added role-based playbooks

7 files changed, 169 insertions, 0 deletions

diff --git a/roles/attackbox/tasks/apt_packages.yaml b/roles/attackbox/tasks/apt_packages.yaml
new file mode 100644
index 0000000..4ed8331
--- /dev/null
+++ b/roles/attackbox/tasks/apt_packages.yaml
@@ -0,0 +1,5 @@
+- name: install apt packages
+  apt:
+    name: "{{ apt_packages }}"
+    state: present
+    update_cache: yes
diff --git a/roles/attackbox/tasks/chrome_install.yaml b/roles/attackbox/tasks/chrome_install.yaml
new file mode 100644
index 0000000..4b9bf4f
--- /dev/null
+++ b/roles/attackbox/tasks/chrome_install.yaml
@@ -0,0 +1,24 @@
+- name: remove old google signing key
+  file:
+    path: /etc/apt/trusted.gpg.d/google-signing-key.gpg
+    state: absent
+
+- name: download and install google signing key
+  shell: |
+    curl -sSL https://dl.google.com/linux/linux_signing_key.pub | gpg --dearmor -o /etc/apt/trusted.gpg.d/google-signing-key.gpg
+
+- name: add google chrome repo
+  copy:
+    dest: /etc/apt/sources.list.d/google-chrome.list
+    content: |
+      deb [arch=amd64 signed-by=/etc/apt/trusted.gpg.d/google-signing-key.gpg] https://dl.google.com/linux/chrome/deb stable main
+
+- name: update apt cache
+  apt:
+    update_cache: yes
+
+- name: install google chrome
+  apt:
+    name: google-chrome-stable
+    state: present
+
diff --git a/roles/attackbox/tasks/github_repos.yaml b/roles/attackbox/tasks/github_repos.yaml
new file mode 100644
index 0000000..042ea6c
--- /dev/null
+++ b/roles/attackbox/tasks/github_repos.yaml
@@ -0,0 +1,15 @@
+- name: ensure /opt/tools exists
+  ansible.builtin.file:
+    path: /opt/tools
+    state: directory
+    owner: root
+    group: root
+    mode: '0755'
+
+- name: clone github repos into /opt/tools
+  ansible.builtin.git:
+    repo: "{{ item }}"
+    dest: "/opt/tools/{{ item | basename | regex_replace('\\.git$', '') }}"
+    update: yes
+    force: yes
+  loop: "{{ github_repos }}"
diff --git a/roles/attackbox/tasks/go_tools.yaml b/roles/attackbox/tasks/go_tools.yaml
new file mode 100644
index 0000000..18c0346
--- /dev/null
+++ b/roles/attackbox/tasks/go_tools.yaml
@@ -0,0 +1,6 @@
+- name: install go tools
+  ansible.builtin.command:
+    cmd: "/usr/local/go/bin/go install -trimpath -v {{ item }}"
+  environment:
+    GOBIN: /usr/local/bin
+  loop: "{{ go_tools }}"
diff --git a/roles/attackbox/tasks/golang_install.yaml b/roles/attackbox/tasks/golang_install.yaml
new file mode 100644
index 0000000..e67d508
--- /dev/null
+++ b/roles/attackbox/tasks/golang_install.yaml
@@ -0,0 +1,33 @@
+- name: download and extract golang
+  block:
+    - name: get latest golang version
+      shell: |
+        curl -sSL https://golang.org/dl/ | awk -F '"' '/dl\/.*linux-amd64.*tar.gz/{print $(NF-1)}' | awk -F '/' '{print $3}' | head -1
+      register: latest_golang
+      changed_when: false
+
+    - name: download golang
+      get_url:
+        url: "https://golang.org/dl/{{ latest_golang.stdout }}"
+        dest: /tmp/golang.tar.gz
+
+    - name: extract golang to /usr/local
+      unarchive:
+        src: /tmp/golang.tar.gz
+        dest: /usr/local
+        remote_src: yes
+
+    - name: remove tarball
+      file:
+        path: /tmp/golang.tar.gz
+        state: absent
+
+    - name: set system-wide go environment variables
+      copy:
+        dest: /etc/profile.d/go_env.sh
+        content: |
+          export GOPATH=/root/go
+          export PATH=$PATH:/usr/local/go/bin:$GOPATH:$GOPATH/bin
+        owner: root
+        group: root
+        mode: '0644'
diff --git a/roles/attackbox/tasks/main.yaml b/roles/attackbox/tasks/main.yaml
new file mode 100644
