Command Center is a full featured vulnerability management platform for penetration testing teams. Command Center Scanner is the client application designed to perform tasks during penetration tests and security audits using Docker containers. This repository contains packer files and scripts to automate building AMI, Azure, and VMware images of CCScanner.
Download packer:
- Download the proper Packer binary from https://www.packer.io/downloads.
- Unzip the package into the
ccscanner-iac
directory.
Set variables for the AMI:
- setx AWS_ACCESS_KEY_ID "Your AWS Access Key ID"
- setx AWS_SECRET_ACCESS_KEY "Your AWS Secret Key"
- setx AWS_VPC_ID "The AWS VPC ID you are building the AMI in"
- setx AWS_SUBNET_ID "The AWS Subnet ID you are building the AMI in"
- setx AWS_INSTANCE_TYPE "The AWS instance type you will be using"
- setx AWS_REGION "The AWS region to deploy the AMI"
Set variables for the AZURE Image:
- setx AZURE_CLIENT_ID "Your Azure client id"
- setx AZURE_CLIENT_SECRET "Your Azure client secret"
- setx AZURE_SUBSCRIPTION_ID "Your Azure subscription id"
- setx AZURE_TENANT_ID "Your Azure tenant id"
- setx AZURE_LOCATION "The Azure location to keep the image"
- setx AZURE_VM_SIZE "The default VM size"
- setx AZURE_RESOURCE_GROUP_NAME "The Azure resource group name"
Set variables for the vCenter Template:
- setx VCENTER_SEVER "Your vCenter Server ip or hostname"
- setx VCENTER_USERNAME "Your vCenter username"
- setx VCENTER_PASSWORD "Your vCenter password"
- setx VCENTER_CLUSTER "The cluster to deploy the scanner template in"
- setx VMWARE_NETWORK "The network to used during the scanner template initial setup"
- setx DATASTORE "The Datastore to use to store the scanner template"
- setx ESXI_HOST "The ESXi host to deploy the scanner template on"
- setx HTTP_SERVER "The HTTP server to seed from"
- setx HTTP_PORT "The HTTP server port to use"
Set variables for the AMI:
- export AWS_ACCESS_KEY_ID="Your AWS Access Key ID"
- export AWS_SECRET_ACCESS_KEY="Your AWS Secret Key"
- export AWS_VPC_ID="The AWS VPC ID you are building the AMI in"
- export AWS_SUBNET_ID="The AWS Subnet ID you are building the AMI in"
- export AWS_INSTANCE_TYPE="The AWS instance type you will be using"
- export AWS_REGION="The AWS region to deploy the AMI"
Set variables for the AZURE Image:
- export AZURE_CLIENT_ID="Your Azure client id"
- export AZURE_CLIENT_SECRET="Your Azure client secret"
- export AZURE_SUBSCRIPTION_ID="Your Azure subscription id"
- export AZURE_TENANT_ID="Your Azure tenant id"
- export AZURE_LOCATION="The Azure location to keep the image"
- export AZURE_VM_SIZE="The default VM size"
- export AZURE_RESOURCE_GROUP_NAME="The Azure resource group name"
Set variables for the vCenter Template:
- export VCENTER_SEVER="Your vCenter Server ip or hostname"
- export VCENTER_USERNAME="Your vCenter username"
- export VCENTER_PASSWORD="Your vCenter password"
- export VCENTER_CLUSTER="The cluster to deploy the scanner template in"
- export VMWARE_NETWORK="The network to used during the scanner template initial setup"
- export DATASTORE="The Datastore to use to store the scanner template"
- export ESXI_HOST="The ESXi host to deploy the scanner template on"
- export HTTP_SERVER="The HTTP server to seed from"
- export HTTP_PORT="The HTTP server port to use"
To build the AMI:
Run the following command - packer build scanner/packer-file-AMI.json
To build the vCenter Template:
Run the following command - packer build scanner/packer-file-VCENTER.json
To build the AZURE Image:
Run the following command - packer build scanner/packer-file-AZURE.json
AMI Notes:
Your build system must have ssh access to the AMI to run the provision.sh
script. The packer-file.json
is configured to use a public address.
If this is unacceptable please modify the packer-file.json
and change associate_public_ip_address
to false
.
Referances: https://docs.microsoft.com/en-us/azure/virtual-machines/linux/build-image-with-packer#define-packer-template
Now you have a template to use to deploy the CCScaner image.