Logfibber
Open Source Toolkit for generating fictional syslog messages that masquerade as proprietary products and services.
Logfibber
Open Source Toolkit for generating fictional syslog messages that masquerade as proprietary products and services.
Open Source Toolkit for generating fictional syslog messages that masquerade as proprietary products and services.
Open Source Toolkit for generating fictional syslog messages that masquerade as proprietary products and services.
Built on 5 years of natural language process (NLP) research at WitFoo focusing on semantic frames, a library of "reframes" have been created to emulate a wide variety of tools and services. Logfibber provides a toolkit for making use of this open source library.
Licensed under Apache 2.0 & built on Python 3. Maintained by Charles Herring and sponsored by WitFoo Education Initiative. Code will be publicly available on GitHub in August 2021.
Educators can create data sets that reflect real-world scenarios that students can investigate using any log analyzer. Students will have the opportunity to examine how different technologies log the same types of events
Penetration testers and red-teams can generate synthesized attack scenarios to validate data integrity in security analytics architectures.
Specific cybersecurity events can be synthesized to assist cybersecurity incident responders in executing training drills.
Log collectors and analyzers (SIEM, UEBA, etc.) can be tested with compatibility with various products and message types and against data poisioning.
The toolkit is broken into 4 areas: fibs, fibbers, reframes and targets.
fibs - "facts" at a message level that define an event that happened. fibs are in a common JSON structure. library/fibs contain contributed fibs.
fibbers - devices to synthesize messages. A list of contributed fibbers and their reframes are located in library/fibbers
reframes - reframes are the message format of fibbers. The reframes are found in library/fibbers/[fibber]/reframes
targets - a list of desitinations and transports to send emulated fibs.
fib-gen - a wizard to assist in automated creation of fibs, fibbers & targets
Usage:
Licensed under Apache 2.0