Kubebot: A Slackbot Security Testing Tool Under the Google Cloud Platform

Cloud Technologies
1

Kubebot: A Slackbot Security Testing Tool Under the Google Cloud Platform

Introduction

We are excited to introduce Kubebot, a powerful Slackbot security testing tool built on the Google Cloud Platform. This innovative tool provides a Kubernetes backend, allowing for seamless integration and scalability. In this article, we will delve into the project architecture, tool demo video, data flow, and list of integrated tools.

Project Architecture

Kubebot’s architecture is designed to be efficient and flexible. The tool’s workflow is as follows:

  1. API Request Initiation: The Slackbot initiates an API request, which is transmitted to the API server. The API server then runs a Kubernetes (K8s) cluster, with the ability to adjust Docker container size according to demand.
  2. API Server Forwarding: The API server forwards the request to the PubSub Tool in the form of messages.
  3. Tool Subscription: The Tool Subscription receives the message and processes it.
  4. Subscription Worker: The Subscription Worker runs on K8s clusters Docker containers, processing the message and generating analysis results. The number of Worker instances can be adjusted as desired.
  5. Temporary Storage: The tool initializes a specific Tool Worker on the same K8s cluster, which stores the analysis results temporarily in a local directory container.
  6. Result Comparison and Push: The tool detects whether the generated results file exists. If not, it pushes the file to GitHub. If the file exists, it compares the files and pushes a new file to GitHub.
  7. Tool Worker Modification and Deletion: The Tool Worker modifies the information back to Slack and deletes itself, as it has completed its task.

Important Note: Before deploying the K8s cluster, download the API server Docker mirror, Subscription Worker, and Tool Worker from the Google Container Registry.

Integrated Tools

Kubebot currently integrates the following tools:

  • Custom Enumall
  • Git-all-secrets
  • Gitrob
  • Gitrob-server
  • Git-secrets
  • Gobuster
  • Nmap
  • Subbrute
  • Sublist3r
  • TruffleHog

Integrated Automated Workflow

Kubebot’s integrated automated workflow includes the following tools:

  • WFuzz
  • Basic authentication brute forcing

Slack Commands

Kubebot provides sample Slash commands for users to run tools, including:

  • /runtool
  • /runtoolnmap
  • /runtoolsublist3r
  • /runtoolgobuster
  • /runtoolenumall
  • /runtoolgitrob
  • /runtooltrufflehog
  • /runtoolgitsecrets
  • /runtoolgitallsecrets

Optional Dictionary File

Kubebot provides an optional dictionary file for users to customize their tool usage, including:

  • Bitquark_20160227_subdomains_popular_1000000.txt
  • Deepmagic.com_top500prefixes.txt
  • Fierce_hostlist.txt
  • Namelist.txt
  • Names.txt
  • Sorted_knock_dnsrecon_fierce_recon-ng.txt
  • Subdomains-top1mil-110000.txt

Project Address

Kubebot’s project address is [Portal] GitHub*