Join the development team in #tapir on irc.freenode.net
Tapir is a framework designed to make it easy to discover data about entities - organizations, users, computers, and networks - on the web, using common (and not so common) OSINT techniques.
At the core of Tapir are entities, implemented and database-backed with MongoDB, and the tasks (implemented as small, structured ruby scripts like Metasploit modules) to modify and create entities. Tapir entities are real-world objects that you want to discover more information about.
Tapir tasks are the code that operate on the entities to create findings, new entities, or modify existing entities. Tasks are simple to create, have just enough structure, and harness the power of Ruby to extend the framework in useful ways. Have a look at the existing tasks in the lib/tapir/tasks directory.
Tapir keeps track of entities generated by each task for you. For example, if you add a host entity, and run a 'geolocate_host' task, you'll find that the physical address generated by the task is now a child of that host (and the host is now a parent of that physical address). You can view, modify, and programmatically query and inspect these relationships.
- 08/22/2013 - Tapir now supports multiple projects, and we have a total of 34 tasks!
- 05/07/2013 - Mongo is now used as the datastore. Generic Entities!
- 06/18/2012 - Cleaned up Web UI and background tasks! Renamed to Tapir!
- 02/25/2012 - The EAR Project has a stubbed out web UI, and is on its way to v1.0!
- 12/16/2011 - The EAR Project has been updated to Rails 3!
- 06/01/2011 - (or some time around here) Initial version of EAR spawned for #AHA.
Tapir is currently tested and working on:
- OS X 10.5.x+
- Ubuntu Linux 9.10+
- Kali Linux 1.0
Brew can be used to install prerequisites on OSX:
brew install qt
brew install nmap
brew install mongo
These prerequisites can be installed via apt:
sudo apt-get install nmap qt4-qmake libnokogiri-ruby1.8 libxslt-dev libxml2-dev libqt4-dev libpcap-dev libpq-dev libsqlite3-dev
Mongo can be installed with the following:
sudo apt-key adv --keyserver keyserver.ubuntu.com --recv 7F0CEB10
echo 'deb http://downloads-distro.mongodb.org/repo/ubuntu-upstart dist 10gen' | sudo tee /etc/apt/sources.list.d/10gen.list # if you're on ubuntu
sudo apt-get update
sudo apt-get install mongodb-10gen
See: http://docs.mongodb.org/manual/tutorial/install-mongodb-on-ubuntu/ for more information
These prerequisites can be installed via apt:
sudo apt-get install nmap qt4-qmake libnokogiri-ruby1.8 libxslt-dev libxml2-dev libqt4-dev libpcap-dev libpq-dev libsqlite3-dev
Mongo can be installed with the following:
sudo apt-key adv --keyserver keyserver.ubuntu.com --recv 7F0CEB10
echo 'deb http://downloads-distro.mongodb.org/repo/debian-sysvinit dist 10gen' | sudo tee /etc/apt/sources.list.d/10gen.list
sudo apt-get update
sudo apt-get install mongodb-10gen
Execute the bundle installer:
$ gem install bundle # from within the application root
$ bundle install # from within the application root
$ bundle exec rake secret > .secret # from within the application root
To start the server, in the root of the Tapir directory, run:
$ export RAILS_ENV=development # to set development mode (no background tasks)
$ bundle exec rackup # to start the server
Now browse to http://[server_name]:9292
In order to log in, you'll need to generate a username and password - Make sure you do this AFTER browsing to the web interface for the first time.
$ bundle exec rake db:seed # to generate a username and password
Most data sources are available with just an internet connection. Some require you to pull down data in advance.
The latest geolitecity (geolocation) data can be pulled by running:
$ cd [tapir_root]/data
$ ./geolitecity/get_latest.sh
Once you have a database, simply run $ bundle exec ./util/console.rb
- this will give you access to a shell from which you can create entities and run tasks against them.
Creating a host entity & running tasks:
$ cd [tapir_root]/util
$ bundle exec ./console.rb
tapir> Tenant.current = Tenant.first
tapir> Project.current = Project.first
tapir> host = Entities::Host.create(:name => "8.8.8.8")
tapir> host.run_task("dns_reverse_lookup",{})
tapir> host.run_task("geolocate_host",{})
tapir> host.children.map{ |c| puts "#{c.class}: #{c.name}" };
Installation of therubyracer gem might fail due to an invalid GEM specification file, refer to the following link for details:
https://github.com/cowboyd/therubyracer/issues/140#issuecomment-4707363