menfra.icikit
4.0.1
dotnet add package menfra.icikit --version 4.0.1
NuGet\Install-Package menfra.icikit -Version 4.0.1
<PackageReference Include="menfra.icikit" Version="4.0.1" />
paket add menfra.icikit --version 4.0.1
#r "nuget: menfra.icikit, 4.0.1"
// Install menfra.icikit as a Cake Addin #addin nuget:?package=menfra.icikit&version=4.0.1 // Install menfra.icikit as a Cake Tool #tool nuget:?package=menfra.icikit&version=4.0.1
Incikit
Incikit is an incident response library for C# .NET applications that enables automatic actions in response to detected security threats. This library provides a simple framework for responding to suspicious activities such as unauthorized access attempts, malicious file uploads, and unusual account behavior. Actions include locking accounts, notifying administrators, and quarantining suspicious files. Incikit integrates easily with existing Endpoint Detection and Response (EDR) solutions to provide a robust response layer for applications.
Key Features
- Automated Incident Response: Lock accounts, quarantine files, or notify admins in response to suspicious behavior.
- Customizable Actions: Easily configure response actions to meet specific security requirements.
- EDR Integration: Seamlessly integrates with existing EDR systems for extended security monitoring and management.
- Event Logging: Logs incidents and responses for later analysis and auditing.
Getting Started
Installation
Install Incikit via NuGet Package Manager Console:
Install-Package Incikit
Or, add it to your .csproj file:
<PackageReference Include="Incikit" Version="1.0.0" />
Setup and Configuration
- Initialize Incikit in your application’s startup file (e.g., Startup.cs).
- Configure the library with desired incident response actions and integration settings.
Here’s an example setup in Startup.cs:
// Startup.cs
using Incikit;
public class Startup
{
public void ConfigureServices(IServiceCollection services)
{
services.AddIncikit(options =>
{
options.EnableAccountLocking = true; // Lock accounts in response to unauthorized access attempts
options.EnableFileQuarantine = true; // Quarantine suspicious files detected in the application
options.NotifyAdminEmail = "admin@example.com"; // Admin email for notifications
options.LogAllIncidents = true; // Enable logging for all incident responses
});
}
}
Usage
Incikit can be integrated with security checks throughout your application to detect and respond to threats automatically.
Example 1: Locking an Account After Suspicious Activity
In this example, an account will be locked if the library detects multiple failed login attempts, which could indicate a brute-force attack.
using Incikit;
public class AccountService
{
private readonly IIncikit _incikit;
public AccountService(IIncikit incikit)
{
_incikit = incikit;
}
public void Login(string username, string password)
{
bool isLoginSuccessful = AuthenticateUser(username, password);
if (!isLoginSuccessful)
{
_incikit.HandleFailedLoginAttempt(username);
}
}
private bool AuthenticateUser(string username, string password)
{
// Authentication logic here
return false;
}
}
Example 2: Quarantining a Suspicious File
This example shows how Incikit can quarantine a suspicious file detected in the system, preventing further access until it is reviewed by an admin.
using Incikit;
public class FileUploadService
{
private readonly IIncikit _incikit;
public FileUploadService(IIncikit incikit)
{
_incikit = incikit;
}
public void UploadFile(File file)
{
if (IsFileSuspicious(file))
{
_incikit.QuarantineFile(file);
}
}
private bool IsFileSuspicious(File file)
{
// Logic to determine if the file is suspicious
return true;
}
}
Example Scenarios
- Account Locking: Automatically lock user accounts after a series of failed login attempts.
- File Quarantine: Place suspicious files in quarantine for review by administrators.
- Administrator Notifications: Notify security administrators immediately when high-priority threats are detected.
- Integration with EDR Systems: Connect to existing EDR solutions to trigger specific responses based on real-time threat data.
Contributing
We welcome contributions! Please open an issue or submit a pull request if you have suggestions or improvements.
License
This project is licensed under the MIT License - see the LICENSE file for details.
Contact
For questions or feedback, please contact [menfra@menfra.de].
| Product | Versions Compatible and additional computed target framework versions. |
|---|---|
| .NET | net5.0 was computed. net5.0-windows was computed. net6.0 was computed. net6.0-android was computed. net6.0-ios was computed. net6.0-maccatalyst was computed. net6.0-macos was computed. net6.0-tvos was computed. net6.0-windows was computed. net7.0 was computed. net7.0-android was computed. net7.0-ios was computed. net7.0-maccatalyst was computed. net7.0-macos was computed. net7.0-tvos was computed. net7.0-windows was computed. net8.0 was computed. net8.0-android was computed. net8.0-browser was computed. net8.0-ios was computed. net8.0-maccatalyst was computed. net8.0-macos was computed. net8.0-tvos was computed. net8.0-windows was computed. |
| .NET Core | netcoreapp3.0 was computed. netcoreapp3.1 was computed. |
| .NET Standard | netstandard2.1 is compatible. |
| MonoAndroid | monoandroid was computed. |
| MonoMac | monomac was computed. |
| MonoTouch | monotouch was computed. |
| Tizen | tizen60 was computed. |
| Xamarin.iOS | xamarinios was computed. |
| Xamarin.Mac | xamarinmac was computed. |
| Xamarin.TVOS | xamarintvos was computed. |
| Xamarin.WatchOS | xamarinwatchos was computed. |
-
.NETStandard 2.1
- Microsoft.Extensions.DependencyInjection (>= 9.0.0)
- Microsoft.Extensions.Logging (>= 9.0.0)
NuGet packages
This package is not used by any NuGet packages.
GitHub repositories
This package is not used by any popular GitHub repositories.
| Version | Downloads | Last updated |
|---|---|---|
| 4.0.1 | 75 | 11/12/2024 |