OpenKAT
main #59b7af5 2023-12-07
Contents
How does it work?
What is OpenKAT
Introduction
White papers
Securityconcept
Who is OpenKAT for?
Where do I start with OpenKAT?
Where is the software located?
Responsible disclosure
What are the plans for the future?
How does OpenKAT work?
General notes
Basic concepts
Objects, the data model and recursivity
Indemnification
Users and organizations
System design
Collection: Boefjes and Whiskers
Storage: Bytes and Octopoes
Analysis: Bits
Reports
Plugins for OpenKAT: boefjes, whiskers and bits
What types of plugins are available?
How does it work?
Where to start?
Existing boefjes
Object-types, classes and objects.
Example: the boefje for shodan
Normalizers
Adding object-types
Bits: businessrules
Configurable bits
Question object
My first question object
What happens in the background?
Advantages and outlook
Add Boefjes
User Guide
User Guide
Web interface
Crisis Room
KAT catalog
Findings
Objects
Tasks
Members
Settings
Users and organizations
Organizations
Users
Rights and functions per user type
User management
Adding users through a CSV file
Working with objects
Properties
Start scan
View Findings
Scan levels, clearance & indemnities
Indemification by user
Inheritance
Extended profiles
Bits
Reports
My first scan
Trusted timestamps in OpenKAT
About the protocol
Available timestamp servers
How to verify a timestamp?
Modules
Modules
Rocky - frontend
Mula - scheduler
Octopoes - datamodel
Bytes - raw data storage
Boefjes and whiskers - scanners and normalizers
Keiko - reporting tool
Manon - styling
Installation and deployment
How do I install OpenKAT?
Production environments
Pre-built Docker images
Debian packages
Development environment
make kat
Minimum requirements
Example infrastructure
Production: Container deployment
Container images
Setup
Container commands
Upgrading
Production: Debian packages
Supported distributions
Prerequisites
Downloading and installing
Set up the databases
Rocky DB
KAT-alogus DB
Bytes DB
Mula DB
Create Rocky superuser and set up default groups and permissions
Set up RabbitMQ
Installation
Add the ‘kat’ vhost
Configure Bytes credentials
Configure hostname in Rocky
Restart KAT
Start KAT on system boot
Configure reverse proxy
Start using OpenKAT
Upgrading OpenKAT
Scripts
Installation
Update
Status and logs
Starting, stopping, restarting
Empty queue
Production: Hardening OpenKAT
DJANGO_ALLOWED_HOSTS
DJANGO_CSRF_TRUSTED_ORIGINS
SESSION_COOKIE_AGE
Security headers
SSL/TLS on nginx
Obscuring errors to the clients
Web Application Firewall
Continue reading
Development: make kat
make kat
Requirements
Before installing
Getting Started
Updates
Clean reinstallation
OpenTelemetry
Test or develop via GitPod
Gitpod test environment
Adding NGINX to OpenKAT
Background
Installation
Logging
Activation
SSL certificates
Restart NGINX and go
Security settings
Debugging and troubleshooting
Healthpage
Processes
Docker containers
Packaged versions
Debian package service logs
Diskspace in debug mode
XTDB memory size
Permissions
How do I customize LaTeX reports ?
Styling changes
Text colours
Readable findings
Changing fonts
Environment settings
Boefjes
Bytes
Keiko
Mula
Octopoes
Rocky
Email Settings
External authentication
CVE API
Developer documentation
Rocky
Stack
Running Rocky
Containerized
Locally
Installation
Running
First run
Testing
Database
Fonts license
Fredoka
Open Sans
Tabler icons
Rocky Design
Running a boefje
Rocky View Structure
Overview of child Views of the OrganizationViews
Exhaustive overview of OctopoesViews
KATalogus Views
Scheduler
Purpose
Architecture
Stack, packages and libraries
External services
Project structure
Running / Developing
Prerequisites
Running
Testing
Boefjes
Prerequisites
KATalogus
Organisations
Repositories
Plugins
Settings
Environment variables
Design
Boefje and Normalizer Workers
Running as a Docker container
Running the worker directly
Example job
Manually running a boefje or normalizer
Boefje and normalizer structure
Running the test suite
Bytes
Installation
With Docker
Without Docker
Hashing and Encryption
Observability
Design
Design: C2 Container level
Design: C3 Component level
Development
Code style and tests
Migrations
Export SQL migrations
Production
Performance tuning
Octopoes
Instructions
Run Octopoes API
Run the event processor
Healthcheck
OOI
Origin
Origin through declaration
Origin through observation
Origin through inference
Graph mutations
Code Architecture
Sequence: save_origin
Sequence: process update ooi
Crux / XTDB
OOI
Relationships
A few example records
OOI Reference
Octopoes API
OctopoesAPIConnector
Abstract classes / subclassing
Querying
Run bit manually
Tests
Octopoes Research
Introduction
Part I - Requirements, context and inherent complexities
Context of Octopoes in KAT
Objectives
Complexities of Octopoes
Part II - Working towards a solution
Stages of data processing
ClaimSpace
FactSpace
Inference
Handling updates / incoming data
Keiko
Installation requirements
File system permissions
Running the API
Logging
Building a new template
Generating a report
Testing a report with command line
UI/UX design documentation
Figma
Design process
Fundamentals
Components
Design workfile
For review
Approved for implementation
Release notes
OpenKAT 1.13
New Features
Bug fixes
Upgrading
Containers
Debian packages
Full Changelog
OpenKAT 1.12
New Features
Bug fixes
Upgrading
Full Changelog
OpenKAT 1.11
New Features
Bug fixes
Upgrading
Full Changelog
OpenKAT 1.10
New Features
Bug fixes
Upgrading
Full Changelog
OpenKAT 1.9
New Features
Bug fixes
Upgrading
Full Changelog
OpenKAT 1.8
New Features
Bug fixes
Upgrading
Development containers
Full Changelog
OpenKAT 1.7
New Features
Upgrading
Debian packages
Full Changelog
OpenKAT 1.6
Full Changelog
OpenKAT 1.5
New Features
Upgrading
Containers
Debian packages
Full Changelog
Project Guidelines
Project management
Feature Milestones
Bugs and Feature Requests
Pull Requests
In-depth content discussions
Development
Code
Tools
Pre-commit
Type Hinting
Testing
Unit Tests
Integration Tests
Development Environment
Merge Strategy
Branching
Reviews
Code commenting and documentation
Line ends
Technical diagrams
Dependency management
OpenKAT background and concepts
Indemnification statements
Safe viewing of boefjes-data (dutch)
OpenKAT as educational tool (dutch)
Contributions
Contribute to Codebase
Contribute Documentation
Contribute Translations
Adding a new language
Contributor Social Contract
Code of Conduct
Security
Feature flow
Getting features in the main branch
1. Approved Features / Need Refinement → Refined Tasks
2. In Progress → Review
3. Review → QA review
4. QA Review → Ready for Merge
5. Ready for merge → Done
Releasing features
Environments for the extended QA
Checklist for QA
Extended checklist for QA
Tips and tricks for pull request QA testing
Think outside the box
Be pragmatic but versatile
GitHub Templates
Bug Report Template
Feature Request Template
Pull Request template for authors
Code review checklist for PR’s
QA checklist for PR’s
OpenKAT
User Guide
Edit on GitHub
User Guide
An overview of all KAT functionality, from a user perspective.
Contents
User Guide
Web interface
Crisis Room
KAT catalog
Findings
Objects
Tasks
Members
Settings
Users and organizations
Organizations
Users
Rights and functions per user type
User management
Adding users through a CSV file
How does it work?
How should I prepare the CSV file?
User notification
Working with objects
Properties
Start scan
View Findings
Scan levels, clearance & indemnities
Indemification by user
Inheritance
Extended profiles
L0: Do not scan
L1: Do not touch
L2: Touching at the normal user level
L3: Detectable scan
L4: Intensive scan
Bits
Reports
My first scan
Trusted timestamps in OpenKAT
About the protocol
Available timestamp servers
How to verify a timestamp?
Download the raw data
Verify the hash
Verify the timestamp
Automation of the verification process