Skip to content

ta1c0/x-port

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

                          ____  __        ________ _______ ________ ________
                          __  |/ /        ___  __ \__  __ \___  __ \___  __/
                          __    / __________  /_/ /_  / / /__  /_/ /__  /   
                          _    |  _/_____/_  ____/ / /_/ / _  _, _/ _  /    
                          /_/|_|          /_/      \____/  /_/ |_|  /_/     

The tool was designed to ease on security operators by createing an automatic report to submit to their clients. Your PoCs are uploaded to Azure's Storage as in a file-system type of order. Then, Ghostwriter's project will generate a report, with all selected findings, including private URL tokens for each PoC.

Installation

$ git clone https://github.com/practiccollie/x-port
$ cd x-port/
$ pip3 install -r requirements.txt

Usage

$ python3 x-port.py <path/to/findings-directory>

Prerequisites

Customization

Environmental Variables

The script looks for the "GW_USER" & "GW_PASS" as environment variables.
You should add the following lines to your shell configuration file.

export GW_USER="Your-Username>
export GW_PASS="Your-Password>

utils.py

Make sure to modify the following sections:

  • Prompts

    x-port/utils.py

    Lines 64 to 82 in 7a4fc72

    GLOBAL_SITES_PROMPT = """
    Sites
    ----------------
    US : 1
    AFR : 2
    EUR : 3
    ASIA : 4
    [+] Please Enter Site ID: """
    ### Replace with your team memebers names
    TEAM_MEMBER_PROMPT = """
    Team Members IDs
    ----------------
    name_1 : 1
    name_2 : 2
    [+] Please select team member/s ID: """

  • GraphQL

    x-port/utils.py

    Lines 87 to 102 in 7a4fc72

    # HTTP
    GQL_URL = 'http://<YOUR-SITE.com>:8080' ### Replace with your GraphQL endpoint
    GQL_URL_V1 = GQL_URL + '/v1/graphql'
    GQL_URL_REST = GQL_URL + '/api/rest/<YOUR-ENDPOINT>' ### Replce ywith your findings endpoint
    HEADERS = {"Content-Type": "application/json", }
    # Template
    DOCX_TEMPLATE = '2' ### Replace with your DOCX template ID
    PPTX_TEMPLATE = '2' ### Replace with your PPTX template ID
    DOCX_LAST_UPDATE = '2022-09-04' ### Replace with your DOCX last update date
    # Team Members
    LEAD_ID = '1' ### Replace with your lead team ID
    LEAD_ROLE_ID = '1' ### Replace with your lead team role ID
    ENGINEER_ROLE_ID = '1' ### Replace with your engineer role ID

  • GhostWriter

    x-port/utils.py

    Lines 118 to 120 in 7a4fc72

    GW_URL = 'http://<YOUR-SITE.com>:8000' ### Replace with your GhostWriter login page
    GW_URL_LOGIN = GW_URL + '/accounts/login/'
    GW_URL_REPORTING = GW_URL + '/reporting/reports/'

  • Azure

    x-port/utils.py

    Lines 126 to 130 in 7a4fc72

    VAULT_URL = "https://<your-azure-vault-name>.vault.azure.net/" ### Replace with your Azure keyvault URL
    VAULT_CONN_STR = "<vault-connection-string>" ### Replace with your vault connection string
    VAULT_KEY= "<vault-key>" ### Replace with your vault key
    FOLDER_NAME = f'{date.today().year}/{PROJECT_NAME}'
    ACCOUNT_NAME= "<storage-account-name>" ### Replace with your storage account name

Authors

About

No description, website, or topics provided.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages