Skip to content

Historia613/-Network-Research-and-Monitoring-Automation

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
README.md
README.md
 
 

Repository files navigation

Network Research & Monitoring Automation

Overview

This project is a Bash-based automation tool developed as part of hands-on cybersecurity training. It is designed to simulate SOC and NOC operational tasks, including system validation, network monitoring, remote data collection, and structured logging.

The script focuses on reliability, repeatability, and clear documentation—key principles in security and network operations environments.

Key Features

  • Verifies execution context (root privilege validation)
  • Validates required tools and installs missing dependencies automatically
  • Ensures network anonymity status before execution
  • Establishes controlled SSH connections for remote data collection
  • Executes network and system inspection and enumeration commands
  • Stores structured output and maintains detailed logs for traceability

Operational Workflow

  1. Environment Validation

    • Confirms script is executed with appropriate privileges
    • Ensures required tools are available before continuing

  2. Dependency Management

    • Checks for required commands and installs missing packages
    • Uses fail-safe mechanisms to prevent partial or unstable execution

  3. Network State Verification

    • Validates external network status before proceeding
    • Ensures consistent operating conditions for data collection

  4. Remote System Interaction

    • Connects to a remote system over SSH
    • Collects system uptime, network information, and configuration data
    • Executes inspection and enumeration commands in a controlled and logged manner

  5. Logging & Documentation

    • Records all actions and results to log files
    • Ensures transparency, auditing capability, and reproducibility

Architecture (High-Level)

Inputs

  • Local host environment (Linux)
  • User-provided target connection details (SSH)
  • External IP / GeoIP lookup result

Core Components

  • Pre-Flight Checks: privilege validation, system update, dependency verification
  • Dependency Manager: installs required packages/tools if missing
  • Network State Validator: verifies external IP / location and expected network conditions
  • Remote Collector: executes controlled SSH commands to collect system/network data
  • Logger: writes all actions and results to local log files for auditing and troubleshooting

Outputs

  • log.txt (execution log / audit trail)
  • srv_data.txt (remote system info collected via SSH)
  • srv_passwd.txt (remote account listing collected in lab context)
  • domain_recon.txt (domain recon output, e.g., whois/subdomain enumeration)

Note: File names can be adjusted—keep them consistent and documented.

Diagram

+---------------------+
|  User executes      |
|  Bash script        |
+----------+----------+
           |
           v
+---------------------+
| Pre-Flight Checks   |
| - root check        |
| - apt update        |
+----------+----------+
           |
           v
+---------------------+
| Dependency Manager  |
| - verify tools      |
| - install if needed |
+----------+----------+
           |
           v
+---------------------+
| Network Validator   |
| - external IP       |
| - geo location      |
| - network condition |
+----------+----------+
           |
           v
+---------------------+
| Remote Collector    |
| (SSH)               |
| - system info       |
| - recon commands    |
+----------+----------+
           |
           v
+---------------------+        +----------------------+
| Local Outputs        |<-------| Logger (tee / append)|
| - log.txt            |        | - audit trail        |
| - srv_data.txt       |        +----------------------+
| - srv_passwd.txt     |
| - domain_recon.txt   |
+---------------------+

---

## Tools & Technologies
- **Bash**
- **Linux (Kali / Debian-based systems)**
- **SSH**
- **TCP/IP**
- **Wireshark (PCAP analysis – training context)**
- **Nmap**
- **Whois**
- **GeoIP tools**
- **Structured logging (audit-style output)**

---

## Security & Operations Context
This project was built to reflect **real-world SOC/NOC workflows**, including:
- Pre-flight checks and environment validation
- Automation of repetitive operational tasks
- Clear error handling and fail-safe exits
- Emphasis on logging and traceability
- Awareness of network state and system dependencies

The project demonstrates foundational skills relevant to:
- SOC Analyst (L1) / SOC Trainee roles
- NOC Technician / Network Operations roles
- Entry-level IT Operations with a security focus

---

## Disclaimer
This project was developed **strictly for educational and training purposes** within controlled lab environments.
It is intended to demonstrate automation, monitoring, and operational scripting concepts only.

---

## Author
Shmuel Parlow  
Entry-Level SOC / NOC Analyst  

---

## Full implementation available in a private repository upon request.

About

Bash-based automation project simulating SOC-focused security operations in a controlled lab environment. Demonstrates environment validation, dependency checks, SSH-based remote data collection, and structured logging. Full implementation available in a private repository upon request.

Topics

linux bash automation log-analysis cybersecurity network-monitoring soc lab-environment entry-level security-operations

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors