Implement Tls Tester

Author: binarymist

.eslintrc.js

@@ -18,7 +18,8 @@ module.exports = {
     'import/no-unresolved': ['error', { commonjs: true }],
     'no-unused-expressions': ['error', { allowShortCircuit: true, allowTernary: true }],
     'object-curly-newline': ['error', { multiline: true }],
-    'no-multiple-empty-lines': ['error', { max: 2, maxBOF: 0, maxEOF: 1 }]
+    'no-multiple-empty-lines': ['error', { max: 2, maxBOF: 0, maxEOF: 1 }],
+    'newline-per-chained-call': 'off'
   },
   env: { node: true },
   parserOptions: { ecmaVersion: 2021 },

README.md

@@ -6,7 +6,7 @@
   <br/>
 <br/>
 <h2>purpleteam application scanner</h2><br/>
-  Application scanning component of <a href="https://purpleteam-labs.com/" title="purpleteam">purpleteam</a> - Currently in alpha
+  Application scanning component of <a href="https://purpleteam-labs.com/" title="purpleteam"><em>PurpleTeam</em></a> - Currently in alpha
 <br/><br/>
 
 <a href="https://www.gnu.org/licenses/agpl-3.0" title="license">
@@ -26,7 +26,9 @@
 
 If you are setting up the app-scanner, you will be targeting the `local` environment.
 
-Clone this repository.
+Clone or fork this repository.
+
+If you are developing this project:
 
 `cd` to the repository root directory and run:  
 ```shell
@@ -42,5 +44,4 @@ Take the Zap API Key that you set-up in the [purpleteam-s2-containers](https://g
 
 <br>
 
-Once you have cloned, installed and configured the app-scanner, head back to the [local setup](https://doc.purpleteam-labs.com/local/local-setup.html) documentation to continue setting up the other purpleteam components.
-
+Once you have worked through the above steps, head back to the [local setup](https://purpleteam-labs.com/doc/local/set-up/) documentation to continue setting up the other _PurpleTeam_ components.

config/config.example.json

@@ -16,7 +16,7 @@
   },
   "cucumber": {
     "tagExpression": "@app_scan",
-    "timeOut": 1800000
+    "timeout": 1800000
   },
   "runType": "parallel",
   "results": {

config/config.js

@@ -1,26 +1,26 @@
 // Copyright (C) 2017-2021 BinaryMist Limited. All rights reserved.
 
-// This file is part of purpleteam.
+// This file is part of PurpleTeam.
 
-// purpleteam is free software: you can redistribute it and/or modify
+// PurpleTeam is free software: you can redistribute it and/or modify
 // it under the terms of the GNU Affero General Public License as published by
 // the Free Software Foundation version 3.
 
-// purpleteam is distributed in the hope that it will be useful,
+// PurpleTeam is distributed in the hope that it will be useful,
 // but WITHOUT ANY WARRANTY; without even the implied warranty of
 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
 // GNU Affero General Public License for more details.
 
 // You should have received a copy of the GNU Affero General Public License
-// along with purpleteam. If not, see <https://www.gnu.org/licenses/>.
+// along with this PurpleTeam project. If not, see <https://www.gnu.org/licenses/>.
 
 const convict = require('convict');
-const convictFormatWithMoment = require('convict-format-with-moment');
-const convictFormatWithValidator = require('convict-format-with-validator');
+const { duration } = require('convict-format-with-moment');
+const { url } = require('convict-format-with-validator');
 const path = require('path');
 
-convict.addFormat(convictFormatWithMoment.duration);
-convict.addFormat(convictFormatWithValidator.url);
+convict.addFormat(duration);
+convict.addFormat(url);
 
 const internals = { aws_region: process.env.AWS_REGION || 'dummy-region' };
 
@@ -38,6 +38,18 @@ const schema = {
       default: 'notice'
     }
   },
+  processMonitoring: {
+    on: {
+      doc: 'Whether or not to capture and log process events.',
+      format: 'Boolean',
+      default: false
+    },
+    interval: {
+      doc: 'The interval in milliseconds to capture and log the process events.',
+      format: 'duration',
+      default: 10000
+    }
+  },
   debug: {
     execArgvDebugString: {
       doc: 'The process.execArgv debug string if the process is running with it. Used to initiate child processes with in order to debug them.',
@@ -74,19 +86,45 @@ const schema = {
       }
     }
   },
+  s2Containers: {
+    serviceDiscoveryServiceInstances: {
+      timeoutToBeAvailable: {
+        doc: 'The duration in milliseconds before giving up on waiting for the s2 Service Discovery Service Instances to be available.',
+        format: 'duration',
+        default: 120000
+      },
+      retryIntervalToBeAvailable: {
+        doc: 'The retry interval for the s2 Service Discovery Service Instances to be available.',
+        format: 'duration',
+        default: 5000
+      }
+    },
+    responsive: {
+      timeout: {
+        doc: 'The duration in milliseconds before giving up on waiting for the s2 containers to be responsive.',
+        format: 'duration',
+        default: 30000
+      },
+      retryInterval: {
+        doc: 'The retry interval for the s2 containers to be responsive.',
+        format: 'duration',
+        default: 2000
+      }
+    }
+  },
   emissary: {
     protocol: {
-      doc: 'The protocol that the emissary is listening as.',
+      doc: 'The protocol that the Emissary is listening as.',
       format: ['https', 'http'],
       default: 'https'
     },
     hostname: {
-      doc: 'The hostname (IP or name) address of the emissary host.',
+      doc: 'The hostname (IP or name) address of the Emissary host.',
       format: String,
       default: '240.0.0.0'
     },
     port: {
-      doc: 'The port that the emissary is listening on.',
+      doc: 'The port that the Emissary is listening on.',
       format: 'port',
       default: 8080
     },
@@ -106,6 +144,11 @@ const schema = {
         doc: 'The location of the report.',
         format: String,
         default: '/var/log/purpleteam/outcomes/'
+      },
+      formats: {
+        doc: 'The supported formats that reports will be written in.',
+        format: Array,
+        default: ['html', 'json', 'md']
       }
     },
     spider: {
@@ -126,7 +169,7 @@ const schema = {
       }
     },
     shutdownEmissariesAfterTest: {
-      doc: 'Useful for inspecting emissary containers during debugging.',
+      doc: 'Useful for inspecting Emissary containers during debugging.',
       format: 'Boolean',
       default: true
     }
@@ -143,24 +186,19 @@ const schema = {
