Open Source Tool - Cybersecurity Graph Database in Neo4j

Overview

GraphKer

Open Source Tool - Cybersecurity Graph Database in Neo4j

|G|r|a|p|h|K|e|r|

{ open source tool for a cybersecurity graph database in neo4j }

With GraphKer you can have the most recent update of cyber-security vulnerabilities, weaknesses, attack patterns and platforms from MITRE and NIST, in an very useful and user friendly way provided by Neo4j graph databases!

Prerequisites

3 + 1 Steps to run GraphKer Tool

1) Download and Install Neo4j Desktop

  • Windows Users: https://neo4j.com/download/

    Create an account to get the license (totally free), download and install Neo4j Desktop.

    Useful Video: https://tinyurl.com/yjjbn8jx

  • Linux Users:

    sudo apt update
    sudo apt install apt-transport-https ca-certificates curl software-properties-common
    curl -fsSL https://debian.neo4j.com/neotechnology.gpg.key | sudo apt-key add -
    sudo add-apt-repository "deb https://debian.neo4j.com stable 4.1"
    sudo apt install neo4j
    sudo systemctl enable neo4j.service
    sudo systemctl status neo4j.service
    

    You should have output that is similar to the following:

    ● neo4j.service - Neo4j Graph Database
    Loaded: loaded (/lib/systemd/system/neo4j.service; enabled; vendor preset: enabled)
    Active: active (running) since Fri 2020-08-07 01:43:00 UTC; 6min ago
    Main PID: 21915 (java)
    Tasks: 45 (limit: 1137)
    Memory: 259.3M
    CGroup: /system.slice/neo4j.service
    . . .
    

    Useful Video: https://tinyurl.com/vvpjf3dr

2) Create and Configure the Database

  • Create Database:
    • Windows Users:

      You can create databases in whatever version you want (latest version preferable) through GUI or Neo4j Terminal.

    • Linux Users: When you start neo4j through systemctl, type cypher-shell, then create database NAME;. Now you have to set this database, as default so when you start neo4j you start automatically this database. Go to /etc/neo4j/neo4j.conf and uncomment dbms.default_database=neo4j and change it with your new database name. Restart neo4j service and you are ready.

  • Configure Database:
    • Install APOC Plugin:

      • Windows Users: In Neo4j Desktop Main Page --> Choose your Database --> Click Plugins --> APOC --> Install
      • Linux Users:
    • Configure Database Settings File:

      • Windows Users: In Neo4j Desktop Main Page --> Choose your Database --> ... (Three Dots) --> Settings --> Go to last line and set the commands below --> Apply and Restart the Database

        apoc.export.file.enabled=true
        apoc.import.file.enabled=true
        apoc.import.file.user_neo4j_config=false
        cypher.lenient_create_relationship = true
        
      • Linux Users: Same as above, in the neo4j.conf file --> check every folder path in Neo4j: https://neo4j.com/docs/operations-manual/current/configuration/file-locations/

    • Configure Memory Usage:

      In Neo4j Configuration File (neo4j.conf): For 16GB RAM you can use 8G + 4G for heap. For 8GB RAM you can use 4G + 2G etc.

      dbms.memory.heap.initial_size=4G
      dbms.memory.heap.max_size=8G
      dbms.memory.pagecache.size=4G
      

3) Install requirements.txt

  • GraphKer Uses: xmltodict, neo4j, requests, beautifulsoup4
  • pip install -r requirements.txt

4) Install Applications Created for Neo4j

  • There are several applications created especially for Neo4j that you can use for better experience and work.
    • Neo4j Bloom: Application for better graph presentations. Free and Easy to use.
    • Graphlytic: Third-Party App, better graph presentations, but most important auto-analytics and statistics. Free and Paid Editions. We can do the most locally with free edition. Learn More: https://graphlytic.biz/
    • Neo4j Database Analyzer: Third-Party App, Free, provides great analysis tools for our Data and our Schema. Learn More: https://community.neo4j.com/t/introducing-the-neo4j-database-analyzer/6197

Run GraphKer

// Default
python main.py -u BOLT_URL -n USERNAME -p PASSWORD -d IMPORT_PATH
// Run and Open Neo4j Browser
python main.py -u BOLT_URL -n USERNAME -p PASSWORD -d IMPORT_PATH -b y
// Run and Open Graphlytic App
python main.py -u BOLT_URL -n USERNAME -p PASSWORD -d IMPORT_PATH -g y
// Default Run Example in Ubuntu
sudo python3 main.py -u BOLT_URL -n USERNAME -p PASSWORD -d /var/lib/neo4j/import/

Default Bolt URL for Neo4j: bolt://localhost:7687

Default Username in Neo4j Databases: neo4j

For Neo4j Import Folder check the link above with File Locations.

Estimated RunTime: 6-15 Minutes. Depends on hardware.

At least 8GB in your hard drive.

You can access the CVE and CPE Datasets in National Vulnerability Database by NIST (https://nvd.nist.gov/vuln/data-feeds), CWE Dataset in MITRE (https://cwe.mitre.org/data/downloads.html) and CAPEC Dataset in MITRE (https://capec.mitre.org/data/downloads.html).

--Search, Export Data and Analytics, Enrich your Skills--

Created by Adamantios - Marios Berzovitis, Cybersecurity Expert MSc, BSc

Diploma Research - MSc @ Distributed Systems, Security and Emerging Information Technologies | University Of Piraeus --> https://www.cs.unipi.gr/distributed/

Co-Working with Cyber Security Research Lab | University Of Piraeus --> https://seclab.cs.unipi.gr/

Facebook: https://www.facebook.com/GraphKerTool/

LinkedIn: https://tinyurl.com/p57w4ntu

Github: https://github.com/amberzovitis

Enjoy! Provide Feedback!

You might also like...
LinOTP - the open source solution for two factor authentication

LinOTP LinOTP - the Open Source solution for multi-factor authentication Copyright © 2010-2019 KeyIdentity GmbH Coypright © 2019- arxes-tolina GmbH In

BuddyPress is an open source WordPress plugin to build a community site. In releases of BuddyPress from 5.0.0 before 7.2.1 it's possible for a non-privileged, regular user to obtain administrator rights by exploiting an issue in the REST API members endpoint. The vulnerability has been fixed in BuddyPress 7.2.1. Existing installations of the plugin should be updated to this version to mitigate the issue.
🔍 IRIS: An open-source intelligence framework

IRIS is an open-source OSINT framework, consisting of modules to find information about a target by scraping sites and fetching data from APIs.

Dependency Combobulator is an Open-Source, modular and extensible framework to detect and prevent dependency confusion leakage and potential attacks.

Dependency Combobulator Dependency Combobulator is an Open-Source, modular and extensible framework to detect and prevent dependency confusion leakage

Linus-png.github.io - Versionsverwaltung & Open Source Hausaufgabe

Let's Git - Versionsverwaltung & Open Source Hausaufgabe Herzlich Willkommen zu

Red Team Toolkit is an Open-Source Django Offensive Web-App which is keeping the useful offensive tools used in the red-teaming together.
Red Team Toolkit is an Open-Source Django Offensive Web-App which is keeping the useful offensive tools used in the red-teaming together.

RedTeam Toolkit Note: Only legal activities should be conducted with this project. Red Team Toolkit is an Open-Source Django Offensive Web-App contain

SCodeScanner stands for Source Code scanner where the user can scans the source code for finding the Critical Vulnerabilities.

The SCodeScanner stands for Source Code Scanner, where you can scan your source code files like PHP and get identify the vulnerabilities inside it. The tool can use by Pentester, Developer to quickly identify the weakness.

open detection and scanning tool for discovering and fuzzing for Log4J RCE CVE-2021-44228 vulnerability
open detection and scanning tool for discovering and fuzzing for Log4J RCE CVE-2021-44228 vulnerability

CVE-2021-44228-log4jVulnScanner-metasploit open detection and scanning tool for discovering and fuzzing for Log4J RCE CVE-2021-44228 vulnerability pre

ORector - A Fast Python tool designed to detect open redirects vulnerabilities on websites
ORector - A Fast Python tool designed to detect open redirects vulnerabilities on websites

ORector is a Fast Python tool designed to detect open redirects vulnerabilities

Owner
Adamantios - Marios Berzovitis
Cybersecurity Expert MSc, BSc | Hacking, Gaming, Fencing
Adamantios - Marios Berzovitis
MITMSDR for INDIAN ARMY cybersecurity hackthon

There mainly three things here: MITMSDR spectrum Manual reverse shell MITMSDR Installation Clone the project and run the setup file: ./setup One of th

null 2 Jul 26, 2022
OSINT Cybersecurity Tools

OSINT Cybersecurity Tools Welcome to the World of OSINT: An ongoing collection of awesome tools and frameworks, best security software practices, libr

Paul Veillard, P. Eng 7 Jul 1, 2022
Seamless deployment and management of cybersecurity solutions 🏗️

Description ??️ Background ???? Vision ?? Concepts ?? Solutions' Lifecycle. Operations ⭕ Functionalities ?? Supported Cybersecurity Solutions ?? Insta

MutableSecurity 36 Nov 10, 2022
Uses Sharphound, Bloodhound and Neo4j to produce an actionable list of attack paths for targeted remediation.

GoodHound ______ ____ __ __ / ____/___ ____ ____/ / / / /___ __ ______ ____/ / / / __/ __ \/ __ \/ __

idna 352 Jan 2, 2023
Open Source Intelligence gathering tool aimed at reducing the time spent harvesting information from open sources.

The Recon-ng Framework Recon-ng content now available on Pluralsight! Recon-ng is a full-featured reconnaissance framework designed with the goal of p

null 2.4k Jan 7, 2023
Scout Suite - an open source multi-cloud security-auditing tool,

Description Scout Suite is an open source multi-cloud security-auditing tool, which enables security posture assessment of cloud environments. Using t

NCC Group Plc 5k Jan 5, 2023
Automatic SQL injection and database takeover tool

sqlmap sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of

sqlmapproject 25.7k Jan 8, 2023
Open source vulnerability DB and triage service.

OSV - Open Source Vulnerabilities OSV is a vulnerability database and triage infrastructure for open source projects aimed at helping both open source

Google 893 Jan 4, 2023
An open-source post-exploitation framework for students, researchers and developers.

Questions? Join the Discord support server Disclaimer: This project should be used for authorized testing or educational purposes only. BYOB is an ope

dvm 8.1k Dec 31, 2022