From 46d3a39e4bcdcb833b85b30c529a387ccae71d51 Mon Sep 17 00:00:00 2001 From: Ads Dawson <104169244+GangGreenTemperTatum@users.noreply.github.com> Date: Wed, 5 Feb 2025 19:28:12 -0500 Subject: [PATCH 1/2] feat: eyewitness robopage --- .../eyewitness.Dockerfile | 53 ++++++++ .../information-gathering/eyewitness.yml | 125 ++++++++++++++++++ 2 files changed, 178 insertions(+) create mode 100644 cybersecurity/offensive/information-gathering/eyewitness.Dockerfile create mode 100644 cybersecurity/offensive/information-gathering/eyewitness.yml diff --git a/cybersecurity/offensive/information-gathering/eyewitness.Dockerfile b/cybersecurity/offensive/information-gathering/eyewitness.Dockerfile new file mode 100644 index 0000000..0540040 --- /dev/null +++ b/cybersecurity/offensive/information-gathering/eyewitness.Dockerfile @@ -0,0 +1,53 @@ +FROM debian:bookworm + +# Install dependencies +RUN apt-get update && apt-get install -y \ + git \ + wget \ + cmake \ + python3 \ + xvfb \ + python3-pip \ + python3-netaddr \ + python3-dev \ + firefox-esr \ + python3-venv \ + && rm -rf /var/lib/apt/lists/* + +# Clone EyeWitness +RUN git clone --depth 1 https://github.com/RedSiege/EyeWitness.git /EyeWitness +WORKDIR /EyeWitness + +# Setup Python virtual environment and dependencies +RUN python3 -m venv venv && \ + . venv/bin/activate && \ + python3 -m pip install \ + fuzzywuzzy \ + selenium==4.9.1 \ + python-Levenshtein \ + pyvirtualdisplay \ + netaddr && \ + cd Python/setup && \ + ./setup.sh + +# Set environment variables +ENV TERM=xterm \ + SCREENSHOT_DIR=/eyewitness/screens \ + LOGDIR=/eyewitness/logs + +# Create directories and selenium log path +RUN mkdir -p /eyewitness/screens /eyewitness/logs + +# Create wrapper script to handle venv activation and Xvfb +RUN echo '#!/bin/bash\n\ + source /EyeWitness/venv/bin/activate\n\ + mkdir -p "$SCREENSHOT_DIR"\n\ + xvfb-run --server-args="-screen 0, 1024x768x24" \\\n\ + python3 /EyeWitness/Python/EyeWitness.py \\\n\ + --selenium-log-path "$LOGDIR" "$@"' > /usr/local/bin/run-eyewitness && \ + chmod +x /usr/local/bin/run-eyewitness + +VOLUME ["/eyewitness"] +WORKDIR /eyewitness + +ENTRYPOINT ["/usr/local/bin/run-eyewitness"] diff --git a/cybersecurity/offensive/information-gathering/eyewitness.yml b/cybersecurity/offensive/information-gathering/eyewitness.yml new file mode 100644 index 0000000..3a7152f --- /dev/null +++ b/cybersecurity/offensive/information-gathering/eyewitness.yml @@ -0,0 +1,125 @@ +description: > + EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible. + +functions: + eyewitness_single: + description: Capture screenshot and information from a single URL + parameters: + target: + type: string + description: The URL to capture + examples: + - https://example.com + + container: + platform: linux/amd64 + build: + path: ${cwd}/eyewitness.Dockerfile + name: eyewitness_local + volumes: + - ${cwd}/eyewitness:/eyewitness + + cmdline: + - --headless + - --web + - --single + - ${target} + - --no-prompt + - -d + - /eyewitness/screens/report + + eyewitness_file: + description: Capture screenshots and information from a file containing URLs + parameters: + target_file: + type: string + description: File containing URLs to scan (one per line) + examples: + - urls.txt + + container: + platform: linux/amd64 + build: + path: ${cwd}/eyewitness.Dockerfile + name: eyewitness_local + volumes: + - ${cwd}/eyewitness:/eyewitness + - ${cwd}/${target_file}:/eyewitness/targets.txt + + cmdline: + - --headless + - --web + - -f + - /eyewitness/targets.txt + - --no-prompt + - -d + - /eyewitness/screens/report + + eyewitness_nmap_xml: + description: Capture screenshots from a Nmap XML output file + parameters: + xml_file: + type: string + description: Path to Nmap XML output file + examples: + - nmap_output.xml + + container: + platform: linux/amd64 + build: + path: ${cwd}/eyewitness.Dockerfile + name: eyewitness_local + volumes: + - ${cwd}/eyewitness:/eyewitness + - ${cwd}/${xml_file}:/eyewitness/scan.xml + + cmdline: + - --headless + - --web + - -x + - /eyewitness/scan.xml + - --no-prompt + - -d + - /eyewitness/screens/report + + eyewitness_custom_ports: + description: Scan specific URLs with custom HTTP/HTTPS ports + parameters: + target: + type: string + description: The URL to capture + examples: + - https://example.com + http_ports: + type: string + description: Additional HTTP ports (comma-separated) + examples: + - "8080,8081" + default: "" + https_ports: + type: string + description: Additional HTTPS ports (comma-separated) + examples: + - "8443,9443" + default: "" + + container: + platform: linux/amd64 + build: + path: ${cwd}/eyewitness.Dockerfile + name: eyewitness_local + volumes: + - ${cwd}/eyewitness:/eyewitness + + cmdline: + - --headless + - --web + - --single + - ${target} + - --no-prompt + - --add-http-ports + - ${http_ports} + - --add-https-ports + - ${https_ports} + - -d + - /eyewitness/screens/report From 002bdbcb16f862ac6bfd1767e01e7999f53c577c Mon Sep 17 00:00:00 2001 From: Ads Dawson <104169244+GangGreenTemperTatum@users.noreply.github.com> Date: Thu, 6 Feb 2025 07:07:27 -0500 Subject: [PATCH 2/2] fix: params not hard file paths --- .../offensive/information-gathering/eyewitness.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/cybersecurity/offensive/information-gathering/eyewitness.yml b/cybersecurity/offensive/information-gathering/eyewitness.yml index 3a7152f..c326008 100644 --- a/cybersecurity/offensive/information-gathering/eyewitness.yml +++ b/cybersecurity/offensive/information-gathering/eyewitness.yml @@ -50,7 +50,7 @@ functions: - --headless - --web - -f - - /eyewitness/targets.txt + - ${target_file} - --no-prompt - -d - /eyewitness/screens/report @@ -71,13 +71,13 @@ functions: name: eyewitness_local volumes: - ${cwd}/eyewitness:/eyewitness - - ${cwd}/${xml_file}:/eyewitness/scan.xml + - ${cwd}/${nmap_xml_file}:/eyewitness/scan.xml cmdline: - --headless - --web - -x - - /eyewitness/scan.xml + - /eyewitness/${nmap_xml_file} - --no-prompt - -d - /eyewitness/screens/report