-
Notifications
You must be signed in to change notification settings - Fork 85
/
kvasir.yaml.sample
184 lines (158 loc) · 6.35 KB
/
kvasir.yaml.sample
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
##########################################################################################################
#
# Kvasir Configuration file for Docker deployment
#
# Lookup priority:
#
# $HOME/.kvasir/kvasir.yaml
# $WEB2PY_HOME/applications/$APPNAME/kvasir.yaml
#
##########################################################################################################
##########################################################################################################
#
# Kvasir Database configurations
#
##########################################################################################################
db:
migrate: True # if multiple web2py instances are used with 1 database, only 1 user needs True
fake_migrate: False # only True if absolutely necessary
lazy_tables: false # set this to True after setup is complete for faster db access
kvasir:
# any web2py supported URI connection string is acceptable - additional libraries may be required
# see http://web2py.com/books/default/chapter/29/06#Connection-strings
uri: postgres://kvuser:kvpass@localhost:5432/kvasir
pool_size: 10
msf:
# direct msf db support is not currently supported - future support planned
uri: postgres://msfuser:msfpass@localhost:5432/msf
pool_size: 10
##########################################################################################################
#
# Customer configuration settings
#
##########################################################################################################
customer: "CUSTOMER NAME"
assessment_type: "Internal"
start_date: "START_DATE"
end_date: "END_DATE"
##########################################################################################################
#
# Global configuration settings
#
##########################################################################################################
# Use f_cvss_score instead of f_severity for graphs and statistics
use_cvss: false
password_upload_dir: data/passwords/misc
# ShodanHQ API Key (future WebAPI usage)
shodanhq_api_key: none
# pwnwiki path
# download latest from https://github.com/pwnwiki/pwnwiki.github.io/archive/master.zip
# or clone: git clone https://github.com/pwnwiki/pwnwiki.github.io
# start a separate webserver (python -m SimpleHTTPServer) and replace or leave github url
pwnwiki_path: "https://pwnwiki.github.io"
# exploitdb archive path
# download latest from https://github.com/offensive-security/exploit-database/archive/master.zip
# or clone: git clone https://github.com/offensive-security/exploit-database.git
exploitdb_path: "/usr/share/exploitdb"
# redirection timer
# links to external resources will go through a staging page. This page includes a countdown timer for automatic
# redirection. The length of the timer is set here and defaults to 10 seconds.
# >0 = seconds before redirection
# 0 = immediate redirection
# -1 = no redirection
redirect_timer: 10
# Web2py security_key should be unique and changed. It's used to encrypt passwords and generate CSRF tokens
security_key: "sha512:36518081-c858-47ad-8832-a28d842f3052"
##########################################################################################################
#
# Customization
#
##########################################################################################################
# Login page image. File must be under static/ subdirectory.
login_image: images/Kvasir_portrait.png
# Loading video - can be a movie file (mp4/m4v) or comment it out for a progress bar.
loading_video: videos/loading.m4v
##########################################################################################################
#
# Web2py scheduler settings
#
# scheduler_group_name:
#
# By default Kvasir uses your hostname as a unique group identifier. Only workers configured to look for
# this group name will run tasks. By setting this value Kvasir will support multiple scheduler instances.
# Be aware that the "launch_command" task will execute on the first available worker in the group which
# could be problematic.
#
# In general this should remain undefined.
#
# scheduler_timeout:
#
# Amount of time in seconds a task is allowed to run. Default is 1 hour.
#
##########################################################################################################
#scheduler_group_name: group_name
scheduler_timeout: 3600
##########################################################################################################
#
# launch_command is executed by the scheduler service.
# variables:
# _IP_ - Target IP Address
# _DATADIR_ - The data directory location in Kvasir
# _LOGFILE_ - A logfile name for the "script" command in data/session-logs
#
# XTERM (works on Linux and OSX)
launch_command: "xterm -sb -sl 1500 -vb -T 'manual hacking: _IP_' -n 'manual hacking: _IP_' -e script _LOGFILE_"
# Gnome-terminal
#launch_command: "gnome-terminal --window -t 'manual hacking: _IP_' -e 'script _LOGFILE_'"
# OSX AppleScript Terminal
#launch_command: osascript ../private/terminal.scpt _IP_ _DATADIR_ _LOGFILE_
##########################################################################################################
#
# web2py login configuration
# See: http://www.web2py.com/book/XXX
#
##########################################################################################################
login:
method: 'local'
config: ''
##########################################################################################################
#
# Vulnerability scanner and Metasploit API settings
#
##########################################################################################################
# Nmap settings
nmap:
binary: /usr/local/bin/nmap
sharedir: /usr/local/share/nmap
scriptdir: /usr/local/share/nmap/scripts
nselibdir: /usr/local/share/nmap/nselib
# multiple Nessus servers may be configured
nessus:
servers: [
server_name: {
url: 'https://localhost:8834/',
secret_key: '',
access_key: '',
username: '',
password: '',
version: 6,
verify_ssl: false
},
]
ignored_plugins: [
19506, # Nessus Scan Information
11219, # Nessus SYN Scanner
34277, # Nessus UDP Scanner
10335, # Port is open
]
nexpose:
host: 127.0.0.1
port: 3780
user: nxadmin
password: password
ignored_vulnids: [ ]
metasploit:
url: "https://localhost:3790/"
api_key: undefined
user: msf
password: msf