Skip to main content

A Python package to fake SOC (Security Operations Center) data

Project description

soc-faker

soc-faker is used to generate fake data for use by Security Operation Centers, Information security professionals, product teams, and many more.

Getting Started

soc-faker is compatible with Python 2.x and 3.x. You can install soc-faker using pip as well as cloning this repository directly.

At the time of writing this document, soc-faker has the ability to fake data for the following main categories. You can find specific details for each category by selecting the links below:

Installing soc-faker

pip install soc-faker --user

Installing from source

git clone git@github.com:swimlane/soc-faker.git
cd soc-faker
python setup.py install

Prerequisites

The following libraries are required and installed by soc-faker

requests
pendulum
ipaddress
Pillow
networkx
matplotlib
PyGithub
PyYAML
Faker

GitHub PAT

In addition, you must provide a GitHub Personal Access Token to utilize specific features that rely on data from public github repositories.

Please follow this guide to get a personal access token https://help.github.com/en/github/authenticating-to-github/creating-a-personal-access-token-for-the-command-line

Once you have a PAT you can provide this token during initialization of the the SocFaker object:

from socfaker import SocFaker

sf = SocFaker(github_token='YOUR PERSONAL ACCESS TOKEN')

Development

You can use the provided Dockerfile to get a development and testing environment up and running for soc-faker.

To use the Dockerfile run, cd to this repositories directory and run:

docker build --force-rm -t socfaker .

Once it is built, then run the docker container:

docker run socfaker

Running this will call the test python file in bin\test.py. Modify this file for additional testing and development.

Running the tests

Tests within this project should cover all available properties and methods. As this project grows the tests will become more robust but for now we are testing that they exist and return outputs.

Built With

  • carcass - Python packaging template

Contributing

Please read CONTRIBUTING.md for details on our code of conduct, and the process for submitting pull requests to us.

Versioning

We use SemVer for versioning.

Change Log

Please read CHANGELOG.md for details on features for a specific version of soc-faker

Authors

See also the list of contributors who participated in this project.

License

This project is licensed under the MIT License - see the LICENSE file for details

Credits

soc-faker is a Swimlane open-source project; we believe in giving back to the open-source community by sharing some of the projects we build for our application. Swimlane is an automated cyber security operations and incident response platform that enables cyber security teams to leverage threat intelligence, speed up incident response and automate security operations.

SecOps Hub is an open, product-agnostic, online community for security professionals to share ideas, use cases, best practices, and incident response strategies.

Acknowledgments

  • This project utilizes data from the OSSEM project by hunters-forge
.. toctree::
   :maxdepth: 2
   :caption: Contents:

   docs/source/faker/application
   docs/source/faker/azure
   docs/source/faker/computer
   docs/source/faker/elastic
   docs/source/faker/employee
   docs/source/faker/file
   docs/source/faker/logs
   docs/source/faker/network
   docs/source/faker/organization
   docs/source/faker/qualysguard
   docs/source/faker/servicenow
   docs/source/faker/useragent
   docs/source/faker/vulnerability

TODO

Employee

  • [ ] Manager (Employee Object)

Date

  • [ ] Date Between
  • [ ] Date X periods back (date after 1/1/2018)
  • [ ] Date X per. Forward (date after 1/1/2018)
  • [ ] Duration/Span

Address

  • [ ] Physical Address?

Network

  • [ ] URL

File Info

  • [ ] fuzzy?
  • [ ] File Path
  • [ ] File Reputation?

PCAP

  • [ ] Generate Fake PCAP files

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Files for soc-faker, version 1.0.0
Filename, size File type Python version Upload date Hashes
Filename, size soc_faker-1.0.0-py2-none-any.whl (8.3 MB) File type Wheel Python version py2 Upload date Hashes View
Filename, size soc_faker-1.0.0-py3-none-any.whl (8.3 MB) File type Wheel Python version py3 Upload date Hashes View
Filename, size soc-faker-1.0.0.tar.gz (8.0 MB) File type Source Python version None Upload date Hashes View

Supported by

Pingdom Pingdom Monitoring Google Google Object Storage and Download Analytics Sentry Sentry Error logging AWS AWS Cloud computing DataDog DataDog Monitoring Fastly Fastly CDN DigiCert DigiCert EV certificate StatusPage StatusPage Status page