diff --git a/.bumpversion.cfg b/.bumpversion.cfg new file mode 100644 index 00000000..c3da85fc --- /dev/null +++ b/.bumpversion.cfg @@ -0,0 +1,12 @@ +[bumpversion] +current_version = 0.1.0 +commit = True +tag = True + +[bumpversion:file:pyproject.toml] +search = version = "{current_version}" +replace = version = "{new_version}" + +[bumpversion:file:mantis/__init__.py] +search = __version__ = "{current_version}" +replace = __version__ = "{new_version}" diff --git a/.github/workflows/mantis-cli-release.yml b/.github/workflows/mantis-cli-release.yml index 26b2c5cd..c4319f60 100644 --- a/.github/workflows/mantis-cli-release.yml +++ b/.github/workflows/mantis-cli-release.yml @@ -10,18 +10,39 @@ env: jobs: build-and-push-image: - if: github.event_name == 'workflow_dispatch' + if: github.event_name == 'push' && github.ref == 'refs/heads/main' runs-on: ubuntu-latest permissions: - contents: read + contents: write packages: write - + actions: write + steps: - name: Checkout repository uses: actions/checkout@v4 + - name: Set up Python + uses: actions/setup-python@v4 + with: + python-version: '3.9' + + - name: Install dependencies + run: poetry install + + - name: Bump version + id: bump_version + run: poetry run bump2version patch + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + + - name: Push version bump commit and tag + run: | + git push origin main --tags + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + - name: Log in to the Container registry - uses: docker/login-action@65b78e6e13532edd9afa3aa52ac7964289d1a9c1 + uses: docker/login-action@v2 with: registry: ${{ env.REGISTRY }} username: ${{ github.repository_owner }} @@ -29,14 +50,14 @@ jobs: - name: Extract metadata (tags, labels) for Docker id: meta - uses: docker/metadata-action@9ec57ed1fcdbf14dcef7dfbe97b2010124a938b7 + uses: docker/metadata-action@v4 with: - images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest - + images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} + - name: Build and push Docker image - uses: docker/build-push-action@f2a1d5e99d037542a71f64918e516c093c6f3fc4 + uses: docker/build-push-action@v4 with: context: . push: true - tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest + tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.bump_version.outputs.new_version }} labels: ${{ steps.meta.outputs.labels }} diff --git a/Dockerfile b/Dockerfile index ac36e023..9130e723 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,5 @@ FROM --platform=linux/amd64 python:3.9-slim + # Install wget RUN apt-get update && apt-get install -y wget unzip tar gcc libpcap-dev dnsutils git dnstwist @@ -34,6 +35,7 @@ RUN wget https://github.com/projectdiscovery/httpx/releases/download/v1.3.7/http RUN unzip httpx_1.3.7_linux_amd64.zip RUN mv httpx /usr/bin RUN rm -rf * + # Install Findcdn RUN echo "Installing Findcdn" RUN pip install git+https://github.com/cisagov/findcdn.git @@ -67,10 +69,6 @@ RUN tar -xvf gitleaks_8.18.1_linux_x64.tar.gz RUN mv gitleaks /usr/bin RUN rm -rf * -# Copy requirements.txt for mantis -COPY ./requirements.txt /home/mantis/requirements.txt -RUN pip install -r requirements.txt - # Install wafw00f RUN pip install wafw00f @@ -89,6 +87,25 @@ RUN mv Corsy-1.0-rc Corsy RUN mv Corsy /usr/bin RUN rm -rf * +# Install Poetry +RUN pip install poetry==1.4.2 + +# Add Poetry to PATH +ENV PATH="/root/.local/bin:$PATH" + +# Setup Poetry ENV variables +ENV POETRY_NO_INTERACTION=1 \ + POETRY_VIRTUALENVS_IN_PROJECT=0 \ + POETRY_VIRTUALENVS_CREATE=0 \ + POETRY_CACHE_DIR=/tmp/poetry_cache + +# Copy pyproject.toml and poetry.lock +COPY pyproject.toml poetry.lock* /home/mantis/ + +# Install dependencies using Poetry +RUN poetry install --without dev --no-root && rm -rf $POETRY_CACHE_DIR + +# Creating Mantis alias RUN echo 'export PS1="🦗 Mantis > " && \ alias mantis="python /home/mantis/launch.py" && \ alias help="python /home/mantis/launch.py --help"' | tee -a ~/.bashrc @@ -101,12 +118,11 @@ COPY ./configs /home/mantis/configs COPY ./launch.py /home/mantis/launch.py COPY ./scheduler.py /home/mantis/scheduler.py COPY ./*.txt /home/mantis/ + +# Create Directories RUN mkdir /home/mantis/logs RUN mkdir /home/mantis/logs/scan_efficiency RUN mkdir /home/mantis/logs/tool_logs - # Required for displaying stdout sequentially ENV PYTHONUNBUFFERED=1 - -#ENTRYPOINT ["python3","launch.py"]% \ No newline at end of file diff --git a/pyproject.toml b/pyproject.toml new file mode 100644 index 00000000..33ad90f1 --- /dev/null +++ b/pyproject.toml @@ -0,0 +1,43 @@ +[tool.poetry] +name = "mantis" +version = "0.1.0" +description = "Mantis is a security framework that automates the workflow of discovery, reconnaissance, and vulnerability scanning." +authors = ["Prateek Thakare ", + "Praveen Kanniah "] +maintainers = ["Prateek Thakare ", + "Praveen Kanniah "] +license = "apache2" +repository = "https://github.com/PhonePe/mantis" +keywords = ["asset discovery", "recon", "recon automation", "osint", "threat intelligence", "recon framework"] +classifiers = [ + "Development Status :: 5 - Production/Stable", + "Intended Audience :: Internal Security Teams", + "Intended Audience :: Bug Bounty Hunters", + "Topic :: Application Security :: Recon Framework" +] +readme = "README.md" + +[tool.poetry.dependencies] +python = "^3.9" +decorator = "5.1.1" +motor = "3.0.0" +netaddr = "0.8.0" +pydantic = "1.10.2" +pymongo = "4.2.0" +PyYAML = "6.0" +typing_extensions = "4.4.0" +validators = "0.20.0" +tldextract = "3.4.0" +pytz = "2022.6" +ray = {version = "2.8.0", extras = ["default"]} +retry = "0.9.2" +slack-sdk = "3.21.3" +rocketry = "2.5.1" +boto3 = "1.28.20" +tqdm = "4.66.1" +cloudflare = "*" +bump2version = "^1.0.1" + +[build-system] +requires = ["poetry-core"] +build-backend = "poetry.core.masonry.api"