Merge pull request #113 from pablosnt/develop

Release 1.4.0

.github/workflows/security-secrets.yml

@@ -17,7 +17,7 @@ jobs:
           python-version: 3.7
 
       - name: Install detect-secrets
-        run: pip install detect-secrets==1.3.0
+        run: pip install detect-secrets==1.4.0
 
       - name: Scan
         id: scan

.github/workflows/unit-testing.yml

@@ -5,6 +5,7 @@ on:
     paths:
       - 'rekono/**'
       - '!rekono/frontend/**'
+      - 'requirements.txt'
 
 env:
   REQUIRED_COVERAGE: 95

.pre-commit-config.yaml

@@ -9,7 +9,7 @@ repos:
             require_serial: true
             verbose: true
     - repo: https://github.com/Yelp/detect-secrets
-      rev: v1.3.0
+      rev: v1.4.0
       hooks:
           - id: detect-secrets
             args: ["--baseline", ".secrets.baseline"]

.secrets.baseline

@@ -1,5 +1,5 @@
 {
-  "version": "1.3.0",
+  "version": "1.4.0",
   "plugins_used": [
     {
       "name": "ArtifactoryDetector"
@@ -192,7 +192,7 @@
         "filename": "rekono/findings/enums.py",
         "hashed_secret": "8be3c943b1609fffbfc51aad666d0a04adf83c9d",
         "is_verified": false,
-        "line_number": 24,
+        "line_number": 25,
         "is_secret": false
       }
     ],
@@ -280,17 +280,7 @@
         "filename": "rekono/rekono/environment.py",
         "hashed_secret": "3b63db4d1fd654e07cfe2b8bc0efbf3f0d2958d1",
         "is_verified": false,
-        "line_number": 47,
-        "is_secret": false
-      }
-    ],
-    "rekono/resources/enums.py": [
-      {
-        "type": "Secret Keyword",
-        "filename": "rekono/resources/enums.py",
-        "hashed_secret": "8be3c943b1609fffbfc51aad666d0a04adf83c9d",
-        "is_verified": false,
-        "line_number": 7,
+        "line_number": 48,
         "is_secret": false
       }
     ],
@@ -328,7 +318,7 @@
         "filename": "rekono/testing/api/test_security.py",
         "hashed_secret": "cf4ee17d493b6582e20cc3e7a10a6ad258c72039",
         "is_verified": false,
-        "line_number": 25,
+        "line_number": 24,
         "is_secret": false
       }
     ],
@@ -468,6 +458,24 @@
         "is_secret": false
       }
     ],
+    "rekono/testing/data/reports/nuclei/tech_and_vulns.json": [
+      {
+        "type": "Secret Keyword",
+        "filename": "rekono/testing/data/reports/nuclei/tech_and_vulns.json",
+        "hashed_secret": "5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8",
+        "is_verified": false,
+        "line_number": 11,
+        "is_secret": false
+      },
+      {
+        "type": "Base64 High Entropy String",
+        "filename": "rekono/testing/data/reports/nuclei/tech_and_vulns.json",
+        "hashed_secret": "a5e808137bac7a28954f0d8f5191aac1c8559043",
+        "is_verified": false,
+        "line_number": 11,
+        "is_secret": false
+      }
+    ],
     "rekono/testing/data/reports/sslyze/insecure-renegotiation.json": [
       {
         "type": "Base64 High Entropy String",
@@ -776,7 +784,7 @@
         "filename": "rekono/testing/executions/test_base_tool.py",
         "hashed_secret": "a94a8fe5ccb19ba61c4c0873d391e987982fbbd3",
         "is_verified": false,
-        "line_number": 297,
+        "line_number": 312,
         "is_secret": false
       }
     ],
@@ -786,50 +794,60 @@
         "filename": "rekono/testing/tools/test_gitleaks.py",
         "hashed_secret": "ceda4d0d75e7aa58cf2ddee1942924e38ca57047",
         "is_verified": false,
-        "line_number": 26,
+        "line_number": 16,
         "is_secret": false
       },
       {
         "type": "Secret Keyword",
         "filename": "rekono/testing/tools/test_gitleaks.py",
         "hashed_secret": "0743de10eac5e5fc94aa5090f0d3bba6d0d95779",
         "is_verified": false,
-        "line_number": 30,
+        "line_number": 20,
         "is_secret": false
       },
       {
         "type": "Secret Keyword",
         "filename": "rekono/testing/tools/test_gitleaks.py",
         "hashed_secret": "178d36a7e3ab23e40590e60d291b37de71d6512f",
         "is_verified": false,
-        "line_number": 33,
+        "line_number": 23,
         "is_secret": false
       },
       {
         "type": "Secret Keyword",
         "filename": "rekono/testing/tools/test_gitleaks.py",
         "hashed_secret": "4dcd64be183918e45527449e4945c9730f44fc86",
         "is_verified": false,
-        "line_number": 38,
+        "line_number": 28,
         "is_secret": false
       },
       {
         "type": "Private Key",
         "filename": "rekono/testing/tools/test_gitleaks.py",
         "hashed_secret": "be4fc4886bd949b369d5e092eb87494f12e57e5b",
         "is_verified": false,
-        "line_number": 48,
+        "line_number": 38,
         "is_secret": false
       },
       {
         "type": "Private Key",
         "filename": "rekono/testing/tools/test_gitleaks.py",
         "hashed_secret": "1348b145fa1a555461c1b790a2f66614781091e9",
         "is_verified": false,
-        "line_number": 53,
+        "line_number": 43,
+        "is_secret": false
+      }
+    ],
+    "rekono/testing/tools/test_nuclei.py": [
+      {
+        "type": "Secret Keyword",
+        "filename": "rekono/testing/tools/test_nuclei.py",
+        "hashed_secret": "5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8",
+        "is_verified": false,
+        "line_number": 93,
         "is_secret": false
       }
     ]
   },
-  "generated_at": "2022-10-31T20:02:28Z"
+  "generated_at": "2023-01-05T19:32:50Z"
 }

