Skip to main content

An open source purpleteaming and CTF platform.

Project description

Versions Contributors License Docs

Tanzanite is an open source platform for managing users and compute instances when running purpleteam training sessions, cyber exercises, and “capture the flag” contests.

Features

  • The tanzanite platform provides two user interfaces on the front end.

    • The first is a general Python command line interface (CLI) built on the OpenStack cliff (Command Line Interface Formulation Framework).

      • cliff provides many useful features like modularizing subcommands into groups, built-in help for internally documenting commands, and producing output in clean tabular form or in one of several data formats you can feed into other tools or automation platforms.

      • The CLI not only makes developing and testing API features faster and easier, but it also enables better integration with other open source tools through scripting and provides a quick remote interface for those running an exercise or CTF.

    • The second is a basic web application GUI.

      • The web app is served by FastAPI along with the API using Jinja2 HTML templates.

      • The built-in OpenAPI schema interface will help you write your own custom GUI or integrate Tanzanite with your own web application front end.

  • Both of these front ends access the backend database, compute instance management, and related services via an API based on the FastAPI framework.

    • Configuration settings and storage of sensitive data on the backend uses a Python Secrets (psec) environment. This decouples storage of secrets from source code, making it easier and safer to develop and test new features or proprietary enhancements to the system.

    • The sqlalchemy SQL toolkit and Object Relational Mapper are used for generalizing access to local or remote databases. Local database support for testing and interactive debugging uses sqlite3, while Postgres is supported for more robust production deployments.

  • The platform is parially self-documenting through integration of Sphinx documentation for generation both locally and through ReadTheDocs. CLI commands are documented using cliff autoprogram Sphinx integration, giving you the same output you get using the --help flag on the command line.

  • The source repository comes preconfigured for unit testing with pytest, Python security vulnerability scanning with bandit, integration and system testing with BATS (bats-core), and Python library dependency security scanning with GitHub’s dependabot.

  • Support for testing against multiple versions of Python is handled by Tox.

  • Interactive development and debugging is supported by pre-configuration of VSCode, allowing easy debugging of the CLI client components, the web application components and server backend, or even the client components and server at the same time.

  • Version numbering for development and test versions follows a date-based versioning scheme tracking Git repository status. Version number bumping is managed using bump2version.

  • Development and production testing and release workflows are processed by GitHub Actions with automatic package publication to PyPI or Test PyPI when you push a new version tag on the main branch, or a special rc tag on the develop branch.

Contact

Dave Dittrich <dave.dittrich@gmail.com>

Copyright © 2019-2021 Dave Dittrich. All rights reserved.

Credits

This package was created with Cookiecutter from the <https://github.com/davedittrich/cookiecutter-cliffapp-template> project template. It derives some of its features and inspiration from <https://github.com/veit/cookiecutter-namespace-template> and <https://github.com/audreyfeldroy/cookiecutter-pypackage>.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

tanzanite-2022.3.1.tar.gz (35.0 MB view details)

Uploaded Source

Built Distribution

tanzanite-2022.3.1-py3-none-any.whl (35.0 MB view details)

Uploaded Python 3

File details

Details for the file tanzanite-2022.3.1.tar.gz.

File metadata

  • Download URL: tanzanite-2022.3.1.tar.gz
  • Upload date:
  • Size: 35.0 MB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/3.8.0 pkginfo/1.8.2 readme-renderer/34.0 requests/2.27.1 requests-toolbelt/0.9.1 urllib3/1.26.9 tqdm/4.63.1 importlib-metadata/4.11.3 keyring/23.5.0 rfc3986/2.0.0 colorama/0.4.4 CPython/3.9.12

File hashes

Hashes for tanzanite-2022.3.1.tar.gz
Algorithm Hash digest
SHA256 bd10c3d7e77b5db2f9b64d6084b8edfc4755490c2dde096b9f215537c807fd15
MD5 fddc7b8081290f31f882af8de08f3fa7
BLAKE2b-256 059220b4c6a1b4b69e57469f4f17151542efb7d5380aa9fa14fe4af92f228670

See more details on using hashes here.

File details

Details for the file tanzanite-2022.3.1-py3-none-any.whl.

File metadata

  • Download URL: tanzanite-2022.3.1-py3-none-any.whl
  • Upload date:
  • Size: 35.0 MB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/3.8.0 pkginfo/1.8.2 readme-renderer/34.0 requests/2.27.1 requests-toolbelt/0.9.1 urllib3/1.26.9 tqdm/4.63.1 importlib-metadata/4.11.3 keyring/23.5.0 rfc3986/2.0.0 colorama/0.4.4 CPython/3.9.12

File hashes

Hashes for tanzanite-2022.3.1-py3-none-any.whl
Algorithm Hash digest
SHA256 4205301bfcd7946376d766f4eaf6ed08a83eba782cda7b3fccfd11065404dfee
MD5 7014cf50dd38cd63bb5ce66f8f396c11
BLAKE2b-256 a41e9955ad2252a4eaac269c114e253153d2293ade62849135b089bc2591b0d2

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page