A Python package to fake SOC (Security Operations Center) data
soc-faker is used to generate fake data for use by Security Operation Centers, Information security professionals, product teams, and many more.
soc-faker is compatible with Python 2.x and 3.x. You can install
pip as well as cloning this repository directly.
At the time of writing this document,
soc-faker has the ability to fake data for the following main categories. You can find specific details for each category by selecting the links below:
- User Agent
pip install soc-faker --user
Installing from source
git clone firstname.lastname@example.org:swimlane/soc-faker.git cd soc-faker python setup.py install
The following libraries are required and installed by soc-faker
requests pendulum ipaddress Pillow networkx matplotlib PyGithub PyYAML Faker
In addition, you must provide a GitHub Personal Access Token to utilize specific features that rely on data from public github repositories.
Please follow this guide to get a personal access token https://help.github.com/en/github/authenticating-to-github/creating-a-personal-access-token-for-the-command-line
Once you have a PAT you can provide this token during initialization of the the
from socfaker import SocFaker sf = SocFaker(github_token='YOUR PERSONAL ACCESS TOKEN')
You can use the provided Dockerfile to get a development and testing environment up and running for
To use the
Dockerfile run, cd to this repositories directory and run:
docker build --force-rm -t socfaker .
Once it is built, then run the docker container:
docker run socfaker
Running this will call the test python file in bin\test.py. Modify this file for additional testing and development.
Running the tests
Tests within this project should cover all available properties and methods. As this project grows the tests will become more robust but for now we are testing that they exist and return outputs.
- carcass - Python packaging template
Please read CONTRIBUTING.md for details on our code of conduct, and the process for submitting pull requests to us.
We use SemVer for versioning.
Please read CHANGELOG.md for details on features for a specific version of
- Josh Rickard - Initial work - MSAdministrator
- Nick Tausek
See also the list of contributors who participated in this project.
This project is licensed under the MIT License - see the LICENSE file for details
soc-faker is a Swimlane open-source project; we believe in giving back to the open-source community by sharing some of the projects we build for our application. Swimlane is an automated cyber security operations and incident response platform that enables cyber security teams to leverage threat intelligence, speed up incident response and automate security operations.
SecOps Hub is an open, product-agnostic, online community for security professionals to share ideas, use cases, best practices, and incident response strategies.
- This project utilizes data from the OSSEM project by hunters-forge
.. toctree:: :maxdepth: 2 :caption: Contents: docs/source/faker/application docs/source/faker/azure docs/source/faker/computer docs/source/faker/elastic docs/source/faker/employee docs/source/faker/file docs/source/faker/logs docs/source/faker/network docs/source/faker/organization docs/source/faker/qualysguard docs/source/faker/servicenow docs/source/faker/useragent docs/source/faker/vulnerability
- [ ] Manager (Employee Object)
- [ ] Date Between
- [ ] Date X periods back (date after 1/1/2018)
- [ ] Date X per. Forward (date after 1/1/2018)
- [ ] Duration/Span
- [ ] Physical Address?
- [ ] URL
- [ ] fuzzy?
- [ ] File Path
- [ ] File Reputation?
- [ ] Generate Fake PCAP files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
|Filename, size||File type||Python version||Upload date||Hashes|
|Filename, size soc_faker-1.0.0-py2-none-any.whl (8.3 MB)||File type Wheel||Python version py2||Upload date||Hashes View|
|Filename, size soc_faker-1.0.0-py3-none-any.whl (8.3 MB)||File type Wheel||Python version py3||Upload date||Hashes View|
|Filename, size soc-faker-1.0.0.tar.gz (8.0 MB)||File type Source||Python version None||Upload date||Hashes View|
Hashes for soc_faker-1.0.0-py2-none-any.whl
Hashes for soc_faker-1.0.0-py3-none-any.whl