{"id":14128610,"url":"https://github.com/rastating/shiva","last_synced_at":"2025-08-03T23:31:50.755Z","repository":{"id":149119693,"uuid":"182588475","full_name":"rastating/shiva","owner":"rastating","description":"An Ansible playbook to provision a host for penetration testing and CTF challenges","archived":true,"fork":false,"pushed_at":"2021-10-16T11:47:12.000Z","size":2645,"stargazers_count":235,"open_issues_count":4,"forks_count":34,"subscribers_count":13,"default_branch":"master","last_synced_at":"2024-08-16T16:22:48.036Z","etag":null,"topics":["ansible","ansible-playbook","ctf","ctf-tools","security"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/rastating.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":".github/FUNDING.yml","license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null},"funding":{"github":"rastating","patreon":null,"open_collective":null,"ko_fi":null,"tidelift":null,"community_bridge":null,"liberapay":null,"issuehunt":null,"otechie":null,"custom":null}},"created_at":"2019-04-21T22:26:56.000Z","updated_at":"2024-06-17T07:01:33.000Z","dependencies_parsed_at":null,"dependency_job_id":"0d4085bb-5f7e-4aa9-aa30-bc5ede9448b1","html_url":"https://github.com/rastating/shiva","commit_stats":null,"previous_names":[],"tags_count":4,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rastating%2Fshiva","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rastating%2Fshiva/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rastating%2Fshiva/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rastating%2Fshiva/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/rastating","download_url":"https://codeload.github.com/rastating/shiva/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":228571844,"owners_count":17938772,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ansible","ansible-playbook","ctf","ctf-tools","security"],"created_at":"2024-08-15T16:01:56.116Z","updated_at":"2024-12-07T06:31:33.160Z","avatar_url":"https://github.com/rastating.png","language":"Python","funding_links":["https://github.com/sponsors/rastating"],"categories":["Python"],"sub_categories":[],"readme":"\u003cp align=\"center\"\u003e\n \u003cimg src=\".github/68747470733a2f2f7374617469632e726173746174696e672e636f6d2f696d616765732f73686976612d33303070782e706e67.png\"\u003e\n\u003c/p\u003e\n\n## What is Shiva?\nShiva is an Ansible playbook to provision a host to be used for playing CTF games, such as [HackTheBox](https://www.hackthebox.eu/).\n\n## Quick start\n1. Create a Ubuntu 18.04 server host and ensure you have root access via SSH\n2. Install [Ansible](https://www.ansible.com/) on your local machine\n3. Clone the repository to your local machine: `git clone git@github.com:rastating/shiva.git`\n4. Replace `127.0.0.1` with the IP address of the host to provision in the `ubuntu_bionic` section of `inventory.ini`\n5. Run the playbook: `ansible-playbook -i inventory.ini -u root -l ubuntu_bionic playbook.yml`\n\n## Why Shiva and not another Hindu deity?\nWhen playing CTFs, I prefer to use cloud providers (such as [Digital Ocean](https://www.digitalocean.com/)) rather than a local virtual machine running Kali. Although Kali is a great system, I find myself using only a small subset of the available tools and frequently find myself spinning up a cloud instance for persistence purposes anyway.\n\nFor this reason, I put together Shiva to automate building hosts in the cloud for pentesting / CTF purposes with my preferred environment. It's not a replacement for distros such as Kali and Parrot, but a way to build a more concise environment for similar purposes.\n\n## What operating systems can Shiva be used with?\nCurrently, Shiva has only been tested against Ubuntu 18.04.\n\n## What tools / packages are included?