Seamless deployment and management of cybersecurity solutions ๐Ÿ—๏ธ

Overview
Cover



Description ๐Ÿ–ผ๏ธ

Background ๐Ÿ‘ด๐Ÿผ

In today's fast-paced society, most people are unaware of the potential consequences of cyberattacks on their organizations. Furthermore, they do not invest in cybersecurity solutions due to the costs of setup, licensing, and maintenance.

Vision ๐Ÿ“œ

MutableSecurity ๐Ÿ—๏ธ is a software product for making cybersecurity solution management easier and more accessible, from deployment and configuration to monitoring.

Despite the current lack of complex functionalities, we have a vision in mind that we hope to achieve in the near future. As we must begin somewhere, the first step in our progress is this command line interface for automatic management of cybersecurity solutions.

Come join the MutableSecurity journey!

Concepts ๐Ÿ’ฌ

MutableSecurity implements and operates on a few concepts:

  • Target host (or target machine): A computer where the actions will be performed. Can be the local machine or remote one.
  • Solution: A cybersecurity solution that needs to be set up on a target machine.
  • Operation: A manipulation of a solution that is installed or needs to be installed. Could vary from effective installation to testing.
  • Solution's lifecycle: States in which a solution exists. MutableSecurity implements a set of operations for each state.
  • Configuration: A set of parameters (in pairs of aspect and value) specific to the solution. Can be initial, if it is used in the deployment process, or production, if it accompanies the solution on the target host and stores its current configuration.
  • Logs: Logging messages generated by the solution, relevant to understand its functioning.
  • Stats: Metrics offered by the installed solution, relevant to measure the protection provided to the machine.

Solutions' Lifecycle. Operations โญ•

Stage Operation Description
Deployment Initial Configuration Setting Sets an aspect of the initial configuration used during the installation process.
Install Installs the solution in the target host.
Test Tests the proper functioning of the newly installed solution.
Production* Production Configuration Retrieval Retrieves the production configuration of the running solution
Production Configuration Setting Sets an aspect of the production configuration.
Logs Retrieval Retrieves the logs generated by the solution.
Stats Retrieval Retrieves the stats generated by the solution.
Test Tests the proper functioning of the running solution.
Update Updates the solution to its latest version.
Disconnection Uninstall Uninstalls the solution from the target host.

* All the operations listed in the production stage are optional and can be executed in any order.

Functionalities ๐Ÿš€

  • Local or remote (via password-based SSH) deployment
  • One solution supported so far (and more under development)
  • Intuitive command line interface

Supported Cybersecurity Solutions ๐Ÿ“ฆ

Supported Solution Short Description Supported Operating Systems
Open source network intrusion detection and prevention system Ubuntu 20.04 LTS and 22.04 LTS
More coming soon...

Installation ๐Ÿฅก

The easiest way to install MutableSecurity is from PyPI. Just run pip install mutablesecurity and you'll have everything set!

Requirements ๐Ÿฅข

The only requirements are Python 3.9 and pip.

To avoid warnings when using pip to install Python scripts, add /home/<username>/.local/bin (where <username> identifies the current user) to your $PATH variable.

Usage and Demos ๐Ÿชœ

0๏ธโƒฃ Get help.

Syntax

mutablesecurity --help or mutablesecurity --solution <solution> --help

Example

โžœ mutablesecurity --help

              _        _     _      __                      _ _         
  /\/\  _   _| |_ __ _| |__ | | ___/ _\ ___  ___ _   _ _ __(_| |_ _   _ 
 /    \| | | | __/ _` | '_ \| |/ _ \ \ / _ \/ __| | | | '__| | __| | | |
/ /\/\ | |_| | || (_| | |_) | |  ___\ |  __| (__| |_| | |  | | |_| |_| |
\/    \/\__,_|\__\__,_|_.__/|_|\___\__/\___|\___|\__,_|_|  |_|\__|\__, |
     Seamless deployment and management of cybersecurity solutions |___/ 

Usage: mutablesecurity [OPTIONS]

Options:
  -r, --remote TEXT               Connect to remote in the
                                  [email protected]:PORT format. If ommited,
                                  the operations are executed locally.
  -s, --solution [SURICATA]       Solution to manage
  -o, --operation [GET_CONFIGURATION|GET_LOGS|GET_STATS|INSTALL|SET_CONFIGURATION|TEST|UNINSTALL|UPDATE]
                                  Operation to perform
  -a, --aspect TEXT               Configuration's aspect to modify. Available
                                  only with a value (--value)
  -v, --value TEXT                New value of the configuration's aspect.
                                  Available only with an aspect (--aspect).
  --verbose                       Increase in the logging volume
  -h, --help                      Useful information for using MutableSecurity
                                  or about a solution
โžœ mutablesecurity --solution SURICATA --help

