Advertisements
Tuesday, October 24, 2017
Latest:

Haxf4rall

Computer Security, Hacking, Cyber awareness

Hack Tools 

Assimilator: Automatic Firewall Rule Orchestator

haxf4rall2017 0 Comments , , ,

The first restful API to control all firewall brands. Configure any firewall with restful API calls, no more manual rule configuration. Centralize all your firewalls into one API.

Multiplatform

  • Palo Alto
  • Juniper
  • Cisco
  • Fortinet
  • Checkpoint
  • PfSense
  • AWS

Authentication

  • API key through HTTP headers.
  • Flexible authorization, allow certain URI path with certain HTTP methods.

JSON

  • All request/response body are in JSON. No more XML, plain text or custom responses.

Python

  • Fully scripted in Python Flask.
  • Easy to update and add new modules.
  • Ready for any automatic task.

Open Source

  • No more Panorama, CSM or NSM.
  • Integrates with Apache2 with mod WSGI.
  • Assimilator gives a full RESTful experience for free.

How it works

All firewalls share a common ground on their configuration, for example:

  • List of commands showing the actual configuration (AKA the running configuration).
  • Rules or policies filtering IP packets.
  • Objects:
    • Addresses (i.e. 10.1.1.1 <-> Administration_Server).
    • Address group (i.e. Administration_Farm <-> [ Administration_Server01 , Administration_Server02 ]).
    • Port or service (i.e. TCP/80 <-> http).
    • Port or service group (i.e. Application_ports <-> { TCP/6600 , TCP/6610 }).
  • Interfaces.
  • Zones.
  • Routing table.
  • PBR (policy based route).

Assimilator makes it possible to configure via the five RESTful methods all these portions of configuration with JSON objects:

  • GET: Show the object.
  • POST: Add new object.
  • PATCH: Append new data to object.
  • PUT: Replace data in object.
  • DELETE: Remove object from configuration.

URL Format

/api/site/resource

Example

Request: GET /api/headquarters/config

Response: HTTP 200
{"config" : "<...>"}

Request: POST /api/branch/rules
{"name" : "Test01", "from" : "trust", "to" : "untrust",
"source" : "10.1.1.1", "destination" : "8.8.8.8", "action" : "allow",
"application" : "junos-dns-udp"}
Response: HTTP 201
{}
Request: DELETE /api/branch1/rules
{"name" : "Permit Any"}
Response: HTTP 200
{}

Request: PUT /api/branch2/objects/address-group
{"name" : "Admin_Servers", "members" : [ "Server02" ] }
Response: HTTP 200
{}

Request: PATCH /api/paloalto/headquarters/route
{"name" : "internal", "destination" : "10.0.0.0/8", "next-hop" : "172.16.1.2" }
Response: HTTP 200
{}

Installation

With Docker (recommended):

cd /opt
git clone https://github.com/videlanicolas/assimilator && cd assimilator
./generate_certificate.sh
docker build -t assimilator /opt/assimilator/
docker run -d -p 443:443/tcp assimilator

Without Docker:

cd /opt
git clone https://github.com/videlanicolas/assimilator && cd assimilator
./generate_certificate.sh
sudo ./install.sh

Documentation

Read the documentation.

Advertisements

You May Also Like

JudasDNS – Nameserver DNS poisoning attacks made easy

haxf4rall2017 0

BackdoorMan – Toolkit That Helps You Find Malicious, Hidden And Suspicious PHP Scripts And Shells

haxf4rall2017 0

Hacking Android Smart Phone Using AhMyth Android RAT

haxf4rall2017 0

Leave a Reply

Your email address will not be published. Required fields are marked *

Advertisements
Advertisements
%d bloggers like this: