Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
Skip to content

arsho/CBPen

Repository files navigation

CBPen

Cloud Blazers Penetration Testing Tool

App demo

Project checklist

✓ Must provide a web based or mobile app based interface.

✓ User enters a range of IP addresses to scan, and selects from many different scanning options.

✓ The cloud based server/monitor then splits the IP address ranges and distributes the task across multiple (at least 3) virtual machines, SQS can be used to send the tasks to the scanner virtual machines.

✓ Each of the scanner virtual machines performs a scan for the range of IP addresses given and sends the scan result back to the monitor.

✓ The monitor combines reports from multiple scanners and prepares a central report.

✓ Must support multiple concurrent users and require user authentication.

Features

  • Scan top ports
  • Scan services
  • Scan operating systems
  • List subdomains
  • Scan SSL certificates
  • Expose vulnerabilities associated with the network (ports, OS, etc)
  • Mitigation tool for developers to slow down the attacker
  • Utilize multiple VMs in parallel reducing scan time and analysis
  • Analytics report of all the scanning events
  • Require authentication using cloud database technologies

Demonstration video

Video demo

Presentation

Powerpoint presentation of CBPen

Execution time comparison

Comparison between parallel and nonparallel execution time. The time is measured in seconds.

Scan type Number of sites Parallel execution time Nonparallel execution time
Port 6 3.29 11.93
Services and operating systems 6 39.88 161.02
Subdomains and SSL certificates 6 30.27 87.58

System design:

  • Scanning tool:

    • Nmap - "Network Mapper" open source tool for network discovery & security auditing​
    • Sublist3r - Subdomain listing tool
    • SSLyze - SSL/TLS scanning tool
    • TLS-Parser - Parse TLS information
    • Requests - Gather metadata from the hosts
  • Web application:

    • Python & Flask - Provides REST APIs for concurrent scanning from multiple VMs
    • SQLAlchemy - SQL Object Relational Mapper
    • Cryptography - Used for cryptographic algorithms and encryptions/decryptions
    • Dotenv - Sets environment variables based on the development or production environment
    • Bootstrap & jQuery - Used for developing responsive frontend
    • Docker with docker-compose - Creates docker containers for OS independent execution
  • Cloud architecture:

Cloud demo

Local Setup

Requirements

Install dependencies

  • Clone the repository.
  • Open a terminal / powershell in the cloned repository.
  • Create a virtual environment and activate it. If you are using Linux / Mac.
  • Based on your version of python you may have use the command py in place of python3 or python in the following commands:
python3 -m venv venv
source venv/bin/activate

Create and activate venv in Windows (Tested in Windows 10):

python -m venv venv
Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Scope CurrentUser
.\venv\Scripts\Activate.ps1

After activate the terminal / powershell will have (venv) added to the prompt.

  • Check pip version:
pip --version

It should point to the pip in the activated venv.

  • Install required packages:
pip install -r requirements.txt

Run the project

  • Activate the venv if not activated: Linux / Mac:
source venv/bin/activate

Windows:

.\venv\Scripts\Activate.ps1
  • To run the project call flask run command. It will invoke the environment variables which are set in .flaskenv file:
flask run
  • Look for localhost url and paste into any internet browser:

image

Docker Setup

Requirements

  • Docker
  • Docker compose

Run the project

  • Run the project using the following command:
docker-compose build --no-cache
docker-compose up --force-recreate
docker-compose down

Clean docker

  • Check the running images:
docker ps -a
  • Remove any stopped containers and all unused images:
docker system prune -a

Clean package list

  • List currently installed packages in a file:
pip freeze > uninstall.txt
  • Uninstall everything recursively:
pip uninstall -r uninstall.txt -y
  • Delete the uninstalled package list file:
rm uninstall.txt
  • Install everything recursively:
pip install -r requirements.txt

Sample of getting JSON API response:

  • Get ports information of "example.com" or an IP:
http://127.0.0.1:5000/portsjson?site=example.com
http://127.0.0.1:5000/portsjson?site=93.184.216.34
  • Get service information of "example.com" or an IP:
http://127.0.0.1:5000/servicesjson?site=example.com
http://127.0.0.1:5000/servicesjson?site=93.184.216.34
  • Get subdomain and SSL information of "example.com" (No IP address is allowed):
http://127.0.0.1:5000/subdomainsjson?site=example.com

Developer notes

  • After adding a new model, create an instance in db:
from app import db
db.create_all()

Cloud Blazers Team

  • William Austin
  • Andrew Balfour
  • Jeremy Crown
  • Trina Lin
  • Ahmedur Rahman Shovon

Reference

About

Cloud Blazers Penetration Testing Tool

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages