Syslifters / reptor

Other
11 stars 3 forks source link

Tool workflows for automating pentests #42

Open aronmolnar opened 1 year ago

aronmolnar commented 1 year ago

Pentests often have parts that can easily be automated. Some tools could be automatically triggered, parsed, and added as issue to a report.

41 would allow us to protocol commands and their outputs.

We could use this feature to implement workflows. A workflow is a definition of commands that should be executed.

---
upload: yes
parallel_execution: yes
commands:
  - sudo nmap -p 80 {target}
  - nuclei -t xyz- -u {target}
  - sslyze -u {target}

The workflow could be executed (reptor cmd --workflow wf.yaml), the tools run and upload their tool outputs to the current report.

(Regarding parallelization, we could also introduce stages that should run in parallel.)

---
upload: yes
parallel_execution: yes
commands:
  portscan:
    - sudo nmap -p 80 {target}
  attacks:
    - nuclei -t xyz- -u {target}
    - sslyze -u {target}

In the future, we could also take tool outputs from previous tools (like sslyze open ssl ports from nmap scan).

aronmolnar commented 1 year ago

/cc @MWedl @Patralos

richardschwabe commented 1 year ago

IMHO: I suggest you wait with this until there is more feedback from users and the reptor CLI has been made public. Of course, the workflows and command integration sound great and would be beneficial. However, they are also introducing a new landscape and slightly changing the core functionality. As in: Reptor is purely for managing sysreptor notes and uploading any notes from projects. At the moment piping might be enough for users. Every line of code needs to be maintained and it might get too much.

aronmolnar commented 1 year ago

Yes, I would not address this now but just wanted to discuss a long term vision.Am 03.08.2023 16:51 schrieb Richard Schwabe @.***>: IMHO: I suggest you wait with this until there is more feedback from users and the reptor CLI has been made public. Of course, the workflows and command integration sound great and would be beneficial. However, they are also introducing a new landscape and slightly changing the core functionality. As in: Reptor is purely for managing sysreptor notes and uploading any notes from projects. At the moment piping might be enough for users. Every line of code needs to be maintained and it might get too much.

—Reply to this email directly, view it on GitHub, or unsubscribe.You are receiving this because you authored the thread.Message ID: @.***>