ilyaglow/minion-db-init-data.py

## minion-db-init-data.py
#!/usr/bin/env python

import json
import requests


PLANS = """
[{
    "name": "basic",
    "description": "Run basic tests",
    "workflow": [
        {
            "plugin_name": "minion.plugins.basic.AlivePlugin",
            "description": "",
            "configuration": {
            }
        },
        {
            "plugin_name": "minion.plugins.basic.XFrameOptionsPlugin",
            "description": "",
            "configuration": {
            }
        },
        {
            "plugin_name": "minion.plugins.basic.HSTSPlugin",
            "description": "",
            "configuration": {
            }
        },
        {
            "plugin_name": "minion.plugins.basic.XContentTypeOptionsPlugin",
            "description": "",
            "configuration": {
            }
        },
        {
            "plugin_name": "minion.plugins.basic.XXSSProtectionPlugin",
            "description": "",
            "configuration": {
            }
        },
        {
            "plugin_name": "minion.plugins.basic.ServerDetailsPlugin",
            "description": "",
            "configuration": {
            }
        },
        {
            "plugin_name": "minion.plugins.basic.RobotsPlugin",
            "description": "",
            "configuration": {
            }
        },
        {
            "plugin_name": "minion.plugins.basic.CSPPlugin",
            "description": "",
            "configuration": {
            }
        }
    ]
},
{
    "name": "fail",
    "description": "Plan that fails",
    "workflow": [
        {
            "plugin_name": "minion.plugins.test.FailingPlugin",
            "description": "",
            "configuration": {
            }
        }
    ]
},
{
    "name": "long",
    "description": "Plan that runs long",
    "workflow": [
        {
            "plugin_name": "minion.plugins.test.DelayedPlugin",
            "description": "",
            "configuration": {
                "message": "This is run #1"
            }
        },
        {
            "plugin_name": "minion.plugins.test.DelayedPlugin",
            "description": "",
            "configuration": {
                "message": "This is run #2"
            }
        },
        {
            "plugin_name": "minion.plugins.test.DelayedPlugin",
            "description": "",
            "configuration": {
                "message": "This is run #3"
            }
        },
        {
            "plugin_name": "minion.plugins.test.DelayedPlugin",
            "description": "",
            "configuration": {
                "message": "This is run #4"
            }
        },
        {
            "plugin_name": "minion.plugins.test.DelayedPlugin",
            "description": "",
            "configuration": {
                "message": "This is run #5"
            }
        }
    ]
},
{
    "name": "nmap",
    "description": "Run an nmap scan",
    "workflow": [
        {
            "plugin_name": "minion.plugins.nmap.NMAPPlugin",
            "description": "Run the NMAP scanner.",
            "configuration": {
            }
        }
    ]
},
{
    "name": "scratch",
    "description": "Run Garmr and do a full port scan using NMAP.",
    "workflow": [
        {
            "plugin_name": "minion.plugins.garmr.GarmrPlugin",
            "description": "",
            "configuration": {
            }
        },
        {
            "plugin_name": "minion.plugins.nmap.NMAPPlugin",
            "description": "Do a full port scan",
            "configuration": {
            }
        }
    ]
},
{
    "name": "skipfish",
    "description": "Run Skipfish in a light configuration",
    "workflow": [
        {
            "plugin_name": "minion.plugins.skipfish.SkipfishPlugin",
            "description": "",
            "configuration": {
            }
        }
    ]
},
{
    "name": "tickle",
    "description": "Run basic tests and do a very basic port scan using NMAP.",
    "workflow": [
        {
            "plugin_name": "minion.plugins.basic.HSTSPlugin",
            "description": "",
            "configuration": {
            }
        },
        {
            "plugin_name": "minion.plugins.basic.XFrameOptionsPlugin",
            "description": "",
            "configuration": {
            }
        },
        {
            "plugin_name": "minion.plugins.nmap.NMAPPlugin",
            "description": "Only scan for known ports",
            "configuration": {
                "ports": "U:53,111,137,T:21-25,139,8080,8443"
            }
        }
    ]
},
{
    "name": "zap",
    "description": "Run the ZAP Spider and Scanner",
    "workflow": [
        {
            "plugin_name": "minion.plugins.zap.ZAPPlugin",
            "description": "Run the ZAP Spider and Scanner",
            "configuration": {
                "scan": true
            }
        }
    ]
}]
"""


if __name__ == "__main__":

    # Import plans
    plans = json.loads(PLANS)
    for plan in plans:
        resp = requests.post('http://localhost:8383/plans',
            headers={'content-type': 'application/json'},
            data=json.dumps(plan),
        )

    email = 'minion@example.com'

    # Create groups
    groups = {
        "security": {
            "description": "These applications suffer common vulnerabilities and are used for testing and training purpose.",
            "sites": [
                "http://zero.webappsecurity.com",
                "http://crackme.cenzic.com",
                "http://testasp.vulnweb.com",
                "http://testaspnet.vulnweb.com",
                "http://testfire.net"
            ],
            "plans": ["basic"]
        }
    }


    for group, detail in groups.iteritems():
        g = { 'name': group,
              'description': detail['description'],
              'users': [email]}
        resp = requests.post('http://localhost:8383/groups',
                             headers={'content-type': 'application/json'},
                             data=json.dumps(g))

    # Import sites
    for group, detail in groups.iteritems():
        for site in detail['sites']:
            s = {'url': site,
                 'plans': detail['plans'],
                 'groups': [group],
                 'verification': {'enabled': False, 'value': None}}
            resp = requests.post('http://localhost:8383/sites',
                                 headers={'content-type': 'application/json'},
                                 data=json.dumps(s))
	#!/usr/bin/env python

	import json
	import requests


	PLANS = """
	[{
	"name": "basic",
	"description": "Run basic tests",
	"workflow": [
	{
	"plugin_name": "minion.plugins.basic.AlivePlugin",
	"description": "",
	"configuration": {
	}
	},
	{
	"plugin_name": "minion.plugins.basic.XFrameOptionsPlugin",
	"description": "",
	"configuration": {
	}
	},
	{
	"plugin_name": "minion.plugins.basic.HSTSPlugin",
	"description": "",
	"configuration": {
	}
	},
	{
	"plugin_name": "minion.plugins.basic.XContentTypeOptionsPlugin",
	"description": "",
	"configuration": {
	}
	},
	{
	"plugin_name": "minion.plugins.basic.XXSSProtectionPlugin",
	"description": "",
	"configuration": {
	}
	},
	{
	"plugin_name": "minion.plugins.basic.ServerDetailsPlugin",
	"description": "",
	"configuration": {
	}
	},
	{
	"plugin_name": "minion.plugins.basic.RobotsPlugin",
	"description": "",
	"configuration": {
	}
	},
	{
	"plugin_name": "minion.plugins.basic.CSPPlugin",
	"description": "",
	"configuration": {
	}
	}
	]
	},
	{
	"name": "fail",
	"description": "Plan that fails",
	"workflow": [
	{
	"plugin_name": "minion.plugins.test.FailingPlugin",
	"description": "",
	"configuration": {
	}
	}
	]
	},
	{
	"name": "long",
	"description": "Plan that runs long",
	"workflow": [
	{
	"plugin_name": "minion.plugins.test.DelayedPlugin",
	"description": "",
	"configuration": {
	"message": "This is run #1"
	}
	},
	{
	"plugin_name": "minion.plugins.test.DelayedPlugin",
	"description": "",
	"configuration": {
	"message": "This is run #2"
	}
	},
	{
	"plugin_name": "minion.plugins.test.DelayedPlugin",
	"description": "",
	"configuration": {
	"message": "This is run #3"
	}
	},
	{
	"plugin_name": "minion.plugins.test.DelayedPlugin",
	"description": "",
	"configuration": {
	"message": "This is run #4"
	}
	},
	{
	"plugin_name": "minion.plugins.test.DelayedPlugin",
	"description": "",
	"configuration": {
	"message": "This is run #5"
	}
	}
	]
	},
	{
	"name": "nmap",
	"description": "Run an nmap scan",
	"workflow": [
	{
	"plugin_name": "minion.plugins.nmap.NMAPPlugin",
	"description": "Run the NMAP scanner.",
	"configuration": {
	}
	}
	]
	},
	{
	"name": "scratch",
	"description": "Run Garmr and do a full port scan using NMAP.",
	"workflow": [
	{
	"plugin_name": "minion.plugins.garmr.GarmrPlugin",
	"description": "",
	"configuration": {
	}
	},
	{
	"plugin_name": "minion.plugins.nmap.NMAPPlugin",
	"description": "Do a full port scan",
	"configuration": {
	}
	}
	]
	},
	{
	"name": "skipfish",
	"description": "Run Skipfish in a light configuration",
	"workflow": [
	{
	"plugin_name": "minion.plugins.skipfish.SkipfishPlugin",
	"description": "",
	"configuration": {
	}
	}
	]
	},
	{
	"name": "tickle",
	"description": "Run basic tests and do a very basic port scan using NMAP.",
	"workflow": [
	{
	"plugin_name": "minion.plugins.basic.HSTSPlugin",
	"description": "",
	"configuration": {
	}
	},
	{
	"plugin_name": "minion.plugins.basic.XFrameOptionsPlugin",
	"description": "",
	"configuration": {
	}
	},
	{
	"plugin_name": "minion.plugins.nmap.NMAPPlugin",
	"description": "Only scan for known ports",
	"configuration": {
	"ports": "U:53,111,137,T:21-25,139,8080,8443"
	}
	}
	]
	},
	{
	"name": "zap",
	"description": "Run the ZAP Spider and Scanner",
	"workflow": [
	{
	"plugin_name": "minion.plugins.zap.ZAPPlugin",
	"description": "Run the ZAP Spider and Scanner",
	"configuration": {
	"scan": true
	}
	}
	]
	}]
	"""


	if __name__ == "__main__":

	# Import plans
	plans = json.loads(PLANS)
	for plan in plans:
	resp = requests.post('http://localhost:8383/plans',
	headers={'content-type': 'application/json'},
	data=json.dumps(plan),
	)

	email = 'minion@example.com'

	# Create groups
	groups = {
	"security": {
	"description": "These applications suffer common vulnerabilities and are used for testing and training purpose.",
	"sites": [
	"http://zero.webappsecurity.com",
	"http://crackme.cenzic.com",
	"http://testasp.vulnweb.com",
	"http://testaspnet.vulnweb.com",
	"http://testfire.net"
	],
	"plans": ["basic"]
	}
	}


	for group, detail in groups.iteritems():
	g = { 'name': group,
	'description': detail['description'],
	'users': [email]}
	resp = requests.post('http://localhost:8383/groups',
	headers={'content-type': 'application/json'},
	data=json.dumps(g))

	# Import sites
	for group, detail in groups.iteritems():
	for site in detail['sites']:
	s = {'url': site,
	'plans': detail['plans'],
	'groups': [group],
	'verification': {'enabled': False, 'value': None}}
	resp = requests.post('http://localhost:8383/sites',
	headers={'content-type': 'application/json'},
	data=json.dumps(s))