{"id":50997936,"url":"https://github.com/dxsk/dotenv-sec","last_synced_at":"2026-06-20T11:02:21.886Z","repository":{"id":363438251,"uuid":"1263356132","full_name":"Dxsk/dotenv-sec","owner":"Dxsk","description":"Pentest environment launcher: one CLI for tmux sessions, MITM proxy, isolated Chromium, and Exegol integration. Security-hardened Docker images with CI/Trivy scanning.","archived":false,"fork":false,"pushed_at":"2026-06-08T23:36:07.000Z","size":61,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-06-09T00:13:24.884Z","etag":null,"topics":["automation","bugbounty","chromium","cli","docker","dotenv","exegol","mitmproxy","offensive-security","pentesting","security-tools","tmux"],"latest_commit_sha":null,"homepage":"","language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Dxsk.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2026-06-08T21:58:07.000Z","updated_at":"2026-06-08T23:36:11.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/Dxsk/dotenv-sec","commit_stats":null,"previous_names":["dxsk/dotenv-sec"],"tags_count":null,"template":false,"template_full_name":null,"purl":"pkg:github/Dxsk/dotenv-sec","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Dxsk%2Fdotenv-sec","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Dxsk%2Fdotenv-sec/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Dxsk%2Fdotenv-sec/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Dxsk%2Fdotenv-sec/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Dxsk","download_url":"https://codeload.github.com/Dxsk/dotenv-sec/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Dxsk%2Fdotenv-sec/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":34566920,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-06-20T02:00:06.407Z","response_time":98,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["automation","bugbounty","chromium","cli","docker","dotenv","exegol","mitmproxy","offensive-security","pentesting","security-tools","tmux"],"created_at":"2026-06-20T11:02:21.003Z","updated_at":"2026-06-20T11:02:21.878Z","avatar_url":"https://github.com/Dxsk.png","language":"Shell","funding_links":["https://buymeacoffee.com/dxsk"],"categories":[],"sub_categories":[],"readme":"# dotenv-sec\n\n[![CI](https://img.shields.io/github/actions/workflow/status/Dxsk/dotenv-sec/ci.yml?branch=main\u0026style=flat-square\u0026label=CI\u0026logo=github)](https://github.com/Dxsk/dotenv-sec/actions/workflows/ci.yml)\n[![License](https://img.shields.io/github/license/Dxsk/dotenv-sec?style=flat-square\u0026color=2EA043)](LICENSE)\n[![Bash](https://img.shields.io/badge/Bash-4EAA25?style=flat-square\u0026logo=gnubash\u0026logoColor=white)](https://www.gnu.org/software/bash/)\n[![Docker](https://img.shields.io/badge/Docker-2496ED?style=flat-square\u0026logo=docker\u0026logoColor=white)](https://www.docker.com/)\n[![Built for Exegol](https://img.shields.io/badge/Built_for-Exegol-FF6B35?style=flat-square)](https://exegol.com/)\n[![Security: Trivy](https://img.shields.io/badge/Security-Trivy-1904DA?style=flat-square\u0026logo=aquasec\u0026logoColor=white)](https://trivy.dev/)\n\n**Pentest environment launcher**: one CLI to spawn your entire offensive security workspace:\n\n- tmux sessions\n- MITM proxy\n- isolated Chromium\n- Exegol integration\n- a wired recon → scan → audit pipeline\n\n## Architecture\n\n```\ndotsec new acme-corp example.com\n         │\n         ├─► /workspace/acme-corp/   ← full engagement tree\n         │       └─ .env              ← per-engagement vars\n         │\n         ├─► tmux session \"acme-corp\" ← 6 windows (recon→monitor)\n         │\n         ├─► mitmproxy container      ← proxy:9999 + webUI:9998\n         │       └─► chromium container ← routed through proxy\n         │\n         └─► homer dashboard          ← all services at a glance (port 9997)\n```\n\n## Quickstart\n\n```bash\n# Install\nmake install\n\n# New engagement: workspace + proxy + Exegol + tmux + proxied browser\ndotsec new acme-corp example.com\n\n# Source the engagement env into your current shell\ndotsec load acme-corp\n\n# Optional: dashboard, then attach the tmux session\ndotsec board up\ndotsec tmux attach acme-corp\n```\n\n## Commands\n\n| Command | Description |\n|---------|-------------|\n| `dotsec new [-w \u003cpath\u003e] \u003ctarget\u003e [domain]` | Init workspace + proxy + Exegol + tmux |\n| `dotsec load \u003ctarget\u003e` | Source engagement environment variables |\n| `dotsec unload` | Unset all engagement vars |\n| `dotsec list` | List all engagements under `/workspace/` |\n| `dotsec spawn [session]` | Spawn 6-window pentest tmux in Exegol + attach |\n| `dotsec proxy up\\|down\\|status\\|logs` | Manage mitmproxy Docker container |\n| `dotsec browser [target]` | Launch Chromium routed through proxy |\n| `dotsec listener up\\|down\\|logs\\|status` | OOB HTTP callback server + ssh tunnel |\n| `dotsec board up\\|down\\|reload\\|status` | Homer dashboard at http://127.0.0.1:9997 |\n| `dotsec secrets [target]` | Show masked secret status for an engagement |\n| `dotsec rotate [target] [type]` | Regenerate secrets (all\\|token\\|mitmweb\\|ssh\\|ca) |\n| `dotsec tmux attach\\|create\\|kill\\|ls` | tmux sessions inside Exegol |\n| `dotsec log \u003ccmd...\u003e` | Run command and log to `commands.log` |\n| `dotsec archive [target]` | Archive workspace to tar.gz |\n| `dotsec rm \u003ctarget\u003e [--archive]` | Remove engagement (containers + workspace) |\n| `dotsec stop \u003ctarget\u003e` | Stop proxy + tmux for the engagement |\n| `dotsec restart \u003ctarget\u003e` | Restart proxy + Exegol + tmux |\n| `dotsec exegol exec\\|shell\\|setup` | Run commands / provision tooling inside Exegol |\n| `dotsec status [target]` | Overview: engagements, proxy/tmux, stats |\n| `dotsec info` | Show current engagement + global config status |\n\n## Configuration\n\n### Global defaults: `~/.config/dotenvsec/config`\n\n```bash\nexport EXEGOL_CONTAINER=\"exegol\"  # default Exegol container\nexport UA=\"H1-yourhandle\"         # default User-Agent\nexport PROXY_PORT=\"9999\"\nexport WEB_PORT=\"9998\"\nexport HOMER_PORT=\"9997\"\nexport PLATFORM=\"h1\"              # h1 | ywh | inti | custom\n```\n\n### Per-engagement: `/workspace/$TARGET/.env`\n\n```bash\nexport TARGET=\"acme-corp\"\nexport DOMAIN=\"acme-corp.com\"\nexport UA=\"H1-myhandle\"\nexport HTTP_PROXY=\"http://127.0.0.1:9999\"\nexport EXEGOL_CONTAINER=\"exegol\"\n```\n\n## Secrets\n\nEach `dotsec new` generates per-engagement secrets (idempotent, never committed) into the workspace:\n\n- `.env.secrets` (chmod 600): `DOTSEC_SESSION_SECRET`, `DOTSEC_API_TOKEN`, `MITMWEB_PASS`\n- `keys/id_ed25519`: ephemeral Ed25519 SSH key (600), `keys/id_ed25519.pub` (644)\n- CA certificate: generated on first `proxy up` into `proxy/certs/`\n\n```bash\ndotsec secrets acme-corp          # show masked status (never prints values)\ndotsec rotate acme-corp           # regenerate all secrets (prompts for ssh/ca/all)\ndotsec rotate acme-corp token     # rotate tokens only (no prompt)\ndotsec rotate acme-corp mitmweb   # rotate proxy password only (no prompt)\n```\n\n## MITM Proxy\n\n```bash\ndotsec proxy up          # start mitmproxy container\n# → Proxy  : http://127.0.0.1:9999\n# → Web UI : http://127.0.0.1:9998\n# → CA PEM : /workspace/$TARGET/proxy/certs/mitmproxy-ca-cert.pem\n\ndotsec proxy status      # check container\ndotsec proxy logs        # tail container logs\ndotsec proxy down        # stop container\n```\n\n### Browser integration\n\nInstall the CA certificate in your browser once, then:\n\n```bash\ndotsec browser           # Chromium auto-routed through proxy\n```\n\nOr configure any browser to use `http://127.0.0.1:9999` as HTTP/HTTPS proxy.\n\n## Exegol integration\n\n```bash\ndotsec exegol shell                  # open shell in Exegol\ndotsec exegol exec nmap -sV target   # run command inside Exegol\ndotsec exegol exec \"sqlmap -u ...\"   # quoted multi-word commands\ndotsec exegol setup                  # install uv + pnpm inside Exegol\n```\n\n### Exegol tool provisioning\n\nThe project ships a `my-resources` bundle deployed (merged) to `~/.exegol/my-resources/`\nvia `make exegol-setup` (also run by `make install`).