Kubebot - A Safety Testing Slackbot Built Amongst A Kubernetes Backend On The Google Cloud Platform
A safety testing Slackbot built alongside a Kubernetes backend on the Google Cloud Platform
Architecture
Demo
Data Flow
List of tools integrated thus far (This listing volition pop off along getting updated every bit to a greater extent than tools are added. There are roughly additional tools inwards the tools folder but they are all the same beingness developed.)
List of automated workflows integrated thus far (This listing volition pop off along getting updated every bit to a greater extent than workflows are added)
Folder layout
Getting Started
Demo Videos
Sample Slash commands inwards Slack
Notice how yous tin run a slash ascendancy alongside the advert of the tool, options in addition to the target(s). I tell target(s) because yous tin run i slash ascendancy to run i tool alongside a laid of options against multiple targets. Example, the gitrob ascendancy below is beingness run against
Architecture
Demo
Data Flow
- 1 - API asking (tool, target, options) initiated from Slackbot, sent to the API server, which is running every bit a Docker container on a Kubernetes (K8s) cluster in addition to tin endure scaled.
- 2 - API server drops the asking received every bit a message to a PubSub Tool Topic.
- 3 - Messages are published to the Tool Subscription.
- 4 - Subscription Worker(s), running every bit Docker container(s) on the K8s cluster, consumes the message from the subscription. The issue of these workers tin endure scaled every bit well.
- 5 - Depending upon the tool, target in addition to options received from the destination user, appropriate Tool Worker(s) are initiated inwards the same K8s cluster every bit Docker containers. Results are stored temporarily on a local directory of that container. Github directory of that tool is cloned.
- 6 - Influenza A virus subtype H5N1 banking concern fit is made to encounter if the generated results file existed or not. If it did non exist, it gets added in addition to changes are pushed to Github. If it exists, files are compared, novel file is pushed to Github in addition to solely changes are pushed frontwards to the side past times side step.
- 7 - Influenza A virus subtype H5N1 webhook from the Tool Worker(s) sends dorsum the changes to Slack. The tool worker(s) are deleted because they are no longer needed.
List of tools integrated thus far (This listing volition pop off along getting updated every bit to a greater extent than tools are added. There are roughly additional tools inwards the tools folder but they are all the same beingness developed.)
- Custom Enumall
- git-all-secrets
- gitrob. Also banking concern fit gitrob-server for starting the Gitrob server start earlier yous could run the Slash ascendancy for the gitrob client.
- git-secrets
- gobuster
- nmap
- subbrute
- sublist3r
- truffleHog
List of automated workflows integrated thus far (This listing volition pop off along getting updated every bit to a greater extent than workflows are added)
Folder layout
- api - Contains all the code for the Kubebot API server.
- config - Contains the configuration files to deploy Kubebot components.
- cronjobs - Contains a sample deployment (.yaml) file to setup cronjobs of running a specific tool at a specific interval in addition to have got the results sent dorsum to Slack via a Webhook.
- docs - Documentation
- imgs - Images
- setup scripts - Some scripts that are used for setting upward Kubebot.
- subscriptionworker - Contains the code for the Subscription worker.
- tools - All the tools that Kubebot tin run. Some are all the same beingness worked on.
- utils - Utilities folder.
- A utility container called
checkfileis used to perform the diff performance on github files to position whatever changes from the previous run of a tool alongside the latest run. This container is run afterwards every tool container. - A utility called
converttobqis used to convert information from tools into BigQuery ingest-able format. This utility is run inwards automation workflows where the results from each tool are stored inwards BQ to endure able to consumed past times other tools. - A utility called
wfuzzbasicauthbruteis used to bruteforce the basic authentication machinery of endpoints stored inwards a BQ tabular array alongside all the secrets stored inwards roughly other BQ table
- A utility container called
- .env.sample - Rename this file to
.envin addition to brand certain the values inwards at that spot are accurate when yous desire to deploy Kubebot locally. - Makefile - makefile to construct your Kubebot environment.
Getting Started
- Pre-requisites - Please ensure all these pre-requsities are met.
- Running Kubebot locally - This is a expert house to start to instruct used to Kubebot earlier running it remotely.
- Integrating your ain tools - If yous desire to integrate your ain tools into Kubebot, it is pretty tardily to practice so!
- TODOS - Please assist me inwards making Kubebot better!
Running Kubebot remote- Once yous are confident Kubebot industrial plant every bit expected locally (using Minikube) in addition to right away desire to unleash it in addition to role it to its total potential on the cloud, it tin endure deployed on a Google Container Engine (GKE) cluster. However, I can't furnish instructions for remote deployment simply yet. Having said that, if at that spot is interest, I volition endure to a greater extent than than happy to assist. And, if yous wishing to simply role Kubebot every bit a Slack app in addition to non worry most the backend infrastructure, that tin endure arranged every bit good for a small-scale monthly subscription conception since I volition endure hosting the backend inwards my personal GCP concern human relationship in addition to you'd simply endure responsible for the normal costs that become alongside hosting a VPS on a cloud provider. Please experience gratuitous to accomplish out to hash out those options.
Demo Videos
- Kubebot inwards activeness - Main Demo
- Installing Kubebot Locally
- Running nmap
- Running sub-domain bruteforcing tools
- Running git searching tools
Sample Slash commands inwards Slack
Notice how yous tin run a slash ascendancy alongside the advert of the tool, options in addition to the target(s). I tell target(s) because yous tin run i slash ascendancy to run i tool alongside a laid of options against multiple targets. Example, the gitrob ascendancy below is beingness run against
test in addition to abc.- /runtool nmap|-Pn -p 1-1000|google.com
- /runtool sublist3r|-t 50|test.com
- /runtool gobuster|-m dns -w fierce_hostlist.txt -t 10 -fw|google.com
PS - Wordlist to direct from: bitquark_20160227_subdomains_popular_1000000.txt deepmagic.com_top500prefixes.txt fierce_hostlist.txt namelist.txt names.txt sorted_knock_dnsrecon_fierce_recon-ng.txt subdomains-top1mil-110000.txt- /runtool enumall|-s shodan-api-key|test.com
- /runtool subbrute|-s subfiles/names.txt -v|kubebot.io (This takes a long time)
- /runtool gitrob|analyze --no-banner --no-server|test,abc
- /runtool trufflehog||https://github.com/KingAsius/iaquest.git
- /runtool gitsecrets||https://github.com/pmyagkov/slack-emoji-bots.git
- /runtool gitallsecrets|-user|secretuser1,secretuser2
- /runtool gitallsecrets|-toolName repo-supervisor -org|secretorg123
- /runtool gitallsecrets|-repoURL|https://github.com/anshumanbh/docker-lair.git
- /runtool gitallsecrets|-gistURL|https://gist.github.com/anshumanbh/f48dc1d9d8b2158252f716a3719bf8e6
- /runautomation wfuzzbasicauthbrute|<www.target.com>.
