The Nethive Project provides a Security Information and Event Management (SIEM) insfrastructure empowered by CVSS automatic measurements.
- Machine Learning powered SQL Injection Detection
- Server-side XSS Detection based on Chrome's XSS Auditor
- Post-exploitation Detection powered by Auditbeat
- Bash Command History Tracker
- CVSS Measurement on Detected Attacks
- Realtime Log Storing powered by Elasticsearch and Logstash
- Basic System Monitoring
- Resourceful Dashboard UI
- Notify Suspicious Activity via Email
Before installing, please make sure to install the pre-requisites.
You can install Nethive from PyPi package manager using the following command:
You can install Nethive using the latest repository:
$ git clone https://github.com/chrisandoryan/Nethive-Project.git$ cd Nethive-Project/$ sudo bash install.sh$ sudo pip3 install -r requirements.txt
Please make sure all dependencies are installed if anyone of the above fails. For more detailed information, refer to the installation guide.
Fetch and start nethive-cvss docker container
$ git clone https://github.com/Falanteris/docker-nethive-cvss/$ cd docker-nethive-cvss/$ docker build -t nethive-cvss .$ ./cvss
Start Nethive and copy default configuration
$ cd Nethive-Project/$ cp .env.example .env
Activate all Nethive processing engines:
$ sudo python3 main.py.
On the menu prompt, choose  Just-Run-This-Thing, then wait for the engines to be initialized.
Start Nethive UI Server
$ cd Nethive-Project/dashboard/$ npm install && npm start
Go to http://localhost:3000/