Open Source Tool - Cybersecurity Graph Database in Neo4j

Overview

GraphKer

Open Source Tool - Cybersecurity Graph Database in Neo4j

|G|r|a|p|h|K|e|r|

{ open source tool for a cybersecurity graph database in neo4j }

With GraphKer you can have the most recent update of cyber-security vulnerabilities, weaknesses, attack patterns and platforms from MITRE and NIST, in an very useful and user friendly way provided by Neo4j graph databases!

Prerequisites

3 + 1 Steps to run GraphKer Tool

1) Download and Install Neo4j Desktop

  • Windows Users: https://neo4j.com/download/

    Create an account to get the license (totally free), download and install Neo4j Desktop.

    Useful Video: https://tinyurl.com/yjjbn8jx

  • Linux Users:

    sudo apt update
    sudo apt install apt-transport-https ca-certificates curl software-properties-common
    curl -fsSL https://debian.neo4j.com/neotechnology.gpg.key | sudo apt-key add -
    sudo add-apt-repository "deb https://debian.neo4j.com stable 4.1"
    sudo apt install neo4j
    sudo systemctl enable neo4j.service
    sudo systemctl status neo4j.service
    

    You should have output that is similar to the following:

    ● neo4j.service - Neo4j Graph Database
    Loaded: loaded (/lib/systemd/system/neo4j.service; enabled; vendor preset: enabled)
    Active: active (running) since Fri 2020-08-07 01:43:00 UTC; 6min ago
    Main PID: 21915 (java)
    Tasks: 45 (limit: 1137)
    Memory: 259.3M
    CGroup: /system.slice/neo4j.service
    . . .
    

    Useful Video: https://tinyurl.com/vvpjf3dr

2) Create and Configure the Database

  • Create Database:
    • Windows Users:

      You can create databases in whatever version you want (latest version preferable) through GUI or Neo4j Terminal.

    • Linux Users: When you start neo4j through systemctl, type cypher-shell, then create database NAME;. Now you have to set this database, as default so when you start neo4j you start automatically this database. Go to /etc/neo4j/neo4j.conf and uncomment dbms.default_database=neo4j and change it with your new database name. Restart neo4j service and you are ready.

  • Configure Database:
    • Install APOC Plugin:

      • Windows Users: In Neo4j Desktop Main Page --> Choose your Database --> Click Plugins --> APOC --> Install
      • Linux Users:
    • Configure Database Settings File:

      • Windows Users: In Neo4j Desktop Main Page --> Choose your Database --> ... (Three Dots) --> Settings --> Go to last line and set the commands below --> Apply and Restart the Database

        apoc.export.file.enabled=true
        apoc.import.file.enabled=true
        apoc.import.file.user_neo4j_config=false
        cypher.lenient_create_relationship = true
        
      • Linux Users: Same as above, in the neo4j.conf file --> check every folder path in Neo4j: https://neo4j.com/docs/operations-manual/current/configuration/file-locations/

    • Configure Memory Usage:

      In Neo4j Configuration File (neo4j.conf): For 16GB RAM you can use 8G + 4G for heap. For 8GB RAM you can use 4G + 2G etc.

      dbms.memory.heap.initial_size=4G
      dbms.memory.heap.max_size=8G
      dbms.memory.pagecache.size=4G
      

3) Install requirements.txt

  • GraphKer Uses: xmltodict, neo4j, requests, beautifulsoup4
  • pip install -r requirements.txt

4) Install Applications Created for Neo4j

  • There are several applications created especially for Neo4j that you can use for better experience and work.
    • Neo4j Bloom: Application for better graph presentations. Free and Easy to use.
    • Graphlytic: Third-Party App, better graph presentations, but most important auto-analytics and statistics. Free and Paid Editions. We can do the most locally with free edition. Learn More: https://graphlytic.biz/
    • Neo4j Database Analyzer: Third-Party App, Free, provides great analysis tools for our Data and our Schema. Learn More: https://community.neo4j.com/t/introducing-the-neo4j-database-analyzer/6197

Run GraphKer

// Default
python main.py -u BOLT_URL -n USERNAME -p PASSWORD -d IMPORT_PATH
// Run and Open Neo4j Browser
python main.py -u BOLT_URL -n USERNAME -p PASSWORD -d IMPORT_PATH -b y
// Run and Open Graphlytic App
python main.py -u BOLT_URL -n USERNAME -p PASSWORD -d IMPORT_PATH -g y
// Default Run Example in Ubuntu
sudo python3 main.py -u BOLT_URL -n USERNAME -p PASSWORD -d /var/lib/neo4j/import/

Default Bolt URL for Neo4j: bolt://localhost:7687

Default Username in Neo4j Databases: neo4j

For Neo4j Import Folder check the link above with File Locations.

Estimated RunTime: 6-15 Minutes. Depends on hardware.

At least 8GB in your hard drive.

You can access the CVE and CPE Datasets in National Vulnerability Database by NIST (https://nvd.nist.gov/vuln/data-feeds), CWE Dataset in MITRE (https://cwe.mitre.org/data/downloads.html) and CAPEC Dataset in MITRE (https://capec.mitre.org/data/downloads.html).

--Search, Export Data and Analytics, Enrich your Skills--

Created by Adamantios - Marios Berzovitis, Cybersecurity Expert MSc, BSc

Diploma Research - MSc @ Distributed Systems, Security and Emerging Information Technologies | University Of Piraeus --> https://www.cs.unipi.gr/distributed/

Co-Working with Cyber Security Research Lab | University Of Piraeus --> https://seclab.cs.unipi.gr/

Facebook: https://www.facebook.com/GraphKerTool/

LinkedIn: https://tinyurl.com/p57w4ntu

Github: https://github.com/amberzovitis

Enjoy! Provide Feedback!