              _        _     _      __                      _ _         
  /\/\  _   _| |_ __ _| |__ | | ___/ _\ ___  ___ _   _ _ __(_| |_ _   _ 
 /    \| | | | __/ _` | '_ \| |/ _ \ \ / _ \/ __| | | | '__| | __| | | |
/ /\/\ | |_| | || (_| | |_) | |  ___\ |  __| (__| |_| | |  | | |_| |_| |
\/    \/\__,_|\__\__,_|_.__/|_|\___\__/\___|\___|\__,_|_|  |_|\__|\__, |
     Seamless deployment and management of cybersecurity solutions |___/  

Full name: Suricata Intrusion Detection and Prevention System

Description:
Suricata is the leading independent open source threat detection engine. By combining intrusion detection (IDS), intrusion prevention (IPS), network 
security monitoring (NSM) and PCAP processing, Suricata can quickly identify, stop, and assess even the most sophisticated attacks.

References:
- https://suricata.io
- https://github.com/OISF/suricata

Configuration:
โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”ณโ”โ”โ”โ”โ”โ”โ”ณโ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”ณโ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”“
โ”ƒ Aspect            โ”ƒ Type โ”ƒ  Possible Values  โ”ƒ Description                          โ”ƒ
โ”กโ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ•‡โ”โ”โ”โ”โ”โ”โ•‡โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ•‡โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”ฉ
โ”‚ interface         โ”‚ str  โ”‚         *         โ”‚ Interface on which Suricata listens  โ”‚
โ”‚ automatic_updates โ”‚ str  โ”‚ ENABLED, DISABLED โ”‚ State of the automatic daily updates โ”‚
โ””โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”ดโ”€โ”€โ”€โ”€โ”€โ”€โ”ดโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”ดโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”˜
1๏ธโƒฃ Install a solution.

Syntax

mutablesecurity --solution <solution> --operation INSTALL

Example

โžœ mutablesecurity --solution SURICATA --operation INSTALL  
๐Ÿ” Password for localhost: 
โœ… Suricata is now installed on this machine.

Optional: To connect to a remote host via a privileged user, just add the --remote flag.

โžœ mutablesecurity --remote [email protected]:22 --solution SURICATA --operation INSTALL  
๐Ÿ” Password for adm[email protected]:22:
โœ… Suricata is now installed on this machine.
2๏ธโƒฃ Test the solution.

Syntax

mutablesecurity --solution <solution> --operation TEST

Example

โžœ mutablesecurity --solution SURICATA --operation TEST             
๐Ÿ” Password for localhost: 
โœ… Suricata works as expected.
3๏ธโƒฃ Get the production configuration.

Syntax

mutablesecurity --solution <solution> --operation GET_CONFIGURATION

Example

โžœ mutablesecurity --solution SURICATA --operation GET_CONFIGURATION
๐Ÿ” Password for localhost: 
โœ… The configuration of Suricata was retrieved.

โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”ณโ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”“
โ”ƒ Attribute         โ”ƒ Value    โ”ƒ
โ”กโ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ•‡โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”ฉ
โ”‚ automatic_updates โ”‚ DISABLED โ”‚
โ”‚ interface         โ”‚ enp0s3   โ”‚
โ””โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”ดโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”˜
4๏ธโƒฃ Modify the production configuration.

Syntax

mutablesecurity --solution <solution> --operation SET_CONFIGURATION --aspect <aspect> --value <value>

Example

โžœ mutablesecurity --solution SURICATA --operation SET_CONFIGURATION --aspect automatic_updates --value ENABLED    
๐Ÿ” Password for localhost: 
โœ… The configuration of Suricata was set.

Optional: To test the modifications, run the configuration retrieval and testing operations.

โžœ mutablesecurity --solution SURICATA --operation GET_CONFIGURATION               
๐Ÿ” Password for localhost: 
โœ… The configuration of Suricata was retrieved.

โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”ณโ”โ”โ”โ”โ”โ”โ”โ”โ”โ”“
โ”ƒ Attribute         โ”ƒ Value   โ”ƒ
โ”กโ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ•‡โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”ฉ
โ”‚ automatic_updates โ”‚ ENABLED โ”‚
โ”‚ interface         โ”‚ enp0s3  โ”‚
โ””โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”ดโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”˜
โžœ mutablesecurity --solution SURICATA --operation TEST                                             
๐Ÿ” Password for localhost: 
โœ… Suricata works as expected.
5๏ธโƒฃ Retrieve the solution logs.

Syntax

mutablesecurity --solution <solution> --operation GET_LOGS

Example

โžœ mutablesecurity --solution SURICATA --operation GET_LOGS
๐Ÿ” Password for localhost: 
โœ… The logs of Suricata were retrieved.

[...]
04/18/2022-10:55:31.134760  [**] [1:2100498:7] GPL ATTACK_RESPONSE id check returned root [**] [Classification: Potentially Bad Traffic] [Priority: 2]
{TCP} 54.192.235.64:80 -> 10.0.2.15:50690
[...]
6๏ธโƒฃ Retrieve the solution statistics.

Syntax

mutablesecurity --solution <solution> --operation GET_STATS

Example

โžœ mutablesecurity --solution SURICATA --operation GET_STATS
๐Ÿ” Password for localhost: 
โœ… The stats of Suricata were retrieved.

โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”ณโ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”“
โ”ƒ Attribute                              โ”ƒ Value                   โ”ƒ
โ”กโ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ•‡โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”ฉ
โ”‚ Total number of alerts                 โ”‚ 5                       โ”‚
โ”‚ Total number of alerts generated today โ”‚ 5                       โ”‚
โ”‚ Uptime                                 โ”‚ 1 minute and 23 seconds โ”‚
โ”‚ Current installed version              โ”‚ 6.0.4 RELEASE           โ”‚
โ””โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”ดโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”˜
7๏ธโƒฃ Updates the solution.

Syntax

mutablesecurity --solution <solution> --operation UPDATE

Example

โžœ mutablesecurity --solution SURICATA --operation UPDATE        
๐Ÿ” Password for localhost: 
โœ… Suricata was updated to its latest version.
8๏ธโƒฃ Uninstall the solution.

Syntax

mutablesecurity --solution <solution> --operation UNINSTALL

Example

โžœ mutablesecurity --solution SURICATA --operation UNINSTALL        
๐Ÿ” Password for localhost: 
โœ… Suricata is no longer installed on this machine.

Support ๐Ÿ†˜

If you have any type of suggestion (for example, proposals for new functionalities or support for other security solutions), please open an issue or drop us a line at [email protected].

Contributing ๐Ÿค

To find out how you can contribute to this project, check out our contribution guide.

Comments
  • Adds support for Let's Encrypt x Certbot

    Adds support for Let's Encrypt x Certbot

    Metadata

    • Fixed Issue: #51
    • Contributors: @AntociAlin

    Proposed Changes

    • Implements the new Let's Encrypt x Certbot module for the new MutableSecurity structure.

    New Functioning

    Let's Encrypt x Certbot will be able to generate a certificate for a single domain. It supports only Nginx for the moment.

    improvement 
    opened by AntociAlin 4
  • Update mypy requirement from ^0.982 to ^0.990

    Update mypy requirement from ^0.982 to ^0.990

    Updates the requirements on mypy to permit the latest version.

    Commits

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    package-update 
    opened by dependabot[bot] 1
  • Adds support for Vector

    Adds support for Vector

    Metadata

    • Fixed Issue: #88
    • Contributors: @iosifache

    Proposed Changes

    • Changes the logs API to allow Vector to automatically discover log files.
    • Adapts the other integrated solutions to the new logs API.
    • Adds support for Vector.

    New Functioning

    Vector can now be installed to send logs from other security solutions to a Loki instance.

    Other Information

    The API changes, namely to the BaseLog objects, were propagated in the docs.

    improvement 
    opened by iosifache 1
  • Updates REAMDE.md and its template

    Updates REAMDE.md and its template

    Metadata

    • Fixed Issue: #73
    • Contributors: @iosifache

    Proposed Changes

    • Updates README.md by adding multiple installation methods and removing some content

    New Functioning

    MutableSecurity's behavior was not changed.

    improvement 
    opened by iosifache 1
  • Update mypy requirement from ^0.971 to ^0.981

    Update mypy requirement from ^0.971 to ^0.981

    Updates the requirements on mypy to permit the latest version.

    Commits

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    package-update 
    opened by dependabot[bot] 1
  • Adds support for ClamAV

    Adds support for ClamAV

    Metadata

    • Fixed Issue: #54
    • Contributors: @AntociAlin

    Proposed Changes

    • Implements the new ClamAV module for the new MutableSecurity structure.
    • Bug fixes to the already existing solutions.
    • Adds new categories: ANTIMALWARE and HOST_PROTECTION.

    New Functioning

    • ClamAV is able to offer real-time protection to Ubuntu type OS.
    • It contains an easy to use and customizable crontab. It is used to run custom scans.
    • It contains a Start Scan action to run a custom scan in a given directory at will.
    • Every information and test can be easily seen and controlled.
    improvement 
    opened by AntociAlin 1
  • Adds Poe and further configure some tools

    Adds Poe and further configure some tools

    Metadata

    • Fixed Issue: #42
    • Contributors: @iosifache

    Proposed Changes

    • Poe integration by pyproject.yaml

    New Functioning

    Only the development environment was changes. No functionality was added to MutableSecurity.

    improvement 
    opened by iosifache 1
  • Adds support for Fail2ban and integrates with teler

    Adds support for Fail2ban and integrates with teler

    Metadata

    • Fixed Issue: #35
    • Contributors: @iosifache

    Proposed Changes

    • Adds support for Fail2ban.
    • Creates an integration with the already-supported teler.
    • Changes the README.md generation workflow to include solutions under refactoring.

    New Functioning

    MutableSecurity now have Fail2ban as a supported solution. In addition, the integration from teler can be enabled by changing rhe fail2ban_integration information.

    improvement 
    opened by iosifache 1
  • OpenCTI Support

    OpenCTI Support

    Feature Description

    Add support for OpenCTI, an open source Cyber Threat Intelligence platform.

    Possible Solution

    No response

    Contact Details

    No response

    feature-request 
    opened by iosifache 1
  • Adds a feedback form in the CLI

    Adds a feedback form in the CLI

    Metadata

    • Fixed Issue: #6
    • Contributors: @iosifache

    Proposed Changes

    • Adds a feedback form for testers

    New Functioning

    MutableSecurity will show on its first run a message and an input for email addresses. After that, is can be shown only by requesting it explicitly by providing the --feedback flag.

    feature-request 
    opened by iosifache 1
  • Implements the check of Python version

    Implements the check of Python version

    Metadata

    • Fixed Issue: #5
    • Contributors: @iosifache

    Proposed Changes

    • Check for Python version
    • Error message shown when the check fails

    New Functioning

    When running MutableSecurity in an inadequate environment (for example, Python 3.8), an error message is shown (check the snippet below) and the execution is canceled.

                  _        _     _      __                      _ _         
      /\/\  _   _| |_ __ _| |__ | | ___/ _\ ___  ___ _   _ _ __(_| |_ _   _ 
     /    \| | | | __/ _` | '_ \| |/ _ \ \ / _ \/ __| | | | '__| | __| | | |
    / /\/\ | |_| | || (_| | |_) | |  ___\ |  __| (__| |_| | |  | | |_| |_| |
    \/    \/\__,_|\__\__,_|_.__/|_|\___\__/\___|\___|\__,_|_|  |_|\__|\__, |
         Seamless deployment and management of cybersecurity solutions |___/ 
    
    ๐Ÿ›‘ Please make sure that your Python version is at least 3.9 before executing MutableSecurity.
    
    feature-request 
    opened by iosifache 1
  • Update packaging requirement from ^21.3 to >=21.3,<23.0

    Update packaging requirement from ^21.3 to >=21.3,<23.0

    Updates the requirements on packaging to permit the latest version.

    Release notes

    Sourced from packaging's releases.

    22.0

    What's Changed

    ... (truncated)

    Changelog

    Sourced from packaging's changelog.

