SecTester.Repeater 0.36.0

There is a newer version of this package available.
See the version list below for details.
dotnet add package SecTester.Repeater --version 0.36.0                
NuGet\Install-Package SecTester.Repeater -Version 0.36.0                
This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package.
<PackageReference Include="SecTester.Repeater" Version="0.36.0" />                
For projects that support PackageReference, copy this XML node into the project file to reference the package.
paket add SecTester.Repeater --version 0.36.0                
#r "nuget: SecTester.Repeater, 0.36.0"                
#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package.
// Install SecTester.Repeater as a Cake Addin
#addin nuget:?package=SecTester.Repeater&version=0.36.0

// Install SecTester.Repeater as a Cake Tool
#tool nuget:?package=SecTester.Repeater&version=0.36.0                

SecTester.Repeater

Maintainability Test Coverage Build Status Nuget Downloads

Package to manage repeaters and their lifecycle.

Repeaters are mandatory for scanning targets on a local network. More info about repeaters.

Setup

$ dotnet add package SecTester.Repeater

Usage

To establish a secure connection between the Bright cloud engine and a target on a local network, you just need to use the RepeaterFactory constructed with Configuration instance.

var repeaterFactory = serviceProvider.GetService<IRepeaterFactory>();

The factory exposes the CreateRepeater method that returns a new Repeater instance:

await using var repeater = await repeaterFactory.CreateRepeater();

You can customize some properties, e.g. name prefix or description, passing options as follows:

await using var repeater = await repeaterFactory.CreateRepeater(new RepeaterOptions {
  NamePrefix = 'my-repeater',
  Description = 'My repeater'
});

The CreateRepeater method accepts the options described below:

Option Description
namePrefix Enter a name prefix that will be used as a constant part of the unique name. By default, sectester.
description Set a short description of the Repeater.
requestRunnerOptions Custom the request runner settings that will be used to execute requests to your application.

The default requestRunnerOptions is as follows:

{
  timeout: 30000,
    maxContentLength: 100,
    reuseConnection: false,
    allowedMimes: [
    'text/html',
    'text/plain',
    'text/css',
    'text/javascript',
    'text/markdown',
    'text/xml',
    'application/javascript',
    'application/x-javascript',
    'application/json',
    'application/xml',
    'application/x-www-form-urlencoded',
    'application/msgpack',
    'application/ld+json',
    'application/graphql'
  ]
};

The RequestRunnerOptions exposes the following options that can used to customize the request runner's behavior: RequestRunnerOptions.cs

The Repeater instance provides the Start method. This method is required to establish a connection with the Bright cloud engine and interact with other services.

await repeater.Start();

To dispose of the connection, stop accepting any incoming commands, and handle events, you can call the Stop method if the Repeater instance is started:

await repeater.Stop();

Repeater instance also has a RepeaterId field, that is required to start a new scan for local targets.

Usage in unit tests

There are multiple strategies of how to run a repeater: before-all or before-each (recommended). The two most viable options are running before all the tests vs running before every single test.

Below you can find the implementation of before-each strategy:

public class ScanTests: IAsyncDisposable, IAsyncLifetime
{
  // ...
  private readonly Repeater _repeater;

  public ScanTests()
  {
    // ...
    var repeaterFactory = serviceProvider.GetService<IRepeaterFactory>();
    _repeater = repeaterFactory.CreateRepeater();
  }

  public async Task InitializeAsync()
  {
     await _repeater.Start();
  }

  public async ValueTask DisposeAsync()
  {
    await _repeater.DisposeAsync();

    GC.SuppressFinalize(this);
  }

  [Fact]
  public void BeNotVulnerable()
  {
    // run scan of local target passing `repeater.repeaterId` to scan config
  }
}

Implementation details

Under the hood Repeater register RequestExecutingEventHandler in bus, which in turn uses the RequestRunner to proceed with request:

public interface IRequestRunner
{
  Protocol Protocol
{
  get;
}

Task<IResponse> Run(IRequest request);
}

Package contains RequestRunner implementations for both HTTP and WS protocols.

To support other protocol new class implementation of RequestRunner should be registered in the IoC container:

collection.AddScoped<IRequestRunner, CustomProtocolRequestRunner>();

Limitations

Custom scripts and self-signed certificates (see NexPloit CLI) are not supported yet.

License

Copyright © 2022 Bright Security.

This project is licensed under the MIT License - see the LICENSE file for details.

Product Compatible and additional computed target framework versions.
.NET net5.0 was computed.  net5.0-windows was computed.  net6.0 was computed.  net6.0-android was computed.  net6.0-ios was computed.  net6.0-maccatalyst was computed.  net6.0-macos was computed.  net6.0-tvos was computed.  net6.0-windows was computed.  net7.0 was computed.  net7.0-android was computed.  net7.0-ios was computed.  net7.0-maccatalyst was computed.  net7.0-macos was computed.  net7.0-tvos was computed.  net7.0-windows was computed.  net8.0 was computed.  net8.0-android was computed.  net8.0-browser was computed.  net8.0-ios was computed.  net8.0-maccatalyst was computed.  net8.0-macos was computed.  net8.0-tvos was computed.  net8.0-windows was computed. 
.NET Core netcoreapp2.0 was computed.  netcoreapp2.1 was computed.  netcoreapp2.2 was computed.  netcoreapp3.0 was computed.  netcoreapp3.1 was computed. 
.NET Standard netstandard2.0 is compatible.  netstandard2.1 was computed. 
.NET Framework net461 was computed.  net462 was computed.  net463 was computed.  net47 was computed.  net471 was computed.  net472 was computed.  net48 was computed.  net481 was computed. 
MonoAndroid monoandroid was computed. 
MonoMac monomac was computed. 
MonoTouch monotouch was computed. 
Tizen tizen40 was computed.  tizen60 was computed. 
Xamarin.iOS xamarinios was computed. 
Xamarin.Mac xamarinmac was computed. 
Xamarin.TVOS xamarintvos was computed. 
Xamarin.WatchOS xamarinwatchos was computed. 
Compatible target framework(s)
Included target framework(s) (in package)
Learn more about Target Frameworks and .NET Standard.

NuGet packages (1)

Showing the top 1 NuGet packages that depend on SecTester.Repeater:

Package Downloads
SecTester.Runner

This SDK is designed to provide all the basic tools and functions that will allow you to easily integrate the Bright security testing engine into your own project.

GitHub repositories

This package is not used by any popular GitHub repositories.

Version Downloads Last updated
0.41.4 146 6/8/2024
0.41.3 201 10/4/2023
0.41.2 160 10/4/2023
0.41.1 172 10/4/2023
0.41.0 172 10/4/2023
0.40.0 234 8/3/2023
0.39.1 201 8/1/2023
0.39.0 189 7/31/2023
0.38.0 199 7/28/2023
0.37.0 220 7/20/2023
0.36.0 219 6/5/2023
0.35.1 204 5/2/2023
0.35.0 279 4/11/2023
0.34.0 407 2/8/2023
0.33.7 476 12/20/2022
0.33.6 486 12/16/2022
0.33.5 467 12/16/2022
0.33.4 494 12/15/2022
0.33.3 463 12/14/2022
0.33.2 470 12/14/2022
0.33.1 477 12/14/2022
0.33.0 465 12/14/2022
0.32.8 459 12/13/2022
0.32.7 448 12/13/2022
0.32.6 489 12/13/2022
0.32.5 465 12/13/2022
0.32.4 465 12/13/2022
0.32.3 460 12/13/2022
0.32.2 452 12/13/2022
0.32.1 452 12/13/2022
0.32.0 468 12/13/2022
0.31.0 284 12/11/2022
0.30.1 287 12/10/2022
0.30.0 291 12/9/2022
0.29.2 298 12/9/2022
0.29.1 290 12/9/2022
0.29.0 307 12/8/2022
0.28.0 297 12/8/2022
0.27.0 275 12/8/2022
0.26.0 291 12/7/2022
0.25.0 293 12/7/2022
0.24.0 294 12/6/2022
0.23.0 312 12/5/2022
0.22.0 313 12/2/2022
0.21.0 323 12/1/2022
0.20.0 341 12/1/2022
0.19.0 323 11/28/2022
0.18.0 319 11/28/2022