Ansible Roles - froyo75/SpREaD GitHub Wiki
| Name | Description | Vars/Templates/Files Path |
|---|---|---|
| backup_server | Backup Server | Ansible/scripts/ |
| change_hostname | Change Hostname | N/A |
| configure_dns | Changing DNS settings on system | Ansible/roles/configure_dns/defaults/main.yml |
| configure_gandi_dns_records | Configure Gandi DNS Records | Ansible/roles/configure_gandi_dns_records/templates/ (Available DNS Template using Gandi's APIs |
| configure_gandi_glue_records | Configure Gandi Glue Records | N/A |
| configure_mailu | Install and Configure Mailu Service | Ansible/roles/configure_mailu/templates/ |
| configure_letsencrypt | Configure Let's Encrypt SSL certificate | N/A |
| configure_timezone | Configure system's TimeZone | N/A |
| disable_ipv6 | Disable IPv6 on system | N/A |
| disable_unnecessary_services | Disable Unnecessary Services on system | Ansible/roles/disable_unnecessary_services/vars/os_<Distribution>.yml |
| harden_iptables | Harden Firewall rules | Ansible/iptables/ |
| harden_sshd | Harden SSH Service | Ansible/roles/roles/harden_sshd/templates/ |
| install_apache2 | Install and Configure Apache2 Service | Ansible/roles/install_apache2/templates/ (Available Apache2 Templates) |
| install_brc4 | Install and Configure BRC4 server | Ansible/roles/install_brc4/files/ |
| install_cobaltstrike | Install and Configure Cobalt Strike team server | Ansible/roles/install_cobaltstrike/files/ (a 'cs.zip' archive file containing configuration files, profiles, and a license is required) |
| install_havoc | Install and Configure Havoc team server | N/A |
| install_ax | Install, setup and configure a new Ax controller | Ansible/ax/ |
| install_clonesite | Install and Configure a clonesite | Ansible/clonesite/ |
| install_docker | Install Docker service | N/A |
| install_kernel_headers | Install Kernel Headers | N/A |
| install_nginx | Install and Configure NGINX reverse proxy | Ansible/roles/install_nginx/templates/ (Available NGINX Templates) |
| install_redirect_rules | Install Redirect Rules for Apache2 service (redirect.rules) | Ansible/redirect_rules/ |
| setup_docker_container | Setup Docker Containers | Docker/ |
| remove_ssh_keys | Revoke users' access (using SSH public keys) | Ansible/ssh/quarantine |
| update | Update and Upgrade system |
| Name | Description |
|---|---|
| ax/<ansible_inventory_hostname> | Contains the Ax configuration file axiom.json to setup a new Ax controller instance for a specific host |
| cobaltstrike/<ansible_inventory_hostname> | Contains the service scripts |
| brc4/<ansible_inventory_hostname> | Contains brc4 configuration files including certificates + license file + services scripts for a specific host |
| havoc/<ansible_inventory_hostname> | Contains havoc C2 configuration files including certificates + license file + services scripts for a specific host |
| certs/<server_domain> | Contains private keys and certificates in PEM format for a specific domain |
| clonesite/<server_domain> | Contains the clonesite HTML files and folders for a specific domain |
| dkim/<server_domain> | Contain the DKIM key for a specific domain |
| dkim/genDKIMKeys.sh | Bash script to generate a new DKIM key pair for a specific domain and a given Key Size |
| inventory | Contains Ansible’s inventory files and folders includings group's variables (inventory/group_vars) and host's variables (inventory/host_vars) |
| iptables/<service_type> | Contains the iptables rules for a specific service type (e.g brc4 or clonesite or evilginx or gophish or website) |
| redirect_rules/<service_type>/<server_domain> | Contains the dynamic redirect rules for a given service type (e.g c2proxy or clonesite or gophish) and a specific domain |
| roles | Contains all available Ansible roles including variables, tasks, files, templates, and modules |
| scripts | Contains the backup script used by the backup_server role |
| ssh/<op_name> | Contains all SSH public keys (for public key authentication) that will be added to the "authorized_keys" file for the given user "ansible_user" |
| ansible.cfg | Contains the Ansible configuration settings |
| init-ax.yml | Ansible playbook for deploying a new Ax controller |
| init-vps.yml | Ansible playbook for deploying and hardening a new VPS |
| init-clonesite.yml | Ansible playbook for deploying a new clonesite |
| init-c2proxy.yml | Ansible playbook for deploying a new C2Proxy |
| init-c2proxy-cdn.yml | Ansible playbook for deploying a new C2Proxy with NGINX + CDN |
| init-c2server.yml | Ansible playbook for deploying a new C2 server |
| init-gophish.yml | Ansible playbook for deploying a new Gophish server |
| init-gophish-evilginx.yml | Ansible playbook for deploying a new Gophish server with Evilginx support |
| init-mailu.yml | Ansible playbook for deploying a new Mailu server |
| init-nextcloud.yml | Ansible playbook for deploying a new NextCloud server |
| init-evilginx.yml | Ansible playbook for deploying a new Evilginx server |
| init-evilginx-cdn.yml | Ansible playbook for deploying a new Evilginx server with CDN support |
| revoke-ssh-access.yml | Ansible playbook for revoking users' access (using SSH public keys) |
| Name | Specific Options/Modes |
|---|---|
| c2server | ratel or boomerang (brc4) |
| c2proxy | N/A |
| c2proxy-cdn | N/A |
| ax | N/A |
| clonesite | N/A |
| evilginx | N/A |
| evilginx-cdn | CDN endpoint names |
| gophish | N/A |
| gophish-evilginx | N/A |
| mailu | dkim selector + key |
| nextcloud | N/A |
| Template Path | Description |
|---|---|
| Ansible/roles/configure_gandi_dns_records/templates/default-a.j2 | Setting up a simple A Record for a given domain |
| Ansible/roles/configure_gandi_dns_records/templates/default-smtp.j2 | Setting up standard SMTP DNS records for a given domain |
| Ansible/roles/configure_gandi_dns_records/templates/mailgun-eu.j2 | Setting up Mailgun EU SMTP DNS records for a given domain |
| Template Path | Description |
|---|---|
| Ansible/roles/install_apache2/templates/c2proxy-https.j2 | C2Proxy configuration with Let's Encrypt + dynamic redirect rules |
| Ansible/roles/install_apache2/templates/default-https.j2 | Standard HTTPS server configuration with Let's Encrypt |
| Ansible/roles/install_apache2/templates/default-http.j2 | Standard HTTP server configuration |
| Template Path | Description |
|---|---|
| Ansible/roles/install_nginx/templates/default.j2 | Default HTTP/HTTPS template configuration |
| Ansible/roles/install_nginx/templates/c2proxy-cdn.j2 | C2Proxy configuration with Let's Encrypt + CDN support |
| Ansible/roles/install_nginx/templates/evilginx-cdn.j2 | HTTP/HTTPS template configuration for Evilginx with CDN support |
| Ansible/roles/install_nginx/templates/nginx.conf.j2 | NGINX server configuration |
| Path | Description |
|---|---|
| Ansible/roles/install_ax/files/axiom_aws_cleanup.sh | Delete the security group and remove the Amazon Machine Image (AMI) associated with the Ax profile. |
| Ansible/roles/install_ax/files/fix_aws_axiom_account_setup.sh | Fix AWS Ax account setup when performing an unattended install, it also add a new security group for Ax EC2 instances. |
| Ansible/roles/install_ax/files/getinfos.sh | Retrieve information from Ax instances (e.g. Hostname, IP Infos, DNS config etc.). |
| Ansible/roles/install_ax/files/recon_ax.sh | Automate reconnaissance using a specific Ax fleet. It uses a lot of techniques (passive/active subdomain enumeration, ports scanning, screenshots, nuclei scans, Fetch known URLs etc...). |