    22.0 - 2022-12-07

    
    * Explicitly declare support for Python 3.11 (:issue:`587`)
    * Remove support for Python 3.6 (:issue:`500`)
    * Remove ``LegacySpecifier`` and ``LegacyVersion`` (:issue:`407`)
    * Add ``__hash__`` and ``__eq__`` to ``Requirement`` (:issue:`499`)
    * Add a ``cpNNN-none-any`` tag (:issue:`541`)
    * Adhere to :pep:`685` when evaluating markers with extras (:issue:`545`)
    * Allow accepting locally installed prereleases with ``SpecifierSet``  (:issue:`515`)
    * Allow pre-release versions in marker evaluation (:issue:`523`)
    * Correctly parse ELF for musllinux on Big Endian (:issue:`538`)
    * Document ``packaging.utils.NormalizedName`` (:issue:`565`)
    * Document exceptions raised by functions in ``packaging.utils`` (:issue:`544`)
    * Fix compatible version specifier incorrectly strip trailing ``0`` (:issue:`493`)
    * Fix macOS platform tags with old macOS SDK (:issue:`513`)
    * Forbid prefix version matching on pre-release/post-release segments (:issue:`563`)
    * Normalize specifier version for prefix matching (:issue:`561`)
    * Improve documentation for ``packaging.specifiers`` and ``packaging.version``. (:issue:`572`)
    * ``Marker.evaluate`` will now assume evaluation environment with empty ``extra``.
      Evaluating markers like ``"extra == 'xyz'"`` without passing any extra in the
      ``environment`` will no longer raise an exception (:issue:`550`)
    * Remove dependency on ``pyparsing``, by replacing it with a hand-written parser.
      This package now has no runtime dependencies (:issue:`468`)
    * Update return type hint for ``Specifier.filter`` and ``SpecifierSet.filter``
      to use ``Iterator`` instead of ``Iterable`` (:issue:`584`)
    

    21.3 - 2021-11-17

    • Add a pp3-none-any tag (:issue:311)
    • Replace the blank pyparsing 3 exclusion with a 3.0.5 exclusion (:issue:481, :issue:486)
    • Fix a spelling mistake (:issue:479)

    21.2 - 2021-10-29

    
    * Update documentation entry for 21.1.
    

    21.1 - 2021-10-29

    • Update pin to pyparsing to exclude 3.0.0.

    21.0 - 2021-07-03

    
    * PEP 656: musllinux support (:issue:`411`)
    * Drop support for Python 2.7, Python 3.4 and Python 3.5.
    * Replace distutils usage with sysconfig (:issue:`396`)
    </tr></table> 
    

    ... (truncated)

    Commits
    • b6e9bbc Bump for release
    • 55bdc66 Bump version to 22.0
    • b997a48 Permit arbitrary whitespace around versions specifier in parenthesis
    • e7ce051 Fix a typo in an error message
    • cb09331 Enforce word boundaries in operators and names
    • b41326d Rename marker_expr to marker
    • 975cd32 Permit whitespace around marker_atom
    • 8cba45c Add ParserSyntaxError as the cause of Invalid{Requirement/Marker}
    • 7930b73 Improve error message for bad version specifiers in Requirement
    • 258d252 Rewrite test suite for requirements parsing
    • Additional commits viewable in compare view

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    package-update 
    opened by dependabot[bot] 0
  • Update mypy requirement from ^0.982 to ^0.991

    Update mypy requirement from ^0.982 to ^0.991

    Updates the requirements on mypy to permit the latest version.

    Commits
    • b7788fc Update version to remove "+dev" for releasing 0.991
    • 6077d19 manually CP typeshed #9130
    • ab0ea1e Fix crash with function redefinition (#14064)
    • 592a9ce Fix another crash with report generation on namespace packages (#14063)
    • 1650ae0 Update --no-warn-no-return docs for empty body changes (#14065)
    • b9daa31 Don't ignore errors in files passed on the command line (#14060)
    • 02fd8a5 Filter out wasm32 wheel in upload-pypi.py (#14035)
    • 131c8d7 Fix crash on inference with recursive alias to recursive instance (#14038)
    • 1368338 Change version to 0.991+dev in preparation for the point release
    • b71dc3d Remove +dev from version
    • Additional commits viewable in compare view

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    package-update 
    opened by dependabot[bot] 0
  • Stacktrace Print on Error in Development Environments

    Stacktrace Print on Error in Development Environments

    Improvement Description

    The except in the cli module catches all exception. This makes MutableSecurity more user-friendly. As a regular user, you don't want to see a messy stack trace directly into your terminal. You only want to know the reason, a thing that can be achieved with a pretty error message.

    The same does not apply to development environments. If an error occurs after changing the codebase, you are interested in seeing more than a shallow reason, namely a stack trace. It helps to have a starting point in the debugging process.

    Possible Solution

    In the cli module, the except can check if the user is a developer (using the configuration module). If it is, then the stacktrace is printed.

    Contact Details

    No response

    improvement good-first-issue 
    opened by iosifache 2
  • Invalid Executable Name When Running via PEX

    Invalid Executable Name When Running via PEX

    Bug Description

    The manual displays a PEX-related command (python -m __pex_executable__ [OPTIONS]) on the usage section. This should be replaced with the actual executable path.

    Software Version

    v0.4.0

    Operating System

    Linux

    Contact Details

    No response

    bug-report good-first-issue 
    opened by iosifache 0
  • Workflows for Automatic Distribution of New Versions

    Workflows for Automatic Distribution of New Versions

    Improvement Description

    At the moment, the Python package is manually published to PyPi. In addition, PEX executables and Debian packages are locally built using the distribution repository and guides from documentation.

    To automate this, we can create multiple GitHub workflows to:

    • Publish the new package to PyPi
    • Build PEX executables for different Python versions
    • Build Debian packages for different Python versions
    • Push the newly created Debian packages into the repository.

    Possible Solution

    • Workflows creation

    Contact Details

    No response

    improvement good-first-issue 
    opened by iosifache 0
Releases(v0.4.0)
Owner
MutableSecurity
Seamlessly deployment and management of cybersecurity solutions
MutableSecurity
Evil-stalker - A simple tool written in python, it is so simple that it is based on google dorks

evil-stalker How to run First of all, you must install the necessary libraries.

rock3d 6 Nov 16, 2022
LeLeLe: A tool to simplify the application of Lattice attacks.

LeLeLe is a very simple library (300 lines) to help you more easily implement lattice attacks, the library is inspired by Z3Py (python interfa

Mathias Hall-Andersen 4 Dec 14, 2021
domato but as a website

ROFL-FUZZER Ths is Domato, a DOM Fuzzer from Google, but hosted as an website It generates a instance of a newtab on the template given by the user ,

Swapnadeep Som 18 Nov 22, 2021
Generates password lists/dictionaries based on keywords written in python3.

dicbyru Introduction Generates password lists/dictionaries based on keywords. It uses the keywords and adds capital letters, numbers and special chara

ru55o 2 Oct 31, 2022
SPV SecurePasswordVerification

SPV SecurePasswordVerification Its is python module for doing a secure password verification without sharing the password directly. Features The passw

Merwin 1 Feb 12, 2022
A cross-platform Python module that displays **** for password input. Works on Windows, unlike getpass. Formerly called stdiomask.

PWInput A cross-platform Python module that displays **** for password input. Works on Windows, unlike getpass. Formerly called stdiomask. Installatio

Al Sweigart 26 Sep 04, 2022
This tool help you to check if your Windows machine has hidden miner.

Hidden Miner Detector This tool help you to check if your Windows machine has hidden miner. Miners track when you open antivirus software or task mana

ะะธะบะพะปะฐะน ะ‘ะพั€ั‰ั‘ะฒ 2 Oct 05, 2022
Used to build an XSS platform on the command line.

pyXSSPlatform Used to build an XSS platform on the command line. Usage: 1.generate the cert file You can use openssl like this: openssl req -new -x509

70 Jun 21, 2022
BOF-Roaster is an automated buffer overflow exploit machine which is begin written with Python 3.

BOF-Roaster is an automated buffer overflow exploit machine which is begin written with Python 3. On first release it was able to successfully break many of the most well-known buffer overflow exampl

Kaan Caglan 5 Nov 23, 2021
Safe Policy Optimization with Local Features

Safe Policy Optimization with Local Feature (SPO-LF) This is the source-code for implementing the algorithms in the paper "Safe Policy Optimization wi

Akifumi Wachi 6 Jun 05, 2022
Generate malicious files using recently published bidi-attack (CVE-2021-42574)

CVE-2021-42574 - Code generator Generate malicious files using recently published bidi-attack vulnerability, which was discovered in Unicode Specifica

js-on 7 Nov 09, 2022
Open Source Intelligence gathering tool aimed at reducing the time spent harvesting information from open sources.

