Skip to content

Latest commit

 

History

History
135 lines (121 loc) · 6.51 KB

README.md

File metadata and controls

135 lines (121 loc) · 6.51 KB

Dive into a new Pentesting Experience with
Athena OS

Download Athena OS Download Athena OS

image

🏅Born for InfoSec Professionals, Bug Bounty Hunters, Passionate Students and Spicy Hackers🏅


Click Docker icon above to explore Athena OS Docker containers!

Click the icon above to explore Athena OS WSL in Microsoft Store App!

Hephaestus

Hephaestus is the Athena OS Continuous Integration/Continuous Delivery Builder to improve the integration and delivery of the packages.

As a container, it can be run in every platform supporting Docker or Podman. It is used to automate the building and delivery of Athena OS packages and for package debugging.

**===========================================================**
||     __  __           __                    __             ||
||    / / / /__  ____  / /_  ____ ____  _____/ /___  _______ ||
||   / /_/ / _ \/ __ \/ __ \/ __ `/ _ \/ ___/ __/ / / / ___/ ||
||  / __  /  __/ /_/ / / / / /_/ /  __(__  ) /_/ /_/ (__  )  ||
|| /_/ /_/\___/ .___/_/ /_/\__,_/\___/____/\__/\__,_/____/   ||
||            /_/                                            ||
**===========================================================**

The Athena OS CI/CD Builder

Usage: ./hephaestus [-a] [-c <ncores>] [-d] [-r] [-s] [-u] [-w] [-x] [package1 package2 ...]

Options:
-a     Build all packages.
-c     Set number of cores for building (maximum 4).
-d     Skip all dependency checks.
-h     Print this Help.
-r     Upload packages to the specified repository server. Use '-e SSH_SEC=' to specify the SSH secret object and '-e REPOSITORY_SERVER=' to define the target repository server as container environment variable arguments.
-s     Sign packages. Use '-e GPG_SEC' to specify the signing key secret object as container environment variable argument.
-u     Update the package repository database.
-w     Overwrite existing packages in the output directory.
-x     Search for the fastest mirrors.

It builds the specified packages or all the repository packages if no package names are provided.

First to proceed, it is important to set the secret objects of GPG and SSH keys if needed. To do it in a secure manner:

  1. create a file named key-sec-file, write the secret inside it and save it;
  2. create a file named ssh-sec-file, write the secret inside it and save it.

Then, run:

podman secret create key-sec key-sec-file
podman secret create ssh-sec ssh-sec-file

Finally, remove the file storing the secrets because no needed anymore:

rm key-sec-file ssh-sec-file

Hephaestus can be run by using the following parameters:

systemctl start --user podman
podman run \
    -ti \
    --rm \
    --secret key-sec \
    --secret ssh-sec \
    --secret strapi-sec \
    --ulimit nofile=1024:524288 \ # Fix fakeroot hanging
    --userns=keep-id \ # Prevent to set root as owner of mounted volume directories
    -v "/srv/mirrors/athena:/src/output" \ # Set the target directory to store packages
    -v "/srv/logs:/src/logs" \ # Set the target directory to store build logs
    -v "$HOME/keydir:/src/keydir" \ # Set the target directory to retrieve the signing key from the host
    -e [email protected]:/path/to/dir// \ # Set the target repository server
    -e PRE_EXEC="ls -la /src" \ # Pre-build command
    -e POST_EXEC="ls -la /src/output" # Post-build command
    docker.io/athenaos/hephaestus -a -d -r -s -x

Example usage:

podman run -ti --rm --secret key-sec --ulimit nofile=1024:524288 --userns=keep-id -v "/srv/mirrors/athena:/src/output" -v "$HOME/keydir:/src/keydir" -e GPG_SEC="key-sec" docker.io/athenaos/hephaestus -s -x bloodhound-python certipy