Code Monkey home page Code Monkey logo

autoinfra's Introduction

autoinfra: automated infrastructure

Ansible playbooks and Terraform modules for automatically deploying infrastructure for penetration testing, red team exercises, and bug bounties.

Quick Start

The quick start assumes the following (follow the steps in Setup, below, for complete instructions):

  • Terraform and Ansible are installed
  • The operator has existing AWS access keys

The following commands will create (and then destroy) a t2.medium EC2 instance with OSINT/Reconnaissance tools installed:

git clone https://github.com/nopfor/autoinfra
cd autoinfra

ssh-keygen -a 256 -t ed25519 -f data/ssh/autoinfra

cp examples/aws_recon.tf main.tf

export AWS_ACCESS_KEY_ID="YOUR_AWS_ACCESS_KEY"
export AWS_SECRET_ACCESS_KEY="YOUR_AWS_SECRET_KEY"
export AWS_DEFAULT_REGION="YOUR_AWS_REGION"

terraform init
terraform apply

terraform destroy

What's Included

Ansible Roles/Playbooks

Ansible roles automate software component installation. These can be run on any existing infrastructure.

  • Recon: Automatically installs OSINT/Reconnaissance tools
  • OpenVPN: Create an OpenVPN server and automatically generate client configurations
  • Squid Proxy: Create a squid proxy on a non-standard port
  • Socat Redirector: TCP redirector using socat
  • Ubuntu: Standard tasks to be run on newly-deployed Ubuntu machines

Terraform Modules

Terraform modules assist with infrastructure orchestration/provisioning. These will create infrastructure in the cloud.

  • AWS
    • Network: All network components needed to run an EC2 instance
    • Ubuntu Server: Ubuntu server EC2 instance configured to run Ansible playbooks
  • DigitalOcean
  • Azure

Examples

Several examples are included. Copy these to main.tf and run terraform to get started.

  • AWS Recon: Create a t2.medium EC2 instance with OSINT/Reconnaissance tools installed
  • AWS OpenVPN Server: Create an OpenVPN server in AWS and generate 2 client configs
  • AWS Squid Proxy: Create an EC2 instance with a Squid proxy on a non-standard port (note: by default this is accessible to the entire internet)
  • DigitalOcean Recon: Create a medium droplet with OSINT/Reconnaissance tools installed
  • Azure Recon: Create a medium Ubuntu server VM in Azure with OSINT/Reconnaissance tools installed

Setup

Terraform and Ansible

The following commands will install Terraform and Ansible on a Debian or Ubuntu machine:

sudo apt-get update && sudo apt-get install -y gnupg software-properties-common curl
curl -fsSL https://apt.releases.hashicorp.com/gpg | sudo apt-key add -
sudo apt-add-repository "deb [arch=$(dpkg --print-architecture)] https://apt.releases.hashicorp.com $(lsb_release -cs) main"
sudo apt update
sudo apt install terraform ansible

See the Terraform and Ansible installation guides for more information.

Note: Terraform 1.20 is required for Azure running an Ubuntu 22.04 instance due to https://github.com/hashicorp/terraform/issues/30134t

SSH Keys

An existing SSH key pair is required to provision new instances. By default, Terraform will look for these at data/ssh/autoinfra{,.pub} (and data/ssh/autoinfra_rsa{,.pub} for providers, such as Azure, that only support RSA keypairs).

To create new keypairs, run the following (note: password-protected SSH keys are not currently supported):

ssh-keygen -a 256 -t ed25519 -f data/ssh/autoinfra
ssh-keygen -t rsa -b 4096 -f data/ssh/autoinfra_rsa

Cloud Access Keys or Tokens

autoinfra requires at least one cloud provider to be configured to operate. Instructions for getting access keys or tokens from supported providers are below:

Terraform can use these if set in envrionment variables:

# AWS
export AWS_ACCESS_KEY_ID="YOUR_AWS_ACCESS_KEY"
export AWS_SECRET_ACCESS_KEY="YOUR_AWS_SECRET_KEY"
export AWS_DEFAULT_REGION="YOUR_AWS_REGION"

# DO
export DIGITALOCEAN_TOKEN="YOUR_DO_TOKEN"

# Azure
export ARM_SUBSCRIPTION_ID="YOUR_AZURE_SUBSCRIPTION_ID"

Alternatively, the following can be added to a Terraform file (ex: main.tf or providers.tf):

provider "aws" {
  access_key = "YOUR_AWS_ACCESS_KEY"
  secret_key = "YOUR_AWS_SECRET_KEY"
  region = "YOUR_AWS_REGION"
}

provider "digitalocean" {
  token = "YOUR_DO_TOKEN"
}

provider "azurerm" {
  features {}
  subscription_id = "YOUR_AZURE_SUBSCRIPTION_ID"
}

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.