Skip to content
/ cybok-cli Public
forked from bakirtzisg/cybok-cli

A vulnerability assessment tool for system models

License

BSD-3-Clause license
0 stars 2 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

ABakirtzis/cybok-cli

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
.github
.github
 
 
cybok
cybok
 
 
data
data
 
 
models
models
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.org
README.org
 
 
requirements.txt
requirements.txt
 
 
setup.py
setup.py
 
 

Repository files navigation

CYBOK. A vulnerability assessment tool for model-based systems engineering.

Getting started

CYBOK has been tested with Python 3.6.4 on macOS and Windows 10. You will need to use Python 3.6.4 or above because the code makes use of the NamedTuple class.

Python

For macOS we recommend installing python3 using homebrew.

brew install python3

For Windows we recommend installing python3 using Chocolatey.

chocho install python3

(Note: Chocolatey installs python3 as python. This means that pip3 now maps to pip. To run cybok use python cybok.py [options] instead of making the file executable as with GNU/Linux and macOS.)

Graphviz

To visualize graphs you will need to install graphviz.

For macOS:

brew install graphviz

For Windows:

choco install graphviz --version 2.38

CYBOK

To setup CYBOK download this repo in your desired local folder.

git clone https://github.com/bakirtzisg/cybok-cli.git

Install all python library requirements from requirements.txt.

pip3 install -r requirements.txt

Before using CYBOK you will need run the update command.

$ python3 cybok --update

This downloads the latest CAPEC, CWE, and CVE feeds and creates the search index.

🎉 🎉 🎉 🎉 🎉

Quickstart

$ python3 cybok --help
$ python3 cybok --search gps
$ python3 cybok --input "./models/simple_system.graphml"
$ python3 cybok --visualize --input "./models/simple_system.graphml"
$ python3 cybok --visualize --input "./models/simple_system.graphml" --target "MCU"
$ python3 cybok --visualize --input "./models/fcs.graphml" --target "Primary Application Processor"
$ python3 cybok --input "./models/fcs.graphml" --output "fcs"

Implemented CLI Functionality

ArgumentTypeInputDescription
-h --helpN/AN/Ashows all available arguments
-u --updateN/AN/Aupdates all available database data and creates search index
-s --searchstrsearch stringtakes a string and matches to available database entries
-i --inputstrmodel definition in GraphML formtakes a .graphml file and produces a vulnerability report
-v --visualizeN/AN/Acreates visualizations for the attack surface and if given a target the exploit chains associated with it
-t --targetstrvertex name in the system GraphML filefinds all possible exploit chains from any element in the attack surface to that vertex
-o --outputstrfilename or filepathexport all evidence from -s or -i to .graphml or .csv files

Authors

Georgios Bakirtzis (bakirtzis@virginia.edu) bakirtzis.net

About

A vulnerability assessment tool for system models

Resources

Readme

License

BSD-3-Clause license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

1 tags

Packages

No packages published

Languages

  • Python 100.0%