Seamless deployment and management of cybersecurity solutions 🏗️

Last update: Nov 10, 2022

Overview

Description 🖼️
Installation 🥡
- Requirements 🥢
Usage and Demos 🪜
Support 🆘
Contributing 🤝

Description 🖼️

Background 👴🏼

In today's fast-paced society, most people are unaware of the potential consequences of cyberattacks on their organizations. Furthermore, they do not invest in cybersecurity solutions due to the costs of setup, licensing, and maintenance.

Vision 📜

MutableSecurity 🏗️ is a software product for making cybersecurity solution management easier and more accessible, from deployment and configuration to monitoring.

Despite the current lack of complex functionalities, we have a vision in mind that we hope to achieve in the near future. As we must begin somewhere, the first step in our progress is this command line interface for automatic management of cybersecurity solutions.

Come join the MutableSecurity journey!

Concepts 💬

MutableSecurity implements and operates on a few concepts:

Target host (or target machine): A computer where the actions will be performed. Can be the local machine or remote one.
Solution: A cybersecurity solution that needs to be set up on a target machine.
Operation: A manipulation of a solution that is installed or needs to be installed. Could vary from effective installation to testing.
Solution's lifecycle: States in which a solution exists. MutableSecurity implements a set of operations for each state.
Configuration: A set of parameters (in pairs of aspect and value) specific to the solution. Can be initial, if it is used in the deployment process, or production, if it accompanies the solution on the target host and stores its current configuration.
Logs: Logging messages generated by the solution, relevant to understand its functioning.
Stats: Metrics offered by the installed solution, relevant to measure the protection provided to the machine.

Solutions' Lifecycle. Operations ⭕

Stage	Operation	Description
Deployment	Initial Configuration Setting	Sets an aspect of the initial configuration used during the installation process.
	Install	Installs the solution in the target host.
	Test	Tests the proper functioning of the newly installed solution.
Production*	Production Configuration Retrieval	Retrieves the production configuration of the running solution
	Production Configuration Setting	Sets an aspect of the production configuration.
	Logs Retrieval	Retrieves the logs generated by the solution.
	Stats Retrieval	Retrieves the stats generated by the solution.
	Test	Tests the proper functioning of the running solution.
	Update	Updates the solution to its latest version.
Disconnection	Uninstall	Uninstalls the solution from the target host.

* All the operations listed in the production stage are optional and can be executed in any order.

Functionalities 🚀

Local or remote (via password-based SSH) deployment
One solution supported so far (and more under development)
Intuitive command line interface

Supported Cybersecurity Solutions 📦

Supported Solution	Short Description	Supported Operating Systems
	Open source network intrusion detection and prevention system	Ubuntu 20.04 LTS and 22.04 LTS
More coming soon...

Installation 🥡

The easiest way to install MutableSecurity is from PyPI. Just run pip install mutablesecurity and you'll have everything set!

Requirements 🥢

The only requirements are Python 3.9 and pip.

To avoid warnings when using pip to install Python scripts, add /home/<username>/.local/bin (where <username> identifies the current user) to your $PATH variable.

Usage and Demos 🪜

0️⃣ Get help.

Syntax

mutablesecurity --help or mutablesecurity --solution <solution> --help

Example

➜ mutablesecurity --help

              _        _     _      __                      _ _         
  /\/\  _   _| |_ __ _| |__ | | ___/ _\ ___  ___ _   _ _ __(_| |_ _   _ 
 /    \| | | | __/ _` | '_ \| |/ _ \ \ / _ \/ __| | | | '__| | __| | | |
/ /\/\ | |_| | || (_| | |_) | |  ___\ |  __| (__| |_| | |  | | |_| |_| |
\/    \/\__,_|\__\__,_|_.__/|_|\___\__/\___|\___|\__,_|_|  |_|\__|\__, |
     Seamless deployment and management of cybersecurity solutions |___/ 

Usage: mutablesecurity [OPTIONS]

Options:
  -r, --remote TEXT               Connect to remote in the
                                  [email protected]:PORT format. If ommited,
                                  the operations are executed locally.
  -s, --solution [SURICATA]       Solution to manage
  -o, --operation [GET_CONFIGURATION|GET_LOGS|GET_STATS|INSTALL|SET_CONFIGURATION|TEST|UNINSTALL|UPDATE]
                                  Operation to perform
  -a, --aspect TEXT               Configuration's aspect to modify. Available
                                  only with a value (--value)
  -v, --value TEXT                New value of the configuration's aspect.
                                  Available only with an aspect (--aspect).
  --verbose                       Increase in the logging volume
  -h, --help                      Useful information for using MutableSecurity
                                  or about a solution

➜ mutablesecurity --solution SURICATA --help

              _        _     _      __                      _ _         
  /\/\  _   _| |_ __ _| |__ | | ___/ _\ ___  ___ _   _ _ __(_| |_ _   _ 
 /    \| | | | __/ _` | '_ \| |/ _ \ \ / _ \/ __| | | | '__| | __| | | |
/ /\/\ | |_| | || (_| | |_) | |  ___\ |  __| (__| |_| | |  | | |_| |_| |
\/    \/\__,_|\__\__,_|_.__/|_|\___\__/\___|\___|\__,_|_|  |_|\__|\__, |
     Seamless deployment and management of cybersecurity solutions |___/  

Full name: Suricata Intrusion Detection and Prevention System

Description:
Suricata is the leading independent open source threat detection engine. By combining intrusion detection (IDS), intrusion prevention (IPS), network 
security monitoring (NSM) and PCAP processing, Suricata can quickly identify, stop, and assess even the most sophisticated attacks.

References:
- https://suricata.io
- https://github.com/OISF/suricata

Configuration:
┏━━━━━━━━━━━━━━━━━━━┳━━━━━━┳━━━━━━━━━━━━━━━━━━━┳━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┓
┃ Aspect            ┃ Type ┃  Possible Values  ┃ Description                          ┃
┡━━━━━━━━━━━━━━━━━━━╇━━━━━━╇━━━━━━━━━━━━━━━━━━━╇━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┩
│ interface         │ str  │         *         │ Interface on which Suricata listens  │
│ automatic_updates │ str  │ ENABLED, DISABLED │ State of the automatic daily updates │
└───────────────────┴──────┴───────────────────┴──────────────────────────────────────┘

1️⃣ Install a solution.

Syntax

mutablesecurity --solution <solution> --operation INSTALL

Example

➜ mutablesecurity --solution SURICATA --operation INSTALL  
🔐 Password for localhost: 
✅ Suricata is now installed on this machine.

Optional: To connect to a remote host via a privileged user, just add the --remote flag.

➜ mutablesecurity --remote [email protected]:22 --solution SURICATA --operation INSTALL  
🔐 Password for adm[email protected]:22:
✅ Suricata is now installed on this machine.

2️⃣ Test the solution.

Syntax

mutablesecurity --solution <solution> --operation TEST

Example

➜ mutablesecurity --solution SURICATA --operation TEST             
🔐 Password for localhost: 
✅ Suricata works as expected.

3️⃣ Get the production configuration.

Syntax

mutablesecurity --solution <solution> --operation GET_CONFIGURATION

Example

➜ mutablesecurity --solution SURICATA --operation GET_CONFIGURATION
🔐 Password for localhost: 
✅ The configuration of Suricata was retrieved.

┏━━━━━━━━━━━━━━━━━━━┳━━━━━━━━━━┓
┃ Attribute         ┃ Value    ┃
┡━━━━━━━━━━━━━━━━━━━╇━━━━━━━━━━┩
│ automatic_updates │ DISABLED │
│ interface         │ enp0s3   │
└───────────────────┴──────────┘

4️⃣ Modify the production configuration.

Syntax

mutablesecurity --solution <solution> --operation SET_CONFIGURATION --aspect <aspect> --value <value>

Example

➜ mutablesecurity --solution SURICATA --operation SET_CONFIGURATION --aspect automatic_updates --value ENABLED    
🔐 Password for localhost: 
✅ The configuration of Suricata was set.

Optional: To test the modifications, run the configuration retrieval and testing operations.

➜ mutablesecurity --solution SURICATA --operation GET_CONFIGURATION               
🔐 Password for localhost: 
✅ The configuration of Suricata was retrieved.

┏━━━━━━━━━━━━━━━━━━━┳━━━━━━━━━┓
┃ Attribute         ┃ Value   ┃
┡━━━━━━━━━━━━━━━━━━━╇━━━━━━━━━┩
│ automatic_updates │ ENABLED │
│ interface         │ enp0s3  │
└───────────────────┴─────────┘
➜ mutablesecurity --solution SURICATA --operation TEST                                             
🔐 Password for localhost: 
✅ Suricata works as expected.

5️⃣ Retrieve the solution logs.

Syntax

mutablesecurity --solution <solution> --operation GET_LOGS

Example

➜ mutablesecurity --solution SURICATA --operation GET_LOGS
🔐 Password for localhost: 
✅ The logs of Suricata were retrieved.

[...]
04/18/2022-10:55:31.134760  [**] [1:2100498:7] GPL ATTACK_RESPONSE id check returned root [**] [Classification: Potentially Bad Traffic] [Priority: 2]
{TCP} 54.192.235.64:80 -> 10.0.2.15:50690
[...]

6️⃣ Retrieve the solution statistics.

Syntax

mutablesecurity --solution <solution> --operation GET_STATS

Example

➜ mutablesecurity --solution SURICATA --operation GET_STATS
🔐 Password for localhost: 
✅ The stats of Suricata were retrieved.

┏━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┳━━━━━━━━━━━━━━━━━━━━━━━━━┓
┃ Attribute                              ┃ Value                   ┃
┡━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━╇━━━━━━━━━━━━━━━━━━━━━━━━━┩
│ Total number of alerts                 │ 5                       │
│ Total number of alerts generated today │ 5                       │
│ Uptime                                 │ 1 minute and 23 seconds │
│ Current installed version              │ 6.0.4 RELEASE           │
└────────────────────────────────────────┴─────────────────────────┘

7️⃣ Updates the solution.

Syntax

mutablesecurity --solution <solution> --operation UPDATE

Example

➜ mutablesecurity --solution SURICATA --operation UPDATE        
🔐 Password for localhost: 
✅ Suricata was updated to its latest version.

8️⃣ Uninstall the solution.

Syntax

mutablesecurity --solution <solution> --operation UNINSTALL

Example

➜ mutablesecurity --solution SURICATA --operation UNINSTALL        
🔐 Password for localhost: 
✅ Suricata is no longer installed on this machine.

Support 🆘

If you have any type of suggestion (for example, proposals for new functionalities or support for other security solutions), please open an issue or drop us a line at [email protected].

Contributing 🤝

To find out how you can contribute to this project, check out our contribution guide.

Comments

Adds support for Let's Encrypt x Certbot
Metadata

Fixed Issue: #51

Contributors: @AntociAlin

Proposed Changes

Implements the new Let's Encrypt x Certbot module for the new MutableSecurity structure.

New Functioning

Let's Encrypt x Certbot will be able to generate a certificate for a single domain. It supports only Nginx for the moment.
improvement
opened by AntociAlin 4
Update mypy requirement from ^0.982 to ^0.990
Updates the requirements on mypy to permit the latest version.

Commits

b71dc3d Remove +dev from version

719cef9 Add support for exception groups and except* (#14020)

91b6fc3 Fix crash on nested unions in recursive types (#14007)

42a4c69 Make TryStar not crash (#13991)

5fad1ac Warn on invalid *args and **kwargs with ParamSpec (#13892)

184add9 Revert sum literal integer change (#13961)

74e0dff Add hidden options to disable bytes promotion (#13952)

ec6d9d9 [mypyc] Fix ircheck if register is initialized through LoadAddress (#13944)

8ef701d Use 3.11 instead of 3.11-dev (#13945)

ec149da [mypyc] Fix glue methods with native int types (#13939)

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

package-update
opened by dependabot[bot] 1
Adds support for Vector
Metadata

Fixed Issue: #88

Contributors: @iosifache

Proposed Changes

Changes the logs API to allow Vector to automatically discover log files.

Adapts the other integrated solutions to the new logs API.

Adds support for Vector.

New Functioning

Vector can now be installed to send logs from other security solutions to a Loki instance.

Other Information

The API changes, namely to the BaseLog objects, were propagated in the docs.
improvement
opened by iosifache 1
Updates REAMDE.md and its template
Metadata

Fixed Issue: #73

Contributors: @iosifache

Proposed Changes

Updates README.md by adding multiple installation methods and removing some content

New Functioning

MutableSecurity's behavior was not changed.
improvement
opened by iosifache 1
Update mypy requirement from ^0.971 to ^0.981
Updates the requirements on mypy to permit the latest version.

Commits

c7b4714 Update version to 0.981

2bd7da2 [0.980 backport] build changes (#13688)

2b2953a [0.980 backport] Update pos-only unit tests for Python 3.10.7 (#13660) (#13665)

ada0078 Remove dev from version

efd1d38 [0.980 backport] Fix stubtest custom_typeshed_dir regression (#13656) (#13658)

70bc348 [0.980 backport] Allow unpacking from TypeVars with iterable bounds (#13425) ...

e43dbb9 Work around mypyc test failures in CI (#13593)

64add91 Another cherry-pick fix

228bd29 Fix error codes option serialization (#13523)

1f80611 Allow per-module error codes (#13502)

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

package-update
opened by dependabot[bot] 1
Adds support for ClamAV
Metadata

Fixed Issue: #54

Contributors: @AntociAlin

Proposed Changes

Implements the new ClamAV module for the new MutableSecurity structure.

Bug fixes to the already existing solutions.

Adds new categories: ANTIMALWARE and HOST_PROTECTION.

New Functioning

ClamAV is able to offer real-time protection to Ubuntu type OS.

It contains an easy to use and customizable crontab. It is used to run custom scans.

It contains a Start Scan action to run a custom scan in a given directory at will.

Every information and test can be easily seen and controlled.

improvement
opened by AntociAlin 1
Adds Poe and further configure some tools
Metadata

Fixed Issue: #42

Contributors: @iosifache

Proposed Changes

Poe integration by pyproject.yaml

New Functioning

Only the development environment was changes. No functionality was added to MutableSecurity.
improvement
opened by iosifache 1
Adds support for Fail2ban and integrates with teler
Metadata

Fixed Issue: #35

Contributors: @iosifache

Proposed Changes

Adds support for Fail2ban.

Creates an integration with the already-supported teler.

Changes the README.md generation workflow to include solutions under refactoring.

New Functioning

MutableSecurity now have Fail2ban as a supported solution. In addition, the integration from teler can be enabled by changing rhe fail2ban_integration information.
improvement
opened by iosifache 1
OpenCTI Support

Feature Description

Add support for OpenCTI, an open source Cyber Threat Intelligence platform.

Possible Solution

No response

Contact Details

No response
feature-request

opened by iosifache 1
Adds a feedback form in the CLI
Metadata

Fixed Issue: #6

Contributors: @iosifache

Proposed Changes

Adds a feedback form for testers

New Functioning

MutableSecurity will show on its first run a message and an input for email addresses. After that, is can be shown only by requesting it explicitly by providing the --feedback flag.
feature-request
opened by iosifache 1

Implements the check of Python version

Metadata

Fixed Issue: #5
Contributors: @iosifache

Proposed Changes

Check for Python version
Error message shown when the check fails

New Functioning

When running MutableSecurity in an inadequate environment (for example, Python 3.8), an error message is shown (check the snippet below) and the execution is canceled.

              _        _     _      __                      _ _         
  /\/\  _   _| |_ __ _| |__ | | ___/ _\ ___  ___ _   _ _ __(_| |_ _   _ 
 /    \| | | | __/ _` | '_ \| |/ _ \ \ / _ \/ __| | | | '__| | __| | | |
/ /\/\ | |_| | || (_| | |_) | |  ___\ |  __| (__| |_| | |  | | |_| |_| |
\/    \/\__,_|\__\__,_|_.__/|_|\___\__/\___|\___|\__,_|_|  |_|\__|\__, |
     Seamless deployment and management of cybersecurity solutions |___/ 

🛑 Please make sure that your Python version is at least 3.9 before executing MutableSecurity.

feature-request

opened by iosifache 1

Update packaging requirement from ^21.3 to >=21.3,<23.0
Updates the requirements on packaging to permit the latest version.

Release notes

Sourced from packaging's releases.

22.0

What's Changed

Fix compatible version specifier incorrectly strip trailing '0' by @kasium in pypa/packaging#493

Remove support for Python 3.6 by @abravalheri in pypa/packaging#500

Use concurrency limit in ci by @blink1073 in pypa/packaging#510

Fix issue link in changelog. by @bdice in pypa/packaging#509

chore: test with PyPy 3.8 & 3.9 by @mayeut in pypa/packaging#512

Accept locally installed prereleases by @q0w in pypa/packaging#515

Always run GHA workflows when they change by @mayeut in pypa/packaging#516

Add __hash__/__eq__ to requirements by @abravalheri in pypa/packaging#499

Upgrade to setup-python v3 and use caching for GHA by @brettcannon in pypa/packaging#521

allow pre-release versions in marker evaluation by @graingert in pypa/packaging#523

Error out from workflow on missing interpreter by @mayeut in pypa/packaging#525

chore: update pre-commit config to the latest repos' versions by @mayeut in pypa/packaging#534

chore: remove Windows PyPy 3.9 workaround on GHA by @mayeut in pypa/packaging#533

Use pipx to run nox / build in GHA workflows by @mayeut in pypa/packaging#517

Run tests with all PyPy versions locally by @mayeut in pypa/packaging#535

Adhere to PEP 685 when evaluating markers with extras by @hroncok in pypa/packaging#545

chore: update mypy and move to toml by @henryiii in pypa/packaging#547

Normalize extra comparison in markers for output by @brettcannon in pypa/packaging#549

Evaluate markers under environment with empty "extra" by @MrMino in pypa/packaging#550

Do not set extra in default_environment() by @sbidoul in pypa/packaging#554

Update extlinks strings to use a format string by @mayeut in pypa/packaging#555

Update CI test workflow to use [email protected] by @mayeut in pypa/packaging#556

CI: Update actions/* to their latest major versions by @mayeut in pypa/packaging#557

Fix a spelling mistake by @venthur in pypa/packaging#558

fix: macOS platform tags with old macOS SDK by @mayeut in pypa/packaging#513

Correctly parse ELF for musllinux on Big Endian by @uranusjr in pypa/packaging#538

A metadata module with a data class for core metadata by @brettcannon in pypa/packaging#518

Document utils.NormalizedName by @brettcannon in pypa/packaging#565

Drop LegacySpecifier and LegacyVersion by @pradyunsg in pypa/packaging#407

Move metadata, versions and specifiers API documentation to sphinx.ext.autodoc by @pradyunsg in pypa/packaging#572

Demonstrate behaviour of SpecifierSet.__iter__ by @hauntsaninja in pypa/packaging#575

Handwritten parser for parsing requirements by @hrnciar in pypa/packaging#484

Add changelog entry for removal of pyparsing dependency by @hroncok in pypa/packaging#581

