Home

Awesome

SWEETMON

'SWEETMON' is a fuzzer monitoring service based python3 + django. User can check their fuzzers and crashes on the web. It can reduce repetitive work for fuzz testers.

What is this?

Sweetmon provides several useful things for monitoring fuzzers and crashes.

Screenshots

  1. Initial screen

    https://user-images.githubusercontent.com/14085555/30513140-24c99316-9b39-11e7-8218-ddd6860afa13.png

  2. User Profile

  3. Fuzzer list

  4. Fuzzer information

  5. Crash list

  6. Crash details

  7. Crash details (2)

  8. Testcase & Fuzzer list

  9. Testcase & Fuzzer details

  10. Issue list

  11. Issue Details

  12. Statistics

Installation (Server)

Easy Installation (Recommended, For linux)

  1. Install Ubuntu.

  2. Download the installer

    wget https://raw.githubusercontent.com/sweetchipsw/sweetmon/master/install.sh -O install.sh
    
  3. Set 'DOMAIN' on install.sh

    #!/bin/bash
    # SWEETMON Installer
    ###
    # Modify under contents
    ###
    DOMAIN='' # domain.com || 192.168.123.123
    EMAIL='admin@domain.com'
    
  4. Run installer.

    bash install.sh
    
  5. Done!

Manual Installation (For linux)

  1. Install python3 + apache2 + virtualenv and sweetmon

    sudo apt install python3 python3-pip
    sudo apt install apache2
    sudo apt install virtualenv
    git clone https://github.com/sweetchipsw/sweetmon.git
    
  2. Update your server and Install dependencies

    sudo apt update
    sudo apt upgrade -y
    sudo apt install -y python3 python3-pip apache2 virtualenv libapache2-mod-wsgi-py3 letsencrypt git
    
  3. Clone sweetmon project & Set env

    git clone https://github.com/sweetchipsw/sweetmon.git
    export LOCATION=`pwd`
    export VENV='sweetmon_venv'
    
  4. Install && Activate virtualenv.

    virtualenv -p python3 sweetmon_venv
    . sweetmon_venv/bin/activate
    
  5. Install django + dependencies.

    sudo pip3 install -r requirements.txt
    
  6. Make configuration file

    sudo vim /etc/apache2/sites-available/sweetmon.conf
    
  7. Paste under contents.

    <VirtualHost *:80>
        WSGIScriptAlias / $LOCATION/sweetmon/sweetmon/wsgi.py
        WSGIDaemonProcess sweetmon python-path=$LOCATION/sweetmon/ python-home=$LOCATION/$VENV/lib/python3.5/site-packages
        WSGIProcessGroup sweetmon
    
        ServerName $DOMAIN
        ServerAlias $DOMAIN
        ServerAdmin $EMAIL
    
        DocumentRoot $LOCATION/sweetmon/
    
        ErrorLog /var/log/apache2/sweetmon_error.log
        CustomLog /var/log/apache2/sweetmon_custom.log combined
    
        Alias /robots.txt $LOCATION/sweetmon/static/robots.txt
        Alias /assets/admin $LOCATION/$VENV/lib/python3.5/site-packages/django/contrib/admin/static/admin
        Alias /assets $LOCATION/sweetmon/static/
        <Directory $LOCATION/sweetmon/>
            Require all granted
        </Directory>
    
        <Directory $LOCATION/sweetmon/sweetmon/ >
        <Files wsgi.py>
            Require all granted
        </Files>
        </Directory>
    
        <Directory $LOCATION/$VENV/lib/python3.5/site-packages/django/contrib/admin/static/admin/ >
            Require all granted
        </Directory>
    </VirtualHost>
    
  8. Restart apache2 server

    sudo a2ensite sweetmon
    sudo service apache2 restart
    
  9. Migrate DB / Set permission / Create super admin

    cd $LOCATION/sweetmon
    python3 manage.py makemigrations
    python3 manage.py migrate
    sudo chown www-data:www-data ./ -R
    python manage.py createsuperuser
    
  10. Done.

Install SSL certificate on Apache2. (Optional, But highly recommended)

  1. Install Letsencrypt

    sudo apt install letsencrypt
    
  2. Check your port-forwarding status.

    1. 80 (http)
    2. 443 (https)
  3. Generate SSL Certificate

    sudo letsencrypt certonly -a standalone -d domain.com
    
  4. Make configuration file for https.

  5. Enable SSL & Restart apache2 server

  6. Done!

For windows, OS X

After Install

1. Change Secret key in settings.py (/sweetmon/settings.py)

# SECURITY WARNING: keep the secret key used in production secret!
# - Please Change this key before install on server.
# SECRET_KEY = 'y3r$r7#g(g_6xt!q35ct=6sqt0kiihqe2vc#k%bktayz@vok2v'
SECRET_KEY = '....'
import random
print(''.join(random.SystemRandom().choice('abcdefghijklmnopqrstuvwxyz0123456789!@#$%^&*(-_=+)') for i in range(50)))

# '(vj1g8ps3a7li%g%go6uno4!n(9dfegsj7mvbicy$vv&c#!ak4'

2. You should use sweetmon-client to interact with sweetmon

PS

  1. Pull Requests are always welcome!
  2. Please create Issue or send me an email to me if you have any questions or requests.

ETC