search

redeye-framework / Redeye

Redeye is a tool intended to help you manage your data during a pentest operation
BSD 3-Clause "New" or "Revised" License
461 stars 48 forks source link

Redeye API #13

Closed Sh3lldor closed 1 year ago

Sh3lldor commented 1 year ago

APIS

Servers, Users, Files and exploits apis been added.

curl -s "localhost:8443/api/users" -H "Token: redeye_..."  | jq
curl -s "localhost:8443/api/servers" -H "Token: redeye_..."  | jq
curl -s "localhost:8443/api/exploits" -H "Token: redeye_..."  | jq
curl -s "localhost:8443/api/files" -H "Token: redeye_..."  | jq

Wildcard support

Api also supports wildcards


curl -s "localhost:8443/api/users?username=*d" -H "Token: redeye_..."  | jq
curl -s "localhost:8443/api/users?username=admin*" -H "Token: redeye_..."  | jq

@sisitrs2

1) Please make sure that after creating a new token, a pop-up will show the token. Once clicking OK, the token will be saved as sha256 and the user will not be able to retrive it. The user should keep the access token in a secure place like a secret manager.

2) Can we make the checkboxes more appeling ?

Sh3lldor commented 1 year ago

Permissions

permission module is:

{
    "access_level": 1, 
     "auth": {
         "servers": 0,
         "files": 0, 
         "exploits": 0, 
         "users": 1, 
         "logs": 1
    }
}

access_level = 1 - Read access access_level = 2 - Read/Write access

servers/files/exploits/users/logs - 0 for no access, 1 for access