Skip to content
/ malcolm-scripts Public

Scripts that use Malcolm.fyi API to enhance its network analysis capabilities

0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

ionutrobertcojocaru/malcolm-scripts

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits
README.md
README.md
 
 
all.csv
all.csv
 
 
last_seen.py
last_seen.py
 
 
os_fingerprint.py
os_fingerprint.py
 
 
ports.py
ports.py
 
 
vuln_assessment.py
vuln_assessment.py
 
 

Repository files navigation

Scripts that I made to implement the following network analysis capabilities to Malcolm, using its API:

  1. OS Fingerprint
  2. Services Scanner
  3. Hosts Last Seen
  4. Vulnerability Assessment

OS Fingerprint

The script analyzes PCAP files and associates the most likely operating system using Satori software. The methods satori uses to perform OS fingerprint are documented here satori.

Services Scanner

Scans for listening ports of each host that receive inbound traffic within the network.

Vulnerability Assessment

The script pulls information from NetBox, builds the CPEs, and associates the relevant CVEs using the NIST API.

How to install them

  1. git clone https://github.com/xnih/satori in the installation folder
  2. Run Malcolm
  3. In Netbox create custom fields 'os' and 'last_seen' for each device.
  4. Edit the code with your parameters.
  5. Create cronjobs to run them regularly.

About

Scripts that use Malcolm.fyi API to enhance its network analysis capabilities

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages