Metadata-Version: 2.1
Name: cyber-radar
Version: 0.3.3
Summary: A framework to support a Red-team Analysis, Documentation, and Automation Revolution!
Home-page: https://github.com/sevaarcen/RADAR
Author: Cole Daubenspeck
Author-email: coleipod@gmail.com
License: GPLv3
Platform: UNKNOWN
Classifier: Programming Language :: Python :: 3
Classifier: Operating System :: OS Independent
Classifier: Development Status :: 4 - Beta
Requires-Python: >=3.6
Description-Content-Type: text/markdown
Requires-Dist: toml (~=0.10)
Requires-Dist: yara-python (~=4.0)
Requires-Dist: netaddr (~=0.8)
Requires-Dist: certifi (~=2019.9)
Requires-Dist: chardet (~=3.0)
Requires-Dist: Click (~=7.0)
Requires-Dist: Flask (~=1.1)
Requires-Dist: Flask-Script (~=2.0)
Requires-Dist: idna (~=2.8)
Requires-Dist: itsdangerous (~=1.1)
Requires-Dist: Jinja2 (~=2.10)
Requires-Dist: MarkupSafe (~=1.1)
Requires-Dist: pymongo (~=3.9)
Requires-Dist: python-dateutil (~=2.8)
Requires-Dist: requests (~=2.22)
Requires-Dist: six (~=1.12)
Requires-Dist: urllib3 (~=1.25)
Requires-Dist: Werkzeug (~=0.16)
Requires-Dist: tqdm (~=4.55)
Requires-Dist: numpy (==1.19.3)
Requires-Dist: pandas (~=1.2.0)

# RADAR
Red-team Analysis, Documentation, and Automation Revolution

# Features
* Modular plugin support
* Integrates with your existing workflow


# Required System Components
* Python 3.6 or later
    * packages in requirements.txt
* Following system packages
    * yara
* A MongoDB server connected to the RADAR Control Server


# Wanted System Components
The following software components are not required, but are needed for full functionality (e.g. playbooks and commanders)

* nmap
* samba-common (for rpcclient)


# Self-signed certificate help
I used [this guide](https://medium.com/@tbusser/creating-a-browser-trusted-self-signed-ssl-certificate-2709ce43fd15)
to make my self-signed certificates for testing.
If you're using an IP address instead of a domain name, change the V3 ext file
as shown in [this guide](https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/6/html/deployment_guide/sssd-ldap-domain-ip)


# Data Format Specifications

### Target information
A valid target is json that has the following structure (see actual example below).
* `target_host`: REQUIRED - This key is the IP address, domain name, or hostname of the target. This must uniquely identify the device and be usable by programs which take this data as arguments (e.g. nmap).
* `source_command`: REQUIRED - This field is an internal UUID used by RADAR. This UUID can be queried in the database to find detailed information about the command that this target was parsed from.
* `details`: This optional key contains arbitrary metadata about the host - for example what type of device it is or how strong the network connection is to the device.
* `services`: This optional key contains a list of open ports on the host and information about the services it's running.
* `vulnerabilities`: This optional key contains a list of information about potential vulnerabilities the host has. This data is typically used by playbooks.

```json
{
  "target_host": "scanme.nmap.org",
  "details": {
    "host_type": "mailserver;webserver",
    "latency": "0.093",
    "scan_time": 1609632285,
    "status": "up",
    "value": "high"
  },
  "services": [
    {
      "port": "22",
      "protocol": "tcp",
      "service": "ssh",
      "state": "open"
    },
    {
      "port": "80",
      "protocol": "tcp",
      "service": "http",
      "state": "open"
    },
    {
      "port": "9929",
      "protocol": "tcp",
      "service": "nping-echo",
      "state": "open"
    },
    {
      "port": "31337",
      "protocol": "tcp",
      "service": "Elite",
      "state": "open"
    }
  ],
  "source_command": "ed73d874-7ad9-4343-a2e4-d9f17ddea966"
}
```


