If you're willing to provide access to commercial security tools (e.g. Rapid7's Nexpose, Tenable Nessus, QualysGuard, HP WebInspect, IBM Appscan, etc) please PM us as this will continue to promote CSIs interoperability w/ industry-recognized security tools moving forward. Lastly, this project accepts donations, so if you want to see this thing blow the door off the hinges, please donate!!!
It's easy to agree that while corporate automation is a collection of proprietary source code, the core modules used to produce automated solutions should be open for all eyes to continuously promote trust and innovation...broad collaboration is key to any automation framework's success, particularly in the cyber security arena.
Leveraging various pre-built modules and the csi prototyper, you can mix-and-match modules to test, record, replay, and rollout your own custom security automation packages known as, "drivers." The fastest way to getting rolling w/ csi is to deploy a pre-built Kali Rolling box we built w/ Packer. This is a special deployment of Kali Rolling - WORKING rollouts of OpenVAS, Metasploit, Arachni, and Jenkins (w/ preconfigured various jobs) are just some of the numerous security and CI/CD tools made available for your convenience...updated on a daily basis. CSI driver integration is made to be seamless w/ OS dependencies already installed. This is all made available for architectures such as AWS, Docker, VirtualBox, and/or VMware. Feel free to also install it locally on your machine as a Ruby Gem! See the Install or Deploy section for more details.
CSI (Continuous Security Integration) is an open security automation framework that aims to stand on the shoulders of security giants, promoting trust and innovation. Build your own custom automation drivers freely and easily using pre-built modules. If a picture is worth a thousand words, then a video must be worth at least a million...let's start out by planting a million seeds in your mind:
Also known as, "Drivers" CSI can produce all sorts of useful tools by mixing and matching modules.
Certain Constraints Mandate CSI be Installed in /csi:
$ sudo git clone https://github.com/ninp0/csi.git /csi
- RVM Latest (Multi-User Install)
- Ruby 2.4.1
- MacPorts (Only a Local Install on a Mac - Advanced)
- Packer (If you contribute to the Kali Rolling Box hosted on https://app.vagrantup.com/csi/boxes/kali_rolling)
- Latest Version of Vagrant: https://www.vagrantup.com/downloads.html
It's wise to rebuild csi often as this repo has numerous releases/week (unless you're in the Kali box, then it's handled for you daily in the Jenkins job called, "selfupdate-csi":
$ /csi/vagrant/provisioners/csi.sh && csi
csi[v0.2.319]:001 >>> CSI.help
For a list of existing drivers and their usage
I hope you enjoy CSI and remember...ensure you always have permission prior to carrying out any sort of hacktivities. Now - go hacktivate all the things!