Skip to content

beaglesecurity/beagle-wercker-step

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

50 Commits
 
 
 
 
 
 
 
 
 
 

Repository files navigation

beagle-step

To trigger Beagle penetration testing from Wercker

Prerequisites

  • Obtain Application Token and Access Token from Beagle Dashboard
  • Add the Environment variables ACCESS_TOKEN and APPLICATION_TOKEN to Wercker Project.

What is Beagle?

Beagle is an intelligent and holistic platform to make your applications hack-proof. The platform provides continuous and automated Penetration Testing (under human supervision) for organizations, so that they can always stay on top of the cyber threats.

In short, Beagle finds out how deep your system can be penetrated. Know it before the hackers do!

Generate your Access Token From Beagle User Settings:

Settings -> Access token -> Generate your new personal access token

Generate user token

Generate your Application Token From Beagle

Home -> Applications -> Select your application -> Settings -> Application token

Get application token

Setting up Environment

  1. Open your Wercker project
  2. Navigate to Environment
  3. Add the environment variables ACCESS_TOKEN and APPLICATION_TOKEN, Check Protected(Recommended).
    • Ensure that the variable names are named as follows : ACCESS_TOKEN, APPLICATION_TOKEN environment

Specifying the Variables in steps

steps:
  - beaglesecurity/[email protected]:
      ACCESS_TOKEN:        <string> 
      APPLICATION_TOKEN: <string> 
  • For ACCESS_TOKEN Replace <string> with $ACCESS_TOKEN
  • For APPLICATION_TOKEN Replace <string> with $APPLICATION_TOKEN
  • For Security Reasons it is always recommended to set tokens in your project environment. Never pass tokens as plaintext through steps!!

Install curl

In order to use this step you've have to install curl in your box. If already installed skip this step.

  • For installing curl, for debian based box add the following snippet to your wercker.yml file's steps: of yaml-pipeline-name: section.
- install-packeges:
 packages: curl
  • An example will look like this, my yaml-pipeline-name is build
box: ubuntu
build:
 steps:
  - install-packages:
   packages: curl

Full Example

box: ubuntu
build:
 steps:
  - install-packages:
   packages: curl
  - beaglesecurity/beagle-security:
   ACCESS_TOKEN: $ACCESS_TOKEN 
   APPLICATION_TOKEN: $APPLICATION_TOKEN

Notes

If you want to create a new pipline for beagle test trigger. Add the following snippet to your wercker.yml file.

beagle-trigger:
 steps:
  - install-packages:
   packages: curl
  - beaglesecurity/beagle-security:
   ACCESS_TOKEN: $ACCESS_TOKEN 
   APPLICATION_TOKEN: $APPLICATION_TOKEN
  • Create a new pipline from workflow. configure as follows pipline
  • You can add this to your work flow, or your can trigger this after your build from Actions actions

Authors

  • Beagle Security

License

This project is licensed under the MIT License - see the LICENSE.md file for details

About

To trigger Beagle penetration testing from Werker

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Contributors 3

  •  
  •  
  •  

Languages