Using Ansible as an orchestrator, this project is another solution for testers looking to configure and deploy a new VM or VPS box with the tools that they need for penetration testing.
Current solutions I've seen involve either a crazy amount of custom Bash/Shell scripting that is buggy or reliance on a home-grown deployment framework which is also buggy and not often updated. Ansible is an extremely flexible orchestration framework used for all kinds of devops projects. It's also an actively maintained project, which is critical when relying on it to deploy servers in many different environments.
A few assumptions are made with this particular iteration of the Ansible playbook:
- The target systems are Debian 7.x or greater (support for multiple OSes to follow later)
- Ansible is installed on the host deploying the Ansible playbook (see below for installation steps)
- This assumes root + public key authentication access to the target host(s) is feasible
- Python 2.x is installed on the target host(s)
group_vars/allis filled in with a username and linux password hash for the password value
On the deployment host, Ansible needs to be installed and two Ansible roles must be installed via ansible-galaxy:
> pip install ansible
> ansible-galaxy install rvm_io.ruby naftulikay.go-dev
Designate a file to house one or many target host IP addresses, formatted like so:
[c2]
10.0.0.15
10.0.0.20
Run the Ansible playbook:
> ansible-playbook -i hosts site.yml
There are quite a few things that can be done with the project at this initial stage. The main ideas I have are:
- Support more tools
Symlink installed tools to/usr/binor/usr/local/binso they can be called anywhereGroup tools into their own sub-roles within the current Ansible playbook structure- A lot more