Use Iterator instead of Iterable for specifier filter methods by @ichard26 in pypa/packaging#584

Better output on linter failure by @henryiii in pypa/packaging#478

Add a "cpNNN-none-any" tag by @joonis in pypa/packaging#541

Document exceptions raised by functions in utils by @MrMino in pypa/packaging#544

Refactor ELF parsing logic to standlone class by @uranusjr in pypa/packaging#553

Forbid prefix version matching on pre-release/post-release segments by @mayeut in pypa/packaging#563

Update coverage to >=5.0.0 by @mayeut in pypa/packaging#586

Normalize specifier version for prefix matching by @mayeut in pypa/packaging#561

Add python 3.11 by @mayeut in pypa/packaging#587

Fix prefix version matching by @mayeut in pypa/packaging#564

Remove duplicate namedtuple by @layday in pypa/packaging#589

Update changelog by @pradyunsg in pypa/packaging#595

Change email-related fields in Metadata to str by @brettcannon in pypa/packaging#596

Add versionchanged for 21.3 by @brettcannon in pypa/packaging#599

refactor: use flit as a backend by @henryiii in pypa/packaging#546

... (truncated)

Changelog

Sourced from packaging's changelog.

22.0 - 2022-12-07

* Explicitly declare support for Python 3.11 (:issue:`587`) * Remove support for Python 3.6 (:issue:`500`) * Remove ``LegacySpecifier`` and ``LegacyVersion`` (:issue:`407`) * Add ``__hash__`` and ``__eq__`` to ``Requirement`` (:issue:`499`) * Add a ``cpNNN-none-any`` tag (:issue:`541`) * Adhere to :pep:`685` when evaluating markers with extras (:issue:`545`) * Allow accepting locally installed prereleases with ``SpecifierSet`` (:issue:`515`) * Allow pre-release versions in marker evaluation (:issue:`523`) * Correctly parse ELF for musllinux on Big Endian (:issue:`538`) * Document ``packaging.utils.NormalizedName`` (:issue:`565`) * Document exceptions raised by functions in ``packaging.utils`` (:issue:`544`) * Fix compatible version specifier incorrectly strip trailing ``0`` (:issue:`493`) * Fix macOS platform tags with old macOS SDK (:issue:`513`) * Forbid prefix version matching on pre-release/post-release segments (:issue:`563`) * Normalize specifier version for prefix matching (:issue:`561`) * Improve documentation for ``packaging.specifiers`` and ``packaging.version``. (:issue:`572`) * ``Marker.evaluate`` will now assume evaluation environment with empty ``extra``. Evaluating markers like ``"extra == 'xyz'"`` without passing any extra in the ``environment`` will no longer raise an exception (:issue:`550`) * Remove dependency on ``pyparsing``, by replacing it with a hand-written parser. This package now has no runtime dependencies (:issue:`468`) * Update return type hint for ``Specifier.filter`` and ``SpecifierSet.filter`` to use ``Iterator`` instead of ``Iterable`` (:issue:`584`)
21.3 - 2021-11-17

Add a pp3-none-any tag (:issue:311)

Replace the blank pyparsing 3 exclusion with a 3.0.5 exclusion (:issue:481, :issue:486)

Fix a spelling mistake (:issue:479)

21.2 - 2021-10-29

* Update documentation entry for 21.1.
21.1 - 2021-10-29

Update pin to pyparsing to exclude 3.0.0.

21.0 - 2021-07-03

* PEP 656: musllinux support (:issue:`411`) * Drop support for Python 2.7, Python 3.4 and Python 3.5. * Replace distutils usage with sysconfig (:issue:`396`) </tr></table>

... (truncated)

Commits

b6e9bbc Bump for release

55bdc66 Bump version to 22.0

b997a48 Permit arbitrary whitespace around versions specifier in parenthesis

e7ce051 Fix a typo in an error message

cb09331 Enforce word boundaries in operators and names

b41326d Rename marker_expr to marker

975cd32 Permit whitespace around marker_atom

8cba45c Add ParserSyntaxError as the cause of Invalid{Requirement/Marker}

7930b73 Improve error message for bad version specifiers in Requirement

258d252 Rewrite test suite for requirements parsing

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

package-update
opened by dependabot[bot] 0
Update mypy requirement from ^0.982 to ^0.991
Updates the requirements on mypy to permit the latest version.

Commits

b7788fc Update version to remove "+dev" for releasing 0.991

6077d19 manually CP typeshed #9130

ab0ea1e Fix crash with function redefinition (#14064)

592a9ce Fix another crash with report generation on namespace packages (#14063)

1650ae0 Update --no-warn-no-return docs for empty body changes (#14065)

b9daa31 Don't ignore errors in files passed on the command line (#14060)

02fd8a5 Filter out wasm32 wheel in upload-pypi.py (#14035)

131c8d7 Fix crash on inference with recursive alias to recursive instance (#14038)

1368338 Change version to 0.991+dev in preparation for the point release

b71dc3d Remove +dev from version

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

package-update
opened by dependabot[bot] 0
Stacktrace Print on Error in Development Environments

Improvement Description

The except in the cli module catches all exception. This makes MutableSecurity more user-friendly. As a regular user, you don't want to see a messy stack trace directly into your terminal. You only want to know the reason, a thing that can be achieved with a pretty error message.

The same does not apply to development environments. If an error occurs after changing the codebase, you are interested in seeing more than a shallow reason, namely a stack trace. It helps to have a starting point in the debugging process.

Possible Solution

In the cli module, the except can check if the user is a developer (using the configuration module). If it is, then the stacktrace is printed.

Contact Details

No response
improvement good-first-issue

opened by iosifache 2
Invalid Executable Name When Running via PEX

Bug Description

The manual displays a PEX-related command (python -m __pex_executable__ [OPTIONS]) on the usage section. This should be replaced with the actual executable path.

Software Version

v0.4.0

Operating System

Linux

Contact Details

No response
bug-report good-first-issue

opened by iosifache 0
Workflows for Automatic Distribution of New Versions
Improvement Description

At the moment, the Python package is manually published to PyPi. In addition, PEX executables and Debian packages are locally built using the distribution repository and guides from documentation.

To automate this, we can create multiple GitHub workflows to:

Publish the new package to PyPi

Build PEX executables for different Python versions

Build Debian packages for different Python versions

Push the newly created Debian packages into the repository.

Possible Solution

Workflows creation

Contact Details

No response
improvement good-first-issue
opened by iosifache 0

Releases(v0.4.0)

v0.4.0(Oct 22, 2022)
Added

Adds support for Let's Encrypt x Certbot and ClamAV.

Source code(tar.gz)
Source code(zip)
mutablesecurity(18.54 MB)
mutablesecurity.deb(18.00 MB)

Owner

MutableSecurity

Seamlessly deployment and management of cybersecurity solutions

GitHub Repository https://www.mutablesecurity.io

Polkit - Local Privilege Escalation (CVE-2021-3560)

CVE-2021-3560 Polkit - Local Privilege Escalation Original discovery by kevin_backhouse from GitHub Security Lab References https://github.blog/2021-0

1 Nov 12, 2021

Security tool to test different bypass of forbidden

notForbidden Security tool to test different bypass of forbidden Usage python3 notForbidden.py URL Features Bypass with different methods (POST, OPT

6 Sep 08, 2022

Open-source keylogger write in python

Python open-source keylogger Language Python open-source keylogger using pynput module Using Install dependences in archive setup.py or install.sh in

4 Jan 15, 2022

python script for hack gmail account using brute force attack

#Creator: johnry #coded by john ry GBrute python script for hack gmail account using brute force attack Commands apt update && apt upgrade git clone h

6 Dec 09, 2022

DepFine Is a tool to find the unregistered dependency based on dependency confusion valunerablility and lead to RCE

