Skip to content

frostbits-security/ccat

Repository files navigation


CCAT
Cisco Config Analysis Tool

Blackhat Arsenal 2018
This tool is designed to analyze the configuration files of Cisco devices. The list of checks is based on the Cisco Guide to Harden Cisco IOS Devices.

Installation

pip3 install -r requirements.txt

Usage

The simplest way to use: python3 ccat.py configuration_file

Windows: ccat.exe configuration_file

Extended options:

python3 ccat.py config_directory -vlanmap vlmap.txt -output result_html_files_directory --storm_level 40.0 --max_number_mac 100 --disabled-interfaces --no-console-display --graph network_map

configs - path to the configuration file or directory with configuration files

-vlanmap - path to vlanmap file

-output - path to output html files directory

--storm_level - appropriate level for storm-control (by default value = 80)

--max_number_mac - maximum number of mac-addresses for port-security (by default value = 10)

--disabled-interfaces - check interfaces even if they are turned off

--no-console-display - output analysis results in html files directory or into network graph

--dump-creds - dump usernames, passwords and hashes from configs

--graph - builds network map of VLANs (you may left the argument empty to get into interactive mode or define a file name for graph output in png extension)