CHANGELOG.md

@@ -3,6 +3,46 @@ All notable changes to this project will be documented in this file.
 
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [1.4.0] - 2023-01-11
+
+### Added
+
+- Support for authenticated scans using different authentication types (https://github.com/pablosnt/rekono/pull/95)
+- Replace `TargetTechnology` and `TargetVulnerability` entities by `InputTechnology` and `InputVulnerability` entities (https://github.com/pablosnt/rekono/pull/97)
+- New popup for the management of target details: target ports, authentication, input technologies and vulnerabilities (https://github.com/pablosnt/rekono/pull/97)
+- Support for `Nuclei` tool (https://github.com/pablosnt/rekono/pull/100)
+- Support for `Spring4Shell Scan` tool (https://github.com/pablosnt/rekono/pull/102)
+- Support for `Gobuster` tool (https://github.com/pablosnt/rekono/pull/106)
+- New default wordlists (https://github.com/pablosnt/rekono/pull/109)
+- Save default wordlists `size` after database migration (https://github.com/pablosnt/rekono/pull/109)
+- Save the reason of skipped executions in `output_plain` field (https://github.com/pablosnt/rekono/pull/121)
+
+### Changed
+
+- Remove `TargetEndpoint` entity because they are useless for all tools (https://github.com/pablosnt/rekono/pull/92)
+- Optimize API handlers to reduce duplicated code (https://github.com/pablosnt/rekono/pull/96)
+- Remove password wordlists because they are useless for all tools (https://github.com/pablosnt/rekono/pull/101)
+- Replace `cisagov/log4j-scanner` tool by `fullhunt/log4j-scan` (https://github.com/pablosnt/rekono/pull/103)
+- Move `stage` parameter from `Tool` entity to `Configuration` to allow configurations of the same tool to belong to different stages (https://github.com/pablosnt/rekono/pull/108)
+- Improve favourities filters on web interface (https://github.com/pablosnt/rekono/pull/110)
+- Upgrade `requests` to version `2.28.1` (https://github.com/pablosnt/rekono/pull/114)
+
+### Fixed
+
+- Deploy Telegram bot automatically after configuring the Telegram token (https://github.com/pablosnt/rekono/pull/93)
+- Allow the creation of tasks without specific wordlist from the Telegram bot (https://github.com/pablosnt/rekono/pull/98)
+- Only apply input parameters for tool executions (https://github.com/pablosnt/rekono/pull/99)
+- Filter host inputs by distinct address type to prevent errors in tool configurations (https://github.com/pablosnt/rekono/pull/107)
+- Fix icon size and resolution to improve user experience on web interface (https://github.com/pablosnt/rekono/pull/111)
+- Configure `CMSeeK` to don't ask user about anything (https://github.com/pablosnt/rekono/pull/115)
+- Fix usage of specific environment variables for tool executions (https://github.com/pablosnt/rekono/pull/119) 
+
+### Security
+
+- Validate target addresses to prevent scannings of the internal Rekono infrastructure (https://github.com/pablosnt/rekono/pull/94)
+- Upgrade `setuptools` to version `65.6.3` (https://github.com/pablosnt/rekono/pull/105)
+
+
 ## [1.3.0] - 2022-11-19
 
