/kapow

Kapow! If you can script it, you can HTTP it.

Primary LanguageGoApache License 2.0Apache-2.0

Kapow! Logo

If you can script it, you can HTTP it.

Test status Go Report Open Issues Documentation Current Version


What's Kapow!

Say we have a nice cozy shell command that solves our problem. Kapow! lets us easily turn that into an HTTP API.

Let's see this with an example

We want to expose log entries for files not found on our Apache Web Server, as an HTTP API. With Kapow! we just need to write this executable script:

[apache-host]$ cat search-apache-errors
#!/usr/bin/env sh
kapow route add /apache-errors - <<-'EOF'
	cat /var/log/apache2/access.log | grep 'File does not exist' | kapow set /response/body
EOF
[apache-host]$ chmod +x search-apache-errors

and then, run it using Kapow!

[apache-host]$ kapow server search-apache-errors

finally, we can read from the just-defined endpoint:

[another-host]$ curl http://apache-host:8080/apache-errors
[Fri Feb 01 22:07:57.154391 2019] [core:info] [pid 7:tid 140284200093440] [client 172.17.0.1:50756] AH00128: File does not exist: /usr/var/www/mysite/favicon.ico
[Fri Feb 01 22:07:57.808291 2019] [core:info] [pid 8:tid 140284216878848] [client 172.17.0.1:50758] AH00128: File does not exist: /usr/var/www/mysite/favicon.ico
[Fri Feb 01 22:07:57.878149 2019] [core:info] [pid 8:tid 140284208486144] [client 172.17.0.1:50758] AH00128: File does not exist: /usr/var/www/mysite/favicon.ico
...

Why Kapow! shines in these cases

  • We can share information without having to grant SSH access to anybody.
  • We can share information easily over HTTP.
  • We can effectively limit what gets executed.

Documentation

You can find the complete documentation and examples here.

Security

Please consider the following Security Concerns before using Kapow!

If you are not 100% sure about what you are doing we recommend not using Kapow!

Authors

Kapow! is being developed by BBVA-Labs Security team members.

Kapow! is Open Source Software and available under the Apache 2 license.

Contributions

Contributions are of course welcome. See CONTRIBUTING or skim existing tickets to see where you could help out.