Skip to content

Latest commit

 

History

History
34 lines (23 loc) · 2.09 KB

README.md

File metadata and controls

34 lines (23 loc) · 2.09 KB

meraki-hunting

A collection of standalone scripts used to automate data extraction, assessment and threat hunting against Meraki networks.

Usage

Install meraki library:

  • pip install meraki

Set your Meraki API key to an environment variable before running scripts:

  • export MERAKI_DASHBOARD_API_KEY=XXXXXX

Execute specific script:

python3 clientconnections.py

API Documentation

Description

  • extract_all_clientconnections.py - enumerates all the networks in all organizations and extracts individual outbound connections for each host in last 30 days.
  • extract_all_networkconnections.py - enumerates all the networks in all organizations and extracts outbound connections originating from each network in last 30 days.
  • apstatus.py - enumerates networks in a selected organization and display current AP status that is different to online/no problems.
  • clientconnections.py - enumerates networks in a selected organization and extracts individual outbound connections for each host in last 30 days.
  • networkconnections.py - enumerates networks in a selected organization and extracts individual outbound connections from each network in last 30 days.
  • topologyoverview.py - enumerates networks in a selected organization and extracts simple topology overview.
  • loginoverview.py - enumerates networks in a selected organization and extracts an overview of login attempts to splash screen across last 90 days.
  • getMXfirewallrules.py - enumerates networks in a selected organization and extracts an overview of applied SD-WAN firewall rules for cellular, inbound, l3, l7 and port forwarding rules.
  • getintrusions.py - enumerates networks in a selected organization and extracts intrusion events in last 365 days.

Acknowledgments