index 0000000..3c498cd
--- /dev/null
+++ b/roles/attackbox/tasks/main.yaml
@@ -0,0 +1,5 @@
+- import_tasks: tasks/apt_packages.yaml
+- import_tasks: tasks/golang_install.yaml
+- import_tasks: tasks/chrome_install.yaml
+- import_tasks: tasks/go_tools.yaml
+- import_tasks: tasks/github_repos.yaml
diff --git a/roles/attackbox/vars/main.yaml b/roles/attackbox/vars/main.yaml
new file mode 100644
index 0000000..fc96103
--- /dev/null
+++ b/roles/attackbox/vars/main.yaml
@@ -0,0 +1,81 @@
+github_repos:
+  - https://github.com/danielmiessler/SecLists.git
+  - https://github.com/tomnomnom/gf.git
+  - https://github.com/1ndianl33t/Gf-Patterns.git
+
+go_tools:
+  - github.com/projectdiscovery/uncover/cmd/uncover@latest
+  - github.com/projectdiscovery/katana/cmd/katana@latest
+  - github.com/projectdiscovery/nuclei/v3/cmd/nuclei@latest
+  - github.com/projectdiscovery/cloudlist/cmd/cloudlist@latest
+  - github.com/projectdiscovery/subfinder/v2/cmd/subfinder@latest
+  - github.com/projectdiscovery/cdncheck/cmd/cdncheck@latest
+  - github.com/projectdiscovery/mapcidr/cmd/mapcidr@latest
+  - github.com/projectdiscovery/shuffledns/cmd/shuffledns@latest
+  - github.com/projectdiscovery/asnmap/cmd/asnmap@latest
+  - github.com/projectdiscovery/naabu/v2/cmd/naabu@latest
+  - github.com/projectdiscovery/chaos-client/cmd/chaos@latest
+  - github.com/projectdiscovery/tldfinder/cmd/tldfinder@latest
+  - github.com/projectdiscovery/httpx/cmd/httpx@latest
+  - github.com/projectdiscovery/tlsx/cmd/tlsx@latest
+  - github.com/projectdiscovery/interactsh/cmd/interactsh-client@latest
+  - github.com/projectdiscovery/interactsh/cmd/interactsh-server@latest
+  - github.com/projectdiscovery/wappalyzergo/cmd/update-fingerprints@latest
+  - github.com/projectdiscovery/useragent/cmd/ua@latest
+  - github.com/projectdiscovery/notify/cmd/notify@latest
+  - github.com/projectdiscovery/tunnelx@latest
+  - github.com/projectdiscovery/urlfinder/cmd/urlfinder@latest
+  - github.com/projectdiscovery/cvemap/cmd/cvemap@latest
+  - github.com/projectdiscovery/alterx/cmd/alterx@latest
+  - github.com/projectdiscovery/proxify/cmd/proxify@latest
+  - github.com/projectdiscovery/dnsx/cmd/dnsx@latest
+  - github.com/projectdiscovery/openrisk@latest
+  - github.com/projectdiscovery/simplehttpserver/cmd/simplehttpserver@latest
+  - github.com/projectdiscovery/network-fingerprint@latest
+
+  - github.com/BishopFox/cloudfox@latest
+  - github.com/BishopFox/jsluice/cmd/jsluice@latest
+
+  - github.com/tomnomnom/gf@latest
+  - github.com/tomnomnom/waybackurls@latest
+  - github.com/tomnomnom/assetfinder@latest
+  - github.com/tomnomnom/meg@latest
+  - github.com/tomnomnom/anew@latest
+  - github.com/tomnomnom/unfurl@latest
+  - github.com/tomnomnom/qsreplace@latest
+  - github.com/tomnomnom/comb@latest
+
+  - github.com/hakluke/hakrawler@latest
+  - github.com/hakluke/hakrevdns@latest
+  - github.com/hakluke/haklistgen@latest
+  - github.com/hakluke/hakoriginfinder@latest
+  - github.com/hakluke/hakcheckurl@latest
+  - github.com/hakluke/haktrails@latest
+  - github.com/hakluke/haktldextract@latest
+  - github.com/hakluke/hakip2host@latest
+  - github.com/hakluke/hakurlencode@latest
+
+  - github.com/rverton/webanalyze/...@latest
+  - github.com/samirettali/dumpcn@latest
+  - github.com/ffuf/ffuf/v2@latest
+  - github.com/OJ/gobuster/v3@latest
+  - github.com/sensepost/gowitness@latest
+  - github.com/lc/gau/v2/cmd/gau@latest
+
+apt_packages:
+  - git
+  - gcc
+  - musl
+  - libpcap-dev
+  - musl-dev
+  - curl
+  - wget
+  - gpg
+  - openssl
+  - python3
+  - python3-pip
+  - nmap
+  - unattended-upgrades
+  - ufw
+  - tmux
+  - fail2ban