Table of Contents
- Keep Us Caffeinated
- Call to Arms
- Intro
- Clone CSI
- Deploy
- General Usage
- Driver Documentation
- Merchandise
Keep Us Caffeinated
If you've found this framework useful and you're either not in a position to donate or simply interested in us cranking out as many features as possible, we invite you to take a brief moment to keep us caffeinated:
Call to Arms
If you're willing to provide access to commercial security tools (e.g. Rapid7's Nexpose, Tenable Nessus, QualysGuard, HP WebInspect, IBM Appscan, etc) please PM us as this will continue to promote CSIs interoperability w/ industry-recognized security tools moving forward. Additionally if you want to contribute to this framework's success, check out our How to Contribute. Lastly, we accept donations.
Intro
What is CSI
CSI (Continuous Security Integration) is an open security automation framework that aims to stand on the shoulders of security giants, promoting trust and innovation. Build your own custom automation drivers freely and easily using pre-built modules. If a picture is worth a thousand words, then a video must be worth at least a million...let's begin by planting a million seeds in your mind:
Creating an OWASP ZAP Scanning Driver Leveraging the csi Prototyper
Why CSI
It's easy to agree that while corporate automation is a collection of proprietary source code, the core modules used to produce automated solutions should be open for all eyes to continuously promote trust and innovation...broad collaboration is key to any automation framework's success, particularly in the cyber security arena.
How CSI Works
Leveraging various pre-built modules and the csi prototyper, you can mix-and-match modules to test, record, replay, and rollout your own custom security automation packages known as, "drivers."
CSI Modules Can be Mixed and Matched to Produce Your Own Tools
Also known as, "Drivers" CSI can produce all sorts of useful tools by mixing and matching modules.
Clone CSI
Certain Constraints Mandate CSI be Installed in /opt/csi:
$ sudo git clone https://github.com/0dayinc/csi.git /opt/csi
Deploy
Basic Installation Dependencies
- Latest Version of Vagrant: https://www.vagrantup.com/downloads.html
- Latest Version of Vagrant VMware Utility (if using VMware): https://www.vagrantup.com/vmware/downloads.html
- Packer: https://www.packer.io/downloads.html (If you contribute to the Kali Rolling Box hosted on https://app.vagrantup.com/csi/boxes/kali_rolling)
Install Locally on Host OS
Deploy in AWS EC2
Deploy in Docker Container
Deploy CSI Fuzz Network Application Protocol
Deploy CSI Public IP Checking Driver
Deploy CSI Static Code Anti-Pattern Matcher (i.e. SCAPM / SAST)
Deploy CSI Transparent Browser
Deploy in VirtualBox
Deploy in VMware
Deploy in vSphere
General Usage
It's wise to rebuild csi often as this repo has numerous releases/week (unless you're in the Kali box, then it's handled for you daily in the Jenkins job called, "selfupdate-csi":
$ cd /opt/csi && ./update_csi.sh && csi
csi[v0.4.90]:001 >>> CSI.help
Driver Documentation
For a list of existing drivers and their usage
I hope you enjoy CSI and remember...ensure you always have permission prior to carrying out any sort of hacktivities. Now - go hackomate all the things!