Skip to content

Cervantes is an open-source, collaborative platform designed specifically for pentesters and red teams. It serves as a comprehensive management tool, streamlining the organization of projects, clients, vulnerabilities, and reports in a single, centralized location.

License

Notifications You must be signed in to change notification settings

CervantesSec/cervantes

Cervantes logo

GITHUB TWITTER WEB DISCORD DOCS

Cervantes is an open-source, collaborative platform designed specifically for pentesters and red teams. It serves as a comprehensive management tool, streamlining the organization of projects, clients, vulnerabilities, and reports in a single, centralized location.

By facilitating efficient data management and providing a unified workspace, Cervantes aims to significantly reduce the time and effort required in the coordination and execution of penetration testing activities.

Supported

Cervantes is an OWASP Foundation Project

Technologies

DOTNET CSHARP RIDER JS HTML CSS

Features

  • OpenSource
  • Multiplatform
  • Multilanguage
  • Team Collaboration
  • Checklists
  • OWASP Compliance Reports
  • BuiltIn dashboards and analytics
  • Manage your clients and Offensive Security projects
  • One click reports creation
  • And more

Runtime requirements

  • Docker
  • Docker compose

How to run it locally with Docker compose

  • First you need to clone this repository
git clone https://github.com/CervantesSec/docker.git
  • After that you need to start your docker containers:
docker-compose -p cervantes -f docker-compose.yml up -d

Default User and Password

When you first launch the Cervantes application, a default user is created for you. The default username is admin@cervantes.local.

The password for this user is generated randomly during the creation of the application container and the first launch of the application. This means that the password is unique for each instance of the application and provides an additional layer of security.

Please note that it's important to change the default password as soon as possible to ensure the security of your application. You can do this by logging in with the default user and navigating to the user settings page.

Remember, the security of your application is paramount. Always use strong, unique passwords and change them regularly.

How to run it locally from source

Requirements

How to run it locally

To install the Cervantes application from the source code, you can follow these steps:

  • Clone the Repository: First, you need to clone the repository from GitHub. You can do this by running the following command in your terminal:
git clone https://github.com/CervantesSec/cervantes.git
  • Navigate to the Project Directory: Once the repository is cloned, navigate to the project directory:
cd Cervantes
  • Edit appsettings.json: To use the application you need to edit the appsettings.json file inside the Cervantes.Web folder.

Database Connection String The database connection string is used to connect your application to your database. It usually includes the server name, database name, and authentication details. Here's an example of how it might look in your appsettings.json:

{
  "ConnectionStrings": {
    "DefaultConnection": "Server=myServerAddress;Database=myDataBase;Username=myUsername;Password=myPassword"
  },
}

Replace myServerAddress, myDataBase, myUsername, and myPassword with your actual database details.

  • Install Dependencies: The project uses .NET 8.0, so you need to have it installed on your machine. If you don't have it, you can download it from the official .NET website. Once .NET is installed, you can install the project dependencies by running:
dotnet restore
  • Build the Project: After the dependencies are installed, you can build the project:
dotnet build
  • Run the Project: Finally, you can run the project:
dotnet run --project Cervantes.Web/Cervantes.Web.csproj

The application should now be running at http://localhost:5000.

Please note that this is a basic installation guide and the actual process might vary depending on the project's specific configuration and requirements. For example, if the project uses a database, you might need to set up the database and update the connection string in the configuration file.

How to contribute

Here are some things you could do to become a contributor:

  • ★ Star this project on Github ★
  • Suggest new features or ideas
  • Improve the code of the platform components
  • Report security issues

Before you jump to make any changes make sure you have read the contributing guidelines. This would save us all time. Thanks!

paypal

Security

Please report Security issues via our disclosure policy.

How to report bugs

If you have bugs to report please use the issues tab on Github to submit the details.