GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → hakbot → hakbot-origin-controller

hakbot / hakbot-origin-controller

Licence: other
Vendor-Neutral Security Tool Automation Controller (over REST)

Programming Languages

java
68154 projects - #9 most used programming language
javascript
184084 projects - #8 most used programming language
CSS
56736 projects
Dockerfile
14818 projects

Labels

securitydevopsautomationrestzapdynamic-analysisburpappspidernessusappsecsoftware-securitythreadfixwebinspect

Projects that are alternatives of or similar to hakbot-origin-controller

zap-sonar-plugin
Integrates OWASP Zed Attack Proxy reports into SonarQube
Stars: ✭ 66 (+120%)
Mutual labels:  zap, dynamic-analysis, appsec, software-security
Zaproxy
The OWASP ZAP core project
Stars: ✭ 9,078 (+30160%)
Mutual labels:  zap, appsec
www-project-zap
OWASP Zed Attack Proxy project landing page.
Stars: ✭ 52 (+73.33%)
Mutual labels:  zap, appsec
threatmodel-sdk
A Java library for parsing and programmatically using threat models
Stars: ✭ 68 (+126.67%)
Mutual labels:  appsec, software-security
vulndb-data-mirror
A simple Java command-line utility to mirror the entire contents of VulnDB.
Stars: ✭ 36 (+20%)
Mutual labels:  appsec, software-security
dependency-check-plugin
Jenkins plugin for OWASP Dependency-Check. Inspects project components for known vulnerabilities (e.g. CVEs).
Stars: ✭ 107 (+256.67%)
Mutual labels:  appsec, software-security
MsfMania
Python AV Evasion Tools
Stars: ✭ 388 (+1193.33%)
Mutual labels:  dynamic-analysis
burp-collab-gw
Simple socket-based gateway to the Burp Collaborator
Stars: ✭ 34 (+13.33%)
Mutual labels:  burp
burp-ntlm-challenge-decoder
Burp extension to decode NTLM SSP headers and extract domain/host information
Stars: ✭ 28 (-6.67%)
Mutual labels:  burp
burp-api-common
common methods that used by my burp extension projects
Stars: ✭ 29 (-3.33%)
Mutual labels:  burp
maloss
Towards Measuring Supply Chain Attacks on Package Managers for Interpreted Languages
Stars: ✭ 46 (+53.33%)
Mutual labels:  dynamic-analysis
DrCCTProf
DrCCTProf is a fine-grained call path profiling framework for binaries running on ARM and X86 architectures.
Stars: ✭ 81 (+170%)
Mutual labels:  dynamic-analysis
vapi
vAPI is Vulnerable Adversely Programmed Interface which is Self-Hostable API that mimics OWASP API Top 10 scenarios through Exercises.
Stars: ✭ 674 (+2146.67%)
Mutual labels:  appsec
risu
Risu is Nessus parser, that converts the generated reports into a ActiveRecord database, this allows for easy report generation and vulnerability verification.
Stars: ✭ 62 (+106.67%)
Mutual labels:  nessus
public
util toolkit for go.golang 通用函数包
Stars: ✭ 135 (+350%)
Mutual labels:  zap
Malware-Detection-Tools
A list of awesome malware detection tools
Stars: ✭ 30 (+0%)
Mutual labels:  dynamic-analysis
sqlinjection-training-app
A simple PHP application to learn SQL Injection detection and exploitation techniques.
Stars: ✭ 56 (+86.67%)
Mutual labels:  appsec
phuzz
Find exploitable PHP files by parameter fuzzing and function call tracing
Stars: ✭ 53 (+76.67%)
Mutual labels:  dynamic-analysis
go2sky-plugins
The plugins of go2sky
Stars: ✭ 46 (+53.33%)
Mutual labels:  zap
data obfuscation
Data Obfuscation for C/C++ Code Based on Residue Number Coding (RNC)
Stars: ✭ 15 (-50%)
Mutual labels:  software-security
View All Similar Projects ➔

Build Status Codacy Badge Alpine Join the chat at https://gitter.im/hakbot/hakbot-origin-controller

Hakbot Origin Controller

A minimalistic job controller for use in Continuous Security and Continuous Delivery environments that provides a simple, standardized method for automating security tools. The result of which which can optionally be published to various security dashboards for increased visibility.

Background

In software development, it is essential that security tools are integrated into every step of the development process. Sometimes, custom tools and scripts may be necessary to integrate with continuous integration servers, the security tools, and the target application being tested.

This is why the Hakbot Origin Controller came about. The controller accepts incoming jobs over JSON/HTTP, places the jobs into a queue for processing, and when worker threads are available, the jobs will be processed.

Jobs can be anything ranging from executing shell scripts to controlling dynamic analysis engines.

Hakbot Origin Controller is built on top of Alpine.

