Free as in Freedom: Codeberg.org. Create your repos!
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
cysec 64665fe49e Merge branch 'experimental-improvements' of cysec/CySec-Server into master 3 months ago
accounts experimental improvements 3 months ago
activity_feed prepare some new features and fix bugs 5 months ago
api identify which vulns,hosts and services were discovered by command 4 months ago
blogging improve blog api 5 months ago
bug_bounty_mode fixes #21 4 months ago
bughunting experimental improvements 3 months ago
cymailbox Mdb 5 months ago
cysec_server experimental improvements 3 months ago
pentesting identify which vulns,hosts and services were discovered by command 4 months ago
public_pages add link to bug bounty index page 4 months ago
static implements #12 4 months ago
stats Resolve "make central container full height" 5 months ago
templates fixes #5 4 months ago
todoz prepare some new features and fix bugs 5 months ago
utils update docker files and add file for running cysec server as hidden service V3 4 months ago
.gitignore move settings template into project root 4 months ago
.gitlab-ci.yml use python 3.6 5 months ago
Dockerfile add new chart 7 months ago
LICENSE Add LICENSE 9 months ago
ReadMe.md experimental improvements 3 months ago
disclose_vulnerabilities.py closes #114 8 months ago
docker-compose.yml move settings template into project root 4 months ago
local_settings.template.py move settings template into project root 4 months ago
manage.py remove dev settings file 8 months ago
requirements.txt update api after client prototyping 4 months ago
run_as_tor_hidden_service_v3.sh move settings template into project root 4 months ago

ReadMe.md

Description

This is the server part of the CySec-Framework. The server provides a webinterface for easily managing your pentestings or bug bounty vulnerabilities.

This is still beta and may contain lot of bugs and only basic UX for now.

I plan to include other features in future like a client application ;)

Please report bugs and other ideas through the Bug-Tracker

Setup

See wiki pages for setup instructions

Features

  • Pentesting

    • Unlimited amount of pentesting projects
    • Add other users to your project and specify a role like “pentester” or “project admin”
    • Tasks that supports Markdown. Tasks can optionally be assigned to a user
    • create pentesting reports based on the discovered information and vulnerabilities
    • optionally encrypt reports using AES-GCM or ChaCha20Poly1305 (server-side)
    • Dashboard with latest activities and statistics
  • Bug Bounty

    • Bug Hunters can win awards for securing websites
    • diclose vulnerabilities within 30 days
    • bug hunter can increaase dislosure deadline
    • store discovered bugs as draft
    • optionally submit social media posts, if vulnerability was submitted (only mastodon is supported for now)
    • show bug details only using sharable link, which prevent domain administration to create accounts on the server
    • details of not disclosed or fixed vulnerabilities are hidden for other users
    • sending email to site admins for vulnerability notification
  • Landing Page

    • Customize Carousel images and text
    • displays statistical stuff using charts (i.e.: Top Bug Hunters, Top Vulnerabilities,…)
  • Public user profile pages with awards included

  • Public Profile Page with user stats

  • enable or disable registration

  • REST-API allows external tools to interact with our service

  • Users can create blogs ( with markdown support )

  • Encrypted mailboxes for users ( using PGP )

there are more features planned. see issues page.