sectoolkit homepage

sectoolkit: a simple security toolkit

By Mauro Chiarugi && Marco Pagnanini
in collaborazione con Aldo Franco Dragoni e Paolo Puliti

What we want to build

We start writing the Security Toolkit because we want to build an instrument to apply the OSSTMM, a methodology about security. Moreover, we decided that our work must be useful for real agency that work in security.
In addition we have coded some plugins that perform tasks from the Unix Security Checklist of CERT/CC available at http://www.cert.org.
To achieve this, we desing this architecture:

As you can see, there is a CoreApplication that read data from a db. It reads Teams - that is composed by Machines and Persons -, so reads Results composed of Events and Actions. After that, the CoreApplication reads from directory plugins/ all avaible plugins, and so prompt to the user what he want to do. He can admin Teams, Persons and Machines, than he can execute security tests against these entities. A test is implemented by one or more plugins.

To build a Plugin, you need to create a new Class that inherits class Plugin and ovveride the start method and the __init__ that are defined as:

start(self, machine, team, person)

__init__(self)

Then, after that you have execute your steps in the security trip, you should return an Object that is an instance of Result class. A Result object, that contains an Event Object (to report test expirations) and an Action Object (to record plugin stdout after execution on a particular machine), will be instantiated and saved in the database simply by adding this statement in your plugin code: error_instance.save_to_db().
Take a look at other modules (e.g. Inetd.py or Cron.py) for how to enable festival speech support.
See also README files in the sectoolkit project.

What we have build

Now, we have only wrote the CoreApplication to read plugin list and to execute them. Then we have wrote some plugins and a small version of CERT security checklist.
We have also realized the ZODB database for test logging.

What we need to code

Next step (version 2.0) will be: improve database queries and write many plugins.

Resources

Documentation: sectoolkit user guide
Go to project home page: sectoolkit homepage on savannah

Feedback: Send your comments and suggestions to sracatus | tmp

Our WebSites: sracatus website | tmp website