Skip to content

n0ss/ansible-cybersec

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

16 Commits
README.md
README.md
 
 
ansible.cfg
ansible.cfg
 
 
install_desktop_commons.yaml
install_desktop_commons.yaml
 
 
install_offensive_tools.yaml
install_offensive_tools.yaml
 
 
inventory
inventory
 
 
remove_desktop_commons.yaml
remove_desktop_commons.yaml
 
 
testing_offensive.yaml
testing_offensive.yaml
 
 

Repository files navigation

ansible-cybersec

This repository was created to provide ansible configurations files to automatically bootstrap and deploy Debian-based systems with penetration testing/CTF/cyber-security capabilities. On the opposite of Kali Linux, or Parrot OS Security, the goal of these updated systems is to be stable, come with a minimal yet sufficient number of tools, and easy to use.

This could be a good way to get into Ansible and Hacking at the same time.

Recommendations (Optionnal)

SSH Keys

You can use connect via SSH, and deploy with Ansible using only password protected connection. But this is not the right way to do it.

It is highly recommended that you use a private/public key pair in order to make SSH connections to your infrastructure.

To use Ansible with an SSH keypair, you should use a dedicated key pair for this purpose.

In this section, we're gonna create 2 key pairs, one for SSH logging, and one for Ansible.

Dependencies

First, you'll to have an OpenSSH server running on your target, if not, install with :

sudo apt install openssh-server -y

Generaring new key pair for SSH connections

Recommended options for generating keys :

ssh-keygen -t rsa -b 4096 -o -a 100 -C "Your personal keypair description"

or

ssh-keygen -t ed25519 -a 100 -C "Your personal keypair description"

It is recommended to change the default path proposed by ssh-keygen in order to improve security

Enter passphrase (empty for no passphrase):

When ssh-keygen asks you to enter a passphrase, it is highly recommended that you use one.

Example : my+awesome+super+secret+passphrase

Exporting a public key to your target host

You will need to export the public key of your keypair to the specific host(s) on which you want to connect

ssh-copy-id -i /path/to/your/keypair.pub IP.of.the.host

Type the password of the remote host when asked, then logging to the host to verify successful export :

ssh IP.of.the.host

cat ~/.ssh/authorized_keys

Using personal key to clone Github repositories

You can also use your public key to clone github repositories.

Account/Preferences/SSH & GPG keys/New SSH Key/Paste your public key

This will allow you to connect in a secure manner to Github.

Generating second key pair for Ansible

Recommended options for generating keys :

ssh-keygen -t rsa -b 4096 -o -a 100 -C "Your personal keypair description"

or

ssh-keygen -t ed25519 -a 100 -C "Your personal keypair description"

Exporting a public key to your target host

In order to deploy with Ansible using your SSH key pair, you will need to export the public key of your keypair to the specific host(s) on which you want to deploy

ssh-copy-id -i /path/to/your/keypair.pub IP.of.the.host

Type the password of the remote host when asked, then logging to the host to verify successful export :

ssh IP.of.the.host

cat ~/.ssh/authorized_keys

Bootstraping the OS

Install common desktop softwares

Configure common desktop softwares

Install pentesting dependencies

Install pentesting softwares

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages