Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/frostbits-security/ccat

Cisco Config Analysis Tool
https://github.com/frostbits-security/ccat

cisco-device defense network

Last synced: about 2 months ago
JSON representation

Cisco Config Analysis Tool

Host: GitHub
URL: https://github.com/frostbits-security/ccat
Owner: frostbits-security
License: gpl-3.0
Created: 2018-07-31T13:34:39.000Z (over 6 years ago)
Default Branch: master
Last Pushed: 2023-04-23T13:08:10.000Z (over 1 year ago)
Last Synced: 2024-05-21T15:20:49.917Z (7 months ago)
Topics: cisco-device, defense, network
Language: Python
Size: 781 KB
Stars: 431
Watchers: 33
Forks: 98
Open Issues: 3
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

Cisco Config Analysis Tool

[![Blackhat Arsenal 2018](https://rawgit.com/toolswatch/badges/master/arsenal/europe/2018.svg)](http://www.toolswatch.org/2018/09/black-hat-arsenal-europe-2018-lineup-announced/)
This tool is designed to analyze the configuration files of Cisco devices. The [list of checks](https://github.com/cisco-config-analysis-tool/ccat/wiki/List-of-the-checks) is based on the [Cisco Guide to Harden Cisco IOS Devices](https://www.cisco.com/c/en/us/support/docs/ip/access-lists/13608-21.html).

## Installation

`pip3 install -r requirements.txt`

## Usage
The simplest way to use:
`python3 ccat.py configuration_file`

Windows:
`ccat.exe configuration_file`

Extended options:

`python3 ccat.py config_directory -vlanmap vlmap.txt -output result_html_files_directory --storm_level 40.0 --max_number_mac 100 --disabled-interfaces --no-console-display --graph network_map`

**configs** - path to the configuration file or directory with configuration files

**-vlanmap** - path to [vlanmap file](https://github.com/cisco-config-analysis-tool/ccat/wiki/Vlanmap-file)

**-output** - path to output html files directory

**--storm_level** - appropriate level for storm-control (by default value = 80)

**--max_number_mac** - maximum number of mac-addresses for port-security (by default value = 10)

**--disabled-interfaces** - check interfaces even if they are turned off

**--no-console-display** - output analysis results in html files directory or into network graph

**--dump-creds** - dump usernames, passwords and hashes from configs

**--graph** - builds network map of VLANs (you may left the argument empty to get into interactive mode or define a file name for graph output in png extension)