A Python package to fake SOC (Security Operations Center) data

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for swimlane from gravatar.com swimlane

Unverified details

These details have not been verified by PyPI
Project links
GitHub Statistics

View statistics for this project via Libraries.io, or by using our public dataset on Google BigQuery

Meta

License: MIT

Author: Swimlane

Tags faker, soc, security, swimlane

Requires: Python >=2.6, !=3.0.*, !=3.1.*, !=3.2.*, <4

Project description

soc-faker

soc-faker is used to generate fake data for use by Security Operation Centers, Information security professionals, product teams, and many more.

Getting Started

soc-faker is compatible with Python 2.x and 3.x. You can install soc-faker using pip as well as cloning this repository directly.

At the time of writing this document, soc-faker has the ability to fake data for the following main categories. You can find specific details for each category by selecting the links below:

Installing soc-faker

pip install soc-faker --user

Installing from source

git clone git@github.com:swimlane/soc-faker.git
cd soc-faker
python setup.py install

Prerequisites

The following libraries are required and installed by soc-faker

requests
pendulum
ipaddress
Pillow
networkx
matplotlib
PyGithub
PyYAML
Faker

GitHub PAT

In addition, you must provide a GitHub Personal Access Token to utilize specific features that rely on data from public github repositories.

Please follow this guide to get a personal access token https://help.github.com/en/github/authenticating-to-github/creating-a-personal-access-token-for-the-command-line

Once you have a PAT you can provide this token during initialization of the the SocFaker object:

from socfaker import SocFaker

sf = SocFaker(github_token='YOUR PERSONAL ACCESS TOKEN')

Development

You can use the provided Dockerfile to get a development and testing environment up and running for soc-faker.

To use the Dockerfile run, cd to this repositories directory and run:

docker build --force-rm -t socfaker .

Once it is built, then run the docker container:

docker run socfaker

Running this will call the test python file in bin\test.py. Modify this file for additional testing and development.

Running the tests

Tests within this project should cover all available properties and methods. As this project grows the tests will become more robust but for now we are testing that they exist and return outputs.

Built With

  • carcass - Python packaging template

Contributing

Please read CONTRIBUTING.md for details on our code of conduct, and the process for submitting pull requests to us.

Versioning

We use SemVer for versioning.

Change Log

Please read CHANGELOG.md for details on features for a specific version of soc-faker

Authors

See also the list of contributors who participated in this project.

License

This project is licensed under the MIT License - see the LICENSE file for details

Credits

soc-faker is a Swimlane open-source project; we believe in giving back to the open-source community by sharing some of the projects we build for our application. Swimlane is an automated cyber security operations and incident response platform that enables cyber security teams to leverage threat intelligence, speed up incident response and automate security operations.

SecOps Hub is an open, product-agnostic, online community for security professionals to share ideas, use cases, best practices, and incident response strategies.

Acknowledgments

  • This project utilizes data from the OSSEM project by hunters-forge
.. toctree::
   :maxdepth: 2
   :caption: Contents:

   docs/source/faker/application
   docs/source/faker/azure
   docs/source/faker/computer
   docs/source/faker/elastic
   docs/source/faker/employee
   docs/source/faker/file
   docs/source/faker/logs
   docs/source/faker/network
   docs/source/faker/organization
   docs/source/faker/qualysguard
   docs/source/faker/servicenow
   docs/source/faker/useragent
   docs/source/faker/vulnerability

TODO

Employee

  • Manager (Employee Object)

Date

  • Date Between
  • Date X periods back (date after 1/1/2018)
  • Date X per. Forward (date after 1/1/2018)
  • Duration/Span

Address

  • Physical Address?

Network

  • URL

File Info

  • fuzzy?
  • File Path
  • File Reputation?

PCAP

  • Generate Fake PCAP files

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for swimlane from gravatar.com swimlane

Unverified details

These details have not been verified by PyPI
Project links
GitHub Statistics

View statistics for this project via Libraries.io, or by using our public dataset on Google BigQuery

Meta

License: MIT

Author: Swimlane

Tags faker, soc, security, swimlane

Requires: Python >=2.6, !=3.0.*, !=3.1.*, !=3.2.*, <4


Release history Release notifications | RSS feed

4.0.2

4.0.1

4.0.0

3.1.0

3.0.0

2.4.0

2.3.1

2.2.0

2.1.0

2.0.1

2.0.0

This version

1.0.1

1.0.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

soc-faker-1.0.1.tar.gz (8.1 MB view hashes)

Uploaded Source

Built Distributions

soc_faker-1.0.1-py3-none-any.whl (8.3 MB view hashes)

Uploaded Python 3

soc_faker-1.0.1-py2-none-any.whl (8.3 MB view hashes)

Uploaded Python 2

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page