/cervantes

Cervantes is an opensource collaborative platform for pentesters or red teams who want to save time to manage their projects, clients, vulnerabilities and reports in one place.

Primary LanguageC#Apache License 2.0Apache-2.0

Cervantes logo

GITHUB TWITTER WEB DISCORD DOCS

Cervantes is an opensource collaborative platform for pentesters or red teams who want to save time to manage their projects, clients, vulnerabilities and reports in one place.

Supported

Cervantes is an OWASP Foundation Project

Technologies

DOTNET CSHARP RIDER JS HTML CSS

Try Cervantes

There is a live demo running on http://demo.cervantessec.org.

The demo server has 3 users to show the different permission levels. The credentials for these users are:

Username Password Role
admin@cervantes.local Admin123. Administrator
su@cervantes.local SuperUser123. SuperUser
user@cervantes.local User123. User

This demo has limited functionalities, file upload & report generation, logs... If you want to test the full functionalities use the dockerized version.

Features

  • OpenSource
  • Multiplatform
  • Multilanguage
  • Team Collaboration
  • Checklists
  • OWASP Compliance Reports
  • BuiltIn dashboards and analytics
  • Manage your clients and Offensive Security projects
  • One click reports creation
  • And more

Runtime requirements

  • Docker
  • Docker compose

How to run it locally with Docker compose

  1. First you need to clone this repository
git clone https://github.com/CervantesSec/docker.git
  1. After that you need to start your docker containers:
docker-compose -p cervantes -f docker-compose.yml up -d
  1. After this, open your browser at http://localhost

  2. Default User is:

admin@cervantes.local - Admin123.

How to run it locally from source

  1. Install dotnet sdk from https://dotnet.microsoft.com/en-us/download

  2. Install PostgreSQL https://www.postgresql.org/download/

  3. Clone this repository

git clone https://github.com/CervantesSec/cervantes.git
  1. In Cervantes.Web -> appsettings.json edit the DefaultConnection with your database parameters
{
  "ConnectionStrings": {
    "DefaultConnection": "Server=localhost;Database=cervantes;Username=postgres;Password=postgres"
  },
  "Logging": {
    "LogLevel": {
      "Default": "Trace",
      "Microsoft": "Warning",
      "Microsoft.Hosting.Lifetime": "Information",
      "Cervantes.*": "Trace"
    }
  },
  "AllowedHosts": "*",
  "EmailConfiguration": {
    "Enabled": false,
    "Name": "Cervantes",
    "From": "cervantes@cervantes.local",
    "SmtpServer": "localhost",
    "SmtpPort": 1025,
    "SmtpUsername": "cervantes@cervantes.local",
    "SmtpPassword": "cervantes"
  },
  "JiraConfiguration": {
    "Enabled": false,
    "Auth": "Basic",
    "Url": "",
    "Project": "",
    "User": "",
    "Password": "",
    "ConsumerKey": "",
    "ConsumerSecret": "",
    "OAuthAccessToken": "",
    "OAuthTokenSecret": ""
    
  }
}
  1. Run the project
dotnet run --project /CERVANTES_PATH/Cervantes.Web/
  1. After this, open your browser at http://localhost:5001

  2. Default User is:

admin@cervantes.local - Admin123.

How to contribute

Here are some things you could do to become a contributor:

  • ★ Star this project on Github ★
  • Suggest new features or ideas
  • Improve the code of the platform components
  • Report security issues

Before you jump to make any changes make sure you have read the contributing guidelines. This would save us all time. Thanks!

paypal

Security

Please report Security issues via our disclosure policy.

How to report bugs

If you have bugs to report please use the issues tab on Github to submit the details.