All Projects â†’ lmco â†’ Dart

lmco / Dart

Licence: apache-2.0
DART is a test documentation tool created by the Lockheed Martin Red Team to document and report on penetration tests, especially in isolated network environments.

Programming Languages

python
139335 projects - #7 most used programming language
dart
5743 projects

Projects that are alternatives of or similar to Dart

Jsdoc To Markdown
Generate markdown documentation from jsdoc-annotated javascript
Stars: ✭ 1,199 (+479.23%)
Mutual labels:  documentation-tool, documentation-generator
Redoc
📘 OpenAPI/Swagger-generated API Reference Documentation
Stars: ✭ 15,935 (+7598.07%)
Mutual labels:  documentation-tool, documentation-generator
Graphdoc
Static page generator for documenting GraphQL Schema
Stars: ✭ 1,218 (+488.41%)
Mutual labels:  documentation-tool, documentation-generator
App
Fast and searchable Ruby docs
Stars: ✭ 47 (-77.29%)
Mutual labels:  documentation-tool, documentation-generator
Hrshell
HRShell is an HTTPS/HTTP reverse shell built with flask. It is an advanced C2 server with many features & capabilities.
Stars: ✭ 193 (-6.76%)
Mutual labels:  penetration-testing, red-team
Toast Ui.doc
Stars: ✭ 71 (-65.7%)
Mutual labels:  documentation-tool, documentation-generator
Gitjacker
đŸ”Ē Leak git repositories from misconfigured websites
Stars: ✭ 1,249 (+503.38%)
Mutual labels:  penetration-testing, red-team
Pdoc
🐍 ➡ī¸ 📜 Auto-generate API documentation for Python projects
Stars: ✭ 604 (+191.79%)
Mutual labels:  documentation-tool, documentation-generator
Naturaldocs
Natural Docs source code documentation system
Stars: ✭ 106 (-48.79%)
Mutual labels:  documentation-tool, documentation-generator
Dox
Haxe documentation generator.
Stars: ✭ 98 (-52.66%)
Mutual labels:  documentation-tool, documentation-generator
Pdoc
API Documentation for Python Projects
Stars: ✭ 853 (+312.08%)
Mutual labels:  documentation-tool, documentation-generator
Nbdev template
Template for nbdev projects
Stars: ✭ 161 (-22.22%)
Mutual labels:  documentation-tool, documentation-generator
Devdocs
API Documentation Browser
Stars: ✭ 27,208 (+13043.96%)
Mutual labels:  documentation-tool, offline
Zeal
Offline documentation browser inspired by Dash
Stars: ✭ 9,164 (+4327.05%)
Mutual labels:  documentation-tool, offline
Wowchemy Hugo Modules
đŸ”Ĩ Hugo website builder, Hugo themes & Hugo CMS. No code, build with widgets! 创åģē在įēŋč¯žį¨‹īŧŒå­Ļ术įŽ€åŽ†æˆ–初创įŊ‘įĢ™ã€‚
Stars: ✭ 6,093 (+2843.48%)
Mutual labels:  documentation-generator, documentation-tool
Drf Autodocs
Ultimately automated DRF documentation rendering(UNMAINTAINED)
Stars: ✭ 82 (-60.39%)
Mutual labels:  documentation-tool, documentation-generator
Nishang
Nishang - Offensive PowerShell for red team, penetration testing and offensive security.
Stars: ✭ 5,943 (+2771.01%)
Mutual labels:  penetration-testing, red-team
Daux.io
Daux.io is an documentation generator that uses a simple folder structure and Markdown files to create custom documentation on the fly. It helps you create great looking documentation in a developer friendly way.
Stars: ✭ 603 (+191.3%)
Mutual labels:  documentation-tool, documentation-generator
Thecollective
The Collective. A repo for a collection of red-team projects found mostly on Github.
Stars: ✭ 85 (-58.94%)
Mutual labels:  penetration-testing, red-team
Documentalist
📝 A sort-of-static site generator optimized for living documentation of software projects
Stars: ✭ 130 (-37.2%)
Mutual labels:  documentation-tool, documentation-generator

DART: A Documentation and Reporting Tool

DART is a test documentation tool created by the Lockheed Martin Red Team to document and report on penetration tests, especially in isolated network environments.

The goals of this tool are:

  • Easy
    • Quick to set up without internet connectivity
    • No extensive configuration required
  • Enabling
    • Maximize testing time; minimize reporting time
    • Apply NISPOM-friendly portion markings
    • Capture test artifacts
  • Expendable
    • You won't lose sleep over leaving the tool behind to be destroyed
    • The report and artifacts files contain everything needed from the test

Full Disclosure Regarding Security

DART is intended to be executed in isolated, uncontested environments such as an isolan, private test network, or on a standalone machine. It is not intended for deployment on untrusted networks.

Output Examples

Multiple mission support

Multiple mission support

Test case & artifact tracking

Test case & artifact tracking

Generates a Microsoft Word report

Generates a Microsoft Word report

Getting Started

Supported Configurations

DART is tested to work in the following configurations:

  • Windows 7 system install
  • Docker (Experimental, read the warning in the Dockerfile)

Other configurations will likely be successful, however we do not currently test DART's operation in these configurations.

The installation instructions are comprised of two steps - a dependency collection step performed on an internet-connected machine and an installation step performed on the isolated network.

Installing on Windows 7 (system-wide)

On an internet-connected machine:

  • Online system must meet the following requirements for automated scripts to work:

    • Python 2.7 must be already installed (python --version to check)
    • pip version must be > 9.0 (pip --version to check; pip install -U pip to update)
  • Clone the repo & get the dependencies

git clone https://github.com/lmco/dart.git
cd dart
python install\online\prep.py

Note: Some command line options, like --proxy are supported for your convenience. Use python install\online\prep.py --help for more info.

  • Copy to offline machine

On the isolated machine:

  • Offline system must meet the following requirements for automated scripts to work:

    • You must have administrative credentials (required for python installation)
  • Install the dependencies

cd dart
install\offline\install.bat
  • First Run Setup
python install\offline\setup.py

Basic DART installation and database creation is now complete. In addition you've loaded in common classification colors, a basic classification list, and some common business areas you may have.

PRO TIP If you have additional classifications or business areas in your company, you can create a additional private entries for internal use by adding them (following the existing format) to the files in dart/missions/fixtures.

Starting DART

python run.py

Stopping DART

<CTRL+C>

Connecting to DART

  • Localhost: 127.0.0.1:8000
  • LAN: <server_ip_address>:8000

Performing a version upgrade

  • With the exception of the following files / locations, replace all DART files (copy and pasting the whole folder should be fine)
    • db.sqlite
    • SUPPORTING_DATA_PACKAGE/
    • supporting_data/
  • Run the following commands
cd dart
python manage.py migrate
  • Start DART normally

Frequently Asked Questions

Does everyone need their own account?

  • Since this is a tool intended to be used by a team during an active and organic penetration test with many moving parts, we typically just use a single-mission username and password that the execution team knows. RBAC is not implemented in this tool today.

What are some dangerous actions I should avoid?

  • Multiple people editing test case details / mission details will likely result in data loss. The last person to save a details page wins and only their edits will be persisted. To help avoid this problem, see the question below.

How can I know if someone else is editing a test case?

  • As soon as you begin working on a test case, change the status to "In Work" and Save. This will prompt others if they click on a test case you're currently working in so they know to check to see if the case has been saved. We usually use the POC field to know who to ask if they're still working the test case.

Are there any export compliance concerns?

  • Dependencies required by this tool may contain Export Controlled Information. Prior to building this tool outside the U.S. you should review the dependencies for any export compliance issues. Additionally, upon entering data into this tool the database file, supporting documentation folder, and outputs should be treated as sensitive, and handled as export controlled / classified information, as appropriate.

Š 2017 Lockheed Martin Corporation

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].