\n\nThe bundle includes:\n- **recon** scripts: `recon-subs`, `recon-alive`, `recon-fingerprint`, `recon-portscan`, `recon-screenshot`, `recon-crawl`, `recon-urls`, `recon-loot`, `recon-extract`, `recon-sourcemaps`, `recon-full`, `dl`\n- **scan** scripts: `scan-nuclei` (vuln scan), `scan-takeover` (dangling CNAME; subzy → nuclei fallback)\n- **audit** scripts: `audit-code` (secrets/SAST/SCA), `audit-sinks` (dangerous functions), `audit-endpoints` (routes + JS surface), `audit-hotspots` (ranked candidates), `audit-full`\n- Shell aliases and preloaded history\n- `load_user_setup.sh`: idempotent installer for the tools the scripts need that the base image lacks (xnLinkFinder, waymore, sourcemapper, osv-scanner, …)\n\n```bash\nmake exegol-setup   # deploy/merge bundle to ~/.exegol/my-resources/\n```\n\nScripts run **inside** the Exegol container, driven by engagement env vars (`$DOMAIN`, `$WORKSPACE`).\nTypical flow in a loaded engagement window:\n\n```bash\nrecon-full       # discovery → portscan → screenshots → crawl → loot → JS extract\nscan-nuclei      # vulnerability scan of the alive hosts (routed through the proxy)\nscan-takeover    # subdomain takeover check\naudit-code       # white-box audit of recovered source / sourcemaps\naudit-full       # full white-box pass: secrets + SCA + sinks + endpoints + ranked hotspots\n```\n\nOn first container start, Exegol auto-runs `/opt/my-resources/setup/load_user_setup.sh`.\nTo trigger it manually (also installs missing tooling):\n\n```bash\ndotsec exegol setup\n```\n\n## OOB Listener\n\nOut-of-band HTTP callback server (SSRF/XXE/SSTI blind) in a container, exposed\npublicly through an auth-less `ssh -R` tunnel (localhost.run). HTTP only.\n\n```bash\ndotsec listener up              # container + public URL (in workspace/oob/url.txt)\ndotsec listener up --no-tunnel  # local only (127.0.0.1:9996), expose it yourself\ndotsec listener logs            # tail captured hits (workspace/oob/hits.log)\ndotsec listener status          # container + public URL\ndotsec listener down            # stop container + kill tunnel\n```\n\nEvery hit is logged with timestamp, source IP, method, path, headers and body.\n\n## Docker Security\n\n- Base images pinned by `@sha256` digest\n- Containers run as root today (non-root hardening tracked separately); all service ports are \u003e1024 (rootless-Docker friendly)\n- CI pipeline runs Trivy vulnerability scans on every push\n- Scheduled scan every Monday + automatic CVE issue creation\n\n## Makefile\n\n| Target | Description |\n|--------|-------------|\n| `make install` | Full setup: symlinks + config + shell integration + build images |\n| `make build` | Build all Docker images |\n| `make scan` | Run Trivy vulnerability scanner on all images |\n| `make test` | Run bats tests |\n| `make lint` | Run shellcheck on all bash |\n| `make smoke` | Docker integration smoke (requires `make build`) |\n| `make update` | Git pull + rebuild images |\n| `make clean` | Stop and remove all mitmproxy containers |\n| `make uninstall` | Remove symlinks and config |\n\n## Install\n\nRequires: `zsh`, `docker`, `tmux`, optionally `trivy`.\n\n```bash\ngit clone git@github.com:Dxsk/dotenv-sec.git\ncd dotenv-sec\nmake install\nsource ~/.zshrc\n```\n\n## Development\n\n```bash\npre-commit install   # runs shellcheck + bats on every commit\nmake test            # bats test suite\nmake lint            # shellcheck all bash\nmake smoke           # Docker integration smoke (requires make build)\n```\n\n## Contributing\n\nIssues and pull requests are welcome.\n\n- **Feature / tool request**: [open an issue](https://github.com/Dxsk/dotenv-sec/issues/new?labels=enhancement) describing the tool or stage you'd like wired into the pipeline.\n- **Bug report**: [open an issue](https://github.com/Dxsk/dotenv-sec/issues/new?labels=bug) with your Exegol image, the exact command, and the output.\n- **Question / anything else**: [open an issue](https://github.com/Dxsk/dotenv-sec/issues/new?labels=question).\n\nFor code: fork, branch (`feat/…` or `fix/…`), keep it shellcheck-clean with tests green (see [Development](#development)), then open a PR.\n\n## License\n\nMIT: see [LICENSE](LICENSE).\n\n## Support\n\nIf `dotsec` saves you time on engagements, you can support the work:\n\n[![Buy Me A Coffee](https://img.shields.io/badge/Buy_Me_A_Coffee-FFDD00?style=for-the-badge\u0026logo=buy-me-a-coffee\u0026logoColor=black)](https://buymeacoffee.com/dxsk)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdxsk%2Fdotenv-sec","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdxsk%2Fdotenv-sec","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdxsk%2Fdotenv-sec/lists"}