       default: 'LOW'
     },
     alertThreshold: {
-      doc: 'The number of alerts specified by the build user that the alerts found by Zap should not exceed.',
+      doc: 'The number of alerts specified by the Build User that the alerts found by Zap should not exceed.',
       format: 'int',
       default: 0
     },
     method: {
-      doc: 'The method used to attack the build user supplied route.',
+      doc: 'The method used to attack the Build User supplied route.',
       format: ['GET', 'POST', 'PUT'],
       default: 'POST'
     },
     browser: {
       doc: 'The type of browser to run tests through.',
       format: ['chrome', 'firefox'],
       default: 'chrome'
-    },
-    reportFormat: {
-      doc: 'The supported formats that reports may be written in.',
-      format: ['html', 'json', 'md'],
-      default: 'html'
     }
   },
   cucumber: {
@@ -185,7 +223,7 @@ const schema = {
       // default: `${process.cwd()}/node_modules/.bin/cucumber-js`
       default: `${process.cwd()}/bin/purpleteamParallelCucumber`
     },
-    timeOut: {
+    timeout: {
       doc: 'The value used to set the timeout (https://github.com/cucumber/cucumber-js/blob/master/docs/support_files/timeouts.md)',
       format: 'duration',
       default: 5000

healthcheck.js

@@ -1,18 +1,18 @@
 // Copyright (C) 2017-2021 BinaryMist Limited. All rights reserved.
 
-// This file is part of purpleteam.
+// This file is part of PurpleTeam.
 
-// purpleteam is free software: you can redistribute it and/or modify
+// PurpleTeam is free software: you can redistribute it and/or modify
 // it under the terms of the GNU Affero General Public License as published by
 // the Free Software Foundation version 3.
 
-// purpleteam is distributed in the hope that it will be useful,
+// PurpleTeam is distributed in the hope that it will be useful,
 // but WITHOUT ANY WARRANTY; without even the implied warranty of
 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
 // GNU Affero General Public License for more details.
 
 // You should have received a copy of the GNU Affero General Public License
-// along with purpleteam. If not, see <https://www.gnu.org/licenses/>.
+// along with this PurpleTeam project. If not, see <https://www.gnu.org/licenses/>.
 
 const http = require('http');
 require('convict');

index.js

@@ -1,18 +1,18 @@
 // Copyright (C) 2017-2021 BinaryMist Limited. All rights reserved.
 
-// This file is part of purpleteam.
+// This file is part of PurpleTeam.
 
-// purpleteam is free software: you can redistribute it and/or modify
+// PurpleTeam is free software: you can redistribute it and/or modify
 // it under the terms of the GNU Affero General Public License as published by
 // the Free Software Foundation version 3.
 
-// purpleteam is distributed in the hope that it will be useful,
+// PurpleTeam is distributed in the hope that it will be useful,
 // but WITHOUT ANY WARRANTY; without even the implied warranty of
 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
 // GNU Affero General Public License for more details.
 
 // You should have received a copy of the GNU Affero General Public License
-// along with purpleteam. If not, see <https://www.gnu.org/licenses/>.
+// along with this PurpleTeam project. If not, see <https://www.gnu.org/licenses/>.
 
 require('app-module-path/register');
 const server = require('src/server');

package.json

@@ -25,58 +25,49 @@
   "keywords": [
     "agile",
     "application security",
+    "appsec",
     "bdd",
     "behaviour driven development",
     "blue team",
     "ci",
     "cloud security",
     "continuous deployment",
     "continuous integration",
-    "cli",
-    "cucumber",
     "cybersecurity",
-    "dev sec ops",
-    "red team",
-    "security",
-    "selenium",
-    "infosec",
-    "information security",
-    "tools",
     "devsecops",
     "devops",
-    "dev ops",
-    "purpleteam",
+    "information security",
+    "infosec",
     "owasp",
     "penetration testing",
+    "purple team",
     "purpleteam",
+    "red team",
     "security",
     "security regression testing",
     "software security",
+    "tools",
     "web application security",
-    "web security",
-    "zap"
+    "web security"
   ],
   "author": "Kim Carter",
   "license": "AGPL-3.0-only",
   "bugs": {
     "url": "https://github.com/purpleteam-labs/purpleteam/issues"
   },
   "homepage": "https://purpleteam-labs.com",
-  "// Old version of gherkin is required to satisfy src/scripts/cucumber-redacted.js": "Hopefully cucumber will reinstate the cucumber-redacted functionality at some stage.",
   "dependencies": {
     "@aws-sdk/client-lambda": "^3.18.0",
     "@aws-sdk/client-servicediscovery": "^3.18.0",
     "@cucumber/cucumber": "^7.2.1",
     "@cucumber/gherkin-streams": "2.0.2",
-    "@hapi/bourne": "^2.0.0",
-    "@hapi/good": "^9.0.1",
+    "@hapi/bourne": "^2.0.0",    
     "@hapi/hapi": "^20.1.3",
     "app-module-path": "^2.2.0",
     "axios": "^0.21.1",
     "convict": "^6.1.0",
     "convict-format-with-moment": "^6.0.1",
     "convict-format-with-validator": "^6.0.1",
-    "hapi-good-winston": "^3.0.1",
     "http-proxy-agent": "^4.0.1",
     "joi": "^17.4.0",
     "purpleteam-logger": "^1.1.2",