Features

  • Configurable queue and job engine
  • Sequential or simultaneous execution of jobs from the same provider
  • Job console to monitor status of running jobs (optional/plugin specific)
  • Configurable and enforceable authentication and authorization
  • Team permission model for managing authorization of API keys and LDAP users
  • API key support
  • Active Directory support
  • RESTful endpoints that respond with JSON
  • Swagger2 support
  • Embedded database engine (H2)
  • Requires Java 8 or higher

Screenshots

alt tag alt tag alt tag alt tag alt tag alt tag

Providers

Providers are the integration points that can be controlled through the Hakbot Origin Controller. Writing a custom provider is straight-forward and simply involves extending the BaseProvider class.

Providers included are:

  • Shell - Executes any shell command or script
  • AppSpider - Performs AppSpider Pro (formally NTOSpider) dynamic analysis
  • Nessus - Performs a Nessus scan against one or more targets

Publishers

Publishers take the result generated by a provider, such as the result of a Nessus or AppSpider scan, and publishes them in some way.

Publishers included are:

  • FileSystem - Saves the results to the filesystem
  • KennaSecurity - Upload the results to KennaSecurity
  • ThreadFix - Upload the results to ThreadFix for vulnerability aggregation and normalization

Consoles

A console is an optional feature of providers. A provider that also implements a console will benefit from the ability to monitor the status of the job as it's executing and provide the end user a way to view and/or interact with the running job.

Use Cases

Automating Dynamic Analysis

DAST engines like AppSpider Pro only allow one simultaneous scan to take place at any given time. In order to automate dynamic analysis using AppSpider Pro, a queuing system must be used to stack the jobs in sequential order. Additionally, multiple AppSpider Pro instances can be defined, each instance with it's own URL, username, and password. This is the basis for the AppSpider Enterprise offering, but without the additional benefits of using AppSpider Enterprise. If organizations simply want to automate one or more instances of AppSpider Pro, this project may be of benefit.

Limiting Scan Fatigue

A scan, regardless of provider, may take a large amount of network bandwidth or consume host resources. When multiple scans are being performed by different tools, it may be desirable to limit the fatigue caused by these tools to a realistic level.

Auto Publishing Results

If the provider that's executed contains results, those results can be automatically published. Like providers, publishers perform a specific task; they take results from the provider and do something with them. Results could be published to a spreadsheet, populated in a database, or pushed to ThreadFix for vulnerability aggregation.

General Purpose Use

At it's core, Origin Controller is a simple pipeline job controller and can be used for a variety of tasks, not just security-specific. Examples of pipelines that may benefit from this technology are export or conversion jobs such as video encoding where a jobs provider may specify source video and encoding parameters and the jobs publisher may publish to CDNs or asset management applications.

Distributions

Ready-to-deploy distributions will be available beginning with 1.0.0-beta-1. Hakbot Origin Controller supports the following two deployment options:

  • Executable WAR
  • Conventional WAR
  • Docker container

Deploying the Executable WAR

The easiest way to get Hakbot Origin Controller setup is to automatically create and deploy an executable WAR.

mvn clean package -P embedded-jetty
java -jar target/origin-controller-embedded.war

Deploying the Conventional WAR

This is the most difficult to deploy option as it requires an already installed and configured Servlet container such as Apache Tomcat 8.5 and higher, however, it offers the most flexible deployment options.

mvn clean package

Follow the Servlet containers instructions for deploying origin-controller.war.

Deploying With Docker

For users leveraging Docker, the process simply wraps the executable WAR inside a Docker container. Begin by first compiling the software, then by executing Docker-specific commands.

mvn clean package -P embedded-jetty
docker build -f src/main/docker/Dockerfile -t hakbot .
docker run -p 8080:8080 -t hakbot

Compiling

To create an executable WAR that is ready to launch (recommended for most users):

mvn clean package -P embedded-jetty

To create a WAR that must be manually deployed to a modern Servlet container (i.e. Tomcat 8.5+):

mvn clean package

Configuration

Configuration is performed by editing application.properties. Among the configuration parameters are:

  • Job processing and optimization parameters
  • Whitelisting (enabling) of specific providers and publishers
  • Gzip compression support
  • Independently enforce authentication and authorization
  • Active Directory integration (via LDAP)
  • Configuration of one or more instances of providers and publisher

Usage

The URL for the API is: http://$HOSTNAME:$PORT/$CONTEXT/api

Swagger JSON is located: http://$HOSTNAME:$PORT/$CONTEXT/api/swagger.json

Data Directory

Hakbot uses ~/.hakbot on UNIX/Linux systems and .hakbot in current users home directory on Windows machines. Within this directory will be individual directories for each Hakbot component, including Origin Controller. The origin-controller directory will contain log files, the embedded H2 database, as well as keys used during normal operation, such as validating JWT tokens. It is essential that best practices are followed to secure the .hakbot directory structure if jobs contain sensitive information.

Wiki

Please consult the wiki for additional documentation and examples.

Copyright & License

Hakbot Origin Controller is Copyright (c) Steve Springett. All Rights Reserved.

Permission to modify and redistribute is granted under the terms of the GPL 3.0 license.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].