localhost: 
βœ… Suricata is now installed on this machine.

Optional: To connect to a remote host via a privileged user, just add the --remote flag.

➜ mutablesecurity --remote [email protected]:22 --solution SURICATA --operation INSTALL  
πŸ” Password for adm[email protected]:22:
βœ… Suricata is now installed on this machine.
2️⃣ Test the solution.

Syntax

mutablesecurity --solution <solution> --operation TEST

Example

➜ mutablesecurity --solution SURICATA --operation TEST             
πŸ” Password for localhost: 
βœ… Suricata works as expected.
3️⃣ Get the production configuration.

Syntax

mutablesecurity --solution <solution> --operation GET_CONFIGURATION

Example

➜ mutablesecurity --solution SURICATA --operation GET_CONFIGURATION
πŸ” Password for localhost: 
βœ… The configuration of Suricata was retrieved.

┏━━━━━━━━━━━━━━━━━━━┳━━━━━━━━━━┓
┃ Attribute         ┃ Value    ┃
┑━━━━━━━━━━━━━━━━━━━╇━━━━━━━━━━┩
β”‚ automatic_updates β”‚ DISABLED β”‚
β”‚ interface         β”‚ enp0s3   β”‚
β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”΄β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜
4️⃣ Modify the production configuration.

Syntax

mutablesecurity --solution <solution> --operation SET_CONFIGURATION --aspect <aspect> --value <value>

Example

➜ mutablesecurity --solution SURICATA --operation SET_CONFIGURATION --aspect automatic_updates --value ENABLED    
πŸ” Password for localhost: 
βœ… The configuration of Suricata was set.

Optional: To test the modifications, run the configuration retrieval and testing operations.

➜ mutablesecurity --solution SURICATA --operation GET_CONFIGURATION               
πŸ” Password for localhost: 
βœ… The configuration of Suricata was retrieved.

┏━━━━━━━━━━━━━━━━━━━┳━━━━━━━━━┓
┃ Attribute         ┃ Value   ┃
┑━━━━━━━━━━━━━━━━━━━╇━━━━━━━━━┩
β”‚ automatic_updates β”‚ ENABLED β”‚
β”‚ interface         β”‚ enp0s3  β”‚
β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”΄β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜
➜ mutablesecurity --solution SURICATA --operation TEST                                             
πŸ” Password for localhost: 
βœ… Suricata works as expected.
5️⃣ Retrieve the solution logs.

Syntax

mutablesecurity --solution <solution> --operation GET_LOGS

Example

➜ mutablesecurity --solution SURICATA --operation GET_LOGS
πŸ” Password for localhost: 
βœ… The logs of Suricata were retrieved.

[...]
04/18/2022-10:55:31.134760  [**] [1:2100498:7] GPL ATTACK_RESPONSE id check returned root [**] [Classification: Potentially Bad Traffic] [Priority: 2]
{TCP} 54.192.235.64:80 -> 10.0.2.15:50690
[...]
6️⃣ Retrieve the solution statistics.

Syntax

mutablesecurity --solution <solution> --operation GET_STATS

Example

➜ mutablesecurity --solution SURICATA --operation GET_STATS
πŸ” Password for localhost: 
βœ… The stats of Suricata were retrieved.

┏━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┳━━━━━━━━━━━━━━━━━━━━━━━━━┓
┃ Attribute                              ┃ Value                   ┃
┑━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━╇━━━━━━━━━━━━━━━━━━━━━━━━━┩
β”‚ Total number of alerts                 β”‚ 5                       β”‚
β”‚ Total number of alerts generated today β”‚ 5                       β”‚
β”‚ Uptime                                 β”‚ 1 minute and 23 seconds β”‚
β”‚ Current installed version              β”‚ 6.0.4 RELEASE           β”‚
β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”΄β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜
7️⃣ Updates the solution.

Syntax

mutablesecurity --solution <solution> --operation UPDATE

Example

➜ mutablesecurity --solution SURICATA --operation UPDATE        
πŸ” Password for localhost: 
βœ… Suricata was updated to its latest version.
8️⃣ Uninstall the solution.

Syntax

mutablesecurity --solution <solution> --operation UNINSTALL

Example

➜ mutablesecurity --solution SURICATA --operation UNINSTALL        
πŸ” Password for localhost: 
βœ… Suricata is no longer installed on this machine.

Support πŸ†˜

If you have any type of suggestion (for example, proposals for new functionalities or support for other security solutions), please open an issue or drop us a line at [email protected].

Contributing 🀝

To find out how you can contribute to this project, check out our contribution guide.

Comments
  • Adds support for Let's Encrypt x Certbot

    Adds support for Let's Encrypt x Certbot

    Metadata

    • Fixed Issue: #51
    • Contributors: @AntociAlin

    Proposed Changes

    • Implements the new Let's Encrypt x Certbot module for the new MutableSecurity structure.

    New Functioning

    Let's Encrypt x Certbot will be able to generate a certificate for a single domain. It supports only Nginx for the moment.

    improvement 
    opened by AntociAlin 4
  • Update mypy requirement from ^0.982 to ^0.990

    Update mypy requirement from ^0.982 to ^0.990

    Updates the requirements on mypy to permit the latest version.

    Commits

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    package-update 
    opened by dependabot[bot] 1
  • Adds support for Vector

    Adds support for Vector

    Metadata

    • Fixed Issue: #88
    • Contributors: @iosifache

    Proposed Changes

    • Changes the logs API to allow Vector to automatically discover log files.
    • Adapts the other integrated solutions to the new logs API.
    • Adds support for Vector.

    New Functioning

    Vector can now be installed to send logs from other security solutions to a Loki instance.

    Other Information

    The API changes, namely to the BaseLog objects, were propagated in the docs.

    improvement 
    opened by iosifache 1
  • Updates REAMDE.md and its template

    Updates REAMDE.md and its template

    Metadata

    • Fixed Issue: #73
    • Contributors: @iosifache

    Proposed Changes

    • Updates README.md by adding multiple installation methods and removing some content

    New Functioning

    MutableSecurity's behavior was not changed.

    improvement 
    opened by iosifache 1
  • Update mypy requirement from ^0.971 to ^0.981

    Update mypy requirement from ^0.971 to ^0.981

    Updates the requirements on mypy to permit the latest version.

    Commits

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    package-update 
    opened by dependabot[bot] 1
  • Adds support for ClamAV

    Adds support for ClamAV

    Metadata

    • Fixed Issue: #54
    • Contributors: @AntociAlin

    Proposed Changes

    • Implements the new ClamAV module for the new MutableSecurity structure.
    • Bug fixes to the already existing solutions.
    • Adds new categories: ANTIMALWARE and HOST_PROTECTION.

    New Functioning

    • ClamAV is able to offer real-time protection to Ubuntu type OS.
    • It contains an easy to use and customizable crontab. It is used to run custom scans.
    • It contains a Start Scan action to run a custom scan in a given directory at will.
    • Every information and test can be easily seen and controlled.
    improvement 
    opened by AntociAlin 1
  • Adds Poe and further configure some tools

    Adds Poe and further configure some tools

    Metadata

    • Fixed Issue: #42
    • Contributors: @iosifache

    Proposed Changes

    • Poe integration by pyproject.yaml

    New Functioning

    Only the development environment was changes. No functionality was added to MutableSecurity.

    improvement 
    opened by iosifache 1
  • Adds support for Fail2ban and integrates with teler

    Adds support for Fail2ban and integrates with teler

    Metadata

    • Fixed Issue: #35
    • Contributors: @iosifache

    Proposed Changes

    • Adds support for Fail2ban.
    • Creates an integration with the already-supported teler.
    • Changes the README.md generation workflow to include solutions under refactoring.

    New Functioning

    MutableSecurity now have Fail2ban as a supported solution. In addition, the integration from teler can be enabled by changing rhe fail2ban_integration information.

    improvement 
    opened by iosifache 1
  • OpenCTI Support

    OpenCTI Support

    Feature Description

    Add support for OpenCTI, an open source Cyber Threat Intelligence platform.

    Possible Solution

    No response

    Contact Details

    No response

    feature-request 
    opened by iosifache 1
  • Adds a feedback form in the CLI

    Adds a feedback form in the CLI

    Metadata

    • Fixed Issue: #6
    • Contributors: @iosifache

    Proposed Changes

    • Adds a feedback form for testers

    New Functioning

    MutableSecurity will show on its first run a message and an input for email addresses. After that, is can be shown only by requesting it explicitly by providing the --feedback flag.

    feature-request 
    opened by iosifache 1
  • Implements the check of Python version

    Implements the check of Python version

    Metadata

    • Fixed Issue: #5
    • Contributors: @iosifache

    Proposed Changes

    • Check for Python version
    • Error message shown when the check fails

    New Functioning

    When running MutableSecurity in an inadequate environment (for example, Python 3.8), an error message is shown (check the snippet below) and the execution is canceled.

                  _        _     _      __                      _ _         
      /\/\  _   _| |_ __ _| |__ | | ___/ _\ ___  ___ _   _ _ __(_| |_ _   _ 
     /    \| | | | __/ _` | '_ \| |/ _ \ \ / _ \/ __| | | | '__| | __| | | |
    / /\/\ | |_| | || (_| | |_) | |  ___\ |  __| (__| |_| | |  | | |_| |_| |
    \/    \/\__,_|\__\__,_|_.__/|_|\___\__/\___|\___|\__,_|_|  |_|\__|\__, |
         Seamless deployment and management of cybersecurity solutions |___/ 
    
    πŸ›‘ Please make sure that your Python version is at least 3.9 before executing MutableSecurity.
    
    feature-request 
    opened by iosifache 1
  • Update packaging requirement from ^21.3 to >=21.3,<23.0

    Update packaging requirement from ^21.3 to >=21.3,<23.0

    Updates the requirements on packaging to permit the latest version.

    Release notes

    Sourced from packaging's releases.

    22.0

    What's Changed

    ... (truncated)

    Changelog

    Sourced from packaging's changelog.

    22.0 - 2022-12-07

    
    * Explicitly declare support for Python 3.11 (:issue:`587`)
    * Remove support for Python 3.6 (:issue:`500`)
    * Remove ``LegacySpecifier`` and ``LegacyVersion`` (:issue:`407`)
    * Add ``__hash__`` and ``__eq__`` to ``Requirement`` (:issue:`499`)
    * Add a ``cpNNN-none-any`` tag (:issue:`541`)
    * Adhere to :pep:`685` when evaluating markers with extras (:issue:`545`)
    * Allow accepting locally installed prereleases with ``SpecifierSet``  (:issue:`515`)
    * Allow pre-release versions in marker evaluation (:issue:`523`)
    * Correctly parse ELF for musllinux on Big Endian (:issue:`538`)
    * Document ``packaging.utils.NormalizedName`` (:issue:`565`)
    * Document exceptions raised by functions in ``packaging.utils`` (:issue:`544`)
    * Fix compatible version specifier incorrectly strip trailing ``0`` (:issue:`493`)
    * Fix macOS platform tags with old macOS SDK (:issue:`513`)
    * Forbid prefix version matching on pre-release/post-release segments (:issue:`563`)
    * Normalize specifier version for prefix matching (:issue:`561`)
    * Improve documentation for ``packaging.specifiers`` and ``packaging.version``. (:issue:`572`)
    * ``Marker.evaluate`` will now assume evaluation environment with empty ``extra``.
      Evaluating markers like ``"extra == 'xyz'"`` without passing any extra in the
      ``environment`` will no longer raise an exception (:issue:`550`)
    * Remove dependency on ``pyparsing``, by replacing it with a hand-written parser.
      This package now has no runtime dependencies (:issue:`468`)
    * Update return type hint for ``Specifier.filter`` and ``SpecifierSet.filter``
      to use ``Iterator`` instead of ``Iterable`` (:issue:`584`)
    

    21.3 - 2021-11-17

    • Add a pp3-none-any tag (:issue:311)
    • Replace the blank pyparsing 3 exclusion with a 3.0.5 exclusion (:issue:481, :issue:486)
    • Fix a spelling mistake (:issue:479)

    21.2 - 2021-10-29

    
    * Update documentation entry for 21.1.
    

    21.1 - 2021-10-29

    • Update pin to pyparsing to exclude 3.0.0.

    21.0 - 2021-07-03

    
    * PEP 656: musllinux support (:issue:`411`)
    * Drop support for Python 2.7, Python 3.4 and Python 3.5.
    * Replace distutils usage with sysconfig (:issue:`396`)
    </tr></table> 
    

    ... (truncated)

    Commits
    • b6e9bbc Bump for release
    • 55bdc66 Bump version to 22.0
    • b997a48 Permit arbitrary whitespace around versions specifier in parenthesis
    • e7ce051 Fix a typo in an error message
    • cb09331 Enforce word boundaries in operators and names
    • b41326d Rename marker_expr to marker
    • 975cd32 Permit whitespace around marker_atom
    • 8cba45c Add ParserSyntaxError as the cause of Invalid{Requirement/Marker}
    • 7930b73 Improve error message for bad version specifiers in Requirement
    • 258d252 Rewrite test suite for requirements parsing
    • Additional commits viewable in compare view

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    package-update 
    opened by dependabot[bot] 0
  • Update mypy requirement from ^0.982 to ^0.991

    Update mypy requirement from ^0.982 to ^0.991

    Updates the requirements on mypy to permit the latest version.

    Commits
    • b7788fc Update version to remove "+dev" for releasing 0.991
    • 6077d19 manually CP typeshed #9130
    • ab0ea1e Fix crash with function redefinition (#14064)
    • 592a9ce Fix another crash with report generation on namespace packages (#14063)
    • 1650ae0 Update --no-warn-no-return docs for empty body changes (#14065)
    • b9daa31 Don't ignore errors in files passed on the command line (#14060)
    • 02fd8a5 Filter out wasm32 wheel in upload-pypi.py (#14035)
    • 131c8d7 Fix crash on inference with recursive alias to recursive instance (#14038)
    • 1368338 Change version to 0.991+dev in preparation for the point release
    • b71dc3d Remove +dev from version
    • Additional commits viewable in compare view

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    package-update 
    opened by dependabot[bot] 0
  • Stacktrace Print on Error in Development Environments

    Stacktrace Print on Error in Development Environments

    Improvement Description

    The except in the cli module catches all exception. This makes MutableSecurity more user-friendly. As a regular user, you don't want to see a messy stack trace directly into your terminal. You only want to know the reason, a thing that can be achieved with a pretty error message.

    The same does not apply to development environments. If an error occurs after changing the codebase, you are interested in seeing more than a shallow reason, namely a stack trace. It helps to have a starting point in the debugging process.

    Possible Solution

    In the cli module, the except can check if the user is a developer (using the configuration module). If it is, then the stacktrace is printed.

    Contact Details

    No response

    improvement good-first-issue 
    opened by iosifache 2
  • Invalid Executable Name When Running via PEX

    Invalid Executable Name When Running via PEX

    Bug Description

    The manual displays a PEX-related command (python -m __pex_executable__ [OPTIONS]) on the usage section. This should be replaced with the actual executable path.

    Software Version

    v0.4.0

    Operating System

    Linux

    Contact Details

    No response

    bug-report good-first-issue 
    opened by iosifache 0
  • Workflows for Automatic Distribution of New Versions

    Workflows for Automatic Distribution of New Versions

    Improvement Description

    At the moment, the Python package is manually published to PyPi. In addition, PEX executables and Debian packages are locally built using the distribution repository and guides from documentation.

    To automate this, we can create multiple GitHub workflows to:

    • Publish the new package to PyPi
    • Build PEX executables for different Python versions
    • Build Debian packages for different Python versions
    • Push the newly created Debian packages into the repository.

    Possible Solution

    • Workflows creation

    Contact Details

    No response

    improvement good-first-issue 
    opened by iosifache 0
Releases(v0.4.0)
Owner
MutableSecurity
Seamlessly deployment and management of cybersecurity solutions
MutableSecurity
A OSINT tool coded in python

Argus Welcome to Argus, a OSINT tool coded in python. Disclaimer I Am not responsible what you do with the information that is given to you by my tool

Aidan 2 Mar 20, 2022
Receive notifications/alerts on the most recent disclosed CVE's.

Receive notifications on the most recent disclosed CVE's.

Ameliorate 7 Nov 24, 2022
Python implementation of the diceware password generating algorithm.

Diceware Password Generator - Generate High Entropy Passwords Please Note - This Program Do Not Store Passwords In Any Form And All The Passwords Are

Sameera Madushan 35 Dec 25, 2022
CamOver is a camera exploitation tool that allows to disclosure network camera admin password.

