Metta
| Project Name | Stars | Downloads | Repos Using This | Packages Using This | Most Recent Commit | Total Releases | Latest Release | Open Issues | License | Language |
|---|---|---|---|---|---|---|---|---|---|---|
| Setup Ipsec Vpn | 23,114 | 5 days ago | 1 | other | Shell | |||||
| Scripts to build your own IPsec VPN server, with IPsec/L2TP, Cisco IPsec and IKEv2 | ||||||||||
| Cilium | 17,219 | 25 | 10 hours ago | 781 | December 04, 2023 | 1,101 | apache-2.0 | Go | ||
| eBPF-based Networking, Security, and Observability | ||||||||||
| Bettercap | 14,791 | a month ago | 61 | April 21, 2021 | 169 | other | Go | |||
| The Swiss Army knife for 802.11, BLE, IPv4 and IPv6 networks reconnaissance and MITM attacks. | ||||||||||
| Nebula | 12,854 | 125 | a day ago | 49 | June 01, 2023 | 137 | mit | Go | ||
| A scalable overlay networking tool with a focus on performance, simplicity and security | ||||||||||
| Sniffnet | 12,357 | 4 days ago | 21 | August 08, 2023 | 36 | apache-2.0 | Rust | |||
| Application to comfortably monitor your Internet traffic 🕵️♂️ | ||||||||||
| Scapy | 9,561 |  | 814 | 202 | a day ago | 25 | December 25, 2022 | 142 | gpl-2.0 | Python |
| Scapy: the Python-based interactive packet manipulation program & library. Supports Python 2 & Python 3. | ||||||||||
| Test Your Sysadmin Skills | 9,557 | 10 months ago | 13 | mit | ||||||
| A collection of Linux Sysadmin Test Questions and Answers. Test your knowledge and skills in different fields with these Q/A. | ||||||||||
| Netmaker | 8,370 | 2 | 16 hours ago | 88 | November 17, 2023 | 183 | other | Go | ||
| Netmaker makes networks with WireGuard. Netmaker automates fast, secure, and distributed virtual networks. | ||||||||||
| Docker Ipsec Vpn Server | 5,836 | 5 days ago | 1 | other | Shell | |||||
| Docker image to run an IPsec VPN server, with IPsec/L2TP, Cisco IPsec and IKEv2 | ||||||||||
| Firezone | 5,647 | 11 hours ago | 160 | apache-2.0 | Elixir | |||||
| WireGuard®-based scalable remote access platform that integrates with your IdP and requires no open ports | ||||||||||
Metta
Metta is an information security preparedness tool.
This project uses Redis/Celery, python, and vagrant with virtualbox to do adversarial simulation. This allows you to test (mostly) your host based instrumentation but may also allow you to test any network based detection and controls depending on how you set up your vagrants.
The project parses yaml files with actions and uses celery to queue these actions up and run them one at a time without interaction.
Installation
There is also a wiki
Running actions
The various actions live in the MITRE folder sorted by MITRE ATT&CK phases and also in Adversarial_Simulation
Just run the python and yaml file of your choice
$ python run_simulation_yaml.py -f MITRE/Discovery/discovery_win_account.yml
YAML FILE: MITRE/Discovery/discovery_account.yaml
OS matched windows...sending to the windows vagrant
Running: cmd.exe /c net group \"Domain Admins\" /domain
Running: cmd.exe /c net user /add
Running: cmd.exe /c net user /domain
Running: cmd.exe /c net localgroup administrators
Running: cmd.exe /c net share
Running: cmd.exe /c net use
Running: cmd.exe /c net accounts
Running: cmd.exe /c net config workstation
Running: cmd.exe /c dsquery server
Running: cmd.exe /c dsquery user -name smith* | dsget user -dn -desc
Running: cmd.exe /c wmic useraccount list /format:list
Running: cmd.exe /c wmic ntdomain
Running: cmd.exe /c wmic group list /format:list
Running: cmd.exe /c wmic sysaccount list /format:list
Making actions
The actions and scenarios live in the MITRE folder sorted by MITRE ATT&CK phases and also in Adversarial_Simulation
The most important parts are the OS field and the purple_actions
os: will tell the tool which vagrant to send the command to, obviously *nix commands on windows wont work out so well
purple_actions: an array of commands to run sequentially
Making scenarios
Scenarios are a list of paths to actions.
The code will be looking for a scenario: True field and scenario_actions list. Example below:
Gotchas
The tool takes the string from purple_actions and encapsulates it in quotes. Therefore you need to escape any other quotes, ticks, weird shell characters in your command.
Use the output of the vagrant/celery piece to make sure things are working like they should
Why Metta?
Metta (Pali) Loving kindness, gentle friendship; a practice for generating loving kindness said to be first taught by the Buddha as an antidote to fear. It helps cultivate our natural capacity for an open and loving heart and is traditionally offered along with other Brahma-vihara meditations that enrich compassion, joy in the happiness of others and equanimity. These practices lead to the development of concentration, fearlessness, happiness and a greater ability to love.
