{"id":13507501,"url":"https://github.com/MutableSecurity/mutablesecurity","last_synced_at":"2025-03-30T09:32:56.522Z","repository":{"id":37094485,"uuid":"470128313","full_name":"MutableSecurity/mutablesecurity","owner":"MutableSecurity","description":"CLI program for automating the setup, configuration, and use of cybersecurity solutions","archived":true,"fork":false,"pushed_at":"2023-02-12T16:29:01.000Z","size":2788,"stargazers_count":43,"open_issues_count":7,"forks_count":7,"subscribers_count":1,"default_branch":"main","last_synced_at":"2024-11-01T07:33:09.414Z","etag":null,"topics":["cybersecurity-solutions","incident-response-tooling","security-automation"],"latest_commit_sha":null,"homepage":"https://mutablesecurity.io","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/MutableSecurity.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":".github/CONTRIBUTING.md","funding":null,"license":"LICENSE.md","code_of_conduct":".github/CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":".github/SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2022-03-15T11:25:16.000Z","updated_at":"2024-08-23T14:58:28.000Z","dependencies_parsed_at":"2023-02-16T07:30:31.556Z","dependency_job_id":null,"html_url":"https://github.com/MutableSecurity/mutablesecurity","commit_stats":null,"previous_names":[],"tags_count":1,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/MutableSecurity%2Fmutablesecurity","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/MutableSecurity%2Fmutablesecurity/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/MutableSecurity%2Fmutablesecurity/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/MutableSecurity%2Fmutablesecurity/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/MutableSecurity","download_url":"https://codeload.github.com/MutableSecurity/mutablesecurity/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":246301963,"owners_count":20755512,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cybersecurity-solutions","incident-response-tooling","security-automation"],"created_at":"2024-08-01T02:00:35.270Z","updated_at":"2025-03-30T09:32:55.608Z","avatar_url":"https://github.com/MutableSecurity.png","language":"Python","readme":"\u003cdiv align=\"center\"\u003e\n    \u003cimg src=\"others/readme_images/cover.webp\" width=\"600px\" alt=\"Cover\"\u003e\n    \u003cbr/\u003e\u003cbr/\u003e\n    \u003cbr/\u003e\n    \u003cimg src=\"https://img.shields.io/github/stars/mutablesecurity/mutablesecurity?color=blue\u0026logoColor=white\u0026label=stars\u0026logo=github\u0026style=flat-square\" alt=\"GitHub Stars\"\u003e\n    \u003cimg src=\"https://img.shields.io/github/issues-closed/mutablesecurity/mutablesecurity?color=blue\u0026logoColor=white\u0026label=issues\u0026logo=github\u0026style=flat-square\" alt=\"GitHub closed issues\"\u003e\n    \u003cimg src=\"https://img.shields.io/github/license/mutablesecurity/mutablesecurity?color=lightgray\u0026logoColor=white\u0026label=license\u0026logo=opensourceinitiative\u0026style=flat-square\" alt=\"License\"\u003e\n    \u003cbr/\u003e\n\u003c/div\u003e\n\n---\n\n- [Functionalities](#functionalities)\n- [Supported Cybersecurity Solutions](#supported-cybersecurity-solutions)\n- [Via Debian Repository](#via-debian-repository)\n- [Via PyPi](#via-pypi)\n- [Debian Package](#debian-package)\n- [Executable](#executable)\n\n---\n\n# Description\n\n**MutableSecurity** is a CLI program for making cybersecurity solution management easier and more accessible, from deployment and configuration to monitoring.\n\n## Functionalities\n\n- [**Multiple solution** supported](#supported-cybersecurity-solutions) so far (and more under development)\n- **Operations** managing the solution lifecycle\n    - Initially configuring the solution via YAML files\n    - Installing the solution\n    - Retrieving and changing the solution configuration\n    - Retrieving metrics about the solution functioning\n    - Updating the solution to its newest version\n    - Uninstalling the solution\n- **Multiple authentication methods**\n    - Password-based when deploying to the local host\n    - Password-based or key-based SSH for remote hosts\n- **Deployments to multiple hosts** with the same command\n- **Intuitive CLI**\n- **Extensive [usage](https://mutablesecurity.io/docs/users) and [contribution](https://mutablesecurity.io/docs/developers) documentations**\n\n## Supported Cybersecurity Solutions\n\n\u003ctable\u003e\n    \u003cthead\u003e\n        \u003ctr\u003e\n            \u003cth\u003eSolution\u003c/th\u003e\n            \u003cth\u003eDescription\u003c/th\u003e\n            \u003cth\u003eOthers\u003c/th\u003e\n        \u003c/tr\u003e\n    \u003c/thead\u003e\n    \u003ctbody\u003e\n        \u003ctr\u003e\n            \u003ctd\u003e\n                \u003ca href=\"https://vector.dev/\"\u003e\n                    \u003cimg src=\"others/readme_images/solutions/vector.webp\"\u003e\n                \u003c/a\u003e\n            \u003c/td\u003e\n            \u003ctd\u003eVector is a lightweight tool for building observability pipelines. As soon as solutions are enabled in the configuration, Vector starts to send their logs to the configured Loki instance. The latter can be either on-premise or in the cloud, the only condition being to permit authentication via username and API token.\u003c/td\u003e\n            \u003ctd\u003e\n                \u003cimg alt='Maturity: Production' src='https://img.shields.io/badge/Maturity-Production-blightgreen?style=flat-square'\u003e\n            \u003c/td\u003e\n        \u003c/tr\u003e        \u003ctr\u003e\n            \u003ctd\u003e\n                \u003ca href=\"https://teler.app\"\u003e\n                    \u003cimg src=\"others/readme_images/solutions/teler.webp\"\u003e\n                \u003c/a\u003e\n            \u003c/td\u003e\n            \u003ctd\u003eteler is a real-time intrusion detection and threat alert based on web log. Targets only nginx installed on Ubuntu.\u003c/td\u003e\n            \u003ctd\u003e\n                \u003cimg alt='Maturity: Production' src='https://img.shields.io/badge/Maturity-Production-blightgreen?style=flat-square'\u003e\n            \u003c/td\u003e\n        \u003c/tr\u003e        \u003ctr\u003e\n            \u003ctd\u003e\n                \u003ca href=\"https://suricata.io\"\u003e\n                    \u003cimg src=\"others/readme_images/solutions/suricata.webp\"\u003e\n                \u003c/a\u003e\n            \u003c/td\u003e\n            \u003ctd\u003eSuricata is the leading independent open source threat detection engine. By combining intrusion detection (IDS), intrusion prevention (IPS), network security monitoring (NSM) and PCAP processing, Suricata can quickly identify, stop, and assess even the most sophisticated attacks.\u003c/td\u003e\n            \u003ctd\u003e\n                \u003cimg alt='Maturity: Production' src='https://img.shields.io/badge/Maturity-Production-blightgreen?style=flat-square'\u003e\n            \u003c/td\u003e\n        \u003c/tr\u003e        \u003ctr\u003e\n            \u003ctd\u003e\n                \u003ca href=\"https://www.fail2ban.org\"\u003e\n                    \u003cimg src=\"others/readme_images/solutions/fail2ban.webp\"\u003e\n                \u003c/a\u003e\n            \u003c/td\u003e\n            \u003ctd\u003eFail2ban is an intrusion prevention software framework that protects Unix-like servers from brute-force attacks. It scans log files and bans IP addresses conducting too many failed operations (for example, login attempts). This module targets Debian-based operating systems and has already set a SSH jail.\u003c/td\u003e\n            \u003ctd\u003e\n                \u003cimg alt='Maturity: Production' src='https://img.shields.io/badge/Maturity-Production-blightgreen?style=flat-square'\u003e\n            \u003c/td\u003e\n        \u003c/tr\u003e        \u003ctr\u003e\n            \u003ctd\u003e\n                \u003ca href=\"https://letsencrypt.org\"\u003e\n                    \u003cimg src=\"others/readme_images/solutions/lets_encrypt.webp\"\u003e\n                \u003c/a\u003e\n            \u003c/td\u003e\n            \u003ctd\u003eLet's Encrypt is a free, automated, and open certificate authority brought to you by the nonprofit Internet Security Research Group (ISRG). Certbot is a free, open source software tool for automatically using Let's Encrypt certificates on manually-administrated websites to enable HTTPS.\u003c/td\u003e\n            \u003ctd\u003e\n                \u003cimg alt='Maturity: Production' src='https://img.shields.io/badge/Maturity-Production-blightgreen?style=flat-square'\u003e\n            \u003c/td\u003e\n        \u003c/tr\u003e        \u003ctr\u003e\n            \u003ctd\u003e\n                \u003ca href=\"https://www.clamav.net/\"\u003e\n                    \u003cimg src=\"others/readme_images/solutions/clamav.webp\"\u003e\n                \u003c/a\u003e\n            \u003c/td\u003e\n            \u003ctd\u003eClam AntiVirus (ClamAV) is a free software, cross-platfom antimalware toolkit able to detect many types of malware, including viruses. ClamAV includes a command-line scanner, automatic database updater, and a scalable multi-threaded daemon running on an anti-virus engine from a shared library. FreshClam is a virus database update tool for ClamAV. ClamAV Daemon checks periodically for virus database definition updates, downloads, installs them, and notifies clamd to refresh it's in-memory virus database cache.\u003c/td\u003e\n            \u003ctd\u003e\n                \u003cimg alt='Maturity: Production' src='https://img.shields.io/badge/Maturity-Production-blightgreen?style=flat-square'\u003e\n            \u003c/td\u003e\n        \u003c/tr\u003e\n        \u003ctr\u003e\n            \u003ctd colspan=3\u003e\u003ccenter\u003eMore coming soon...\u003c/center\u003e\u003c/td\u003e\n        \u003c/tr\u003e\n    \u003c/tbody\u003e\n\u003c/table\u003e\n\n# Requirements\n\nMutableSecurity depends on packages that have unique builds for each Python version (for instance, `pyinfra`'s `gevent`).\n\nThus, [Python 3.9](https://www.python.org/downloads/) is required for the executable and installation via Debian package or repository. Any version greater than or equal to 3.9 can be used when installing via PyPi.\n\n# Installation\n\n## Via Debian Repository\n\n```bash\n# 1. Add the GPG keyring\nwget -O- https://debian.mutablesecurity.io/pubkey.gpg | \\\n    gpg --dearmor | \\\n    sudo tee /usr/share/keyrings/mutablesecurity.gpg \u003e /dev/null\n\n# 2. Add the Debian repository\necho \"deb [signed-by=/usr/share/keyrings/mutablesecurity.gpg] https://debian.mutablesecurity.io bullseye main\" |\\\n    sudo tee /etc/apt/sources.list.d/mutablesecurity.list\n\n# 3. Fetch the details by apt-updating\nsudo apt update\n\n# 4. Install the package\nsudo apt install mutablesecurity\n```\n\n## Via PyPi\n\nJust run `pip install mutablesecurity`. Ensure that `/home/\u003cusername\u003e/.local/bin` is added into your `$PATH` variable.\n\n## Debian Package\n\nFrom the [Releases](https://github.com/MutableSecurity/mutablesecurity/releases) section in this repository, download the latest Debian package. After that, install it using `dpkg -i mutablesecurity.deb`.\n\n## Executable\n\nIn the same [Releases](https://github.com/MutableSecurity/mutablesecurity/releases) section, you can find executables that wrap up the whole project. Only download the latest version and place it into a convenient location (for example, `/usr/bin` or `/home/\u003cusername\u003e/.local/bin`).\n\n# Demo\n\n\u003cdiv align=\"center\"\u003e\n    \u003cimg src=\"others/readme_images/demo.webp\" width=\"100%\" alt=\"Demo\"\u003e\n\u003c/div\u003e\n\n# Support\n\nIf you have any type of suggestion (for example, proposals for new functionalities or support for other security solutions), please open an issue or drop us a line at [hello@mutablesecurity.io](mailto:hello@mutablesecurity.io).\n\n# Contributing\n\nTo find out how you can contribute to this project, check out our [contribution guide](.github/CONTRIBUTING.md).","funding_links":[],"categories":["IR Tools Collection","Blue Team Infrastructure Deployment"],"sub_categories":["All-In-One Tools","Development"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FMutableSecurity%2Fmutablesecurity","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FMutableSecurity%2Fmutablesecurity","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FMutableSecurity%2Fmutablesecurity/lists"}