Awesome
Cervantes is an opensource collaborative platform for pentesters or red teams who want to save time to manage their projects, clients, vulnerabilities and reports in one place.
Supported
Cervantes is an OWASP Foundation Project
<img src="https://raw.githubusercontent.com/CervantesSec/.github/main/profile/owasp.png" width="500" height="150">Technologies
Try Cervantes
There is a live demo running on http://demo.cervantessec.org.
The demo server has 3 users to show the different permission levels. The credentials for these users are:
| Username | Password | Role |
|---|---|---|
| admin@cervantes.local | Admin123. | Administrator |
| su@cervantes.local | SuperUser123. | SuperUser |
| user@cervantes.local | User123. | User |
This demo has limited functionalities, file upload & report generation, logs... If you want to test the full functionalities use the dockerized version.
Features
- OpenSource
- Multiplatform
- Multilanguage
- Team Collaboration
- Checklists
- OWASP Compliance Reports
- BuiltIn dashboards and analytics
- Manage your clients and Offensive Security projects
- One click reports creation
- And more
Runtime requirements
- Docker
- Docker compose
How to run it locally with Docker compose
- First you need to clone this repository
git clone https://github.com/CervantesSec/docker.git
- After that you need to start your docker containers:
docker-compose -p cervantes -f docker-compose.yml up -d
-
After this, open your browser at http://localhost
-
Default User is:
admin@cervantes.local - Admin123.
How to run it locally from source
-
Install dotnet sdk from https://dotnet.microsoft.com/en-us/download
-
Install PostgreSQL https://www.postgresql.org/download/
-
Clone this repository
git clone https://github.com/CervantesSec/cervantes.git
- In Cervantes.Web -> appsettings.json edit the DefaultConnection with your database parameters
{
"ConnectionStrings": {
"DefaultConnection": "Server=localhost;Database=cervantes;Username=postgres;Password=postgres"
},
"Logging": {
"LogLevel": {
"Default": "Trace",
"Microsoft": "Warning",
"Microsoft.Hosting.Lifetime": "Information",
"Cervantes.*": "Trace"
}
},
"AllowedHosts": "*",
"EmailConfiguration": {
"Enabled": false,
"Name": "Cervantes",
"From": "cervantes@cervantes.local",
"SmtpServer": "localhost",
"SmtpPort": 1025,
"SmtpUsername": "cervantes@cervantes.local",
"SmtpPassword": "cervantes"
},
"JiraConfiguration": {
"Enabled": false,
"Auth": "Basic",
"Url": "",
"Project": "",
"User": "",
"Password": "",
"ConsumerKey": "",
"ConsumerSecret": "",
"OAuthAccessToken": "",
"OAuthTokenSecret": ""
}
}
- Run the project
dotnet run --project /CERVANTES_PATH/Cervantes.Web/
-
After this, open your browser at http://localhost:5001
-
Default User is:
admin@cervantes.local - Admin123.
How to contribute
Here are some things you could do to become a contributor:
- ★ Star this project on Github ★
- Suggest new features or ideas
- Improve the code of the platform components
- Report security issues
Before you jump to make any changes make sure you have read the contributing guidelines. This would save us all time. Thanks!
Security
Please report Security issues via our disclosure policy.
How to report bugs
If you have bugs to report please use the issues tab on Github to submit the details.