Merge pull request #211 from pablosnt/develop

Release 1.6.0
pablosnt · May 7, 2023 · fa7e9da · fa7e9da
2 parents dea0518 + 61512ed
commit fa7e9da
Show file tree

Hide file tree

Showing 29 changed files with 469 additions and 109 deletions.
diff --git a/.github/workflows/desktop-applications.yml → .github/workflows/desktop-ui.yml b/.github/workflows/desktop-applications.yml → .github/workflows/desktop-ui.yml
@@ -1,19 +1,17 @@
-name: Desktop applications
+name: Desktop UI
 on:
   workflow_dispatch:
     inputs:
       backend:
-        description: 'Backend URL to connect Desktop app'
+        description: 'Backend URL to connect Desktop UI'
         required: true
         default: 'https://127.0.0.1'
   pull_request:
     paths:
       - 'rekono/frontend/**'
-  release:
-    types: [published]
 
 jobs:
-  desktop:
+  desktop-ui:
     strategy:
       fail-fast: false
       matrix:
@@ -25,6 +23,8 @@ jobs:
           - os: windows-latest
             extension: exe
     runs-on: ${{ matrix.os }}
+    env:
+      DEB_FILENAME: RekonoUI
     steps:
       - name: Checkout
         uses: actions/checkout@v3
@@ -56,27 +56,23 @@ jobs:
         working-directory: rekono/frontend
         run: npm install .
 
-      - name: Generate Desktop app
+      - name: Generate Desktop UI
         working-directory: rekono/frontend
         run: npm run electron:build
 
-      - name: Upload Desktop app as GitHub artifact
+      - name: Change DEB filename
+        if: matrix.os != 'windows-latest'
+        working-directory: rekono/frontend/dist_electron
+        run: mv *.${{ matrix.extension }} $DEB_FILENAME.${{ matrix.extension }}
+
+      - name: Change DEB filename
+        if: matrix.os == 'windows-latest'
+        working-directory: rekono/frontend/dist_electron
+        run: ren *.${{ matrix.extension }} %DEB_FILENAME%.${{ matrix.extension }}
+
+      - name: Upload Desktop UI as GitHub artifact
         uses: actions/upload-artifact@v3
         with:
-          name: rekono_${{ matrix.os }}
-          path: rekono/frontend/dist_electron/*.${{ matrix.extension }}
+          name: ${{ env.DEB_FILENAME }}_${{ matrix.os }}
+          path: rekono/frontend/dist_electron/${{ env.DEB_FILENAME }}.${{ matrix.extension }}
           if-no-files-found: warn
-
-      - name: Upload Desktop app to GitHub release
-        if: github.event_name == 'release' && matrix.os != 'windows-latest'
-        working-directory: rekono/frontend/dist_electron
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        run: gh release upload --repo pablosnt/rekono ${{ github.event.release.name }} *.${{ matrix.extension }}
-
-      - name: Upload Desktop app to GitHub release
-        if: github.event_name == 'release' && matrix.os == 'windows-latest'
-        working-directory: rekono/frontend/dist_electron
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        run: gh release upload --repo pablosnt/rekono ${{ github.event.release.name }} "Rekono Setup ${{ github.event.release.name }}.${{ matrix.extension }}"
diff --git a/.github/workflows/desktop.yml b/.github/workflows/desktop.yml
@@ -0,0 +1,42 @@
+name: Desktop app
+on:
+  release:
+    types: [published]
+
+jobs:
+  docker-image:
+    name: Docker Image
+    runs-on: ubuntu-latest
+    environment: docker-hub
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+
+      - uses: actions/setup-node@v3
+        with:
+          node-version: 16
+
+      - name: Install dependencies
+        working-directory: rekono/frontend
+        run: npm install .
+
+      - name: Configure Rekono backend
+        working-directory: rekono/frontend
+        run: echo "VUE_APP_DESKTOP_BACKEND_URL=http://127.0.0.1:8000" > .env.production
+
+      - name: Generate Desktop UI
+        working-directory: rekono/frontend
+        run: npm run electron:build
+
+      - name: Build Docker image
+        run: docker build --build-arg REKONO_VERSION=${{ github.event.release.name }} --file docker/debian/Dockerfile --tag ${{ secrets.DOCKER_USER }}/rekono:${{ github.event.release.name }} .
+
+      - name: Publish Docker image in Docker Hub
+        run: |
+          docker tag ${{ secrets.DOCKER_USER }}/rekono:${{ github.event.release.name }} ${{ secrets.DOCKER_USER }}/rekono:latest
+          docker login -u ${{ secrets.DOCKER_USER }} -p ${{ secrets.DOCKER_TOKEN }}
+          docker push ${{ secrets.DOCKER_USER }}/rekono:${{ github.event.release.name }}
+          docker push ${{ secrets.DOCKER_USER }}/rekono:latest
+          docker logout
diff --git a/.github/workflows/security-containers.yml b/.github/workflows/security-containers.yml
@@ -0,0 +1,86 @@
+name: Containers
+on:
+  workflow_dispatch:
+  pull_request:
+    paths:
+      - 'docker/**'
+      - 'docker-compose.yml'
+
+jobs:
+  docker-compose:
+    name: Docker Compose
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+
+      - name: Build Docker images
+        run: docker-compose build
+
+      - name: Scan Nginx image with Trivy
+        continue-on-error: true
+        uses: aquasecurity/trivy-action@master
+        with:
+          image-ref: rekono-nginx
+          format: table
+          exit-code: 1
+
+      - name: Scan Kali image with Trivy
+        continue-on-error: true
+        uses: aquasecurity/trivy-action@master
+        with:
+          image-ref: rekono-kali
+          format: table
+          exit-code: 1
+
+      - name: Scan Backend image with Trivy
+        continue-on-error: true
+        uses: aquasecurity/trivy-action@master
+        with:
+          image-ref: rekono-backend
+          format: table
+          exit-code: 1
+
+      - name: Scan Frontend image with Trivy
+        continue-on-error: true
+        uses: aquasecurity/trivy-action@master
+        with:
+          image-ref: rekono-frontend
+          format: table
+          exit-code: 1
+
+  debian-image:
+    name: Debian Image
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+
+      - uses: actions/setup-node@v3
+        with:
+          node-version: 16
+
+      - name: Install dependencies
+        working-directory: rekono/frontend
+        run: npm install .
+
+      - name: Generate Desktop app
+        working-directory: rekono/frontend
+        run: npm run electron:build
+
+      - name: Build Docker image
+        run: docker build --build-arg REKONO_VERSION=dev --file docker/debian/Dockerfile --tag rekono-debian .
+
+      - name: Scan Debian image with Trivy
+        continue-on-error: true
+        uses: aquasecurity/trivy-action@master
+        with:
+          image-ref: rekono-debian
+          format: table
+          exit-code: 1
+
+
diff --git a/.github/workflows/security-secrets.yml b/.github/workflows/security-secrets.yml
@@ -1,4 +1,4 @@
-name: Secrets scanning
+name: Secrets
 on:
   workflow_dispatch:
   pull_request:

diff --git a/.github/workflows/unit-testing.yml b/.github/workflows/unit-testing.yml
@@ -1,4 +1,4 @@
-name: Unit testing
+name: Unit tests
 on:
   workflow_dispatch:
   pull_request:
@@ -11,8 +11,8 @@ env:
   REQUIRED_COVERAGE: 95
 
 jobs:
-  unit-testing:
-    name: Unit testing
+  unit-tests:
+    name: Unit tests
     runs-on: ubuntu-latest
     steps:
       - name: Checkout

diff --git a/.gitignore b/.gitignore
@@ -151,4 +151,9 @@ yarn-error.log*
 
 # Docker TLS configuration
 *.key
-*.crt
+*.crt
+
+# Debian package
+*.desktop
+rekono-kbx
+*.kaboxer.yaml
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -3,6 +3,26 @@ All notable changes to this project will be documented in this file.
 
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [1.6.0] - 2023-05-07
+
+### Added
+
+- Link to Rekono Bot in profile page when it is configured (https://github.com/pablosnt/rekono/issues/198)
+- New standalone desktop app that can be installed using a DEB package (https://github.com/pablosnt/rekono/issues/203)
+
+### Fixed
+
+- Allow some special characters in authentication username values (https://github.com/pablosnt/rekono/issues/192)
+- Allow some special characters in authentication credential values (https://github.com/pablosnt/rekono/issues/194)
+- Fix warnings showed when access API documentation (https://github.com/pablosnt/rekono/issues/201)
+- Increase Redis queues timeout to prevent failures in large tasks (https://github.com/pablosnt/rekono/issues/206)
+
+### Security
+
+- Remove `X-XSS-Protection` header as it could introduce other vulnerabilities (https://github.com/pablosnt/rekono/issues/195)
+- Upgrade `Django` version to `3.2.19` (https://github.com/pablosnt/rekono/issues/209)
+
+
 ## [1.5.1] - 2023-03-10
 
 ### Fixed

diff --git a/README.md b/README.md
@@ -1,25 +1,31 @@
 <p align="center">
-  <a href="https://github.com/pablosnt/rekono/actions/workflows/unit-testing.yml" alt="Unit testing">
+  <a href="https://github.com/pablosnt/rekono/actions/workflows/unit-testing.yml" alt="Unit testing" target="_blank">
     <img src="https://github.com/pablosnt/rekono/actions/workflows/unit-testing.yml/badge.svg"/>
   </a>
-  <a href="https://github.com/pablosnt/rekono/actions/workflows/desktop-applications.yml" alt="Desktop applications">
+  <a href="https://github.com/pablosnt/rekono/actions/workflows/desktop-applications.yml" alt="Desktop applications" target="_blank">
     <img src="https://github.com/pablosnt/rekono/actions/workflows/desktop-applications.yml/badge.svg"/>
   </a>
-  <a href="https://github.com/pablosnt/rekono/actions/workflows/security-sast.yml" alt="SAST">
+  <a href="https://github.com/pablosnt/rekono/actions/workflows/security-sast.yml" alt="SAST" target="_blank">
     <img src="https://github.com/pablosnt/rekono/actions/workflows/security-sast.yml/badge.svg"/>
   </a>
-  <a href="https://snyk.io/test/github/pablosnt/rekono" alt="SCA">
+  <a href="https://snyk.io/test/github/pablosnt/rekono" alt="SCA" target="_blank">
     <img src="https://badgen.net/snyk/pablosnt/rekono?label=SCA&labelColor=black&icon=https://snyk.io/wp-content/uploads/patch-white.svg">
   </a>
-  <a href="https://github.com/pablosnt/rekono/actions/workflows/security-secrets.yml" alt="Secrets scanning">
+  <a href="https://github.com/pablosnt/rekono/actions/workflows/security-secrets.yml" alt="Secrets scanning" target="_blank">
     <img src="https://github.com/pablosnt/rekono/actions/workflows/security-secrets.yml/badge.svg"/>
   </a>
-  <a href="https://github.com/pablosnt/rekono/actions/workflows/code-style.yml" alt="Code style">
+  <a href="https://github.com/pablosnt/rekono/actions/workflows/code-style.yml" alt="Code style" target="_blank">
     <img src="https://github.com/pablosnt/rekono/actions/workflows/code-style.yml/badge.svg"/>
   </a>
-  <a href="https://discord.gg/Zyduu5C7M3">
+  <a href="https://discord.gg/Zyduu5C7M3" target="_blank">
     <img src="https://img.shields.io/badge/Discord-Join-black?style=social&logo=discord"/>
   </a>
+  <a href="https://ko-fi.com/pablosnt" target="_blank">
+    <img src="https://ko-fi.com/img/githubbutton_sm.svg" width="160"/>
+  </a>
+  <a href="https://www.buymeacoffee.com/pablosnt" target="_blank">
+    <img src="https://cdn.buymeacoffee.com/buttons/v2/default-yellow.png" alt="Buy Me A Coffee" width="75"/>
+  </a>
 </p>
 
 # <p align="center"><img src="rekono/frontend/public/static/logo-black.png" width="500"/></p>
@@ -48,9 +54,11 @@ Why not automate this process and focus on find vulnerabilities using your skill
 
 ## Quick Start
 
+### Docker
+
 Execute the following commands in the root directory of the project:
 
-```
+```bash
 docker-compose build
 docker-compose up -d --scale executions-worker=5
 ```
@@ -61,6 +69,20 @@ Go to https://127.0.0.1/
 
 > The number of workers can be changed using `--scale` option. The number of `executions-worker` determines the number of tools that could be executed at the same time.
 
+
+### Rekono Desktop
+
+Rekono Desktop is a standalone app with all features, that can be installed and executed locally. It's the best and easiest option for personal and local usage. Execue the following command to install it:
+
+```bash
+wget https://github.com/pablosnt/rekono/releases/download/1.6.0/rekono-desktop_1.6.0_amd64.deb && dpkg -i rekono-desktop_1.6.0_amd64.deb || apt -f install -y
+```
+
+> Default credentials are `rekono:rekono`. For security reasons, **password should be changed** the first time you access the account
+
+> :warning: Rekono Desktop only has been tested in Kali Linux and Parrot OS
+
+
 Check [**full documentation**](https://github.com/pablosnt/rekono/wiki) for more installation and configuration options, user guides, integrations, Rekono Desktop, Rekono Bot and Rekono CLI details.
 
 
@@ -92,7 +114,9 @@ Rekono supports the execution of this hacking tools:
 Thanks to all the contributors of these amazing tools!
 
 
-## Support
+## Reach Us
+
+You can get support, ask questions, solve doubts or solve problems using:
 
 <p>
   <a href="https://github.com/pablosnt/rekono/issues/new?labels=help+wanted%2C+question&template=support.md" alt="GitHub Issue">
@@ -106,6 +130,18 @@ Thanks to all the contributors of these amazing tools!
   </a>
 </p>
 
+Rekono is an open source project that we really love to maintain and it's absolutely our pleasure, but we would like to offer the possibility of supporting Rekono's development via donations. At the moment, the project only needs its maintainer's time to stay up to date with new features and fix bugs. However, in the future, it could need more expensive resources like hosting, new web pages for documentation, the inclusion of premium hacking tools, etc. With the help received from our supporters, Rekono will be able to grow fastly and have the resources that it deserves. Of course, you can use the donations just to appreciate our work. Thank you for your help!
+
+<p>
+  <a href="https://ko-fi.com/pablosnt" target="_blank">
+    <img src="https://storage.ko-fi.com/cdn/brandasset/kofi_s_tag_white.png" width="130"/>
+  </a>
+  <a href="https://www.buymeacoffee.com/pablosnt" target="_blank">
+    <img src="https://img.buymeacoffee.com/button-api/?text=Buy me a coffee&emoji=&slug=pablosnt&button_colour=FFDD00&font_colour=000000&font_family=Cookie&outline_colour=000000&coffee_colour=ffffff"/>
+  </a>
+</p>
+
+> The main differences between them are that BuyMeACoffe charges fees over each donation while Ko-fi doesn't and Ko-fi supports PayPal payments while BuyMeACoffe doesn't
 
 ## License