GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → leesoh → Yams

leesoh / Yams

Licence: mit
A collection of Ansible roles for automating infosec builds.

Programming Languages

python
139335 projects - #7 most used programming language

Labels

securityansiblepenetration-testingsecurity-automation

Projects that are alternatives of or similar to Yams

Blackhat Python Book
Code from Blackhat Python book
Stars: ✭ 178 (+81.63%)
Mutual labels:  penetration-testing, security-automation
default-http-login-hunter
Login hunter of default credentials for administrative web interfaces leveraging NNdefaccts dataset.
Stars: ✭ 285 (+190.82%)
Mutual labels:  penetration-testing, security-automation
Astra
Automated Security Testing For REST API's
Stars: ✭ 1,898 (+1836.73%)
Mutual labels:  penetration-testing, security-automation
Minimalistic Offensive Security Tools
A repository of tools for pentesting of restricted and isolated environments.
Stars: ✭ 135 (+37.76%)
Mutual labels:  penetration-testing, security-automation
Penetration Testing Study Notes
Penetration Testing notes, resources and scripts
Stars: ✭ 461 (+370.41%)
Mutual labels:  penetration-testing, security-automation
reconmap
Vulnerability assessment and penetration testing automation and reporting platform for teams.
Stars: ✭ 242 (+146.94%)
Mutual labels:  penetration-testing, security-automation
Capsulecorp Pentest
Vagrant VirtualBox environment for conducting an internal network penetration test
Stars: ✭ 214 (+118.37%)
Mutual labels:  ansible, penetration-testing
Centos7 Cis
Ansible CentOS 7 - CIS Benchmark Hardening Script
Stars: ✭ 64 (-34.69%)
Mutual labels:  ansible, security-automation
Ansible Lockdown
Ansible playbook roles for security
Stars: ✭ 424 (+332.65%)
Mutual labels:  ansible, security-automation
Faraday
Faraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.
Stars: ✭ 3,198 (+3163.27%)
Mutual labels:  penetration-testing, security-automation
Monkey
Infection Monkey - An automated pentest tool
Stars: ✭ 5,572 (+5585.71%)
Mutual labels:  penetration-testing, security-automation
Content
Security automation content in SCAP, OSCAL, Bash, Ansible, and other formats
Stars: ✭ 1,219 (+1143.88%)
Mutual labels:  ansible, security-automation
Ansible Interactive Tutorial
Interactive Ansible tutorials with dead simple setup via Docker
Stars: ✭ 1,309 (+1235.71%)
Mutual labels:  ansible
Badpods
A collection of manifests that will create pods with elevated privileges.
Stars: ✭ 93 (-5.1%)
Mutual labels:  penetration-testing
Ansible Telegraf
Installing and configuring Telegraf via Ansible for RedHat/Debian/Ubuntu/Windows/Suse.
Stars: ✭ 91 (-7.14%)
Mutual labels:  ansible
Selfhosted Server
Selfhosted server with Ansible.
Stars: ✭ 91 (-7.14%)
Mutual labels:  ansible
Beetbox
Pre-provisioned L*MP stack
Stars: ✭ 94 (-4.08%)
Mutual labels:  ansible
Ansible Haproxy
Installs and configure HAProxy
Stars: ✭ 93 (-5.1%)
Mutual labels:  ansible
Ovirt Ansible
This repository holds all oVirt related Ansible roles
Stars: ✭ 91 (-7.14%)
Mutual labels:  ansible
H4cker
This repository is primarily maintained by Omar Santos and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more.
Stars: ✭ 10,451 (+10564.29%)
Mutual labels:  penetration-testing
View All Similar Projects ➔

Project Abandoned

While working through YAMS, I discovered Ansible Galaxy. This does essentially what YAMS aimed to do, but with the full force of RedHat behind it. I've moved most of the roles there but will be leaving this project up for the time being.

YAMS Framework

Welcome to Yet Another Modular Security Framework. YAMS is a collection of Ansible roles, some hacky scripts, and a large amount of standing on the shoulders of giants.

Thanks

YAMS is very much inspired by The Penetration Tester's Framework but attempts to build on the great work done there by adding strong support for environment-specific targeting (OS type, architecture, etc.), leveraging Ansible's solid module support for common tasks (git, apt, yum, etc.), and adding the ability to define a build script for easy deploy/rebuild.

More Thanks

Getting Started

Getting started with YAMS is pretty straightforward. First, you're going to need to install Ansible on your control machine. This is the system you'll use to configure your targets.

YAMS doesn't require any special configuration on the target - if you can SSH to it, you can configure it.

Once you've cloned the YAMS repo, you'll need to make a couple of changes:

  1. Copy templates\hosts.template to hosts.
  2. Update hosts with the appropriate IP/port for your target.
  3. Update any CHANGEME values in <module name>\defaults\main.yml for modules you plan on using.

That's it! You can either tweak the sample sample.yml playbook to provision your first machine, or build your own.

Once you're happy with it, you can deploy your configuration using ansible-playbook <playbook_name>.yml [--ask-become-pass].

Keeping Things Current

Ansible makes it pretty simple to keep a role up to date. Once you've got things the way you want them, just make sure that you're making good use of update: yes and state: latest and then just re-run the playbook.

---
- name: Clone Empire
  become: true
  git:
    repo: https://github.com/EmpireProject/Empire.git
    dest: "{{ git_location }}/empire-git"
    update: yes

---
- name: Install pip
  become: true
  when: ansible_os_family ==  "Debian"
  apt:
    name: python-pip
    update_cache: yes
    state: latest

The Plumbing

YAMS uses Ansible roles to define configurations for a host. A playbook is just a grouping of these roles to define the configuration of a system. YAMS provides the roles, you provide the targets.

Playbooks contain roles, roles contain plays, plays perform actions, and all of a sudden a box gets provisioned.

You can include a role in a playbook by adding it to the roles section:

---
- hosts: that_host
  remote_user: that_guy
  roles:
    - metasploit
    - sslscan
    - ...
    - kismet

Roles contain all the modular goodness we use to build playbooks. A role should define everything that needs to happen for the role to be succesfully provisioned on a target, including:

  • Dependency on other roles
  • Environment variables
  • Service configurations
  • Packages to install
  • Files created (and contents edited!)

Roles can be simple:

# Installs Medusa
---
- name: Install Medusa
  become: true
  when: ansible_os_family ==  "Debian"
  apt:
    name: medusa
    update_cache: yes

Or a bit more involved:

---
# Installs and configures Metasploit
- name: Download Metasploit installer
  become: true
  get_url:
    url: https://raw.githubusercontent.com/rapid7/metasploit-omnibus/master/config/templates/metasploit-framework-wrappers/msfupdate.erb
    dest: /tmp/msfinstall
    mode: 0755

- name: Install Metasploit
  become: true
  command: /tmp/msfinstall

- name: Initialize Metasploit database
  command: msfdb init

Packaging tools as roles allows us to reuse them in different playbooks. That's the magic of YAMS. Build once, use all over the damn place.

Role Structure

Here's how a basic role is structed in YAMS:

your-role/
├── docs.json          # Contains documentation for the role
├── defaults
│   └── main.yml       # Stores role-specific variables
├── files              # Stores any required files for your role
├── handlers
│   └── main.yml
├── meta
│    └── main.yml      # Declare dependencies here
└── tasks
    └── main.yml       # Imports and tags your role
    └── your-role.yml  # Contains all required plays for the role

The main.yml file under tasks is what is run when a role is added to a playbook. Rather than store all functionality in that, however, we just use it to import and tag actual role file — your-role.yml.

This may seem a bit silly but doing it this way allows us to selectively run roles from the playbook using ansible-playbook your-playbook.yml --tags "your-role,another-role".

Common Plays

Here's how to do some common operations using Ansible. You can get a full list of supported modules here.

Install a Package Using apt

- name: Install my-package
  become: true
  when: ansible_os_family ==  "Debian"
  apt:
    name: my-package
    update_cache: yes
    state: latest

The above command is the same as running sudo apt update && sudo apt install my-package. Re-running the task will update it (state: latest).

Clone a Git Repository

- name: Clone my-repo
  become: true
  git:
    repo: https://github.com/foo/bar.git
    dest: /opt/bar-git
    update: yes

This is the same as running sudo git clone https://github.com/foo/bar.git /opt/bar-git. Re-running the task will perform a git pull operation (update: yes).

Download Files

- name: Download my-file
  get_url:
    url: https://my.site/my-file.sh
    dest: /tmp/my-file.sh
    mode: 0755

The above command is the same as wget https://my.site/my-file.txt -P /tmp && chmod 755 /tmp/my-file.txt

Run Commands

- name: Initialize Metasploit database
  command: msfdb init

This one is pretty straightforward.

Targeting Using Conditionals

When adding distro-specific commands (e.g. apt, yum) to a play, make use of Ansible's conditionals to target the commands appropriately.

For example:

- name: Install foo
  when: ansible_os_family ==  "Debian"
  apt:
    name: foo
    update_cache: yes
    state: latest

Dependencies

You can easily implement a role dependency by defining that in your-role/meta/main.yml like so:

---
dependencies:
  - { role: autossh }

Module Documentation

All module documentation can be found in module_docs.md until a better place is found.

Contributing

See CONTRIBUTING.md

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].