{"id":15653970,"url":"https://github.com/fabaff/fsl-test-bench","last_synced_at":"2025-04-15T16:56:29.714Z","repository":{"id":7800206,"uuid":"9170496","full_name":"fabaff/fsl-test-bench","owner":"fabaff","description":"FSL Test bench - Ansible playbook repository to setup a save environment for security auditing and testing. It can be used for teaching security testing methodologies, testing tools, learning, and playing.","archived":false,"fork":false,"pushed_at":"2024-11-26T23:27:43.000Z","size":3161,"stargazers_count":29,"open_issues_count":0,"forks_count":11,"subscribers_count":5,"default_branch":"master","last_synced_at":"2025-03-28T22:41:49.750Z","etag":null,"topics":["ansible","fedora","fedora-security-lab","pentesting","playground","security","vulnerable"],"latest_commit_sha":null,"homepage":"https://labs.fedoraproject.org/en/security/","language":"Jinja","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/fabaff.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2013-04-02T13:11:00.000Z","updated_at":"2024-11-27T05:31:35.000Z","dependencies_parsed_at":"2024-06-11T18:59:16.785Z","dependency_job_id":"a23bd268-8546-495a-ba24-c90818d4d98a","html_url":"https://github.com/fabaff/fsl-test-bench","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fabaff%2Ffsl-test-bench","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fabaff%2Ffsl-test-bench/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fabaff%2Ffsl-test-bench/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fabaff%2Ffsl-test-bench/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/fabaff","download_url":"https://codeload.github.com/fabaff/fsl-test-bench/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":249116134,"owners_count":21215140,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ansible","fedora","fedora-security-lab","pentesting","playground","security","vulnerable"],"created_at":"2024-10-03T12:48:38.491Z","updated_at":"2025-04-15T16:56:29.689Z","avatar_url":"https://github.com/fabaff.png","language":"Jinja","funding_links":[],"categories":[],"sub_categories":[],"readme":"# FSL Test bench\n\nThe **FSL Test bench** provides a save environment for security auditing and\ntesting and can be used for teaching security testing methodologies. At the\nmoment the focus lies on web applications. All application are running on \ntop of a current Fedora installation with\na ​Lighttpd web server and a ​MySQL server. \n\nThe FSL Test bench includes:\n\n* Vulnerable web applications (DVWA, bWAPP, SQLI Labs, MIRC and more)\n* PHP shells (PHP Shell, ​b374k and ​DNA Shell)\n* Low-interaction honeypots\n* ​Helper tools (Log viewer, CGIs, ​linfo and ​phpmyadmin) \n\nAll applications are directly accessible from a [bootstrap](http://twitter.github.io/bootstrap/)-based website. \n\nThe FSL Test bench repository contains a subset of playbooks from the \n[**fedora-ansible** git repository](https://github.com/fabaff/fedora-ansible) \nmaintained by [Fabian Affolter](http://fabian-affolter.ch). \n\nIf you have just found Ansible or the Fedora Security Lab, you should start here:\n\n * [Fedora Security Lab](https://pagure.io/security-lab)\n\n## Prerequisites\n\nThe setup of Ansible is explained on the\n[Ansible Getting Started](http://ansible.cc/docs/gettingstarted.html) page.\nHere is only the setup of the managed nodes and special details for the\nmanagement system covered. For every system you want to manage, you need to\nhave the client's SSH key in the *authorized_keys* file of the managed system\nand Python.\n\n### Packages\n\nMake sure that [Python](http://www.python.org/) is installed. If not, install\nthe Python package on the managed node(s). If you have performed a minimal\nFedora installation Python is available.\n\n```bash\n$ sudo dnf -y install python\n```\nThe playbooks will use DNF as package management software instead of `yum` as\nsoon as DNF is the default Package management tool in Fedora. But for now, \neverything is done with `yum`.\n\n### SSH key\n\nAdd the SSH key to the *authorized_keys* file. Assuming you are logged-in with\nSSH on your management system.\n\n```bash\nsudo ssh-copy-id -i /root/.ssh/id_rsa.pub root@[IP address of your managed note]\n```\n\n### /etc/ansible/hosts\n\nThe file */etc/ansible/hosts* shall contain all hosts to be setup up.\n\n- **fsl-tb**: Default group name for machine which uses the all-in-one playbook\n- **fsl-tb-vpn**: Default group name for machine which acts as VPN servers\n- **fsl-tb-master**: Hosts for FSL Test bench guests when using visualization\n- **fsl_hosts**: Hosts to install the Fedora Security Lab package set\n\n### Variables\n\nAfter cloning this git repository, edit the [variables/sensitive.yml](https://github.com/fabaff/fsl-test-bench/blob/master/variables/sensitive.yml) file if you don't want to use *password* as default password.\n\n## Documentation\n\nThe documentation is available at [Read the Docs](https://fedora-security-lab-test-bench.readthedocs.org/en/latest/).\n\n## Structure\n\nAt the moment the structure of the repository looks like this:\n\n```bash\n.\n├── all-in-one.yml -------- FSL Test bench on a single machine \n├── docs ------------------ Documentation\n├── files ----------------- Template files\n│   ├── cgi --------------- Source files for CGI\n│   ├── kickstart --------- Kickstart files\n│   └── web-interface ----- All files for the web interface\n├── fsl-packages-sync.py -- Python script to sync with FSL package list\n├── fsl-tb-detect.nse ----- nmap script for the Test bench detection\n├── fsl.yml ---------------\n├── handlers -------------- Handlers for services\n├── INSTALL.md ------------ Installation guide\n├── local-setup.yml -------\n├── openvpn-server.yml ----\n├── README.md ------------- This files\n├── tasks ----------------- A collection of tasks (all playbooks)\n│   ├── apps -------------- Vulnerable web applications\n│   ├── cgi --------------- CGI\n│   ├── db-servers -------- Database servers\n│   ├── directory-servers - Directory Servers\n│   ├── file-servers ------ File servers\n│   ├── ftp-servers ------- FTP servers\n│   ├── helpers ----------- Helper tools\n│   ├── honeypots --------- Low-interaction honeypots\n│   ├── mail-servers ------ Mail server\n│   ├── misc-servers ------ Various servers\n│   └── shells ------------ PHP shells\n│   └── web-servers ------- Web servers\n└── variables ------------- Storage files for variables\n```\n\n## Warning\n\nThe file *variables/sensitive.yml* contains most application passwords. If you\ndon't want to run with default password, edit this file according your needs\nand keep it save outside the repository. \n\n## Licensing\n\nAll playbook content is assumed to be Creative Commons 3.0 Attribution licensed. \nNon-commercial or No-derivatives CC extensions are not acceptable, to encourage\neasy use by all users, regardless of purpose.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ffabaff%2Ffsl-test-bench","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ffabaff%2Ffsl-test-bench","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ffabaff%2Ffsl-test-bench/lists"}