www.haka-security.org Open in urlscan Pro
2606:50c0:8003::153  Public Scan

Form analysis
0 forms found in the DOM

Text Content

HAKA


SOFTWARE DEFINED SECURITY

   
 * 
 * Menu

 * Overview
 * Resources
 * Hakabana
 * Community
 * Project Contributors
 * Blog
 * Download
   * Haka
   * Hakabana


WHAT IS HAKA

Haka is an open source security oriented language which allows to describe
protocols and apply security policies on (live) captured traffic.

The scope of Haka language is twofold. First of all, it allows to write security
rules in order to filter/alter/drop unwanted packets and log and report
malicious activities. Second, Haka features a grammar enabling to specify
network protocols and their underlying state machine.

The overall goal of Haka is to abstract low-level stuff like memory management
and packet reassembly to non developer experts and to provide an easy way to
analyze quickly new network protocols.

The Haka team is proud to announce the release of Hakabana. A tool to visualize
network traffic going throught Haka in real-time using Kibana and Elasticsearch.


PACKET FILTERING POLICY IMPROVED

Define your own security rules to alter/drop/inject packets based on combination
of protocol fields (ip, tcp, udp, icmp, dns and http).

local ipv4 = require('protocol/ipv4')

haka.rule{
    hook = ipv4.events.receive_packet,
    eval = function (self, pkt)
        if pkt.src ~= ipv4.addr("127.0.0.1") then
            pkt:drop()
        end
    end
}


PACKET CAPTURE

Use various sources of traffic for packet filtering, including:

 * pcap file
 * pcap live traffic
 * netfilter queue iptable rules




PROTOCOL GRAMMAR NEW

Protocol parsing is simple, describe the messages in Haka and let the engine do
the parsing.

haka.grammar.new("icmp", function ()
    packet = record{
        field('type',     number(8)),
        field('code',     number(8)),
        field('checksum', number(16)),
        field('payload',  bytes())
    }

    export(packet)
end)


PROTOCOL STATE MACHINE NEW

Quickly and easily describe protocol state machines directly in Haka. Describe
your states and transitions and let the internal Haka engine follow them.




MODULAR, EXTENSIBLE

Haka has a modular design which allows easy customisation. The internal and
external APIs are well documented and allow anyone to easily add new protocols,
capture methods, logging sinks...




INTEGRATED DEBUGGER

Back-trace, insert breakpoints and inspect Lua code. Haka is endowed with a
gdb-like debugger which is helpful to detect errors in Lua security rules.




GOING FURTHER !


FULL WORKSHOP NEW

A full workshop is available for you to dig into Haka. Check out our bootable
live iso!





HAKABANA NEW

Visualize network traffic going throught Haka in real-time using Kibana and
Elasticsearch. Check out Hakabana.




WHAT'S NEXT...

Next release will focus on improving the Haka performances and simplify even
more security rules and protocol description.

Follow us on Twitter and GitHub to get a peak at the upcoming features.

Seems interesting? Download Haka now Download
© Copyright 2014, Arkoon Network Security, OpenWide and Telecom ParisTech.