======
Copyright 2013 Gabriel Bassett
This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 or the LIcense, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public LIcense for more dtails.
You should have received a copy of the GNU General Public License along with theis program. If not, see http://www.gnu.org/licenses/.
Moirai is a patent pending, open source licensed, architecture to manage an information security posture in the form of an attack graph. It may be used for offensive tasks such as penetration testing or defensive tasks such as risk assessment and management, intrusion detection, intelligence gathering and application, and response execution.
Moirai is the metasploit of defense. It is a central framework with which all other defensive tools can communicate.
Moirai has three explicit tasks:
Moirai is implemented as a pubsub and rpc server in python. The server provides multiple interfaces to the attack graph stored in a back end neo4j database. Clients may query the database by way of defined RPCs or may sign up to an appropriate pubsub to receive streaming updates to the graph. All functionality is expected to be provided by the clients.
Moirai depends on thepy2neo, autobahn, and python-dateutil python modules. Additionally, it requires a neo4j database to connect to and store the graph. There is no facility to run moirai without the neo4j database.
Previously - Moirai has reached Milestone 0. It is capable of receiving graph events in WAMP format, saving them to the graph, and redistributing them across the pubsub. It also is able to execute cyphers by RPC.
3/26/13 - Moirai has reached Milestone 1. It is capable of receiving graph events, validating them against the rules outlined in protocol_definitions.txt, fixing them up if possible, and redistributing them. An additional RPC to retrieve the entire graph has been added.
Future - Milestone 2: Cypher and Construct RPCs - Milestone 2 will support additional cyphers, specifically RPCs to implement additional cyphers and automated processing of DCES constructs. It will facilitate intelligence gathering and intrusion detection utilizing the graph
Future - Milestone 3: GUI and Client Service pubsub - Milestone 3 is designed to support clients which require manual addition of information to the grpah and which provide their own RPCs.
Future - Milestone 4: Multiple Clients Available - Implementation of multiple potential clients.
Future - Milestone 5: Robust Server - Improvements in the Moirai server to facilitate enterprise use.
(Please note, milestones may not be implemented in chronological order and are subject to change without notice.)
pip install py2neo autobahn python-dateutil(instructions for installing neo4j can be found at http://www.neo4j.org)
git clone https://github.com/gdbassett/moirainano ~/moirai/server/moirai_server.cfgneo4j start(from the neo4j bin directory unless installed as a linux package)
python ~/moirai/server/moiraiServer.py(note, once fully implemented, the moirai_gui client can be served by enabling the simple python webserver with the "-w" option to moirai_server.py.)