CamOver is a camera exploitation tool that allows to disclosure network camera admin password. Features Exploits vulnerabilities in most popul

EntySec 247 Jan 02, 2023
An easy-to-use wrapper for NTFS-3G on macOS

ezNTFS ezNTFS is an easy-to-use wrapper for NTFS-3G on macOS. ezNTFS can be used as a menu bar app, or via the CLI in the terminal. Installation To us

Matthew Go 34 Dec 01, 2022
Open-source keylogger write in python

Python open-source keylogger Language Python open-source keylogger using pynput module Using Install dependences in archive setup.py or install.sh in

Dio brando 4 Jan 15, 2022
PrivateRoom - Make your work private by building a system using arduino which instantly kills a program when someone enters your room/cabin

privateRoom Make your work private by building a system using arduino which instantly kills a program when someone enters your room/cabin STEPS: Uploa

Divyanshu Kumar 3 Nov 08, 2022
Proof of concept of CVE-2022-21907 Double Free in http.sys driver, triggering a kernel crash on IIS servers

CVE-2022-21907 - Double Free in http.sys driver Summary An unauthenticated attacker can send an HTTP request with an "Accept-Encoding" HTTP request he

Podalirius 71 Dec 22, 2022
A decompilation of the Nintendo Switch version of Captain Toad: Treasure Tracker

cttt-decomp A decompilation of the Nintendo Switch version of Captain Toad: Trea

shibbs 14 Aug 17, 2022
Recon is a script to perform a full recon on a target with the main tools to search for vulnerabilities.

πŸ‘‘ Recon πŸ‘‘ The step of recognizing a target in both Bug Bounties and Pentest can be very time-consuming. Thinking about it, I decided to create my ow

Dirso 171 Dec 31, 2022
com_media allowed paths that are not intended for image uploads to RCE

CVE-2021-23132 com_media allowed paths that are not intended for image uploads to RCE. CVE-2020-24597 Directory traversal in com_media to RCE Two CVEs

KIEN HOANG 67 Nov 09, 2022
SCodeScanner stands for Source Code scanner where the user can scans the source code for finding the Critical Vulnerabilities.

The SCodeScanner stands for Source Code Scanner, where you can scan your source code files like PHP and get identify the vulnerabilities inside it. The tool can use by Pentester, Developer to quickly

136 Dec 13, 2022
Statistical Random Number Generator Attack Against The Kirchhoff-law-johnson-noise (Kljn) Secure Key Exchange Protocol

Statistical Random Number Generator Attack Against The Kirchhoff-law-johnson-noise (Kljn) Secure Key Exchange Protocol

zeze 1 Jan 13, 2022
A tool to find good RCE From my series: A powerful Burp extension to make bounties rain

A tool to find good RCE From my series: A powerful Burp extension to make bounties rain

52 Dec 16, 2022
Script hecho en python para sacar la informacion del numero de telefono, Hecha con el API de numverify

Script hecho en python para sacar la informacion del numero de telefono, Hecha con el API de numverify

DW Dariel 5 Dec 03, 2022
Just another script for automatize boolean-based blind SQL injections.

SQL Blind Injection Tool A script for automatize boolean-based blind SQL injections. Works with SQLite at least, supports using cookies. It uses bitwi

RIM 51 Dec 15, 2022
The best Python BackdoorπŸ‘Œ

Backdoor The best Python Backdoor Files Server file is used in all of cases If client is Windows, the client need execute EXE file If client is Linux,

13 Oct 28, 2022
BloodyAD is an Active Directory Privilege Escalation Framework

BloodyAD Framework BloodyAD is an Active Directory Privilege Escalation Framework, it can be used manually using bloodyAD.py or automatically by combi

757 Jan 07, 2023
log4j2 dos exploit,CVE-2021-45105 exploit,Denial of Service poc

说明 about author: ζˆ‘θΆ…ζ€•ηš„ blog: https://www.cnblogs.com/iAmSoScArEd/ github: https://github.com/iAmSOScArEd/ date: 2021-12-20 log4j2 dos exploit log4j2 do

3 Aug 13, 2022
Python bindings to LibreSSL library

LibreSSL bindings for Python using CFFI Python3 bindings to LibreSSL using CFFI. It aims to provide interface to the most important bits of LibreSSL o

Alexander Kiselyov 1 Aug 02, 2022