Cervantes is an opensource collaborative platform for pentesters or red teams who want to save time to manage their projects, clients, vulnerabilities and reports in one place.
Cervantes is an OWASP Foundation Project
There is a live demo running on http://demo.cervantessec.org.
The demo server has 3 users to show the different permission levels. The credentials for these users are:
Username | Password | Role |
---|---|---|
admin@cervantes.local | Admin123. | Administrator |
su@cervantes.local | SuperUser123. | SuperUser |
user@cervantes.local | User123. | User |
This demo has limited functionalities, file upload & report generation, logs... If you want to test the full functionalities use the dockerized version.
- OpenSource
- Multiplatform
- Multilanguage
- Team Collaboration
- Checklists
- OWASP Compliance Reports
- BuiltIn dashboards and analytics
- Manage your clients and Offensive Security projects
- One click reports creation
- And more
- Docker
- Docker compose
- First you need to clone this repository
git clone https://github.com/CervantesSec/docker.git
- After that you need to start your docker containers:
docker-compose -p cervantes -f docker-compose.yml up -d
-
After this, open your browser at http://localhost
-
Default User is:
admin@cervantes.local - Admin123.
-
Install dotnet sdk from https://dotnet.microsoft.com/en-us/download
-
Install PostgreSQL https://www.postgresql.org/download/
-
Clone this repository
git clone https://github.com/CervantesSec/cervantes.git
- In Cervantes.Web -> appsettings.json edit the DefaultConnection with your database parameters
{
"ConnectionStrings": {
"DefaultConnection": "Server=localhost;Database=cervantes;Username=postgres;Password=postgres"
},
"Logging": {
"LogLevel": {
"Default": "Trace",
"Microsoft": "Warning",
"Microsoft.Hosting.Lifetime": "Information",
"Cervantes.*": "Trace"
}
},
"AllowedHosts": "*",
"EmailConfiguration": {
"Enabled": false,
"Name": "Cervantes",
"From": "cervantes@cervantes.local",
"SmtpServer": "localhost",
"SmtpPort": 1025,
"SmtpUsername": "cervantes@cervantes.local",
"SmtpPassword": "cervantes"
},
"JiraConfiguration": {
"Enabled": false,
"Auth": "Basic",
"Url": "",
"Project": "",
"User": "",
"Password": "",
"ConsumerKey": "",
"ConsumerSecret": "",
"OAuthAccessToken": "",
"OAuthTokenSecret": ""
}
}
- Run the project
dotnet run --project /CERVANTES_PATH/Cervantes.Web/
-
After this, open your browser at http://localhost:5001
-
Default User is:
admin@cervantes.local - Admin123.
Here are some things you could do to become a contributor:
- ★ Star this project on Github ★
- Suggest new features or ideas
- Improve the code of the platform components
- Report security issues
Before you jump to make any changes make sure you have read the contributing guidelines. This would save us all time. Thanks!
Please report Security issues via our disclosure policy.
If you have bugs to report please use the issues tab on Github to submit the details.