vautomator-client
Client to use the vautomator-serverless back-end.
Install
- Clone this repository:
git clone https://github.com/mozilla/vautomator-client.git && cd vautomator-client
- Create a virtual env (I use
pipenv
):pipenv --python 3.x
- Install as egg:
python setup.py install
Usage
NOTE: This client is only intended to work with the vautomator API (see https://github.com/mozilla/vautomator-serverless)
The client supports 3 modes: run
to run a vulnerability scan, download
to download scan results (manually, if you have to), and monitor
to monitor CT logs for new subdomains under "mozilla.com", "mozilla.org" and "firefox.com".
It is highly recommended to use the great maws
tool (https://pypi.org/project/mozilla-aws-cli-mozilla/), before running a scan with this client. Otherwise, the client will prompt for an API key, which you will have to obtain from infosec-dev
AWS account.
Pre-requisites
- In your virtual environment, install
maws
:pip install mozilla-aws-cli-mozilla
- Sign in to AWS via SSO:
eval $(maws -w)
. When prompted in the browser, selectinfosec-dev-MAWS-Admin
role. If everything goes well you now should have AWS credentials set as your environment variables.
Run it!
- To run a scan on a target host:
va_ondemand run www.mozilla.org
- If everything goes well, you should, in an hour or so, have results sent to an SNS Topic which in turn has a Google Group, vautomator-results subscribed to it. If you join this Google Group, you will get results emailed to you.
- To (manually) download results for a scan:
va_ondemand download www.mozilla.org
.- This should create a
tar.gz
file under a folder calledresults
in the current working directory, containing output from tooling.
- This should create a
- To monitor CT logs and automatically kick off a scan for specific subdomains:
va_ondemand monitor
.- Note that this mode is blocking, as it will listen for events in certificate transparency logs, until you end the program.