Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/ehrishirajsharma/swiftnessx

A cross-platform note-taking & target-tracking app for penetration testers.
https://github.com/ehrishirajsharma/swiftnessx

bug-bounty checklist electronjs penetration-testing security-tools

Last synced: about 1 month ago
JSON representation

A cross-platform note-taking & target-tracking app for penetration testers.

Host: GitHub
URL: https://github.com/ehrishirajsharma/swiftnessx
Owner: ehrishirajsharma
License: gpl-3.0
Created: 2018-10-30T01:37:27.000Z (about 6 years ago)
Default Branch: master
Last Pushed: 2023-01-17T12:51:30.000Z (almost 2 years ago)
Last Synced: 2024-10-11T18:04:36.716Z (about 1 month ago)
Topics: bug-bounty, checklist, electronjs, penetration-testing, security-tools
Language: JavaScript
Homepage:
Size: 8.42 MB
Stars: 885
Watchers: 49
Forks: 133
Open Issues: 85
Metadata Files:
- Readme: README.md
- Funding: .github/FUNDING.yml
- License: LICENSE
- Security: SECURITY.md

Awesome Lists containing this project

README

SwiftnessX v0.2

[![forthebadge](https://forthebadge.com/images/badges/made-with-javascript.svg)](https://forthebadge.com) [![forthebadge](https://forthebadge.com/images/badges/winter-is-coming.svg)](https://forthebadge.com)

A cross-platform note-taking & target-tracking app for penetration testers built on ElectronJS.

![swiftnessX](https://github.com/ehrishirajsharma/swiftness-static/raw/master/Assets/main-view.png)

Download

## Contents

- Releases
- Checklists
- Usage
- Run from source
- Report
- Report a bug
- Report a security vulnerability
- [Upcomings](#upcomings)
- Current Goals
- How to contribute?
- Credits

## Checklists

We’re aiming to release a number of checklists with `v0.3` release. Please send the [request here](https://forms.gle/7W4SQJJjwuNLPESV6) to join in private-repo to collaborate with other researchers on its development. In meantime, you can download the below checklists to import in your libraries:

- **OWASP-Testing-Checklist** from [@Ice3man543](https://github.com/Ice3man543): [Download](https://github.com/ehrishirajsharma/swiftness-static/raw/master/Checklist/OWASP-Testing-Checklist.json) (_Inspired by @tanprathan work_)

You can also download [the code](https://github.com/ehrishirajsharma/swiftness-static/blob/master/Checklist/generate-owasp-testing-checklist.go) to generate this checklist whenever any updates are available in the [original repository.](https://github.com/tanprathan/OWASP-Testing-Checklist)

------------------------

- **OSCP Methodology** from [@InitRoot](https://github.com/InitRoot): The checklist aim to assist OSCP students with a baseline methodology for the labs and exam environments. (Coming Soon)

------------------------

**To Import**: After downloading the `.json` file:

1. Open SwiftnessX app
2. Click on import/export button (right next to the Logo)
3. Select Import and select the downloaded `.json` file

## Run from source

#### Using Yarn (Recommended)

View Steps

To install yarn, please refer to this link.

```php
> git clone https://github.com/ehrishirajsharma/swiftnessx.git //clone the repository
> sudo yarn //install dependencies within the repo folder
> sudo yarn dev //run the package
```

To update just use `git pull` or if dependencies are updated than first install them by `yarn`

#### Using Npm

View Steps

To install npm, please refer to this link.

```php
> sudo npm install electron -g --unsafe-perm=true --allow-root //install electron globally in system
> git clone https://github.com/ehrishirajsharma/swiftnessx.git //clone the repository
> sudo npm install --unsafe-perm=true --allow-root //install dependencies
> sudo npm run dev //run the package
```

To update just use `git pull` or if dependencies are updated than first install them by `npm install`

## Report

:bug: Reporting a bug?

This is very early days of this project, therefore unexpected bugs, UI glitches and data-corruptions related issues may occur. I’d personally and strongly recommend to keep taking backups daily to not to loose any data if something bad happens.

Before reporting a bug or glitch, please confirm if it is not previously reported. Give most possible information about the issue: reproduction steps, OS/environments specifics and any possible suggestions to fix it.

You can use [this link](https://github.com/ehrishirajsharma/SwiftnessX/issues/new) to create and file an issue.

----------------------------------

:rotating_light: Reporting a security vulnerability?

Swiftness project was initially started to combat my day-to-day personal issues related to managing findings and checklist and was never built in mind for cross-platform support. However, to fulfill the gap for other OS, I decided to switch the project to ElectronJS. With the better flexibility, it came with a drawback of having too much dependencies on 3rd party libraries, ultimately, more concerns related to its security.

What measures we’ve been taking:

View

- Kept the 3rd party dependencies lower, and built most of the modules from scratch.
- Tested injection related vulnerabilities.
- Regular check-up on 0-day vulnerabilities of the dependencies.

Where to report?

View

You can send an email to [email protected], please provide as much as possible information on reproducing and fixing the vulnerabilities. We’re already aware of a few security vulnerabilities and working on to fix it.

References related to Electron security

Please refer to the below guide on understanding the basics and security of Electron:

- https://electronjs.org/docs/tutorial/security
- https://www.blackhat.com/docs/us-17/thursday/us-17-Carettoni-Electronegativity-A-Study-Of-Electron-Security-wp.pdf
- https://www.youtube.com/watch?v=QSMbk2nLTBk

Also check the [package.json](https://github.com/ehrishirajsharma/SwiftnessX/raw/package.json) to see this project dependencies.

## Upcomings

We aim to release a major new update every 3 months, hoping to short this cycle however, testing and fixing the glitches for all the platforms take a bit time. Moreover, this project is maintained on weekends so you may see some slow replies on emails or issues.

- [ ] Dark Theme
- [ ] Support for Dropbox and Google Drive Sync
- [ ] Performance Refactors
- [ ] Reporting tools inspired by Frans Rosen (@fransr): https://github.com/fransr/template-generator
- [ ] Better Text Editor: Enhanced Table features, export options, highlighting customisations, etc

How to contribute?

You can contribute and keep this project alive by, finding bugs or security issues, suggesting new features, grammatical mistakes / document writing or by creating pull request for pending bugs or feature.

You can also contact me at [Twitter](https://twitter.com/ehrishiraj) (my DM is open), or write me an email to [email protected] to discuss anything related to the current goals, project’s future or any possible collaborations.

## Credits

Special thanks to Tomas Baskys and Pankaj Prajapat for their huge contributions on this project. :clap:

- @InitRoot
- @ehsahil
- @SolomonSklash