 ### Added

CONTRIBUTING.md

@@ -17,9 +17,9 @@ In this section you can see how to achieve that and the things that you should t
 
 You can check this Wiki sections to prepare your Rekono contributions:
 
-- Documentation about the database and architecture [Design](https://github.com/pablosnt/rekono/wiki/3.-Design)
-- [From Source](https://github.com/pablosnt/rekono/wiki/4.-Installation#from-source) installation guide
-- [Configuration](https://github.com/pablosnt/rekono/wiki/5.-Configuration) guidelines
+- Documentation about the database and architecture [Design](https://github.com/pablosnt/rekono/wiki/Design)
+- [From Source](https://github.com/pablosnt/rekono/wiki/Installation#from-source) installation guide
+- [Configuration](https://github.com/pablosnt/rekono/wiki/Configuration) guidelines
 
 Note that you can also execute the unit tests using the following command:
 
@@ -48,19 +48,26 @@ The support of external hacking tools in Rekono is based on the following steps:
 
 2. Implement the parser to obtain findings from the tool results. You have to do that in the [tools/tools](https://github.com/pablosnt/rekono/tree/main/rekono/tools/tools) package:
 
-    - Create a new Python file with the tool name (defined in the previous step) in lower case and without whitespaces.
+    - Create a new Python file with the tool name (defined in the previous step) in lower case and replacing whitespaces by `_`.
 
-    - Create a new Python class with the tool name (defined in the previous step) capitalized and with the word `Tool` at the end. This class needs to extend the `tools.tools.base_tool.BaseTool` class.
+    - Create a new Python class with the tool name (defined in the previous step) capitalized. This class needs to extend the `tools.tools.base_tool.BaseTool` class.
 
     - Override the method `parse_output_file` or `parse_plain_output` depending on the tool output type.
 
-3. Implement [unit tests](https://github.com/pablosnt/rekono/tree/main/rekono/testing/tools) to check the parser correct working. You can add your [tool reports](https://github.com/pablosnt/rekono/tree/main/rekono/testing/data/reports) as example for that.
+3. Add tool to default processes like `All tools` in the file [`1_processes.json`](https://github.com/pablosnt/rekono/blob/main/rekono/processes/fixtures/1_processes.json).
 
-4. Add the tool reference in the [README.md](https://github.com/pablosnt/rekono#supported-tools).
+4. Implement [unit tests](https://github.com/pablosnt/rekono/tree/main/rekono/testing/tools) to check the parser correct working. You can add your [tool reports](https://github.com/pablosnt/rekono/tree/main/rekono/testing/data/reports) as example for that.
 
-5. Add tool installation to the [Kali Linux Dockerfile](https://github.com/pablosnt/rekono/blob/main/docker/kali/Dockerfile).
+5. Add tool icon domain to the `Content-Security-Policy` in the following files:
+
+    - [vue.config.js](https://github.com/pablosnt/rekono/blob/main/rekono/frontend/vue.config.js#L3) for development environments
+    - [nginx.conf](https://github.com/pablosnt/rekono/blob/main/docker/nginx/nginx.conf#L69) for production environments
+
+6. Add tool reference to the [README.md](https://github.com/pablosnt/rekono#supported-tools).
+
+7. Add tool installation to the [Kali Linux Dockerfile](https://github.com/pablosnt/rekono/blob/main/docker/kali/Dockerfile).
 