Owner
Adamantios - Marios Berzovitis
Cybersecurity Expert MSc, BSc | Hacking, Gaming, Fencing
Adamantios - Marios Berzovitis
Oh365UserFinder is used for identifying valid o365 accounts without the risk of account lockouts.

Oh365 User Finder Oh365UserFinder is used for identifying valid o365 accounts without the risk of account lockouts. The tool parses responses to ident

Joe Helle 414 Jan 02, 2023
Generates password lists/dictionaries based on keywords written in python3.

dicbyru Introduction Generates password lists/dictionaries based on keywords. It uses the keywords and adds capital letters, numbers and special chara

ru55o 2 Oct 31, 2022
IDAPatternSearch adds a capability of finding functions according to bit-patterns into the well-known IDA Pro disassembler based on Ghidra’s function patterns format.

IDA Pattern Search by Argus Cyber Security Ltd. The IDA Pattern Search plugin adds a capability of finding functions according to bit-patterns into th

David Lazar 48 Dec 29, 2022
Pgen is the best brute force password generator and it is improved from the cupp.py

pgen Pgen is the best brute force password generator and it is improved from the cupp.py The pgen tool is dedicated to Leonardo da Vinci -Time stays l

heyheykids 2 Jan 31, 2022
OpenPort scanner GUI tool (CNMAP)

CNMAP-GUI- OpenPort scanner GUI tool (CNMAP) as you know it is the advanced tool to find open port, firewalls and we also added here heartbleed scanni

9 Mar 05, 2022
Scans for Log4j versions effected by CVE-2021-44228

check_mkExtension to check for log4j2 CVE-2021-44228 This Plugin wraps around logpresso/CVE-2021-44228-Scanner (Apache License 2.0) How it works Run i

inett GmbH 4 Jun 30, 2022
proxyshell payload generate

Py Permutative Encoding https://docs.microsoft.com/en-us/openspecs/office_file_formats/ms-pst/5faf4800-645d-49d1-9457-2ac40eb467bd Generate proxyshell

Evi1cg 63 Nov 15, 2022
Natas teaches the basics of serverside web-security.

over-the-wire-natas Natas teaches the basics of serverside web-security. Each level of natas consists of its own website located at http://natasX.nata

Siddhant Chouhan 1 Nov 27, 2021
Sentinel-1 SAR time series analysis for OSINT use

SARveillance Sentinel-1 SAR time series analysis for OSINT use. Description Generates a time lapse GIF of the Sentinel-1 satellite images for the loca

21 Dec 09, 2022
Detection And Breaking With Python

Detection And Breaking IIIIIIIIIIIIIIIIIIII PPPPPPPPPPPPPPPPP VVVVVVVV VVVVVVVV I::::::::II::::::::I P:::::::

Baris Dincer 1 Dec 26, 2021
It's a simple tool for test vulnerability Apache Path Traversal

SimplesApachePathTraversal Simples Apache Path Traversal It's a simple tool for test vulnerability Apache Path Traversal https://blog.mrcl0wn.com/2021

Mr. Cl0wn - H4ck1ng C0d3r 56 Dec 27, 2022
A CTF2.5/MMF2 Decompiler

CondaDEV A CTF2.5/MMF2 Decompiler What is CondaDEV? CondaDEV (anaCondaDEVeloper) is a fork of Anaconda Mode 4.1, with a lot of Quality of Life patches

ClickNinYT 4 Mar 07, 2022
automatically crawl every URL and find cross site scripting (XSS)

scancss Fastest tool to find XSS. scancss is a fastest tool to detect Cross Site scripting (XSS) automatically and it's also an intelligent payload ge

Md. Nur habib 30 Sep 24, 2022
💣 Bomb Crypto Bot 💣

💣 Bomb Crypto Bot 💣 ⚠️ Warning I am not responsible for any penalties incurred by those who use the bot, use it at your own risk. 📄 Documentation -

Matheus Benites 4 Apr 27, 2022
Downloads SEP, Baseband and BuildManifest automatically for signed iOS version's for connected iDevice

FutureHelper Supports macOS and Windows Downloads SEP, Baseband and BuildManifest automatically for signed iOS version's (including beta firmwares) fo

Kasim Hussain 7 Jan 05, 2023
Tools to make working the Arch Linux Security Tracker easier

This is a collection of Python scripts to make working with the Arch Linux Security Tracker easier.

Jonas Witschel 6 Jul 13, 2022
Driver Buddy Reloaded is an IDA Pro Python plugin that helps automate some tedious Windows Kernel Drivers reverse engineering tasks.

Driver Buddy Reloaded Quickstart Table of Contents Installation Usage About Driver Buddy Reloaded Finding DispatchDeviceControl Labelling WDM & WDF St

Paolo 'VoidSec' Stagno 199 Jan 04, 2023
Microsoft Exchange Server SSRF漏洞(CVE-2021-26855)

Microsoft_Exchange_Server_SSRF_CVE-2021-26855 zoomeye dork:app:"Microsoft Exchange Server" 使用Seebug工具箱及pocsuite3编写的脚本Microsoft_Exchange_Server_SSRF_CV

conjojo 37 Nov 12, 2022
Fast and customizable vulnerability scanner For JIRA written in Python

Fast and customizable vulnerability scanner For JIRA. 🤔 What is this? Jira-Lens 🔍 is a Python Based vulnerability Scanner for JIRA. Jira is a propri

Mayank Pandey 185 Dec 25, 2022
Tool to scan for RouterOS (Mikrotik) forensic artifacts and vulnerabilities.

RouterOS Scanner Forensics tool for Mikrotik devices. Search for suspicious properties and weak security points that need to be fixed on the router. T

Microsoft 823 Dec 21, 2022