CervantesSec/cervantes — Gitpedia

Cervantes is an open-source, collaborative platform designed specifically for pentesters and red teams. It serves as a comprehensive management tool, streamlining the organization of projects, clients, vulnerabilities, and reports in a single, centralized location.

By facilitating efficient data management and providing a unified workspace, Cervantes aims to significantly reduce the time and effort required in the coordination and execution of penetration testing activities.

Supported

Cervantes is an OWASP Foundation Project

Technologies

Features

OpenSource
Multiplatform
Multilanguage
Team Collaboration
Checklists
OWASP Compliance Reports
Built-in dashboards and analytics
Manage your clients and Offensive Security projects
One click reports creation
And more

Runtime requirements

Docker
Docker compose

How to run it locally with Docker compose

First you need to clone this repository

sh
git clone https://github.com/CervantesSec/docker.git

After that you need to start your docker containers:

sh
docker-compose -p cervantes -f docker-compose.yml up -d

After this, open your browser at http://localhost or https://localhost and you will see the Cervantes login page.

Default User and Password

When you first launch the Cervantes application, a default user is created for you. The default username is admin@cervantes.local.

The password for this user is generated randomly during the creation of the application container and the first launch of the application. This means that the password is unique for each instance of the application and provides an additional layer of security.

Please note that it's important to change the default password as soon as possible to ensure the security of your application. You can do this by logging in with the default user and navigating to the user settings page.

Remember, the security of your application is paramount. Always use strong, unique passwords and change them regularly.

How to run it locally from source

Requirements

.NET 8
PostgresSQL
Atlassian Jira Server (Optional only if you want to use Jira Integration)

How to run it locally

To install the Cervantes application from the source code, you can follow these steps:

Clone the Repository: First, you need to clone the repository from GitHub. You can do this by running the following command in your terminal:

bash
git clone https://github.com/CervantesSec/cervantes.git

Navigate to the Project Directory: Once the repository is cloned, navigate to the project directory:

bash
cd Cervantes

Edit appsettings.json: To use the application you need to edit the appsettings.json file inside the Cervantes.Web folder.

Database Connection String
The database connection string is used to connect your application to your database. It usually includes the server name, database name, and authentication details. Here's an example of how it might look in your appsettings.json:

json
{
  "ConnectionStrings": {
    "DefaultConnection": "Server=myServerAddress;Database=myDataBase;Username=myUsername;Password=myPassword"
  }
}

Replace myServerAddress, myDataBase, myUsername, and myPassword with your actual database details.

Install Dependencies: The project uses .NET 8.0, so you need to have it installed on your machine. If you don't have it, you can download it from the official .NET website. Once .NET is installed, you can install the project dependencies by running:

bash
dotnet restore

Build the Project: After the dependencies are installed, you can build the project:

bash
dotnet build

Run the Project: Finally, you can run the project:

bash
dotnet run --project Cervantes.Web/Cervantes.Web.csproj

The application should now be running at http://localhost:5235.

Please note that this is a basic installation guide and the actual process might vary depending on the project's specific configuration and requirements. For example, if the project uses a database, you might need to set up the database and update the connection string in the configuration file.

How to contribute

Here are some things you could do to become a contributor:

★ Star this project on GitHub ★
Suggest new features or ideas
Improve the code of the platform components
Report security issues

Before you jump to make any changes make sure you have read the contributing guidelines. This would save us all time. Thanks!

Security

Please report Security issues via our disclosure policy.

How to report bugs

If you have bugs to report please use the issues tab on GitHub to submit the details.

Contributors

<table> <tbody> <tr> <td align="center" valign="top" width="14.28%"><a href="https://github.com/mesquidar"><img src="https://avatars.githubusercontent.com/u/16049893?v=4?s=100" width="100px;" alt="Ruben Mesquida"/> Ruben Mesquida</a> <a href="#business-mesquidar" title="Business development">💼</a> <a href="https://github.com/CervantesSec/cervantes/commits?author=mesquidar" title="Code">💻</a> <a href="https://github.com/CervantesSec/cervantes/commits?author=mesquidar" title="Documentation">📖</a> <a href="#translation-mesquidar" title="Translation">🌍</a></td> <td align="center" valign="top" width="14.28%"><a href="https://github.com/abutcher"><img src="https://avatars.githubusercontent.com/u/47003?v=4?s=100" width="100px;" alt="abutcher"/> abutcher</a> <a href="https://github.com/CervantesSec/cervantes/commits?author=abutcher" title="Code">💻</a></td> <td align="center" valign="top" width="14.28%"><a href="https://github.com/samogod"><img src="https://avatars.githubusercontent.com/u/81412659?v=4?s=100" width="100px;" alt="samet g."/> samet g.</a> <a href="#translation-samogod" title="Translation">🌍</a> <a href="https://github.com/CervantesSec/cervantes/commits?author=samogod" title="Code">💻</a></td> <td align="center" valign="top" width="14.28%"><a href="https://github.com/EmiliaChovancova"><img src="https://avatars.githubusercontent.com/u/44211508?v=4?s=100" width="100px;" alt="EmiliaChovancova"/> EmiliaChovancova</a> <a href="https://github.com/CervantesSec/cervantes/issues?q=author%3AEmiliaChovancova" title="Bug reports">🐛</a></td> <td align="center" valign="top" width="14.28%"><a href="https://github.com/jstangle"><img src="https://avatars.githubusercontent.com/u/22149955?v=4?s=100" width="100px;" alt="jstangle"/> jstangle</a> <a href="https://github.com/CervantesSec/cervantes/issues?q=author%3Ajstangle" title="Bug reports">🐛</a></td> <td align="center" valign="top" width="14.28%"><a href="https://github.com/Th34t0m1c"><img src="https://avatars.githubusercontent.com/u/161956075?v=4?s=100" width="100px;" alt="Th34t0m1c"/> Th34t0m1c</a> <a href="#translation-Th34t0m1c" title="Translation">🌍</a></td> <td align="center" valign="top" width="14.28%"><a href="https://github.com/gomezander"><img src="https://avatars.githubusercontent.com/u/105321735?v=4?s=100" width="100px;" alt="Ander Gómez"/> Ander Gómez</a> <a href="https://github.com/CervantesSec/cervantes/commits?author=gomezander" title="Documentation">📖</a></td> </tr> <tr> <td align="center" valign="top" width="14.28%"><a href="https://github.com/jpostolk"><img src="https://avatars.githubusercontent.com/u/115724129?v=4?s=100" width="100px;" alt="jpostolk"/> jpostolk</a> <a href="https://github.com/CervantesSec/cervantes/issues?q=author%3Ajpostolk" title="Bug reports">🐛</a></td> </tr> </tbody> </table>

License

This project is licensed under the GNU Affero General Public License (AGPL-3.0), except for specific components that remain licensed under the Apache License 2.0.