-6. Add tool installation to the [Rekono CLI](https://github.com/pablosnt/rekono-cli/blob/main/rekono/installation/tools.py).
+8. Add tool installation to the [Rekono CLI](https://github.com/pablosnt/rekono-cli/blob/main/rekono/installation/tools.py).
 
 ### CI/CD
 

README.md

@@ -12,24 +12,16 @@
   <a href="https://github.com/pablosnt/rekono/actions/workflows/code-style.yml" alt="Code style">
     <img src="https://github.com/pablosnt/rekono/actions/workflows/code-style.yml/badge.svg"/>
   </a>
+  <a href="https://discord.gg/Zyduu5C7M3">
+    <img src="https://img.shields.io/badge/Discord-Join-black?style=social&logo=discord"/>
+  </a>
 </p>
 
 # <p align="center"><img src="rekono/frontend/public/static/logo-black.png" width="500"/></p>
 
 **Rekono** combines other hacking tools and its results to execute complete pentesting processes against a target in an automated way. The findings obtained during the executions will be sent to the user via email or Telegram notifications and also can be imported in [Defect-Dojo](https://github.com/DefectDojo/django-DefectDojo) if an advanced vulnerability management is needed. Moreover, Rekono includes a Telegram bot that can be used to perform executions easily from anywhere and using any device.
 
 
-## Features
-
-- Combine hacking tools to create pentesting `processes`
-- Execute pentesting `processes`
-- Execute pentesting `tools`
-- Review `findings` and receive them via `email` or `Telegram` notifications
-- Use `Defect-Dojo` integration to import the findings detected by Rekono
-- Execute `tools` and `processes` from `Telegram Bot`
-- `Wordlists` management
-
-
 ## Why Rekono?
 
 Do you ever think about the steps that you follow when you start pentesting? Probably you start performing some OSINT tasks to gather public information about the target. Then, maybe you run hosts discovery and ports enumeration tools. When you know what the target exposes, you can execute more specific tools for each service, to get more information and maybe, some vulnerabilities. And finally, if you find the needed information, you will look for a public exploit to get you into the target machine. I know, I know, this is an utopic scenario, and in the most cases the vulnerabilities are found due to the pentester skills and not by scanning tools. But before using your skills, how many time do you spend trying to get as information as possible with hacking tools? Probably, too much.
@@ -41,11 +33,12 @@ Why not automate this process and focus on find vulnerabilities using your skill
 
 ## Demo
 
-[![Rekono]](https://user-images.githubusercontent.com/69458381/165973356-47666e33-e96c-4aee-b4a3-dd99fffe73bd.mp4)
+[![Rekono]](https://user-images.githubusercontent.com/69458381/211694917-6738e42a-cb44-4d3a-905d-752b3fe25718.mp4)
+
 
 ### Telegram Bot
 
-[![Rekono Bot]](https://user-images.githubusercontent.com/69458381/165973380-0f3308b6-f5f9-46a7-8d5b-ab89580eb840.mp4)
+[![Rekono Bot]](https://user-images.githubusercontent.com/69458381/211692042-d7c38e41-19e9-44fd-842a-59a16f945b6f.mp4)
 
 
 ## Supported tools
@@ -59,12 +52,15 @@ Why not automate this process and focus on find vulnerabilities using your skill
 - [SSH Audit](https://github.com/jtesta/ssh-audit)
 - [SMBMap](https://github.com/ShawnDEvans/smbmap)
 - [Dirsearch](https://github.com/maurosoria/dirsearch)
+- [Gobuster](https://github.com/OJ/gobuster)
 - [GitLeaks](https://github.com/zricethezav/gitleaks) & [GitDumper](https://github.com/internetwache/GitTools/tree/master/Dumper)
-- [Log4j Scanner](https://github.com/cisagov/log4j-scanner)
+- [Log4j Scan](https://github.com/fullhunt/log4j-scan)
+- [Spring4Shell Scan](https://github.com/fullhunt/spring4shell-scan)
 - [CMSeeK](https://github.com/Tuhinshubhra/CMSeeK/)
 - [OWASP JoomScan](https://github.com/OWASP/joomscan)
 - [OWASP ZAP](https://www.zaproxy.org/)
 - [Nikto](https://github.com/sullo/nikto)
+- [Nuclei](https://github.com/projectdiscovery/nuclei)
 - [SearchSploit](https://www.exploit-db.com/searchsploit)
 - [Metasploit](https://www.metasploit.com/)
 
@@ -131,7 +127,6 @@ You can follow this steps to deploy the Telegram bot:
 1. Create a new bot in Telegram using this [guide](https://core.telegram.org/bots#how-do-i-create-a-bot) and the [@BotFather](https://t.me/botfather)
 2. The [@BotFather](https://t.me/botfather) will send you an authentication token
 3. Configure the token value in the `Settings` page or ask your administrator for doing it.
-4. Restart the Telegram bot container (Docker) or the Telegram bot service (CLI).
 
 
 ### Defect-Dojo
@@ -151,11 +146,22 @@ You can configure your Defect-Dojo details in the `Settings` page or ask your ad
 Check the configuration options in [Rekono Wiki](https://github.com/pablosnt/rekono/wiki/Configuration)
 
 
-## License
+## Support
 
-Rekono is licensed under the [GNU GENERAL PUBLIC LICENSE Version 3](./LICENSE.md)
+You can reach us on:
 
+<p>
+  <a href="https://github.com/pablosnt/rekono/issues/new?labels=help+wanted%2C+question&template=support.md" alt="GitHub Issue">
+    <img src="https://github.githubassets.com/images/modules/logos_page/GitHub-Mark.png" width="64"/>
+  </a>
+  <a href="https://discord.gg/Zyduu5C7M3" alt="Discord">
+    <img src="https://assets-global.website-files.com/6257adef93867e50d84d30e2/636e0a69f118df70ad7828d4_icon_clyde_blurple_RGB.svg" width="64"/>
+  </a>
+</p>
 
-## Support
+If you need more specific help, you can also mail rekono.project@gmail.com.
 
-If you need help you can create a new support [Issue](https://github.com/pablosnt/rekono/issues/new?assignees=&labels=help+wanted%2C+question&template=support.md) or mail rekono.project@gmail.com
+
+## License
+
+Rekono is licensed under the [GNU GENERAL PUBLIC LICENSE Version 3](./LICENSE.md)

config.yaml

@@ -24,7 +24,9 @@ email:
 tools:
   cmseek:
     directory: /usr/share/cmseek
-  log4j-scanner:
-    directory: /opt/log4j-scanner
+  log4j-scan:
+    directory: /opt/log4j-scan
+  spring4shell-scan:
+    directory: /opt/spring4shell-scan
   gittools:
     directory: /opt/GitTools

docker/kali/Dockerfile

@@ -16,15 +16,16 @@ RUN ln -s /usr/bin/python3 /usr/bin/python
 RUN pip install --upgrade pip
 RUN pip install -r /code/requirements.txt
 
-RUN apt install nmap dirsearch theharvester nikto sslscan sslyze cmseek zaproxy exploitdb metasploit-framework emailharvester joomscan gitleaks smbmap -y
+RUN apt install nmap dirsearch theharvester nikto sslscan sslyze cmseek zaproxy exploitdb metasploit-framework emailharvester joomscan gitleaks smbmap nuclei gobuster -y
 RUN setcap cap_net_raw,cap_net_admin,cap_net_bind_service+eip $(which nmap)
-RUN git clone https://github.com/cisagov/log4j-scanner.git /opt/log4j-scanner
+RUN git clone https://github.com/fullhunt/log4j-scan /opt/log4j-scan
+RUN git clone https://github.com/fullhunt/spring4shell-scan.git /opt/spring4shell-scan
 RUN git clone https://github.com/internetwache/GitTools.git /opt/GitTools
-RUN pip install -r /opt/log4j-scanner/log4-scanner/requirements.txt
+RUN pip install -r /opt/log4j-scan/requirements.txt
+RUN pip install -r /opt/spring4shell-scan/requirements.txt
 RUN pip install emailfinder ssh-audit
 
-RUN apt install wordlists seclists dirb -y
-RUN gzip -d /usr/share/wordlists/rockyou.txt.gz
+RUN apt install seclists dirb -y
 
 RUN adduser --disabled-password rekono
 RUN chown -R rekono:rekono /code