\n\n| Name | Category | Home Page |\n|-----------------------|------------------|----------------------------------------------------------|\n| binwalk | Binary Analysis | https://github.com/ReFirmLabs/binwalk |\n| GDB | Binary Analysis | https://www.gnu.org/software/gdb/ |\n| nasm | Binary Analysis | https://www.nasm.us/ |\n| PEDA | Binary Analysis | https://github.com/longld/peda |\n| pwntools | Binary Analysis | https://github.com/Gallopsled/pwntools |\n| Radare2 | Binary Analysis | https://rada.re/r/ |\n| Ropper | Binary Analysis | https://scoding.de/ropper/ |\n| FCrackZip | Cracking | http://oldhome.schmorp.de/marc/fcrackzip.html |\n| hashcat | Cracking | https://hashcat.net/hashcat/ |\n| John The Ripper | Cracking | https://www.openwall.com/john/ |\n| Hash Identifier | Crypto | https://code.google.com/archive/p/hash-identifier/ |\n| xortool | Crypto | https://github.com/hellman/xortool |\n| Go | Environment | https://golang.org/ |\n| Node.js | Environment | https://nodejs.org/en/ |\n| Oh My ZSH | Environment | https://github.com/robbyrussell/oh-my-zsh |\n| Ruby | Environment | https://www.ruby-lang.org |\n| Empire | Exploitation | http://www.powershellempire.com/ |\n| Metasploit | Exploitation | https://www.metasploit.com/ |\n| PowerSploit | Exploitation | https://github.com/PowerShellMafia/PowerSploit |\n| SearchSploit | Exploitation | https://www.exploit-db.com/ |\n| SuperTTY | Exploitation | https://github.com/bad-hombres/supertty |\n| Hydra | Password Attacks | https://github.com/vanhauser-thc/thc-hydra |\n| Medusa | Password Attacks | https://github.com/jmk-foofus/medusa |\n| Ncrack | Password Attacks | https://nmap.org/ncrack/ |\n| SecLists | Password Attacks | https://github.com/danielmiessler/SecLists |\n| CrackMapExec | Recon | https://github.com/byt3bl33d3r/CrackMapExec |\n| dnmasscan | Recon | https://github.com/rastating/dnmasscan |\n| DNSRecon | Recon | https://github.com/darkoperator/dnsrecon |\n| HostileSubBruteforcer | Recon | https://github.com/nahamsec/HostileSubBruteforcer |\n| LinEnum | Recon | https://github.com/rebootuser/LinEnum |\n| Masscan | Recon | https://github.com/robertdavidgraham/masscan |\n| Nmap | Recon | https://nmap.org/ |\n| pspy | Recon | https://github.com/DominicBreuker/pspy |\n| Recon-ng | Recon | https://bitbucket.org/LaNMaSteR53/recon-ng/src |\n| Responder | Recon | https://github.com/SpiderLabs/Responder |\n| Sherlock | Recon | https://github.com/sherlock-project/sherlock |\n| Snmpcheck | Recon | http://www.nothink.org/codes/snmpcheck |\n| sslscan | Recon | https://github.com/rbsec/sslscan |\n| S3Scanner | Recon | https://github.com/sa7mon/S3Scanner |\n| theHarvester | Recon | https://github.com/laramies/theHarvester |\n| tshark | Recon | https://www.wireshark.org/ |\n| Apache | Services | https://httpd.apache.org/ |\n| PostgreSQL | Services | https://www.postgresql.org/ |\n| vsftpd | Services | https://security.appspot.com/vsftpd.html |\n| MS-SQL CLI | Tools | https://docs.microsoft.com/en-us/sql/tools/mssql-cli |\n| OpenVPN | Tools | https://openvpn.net/ |\n| smbclient | Tools | |\n| Socat | Tools | |\n| Cookie Monster | Web | https://github.com/DigitalInterruption/cookie-monster |\n| Dirb | Web | http://dirb.sourceforge.net/ |\n| EyeWitness | Web | https://github.com/FortyNorthSecurity/EyeWitness |\n| Gobuster | Web | https://github.com/OJ/gobuster |\n| Magescan | Web | https://github.com/steverobbins/magescan |\n| Nikto | Web | https://cirt.net/Nikto2 |\n| Shocker | Web | https://github.com/nccgroup/shocker |\n| sqlmap | Web | http://sqlmap.org/ |\n| wafw00f | Web | https://github.com/EnableSecurity/wafw00f |\n| WhatWeb | Web | https://github.com/urbanadventurer/WhatWeb |\n| wfuzz | Web | https://github.com/xmendez/wfuzz |\n| WPScan | Web | https://wpscan.org/ |\n| WPXF | Web | https://github.com/rastating/wordpress-exploit-framework |\n\n\nSeveral directories can also be found which include pre-compiled binaries and files to aid with exploitation and post-exploitation:\n\n| Path | Description |\n|-------------------------------|------------------------------------------------------------------------|\n| `/usr/share/linux-binaries` | Pre-compiled Linux binaries for post-exploitation (such as pspy) |\n| `/usr/share/webshells` | Web shells written in several languages |\n| `/usr/share/windows-binaries` | Pre-compiled Windows binaries for post-exploitation (such as Mimikatz) |\n| `/usr/share/wordlists` | Wordlists to be used with password attacks / enumeration |\n\n## What services does Shiva expose out of the box?\nNone; other than SSH. Apache, PostgreSQL and vsftpd are all installed, but the ports are not open to the public by default.\n\nIf you want to lock down where SSH is available out of the box, you can run the playbook with the `--extra-vars` switch to specify the `trusted_ssh_ip` variable.\n\nFor example, running the playbook with `ansible-playbook -i inventory.ini -u root -l ubuntu_bionic --extra-vars \"trusted_ssh_ip=10.8.0.1\" playbook.yml` would add a firewall rule that would only allow `10.8.0.1` to connect to port 22 and drop traffic from any other IP address.\n\n**Be cautious when doing this, a typo could lead to you locking yourself out!**\n\n## Does Shiva create any user accounts?\nYes - an account named `ftp` is created without a default password. This is for use with vsftpd (see next section on connecting to vsftpd) but cannot be used to access the server via SSH.\n\n## How do I connect to vsftpd?\nAs the firewall does not expose vsftpd out of the box, you will need to open the following ports:\n\n- `21`\n- `40000-50000`\n\nOnly one user is authorised to access the FTP server out of the box (aptly named `ftp`). Before this user can authenticate, a password must be created for the account by running `passwd ftp` as `root`.\n\n**Note: the `ftp` user account is explicitly prohibited from logging into the server via SSH**\n\nIf you want to allow other local user accounts to authenticate, you must:\n\n- Create a directory owned by root at: `/srv/ftp/users/$USER`\n- Create a directory owned by the user at `/srv/ftp/users/$USER/files`\n- Add the user's name to `/etc/vsftpd.userlist`\n\n## What aliases are available?\n### serve-this\nAn alias that will serve the current working directory using the Python SimpleHTTPServer module\n\n**Example:**\n```\n# Serve /tmp/shiva on port 9090\ncd /tmp/shiva\nserve-this 9090\n```\n\n### msfconsole\nAn alias which will first start the `postgresql` service prior to launching the standard `msfconsole` binary; allowing for Metasploit to have access to the database.\n\n**Note: the `postgresql` service is not automatically stopped after `msfconsole` is stopped**\n\n### masscan_port_list\nParse the output of masscan into a CSV of unique port numbers.\n\n### masscan_ip_list\nParse the output of masscan to generate a list of unique IP addresses.\n\n### extract_unique_domains_from_dnsrecon_json\nParse a JSON file created by `dnsrecon` to extract the unique domain names found.\n\nExample to extract all subdomains found that belong to `google.com`: `extract_unique_domains_from_dnsrecon_json /path/to/dnsrecon.json google.com`\n\n## Roadmap\nThere are three things I'd like to push with this going forward:\n\n- Increase the tool set (with useful tools, not just pushing up the count with useless stuff)\n- Setup [Travis](https://travis-ci.org/) to add testing against the GitHub repository\n- Test against systems other than Ubuntu 18.04 and make adjustments to allow for a more robust list of base systems\n\nIf you can help with any of these and [more importantly] would like to - please feel free to submit pull requests or open issues with information!\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frastating%2Fshiva","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Frastating%2Fshiva","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frastating%2Fshiva/lists"}