DepFine DepFine Is a tool to find the unregistered dependency based on dependency confusion valunerablility and lead to RCE Installation: You Can inst

14 Nov 11, 2022

Advanced subdomain scanner, any domain hidden subdomains

little advanced subdomain scanner made in python, works very quick and has options to change the port u want it to connect for

5 Nov 23, 2021

CTF framework and exploit development library

pwntools - CTF toolkit Pwntools is a CTF framework and exploit development library. Written in Python, it is designed for rapid prototyping and develo

9.8k Dec 31, 2022

Bandit is a tool designed to find common security issues in Python code.

A security linter from PyCQA Free software: Apache license Documentation: https://bandit.readthedocs.io/en/latest/ Source: https://github.com/PyCQA/ba

4.8k Dec 31, 2022

Wordlist attacks on Bitwarden data.json files

BitwardenDecryptBrute This is a slightly modified version of BitwardenDecrypt. In addition to the decryption this version can do wordlist attacks for

42 Nov 09, 2022

Log4j2 intranet scan

Log4j2-intranet-scan ⚠️ 免责声明本项目仅面向合法授权的企业安全建设行为，在使用本项目进行检测时，您应确保该行为符合当地的法律法规，并且已经取得了足够的授权如您在使用本项目的过程中存在任何非法行为，您需自行承担相应后果，我们将不承担任何法律及连带责任在使用本项目前，请您务

16 Dec 19, 2022

This is a simple tool to create ZIP payloads using a provided wordlist for the symlink attack (present in some file upload vulnerabilities)

zip-symlink-payload-creator This is a simple tool to create ZIP payloads using a provided wordlist for the symlink attack (present in some file upload

6 Aug 18, 2022

Seamless deployment and management of cybersecurity solutions 🏗️

Related tags

Overview

Description 🖼️

Background 👴🏼

Vision 📜

Concepts 💬

Solutions' Lifecycle. Operations ⭕

Functionalities 🚀

Supported Cybersecurity Solutions 📦

Installation 🥡

Requirements 🥢

Usage and Demos 🪜

Support 🆘

Contributing 🤝

Comments

Metadata

Proposed Changes

New Functioning

Metadata

Proposed Changes

New Functioning

Other Information

Metadata

Proposed Changes

New Functioning

Metadata

Proposed Changes

New Functioning

Metadata

Proposed Changes

New Functioning

Metadata

Proposed Changes

New Functioning

Feature Description

Possible Solution

Contact Details

Metadata

Proposed Changes

New Functioning

Metadata

Proposed Changes

New Functioning

22.0

What's Changed

Improvement Description

Possible Solution

Contact Details

Bug Description

Software Version

Operating System

Contact Details

Improvement Description

Possible Solution

Contact Details

Releases(v0.4.0)

v0.4.0(Oct 22, 2022)

Added

Owner

MutableSecurity

Polkit - Local Privilege Escalation (CVE-2021-3560)

Security tool to test different bypass of forbidden

Open-source keylogger write in python

python script for hack gmail account using brute force attack

DepFine Is a tool to find the unregistered dependency based on dependency confusion valunerablility and lead to RCE

Advanced subdomain scanner, any domain hidden subdomains

CTF framework and exploit development library

Bandit is a tool designed to find common security issues in Python code.

Wordlist attacks on Bitwarden data.json files

Log4j2 intranet scan

This is a simple tool to create ZIP payloads using a provided wordlist for the symlink attack (present in some file upload vulnerabilities)

A tool combined with the advantages of masscan and nmap

This is a simple PoC for the newly found Polkit error names PwnKit

Jolokia Exploitation Toolkit (JET) helps exploitation of exposed jolokia endpoints.

Encrypted Python Password Manager

Monty Hall Problem simulation written in Python.

Tools Crack Fb Terbaru

GitGuardian Shield: protect your secrets with GitGuardian

Password-Manager - This app can generate ,save , find and delete passwords.