The Recon-ng Framework Recon-ng content now available on Pluralsight! Recon-ng is a full-featured reconnaissance framework designed with the goal of p

2.4k Jan 07, 2023
CVE-2022-22965 : about spring core rce

CVE-2022-22965: Spring-Core-Rce EXP ็‰นๆ€ง: ๆผๆดžๆŽขๆต‹(ไธๅ†™ๅ…ฅ webshell๏ผŒ็ฎ€ๅ•ๅญ—็ฌฆไธฒ่พ“ๅ‡บ) ่‡ชๅฎšไน‰ๅ†™ๅ…ฅ webshell ๆ–‡ไปถๅ็งฐๅŠ่ทฏๅพ„ ไธไผš่ฟฝๅŠ ๅ†™ๅ…ฅๅˆฐๅŒไธ€ๆ–‡ไปถไธญ๏ผŒๆฏๆฌกๆฃ€ๆต‹ๅ†™ๅ…ฅๅˆฐไธๅŒๅ็งฐ webshell ๆ–‡ไปถ ๆ”ฏๆŒๅ†™ๅ…ฅ ๅ†ฐ่Ž webshell ไปฃ็†ๆ”ฏๆŒ๏ผŒๅฏ

ไธœๆ–นๆœ‰้ฑผๅไธบๅ’ธ 53 Nov 09, 2022
ไธ€ไธช่‡ชๅŠจๆŒ–ๆŽ˜ๆผๆดž็š„ๆก†ๆžถ๏ผŒๆ—ฅๅŽไผšๅ‘ๅฑ•ๆˆๅผบๅคง็š„ไฟกๆฏๆ”ถ้›†+ๆผๆดžๆŒ–ๆŽ˜่„šๆœฌ๏ผ

ไป‹็ป ๅทฅๅ…ทไป‹็ป ่ฟ™ๆ˜ฏไธ€ๆฌพ่‡ดๅŠ›ไบŽๅฐ†ๅ„็ฑปไผ˜็ง€่„šๆœฌ้›†ๅˆๅœจไธ€่ตท่ฐƒ็”จใ€่”ๅŠจ๏ผŒๆœ€็ปˆๅฏๅฝขๆˆ่ถ…็บงๆธ—้€่„šๆœฌ็š„ๅทฅๅ…ทใ€‚็›ฎ็š„ๆ˜ฏๆ‰ซๆๅˆฐๆ›ดๅ…จ็š„่ต„ไบงไฟกๆฏ๏ผŒๅ‘็Žฐๆ›ดๅคš็š„ๆผๆดžๅˆฉ็”จใ€‚ไฝ†ๆ˜ฏ่ฟ™ๆ˜ฏ้€š่ฟ‡็‰บ็‰ฒๆ‰ซๆ้€Ÿๅบฆๆฅๆๅ‡ๆ‰ซๆๅนฟๅบฆ็š„ใ€‚ๆ‰€ไปฅไธๅคช้€‚ๅˆ่ฆ่ฟ›่กŒ็ดงๆ€ฅไฟกๆฏๆ”ถ้›†ๅ’Œๆผๆดžๅˆฉ็”จ็š„ๆƒ…ๅ†ตใ€‚

Thinking rookie 23 Jul 05, 2022
Python Library For Ethical Hacker

Python Library For Ethical Hacker

11 Nov 03, 2022
TOOLS CRACK FACEBOOK

Installation $ pkg update && pkg upgrade $ pkg install python2 $ pkg install git $ git clone https://github.com/Mark-Zuck/zafi $ cd zafi $ pip2 instal

Romi Afrizal 50 Dec 26, 2022
CVE-2021-22005 - VMWare vCenter Server File Upload to RCE

CVE-2021-22005 - VMWare vCenter Server File Upload to RCE Analyze Usage ------------------------------------------------------------- [*] CVE-2021-220

r0cky 224 Aug 05, 2022
log4j-tools: CVE-2021-44228 poses a serious threat to a wide range of Java-based applications

log4j-tools Quick links Click to find: Inclusions of log4j2 in compiled code Calls to log4j2 in compiled code Calls to log4j2 in source code Overview

JFrog Ltd. 171 Dec 25, 2022
TCP/UDP port scanner on python, usong scapy and multiprocessin

Port Scanner TCP/UDP port scanner on python, usong scapy and multiprocessing. Usage python3 scanner.py [OPTIONS] IP_ADDRESS [{tcp|udp}[/[PORT|PORT-POR

Egor Krokhin 1 Dec 05, 2021
dos-atack-tor script de python que permite usar conexiones cebollas para atacar paginas .onion o paginas convencionales via tor.

script de python que permite usar conexiones cebollas para atacar paginas .onion o paginas convencionales via tor. tiene capacidad de ajustar la cantidad de informacion a enviar, el numero de hilos a

Desmon 2 Jun 01, 2022