Redeye – A Tool Intended To Help You Manage Your Data During A Pentest Operation

Main / Redeye – A Tool Intended To Help You Manage Your Data During A Pentest Operation

Discription

[![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg-y3KJIqmnW3hxcDVKYM_6gl2t5DQC8qwNCa-7cmo17J1mMhR37d2d2Z_Hcfn1MqCoIvMoaEoVRWCs9ewNccS2DVU-0eoiFwDsBaDVLHJzv7118v7zWqm5gVjuPDX6vRYlB2BqDmsPHFq7l7W075Hgwl3aKtI-9jt3swPCoHyGQfNBXuV2_lZmpVvPJoIq/w640-h432/Redeye_7_Graph.png)]()

This project was built by [pentesters]( “pentesters” ) for pentesters. Redeye is a tool intended to help you manage your data during a [pentest]( “pentest” ) operation in the most efficient and organized way.

## The Developers

Daniel Arad – @dandan_arad && Elad Pticha – @elad_pt

## Overview

The Server panel will display all added server and basic information about the server such as: owned user, open port and if has been pwned.

[![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhqzvo8pcseD8fjwoi0tVsIvvbRPQ41RFfmK8mhe-GQomMA8R_Po99zJibJ7gm09YJ_miVSZG6Y3V15Z2GMhmkHfZijQHiCrzRhJB1zVOMh104LDwTFoWyj3BMdaG8JQnOvQO6tCLeb-INoaM5OP0Bq2bPf4ArqoyIH-Z3cN6IqS4BR3YNbe-c5iE1uaSvR/w640-h370/Redeye_1_Servers.png)]()

After entering the server, An edit panel will appear. We can add new users found on the server, Found [vulnerabilities]( “vulnerabilities” ) and add relevant attain and files.

[![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhVO_t_t6-Ihzn00lUKDPvFkEQQqmy60w8siXPjDSxaP86StulJTMLnfkKcy9Z-u39TXXhRTIwH3jvlKrDNDCRW4pmiPmAiEW5RwP_sFVeb5jXzdycqXhR4QIcL1j7F4NO354wrDidvEBUco09ABHNkShUuhqOR1LvjansUxWw3cZ7B6BliRXHPW0WRfpEC/w640-h432/Redeye_2_EditServer.png)]()

Users panel contains all found users from all servers, The users are categorized by permission level and type. Those details can be chaned by hovering on the username.

[![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjB51G537pNXodQVENNFvf5ekx6smYNSXCfAoHKj_y4tJE5jhiD58xsevAnOx7XCGlE9F8pBt8PGv1uvjI2s8mGnnCU2Eih5HhEEEIBw2bnzvAG5nmHLudEqvDRy6b-uoL3ntBm2W0Tjv-IVgmLDc_yzAx3vXKoJc25m6f9QzdocoOJH4sVY9sf2x3qGWl5/w640-h212/Redeye_3_Users.png)]()

Files panel will display all the files from the current pentest. A team member can upload and download those files.

[![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEioaSK_R19iSbpYHvMhAYz89s2M3CwCT0GeBUnXLs6BvJ4fMowHwbyz_X8_7dCAfWyv5u-hv8O_xzSKdeqGglp0EW2O3BI95e-AjcF5GqUb_AREuBtuZCtAU0EU9ep5JrBGBi6LxkWuegF_syeEOtFNf22zExM5rsl2OgBQU7nprAZvU4iaPQOHSc8II5S-/w640-h428/Redeye_4_Files.png)]()

Attack vector panel will display all found attack vectors with Severity/Plausibility/Risk graphs.

[![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhRIFXIqKIiC11Ooaat3oa-JjGPHaHBM3t5oh1O7wL8vYtYjRuqxhKbdI8cUBwXZsb9IkIfXzCf-ebW9gdaHoKwr0Mu0NuCM4nn1v0X9sDTKbAedrSkTRfx0iK1wuxDlPVCA1Z-0Ih5KzaEqZTmvoh8mGEgc_QIeniBb4gWuRobLFbZzgGq_lsr3hxDHEYR/w640-h358/Redeye_5_AttackVector.png)]()

PreReport panel will contain all the screenshots from the current pentest.

[![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgzqlnr9ybtefz8WFfmu6jwzSwmrd7UWw83ubivCfQckVaAXOHjawJ1gZC4ZBsQabm2WZv6ZUaU1UOzNO0WbY2VLCPg4DcZjUm6oay4SFdm6vIR_nbu00cKEFDJ8364eY_j0t3v1vMGz6yxjZ1Fj57mz_P9zj5WfKhgX7D28HUS0vKD8ZF3XUiPJZop-xx2/w640-h318/Redeye_6_PreReport.png)]()

Graph panel will contain all of the Users and Servers and the relationship between them.

[![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi0ep9ZgQH8agemmjwPvxBZPHRhh3d3a89F9Pmw5DKNDpZ3rPiZScq3BVbQktvIe431IfbYxLbAWs3YrCHzli8jEo6AUjspqoHcualynqNNjtqTWfunVBJCCLXhQTIlD45nDyCToMvLGMHmaKXIVaJ6wEDoh28WBvFhIzWZpb_639E-HaLYJp4J7XWwnmkT/w640-h432/Redeye_7_Graph.png)]()

APIs allow users to effortlessly retrieve data by making simple API requests.

[![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEha_iYdmtTmhod_UPmGeqMX5_F1LszayMAuIEkYSz2s_p3aEFH8FS0urDfVTLThdDFsSn9SCnySK1fllMhxcoFT54M6j3-NaSHwi-upRXaXPNtJulGn2L1kkya-TmKcKd6_A3QODVn-r4Svua3eTy7VNM5a4yMPv8hCzSPobWoG6_yOYJ37Q7KNx3P0h9m8/w640-h264/Redeye_8.png)]()

curl redeye.local:8443/api/servers –silent -H “Token: redeye_61a8fc25-105e-4e70-9bc3-58ca75e228ca” | jq
curl redeye.local:8443/api/users –silent -H “Token: redeye_61a8fc25-105e-4e70-9bc3-58ca75e228ca” | jq
curl redeye.local:8443/api/exploits –silent -H “Token: redeye_61a8fc25-105e-4e70-9bc3-58ca75e228ca” | jq

## Installation

### Docker

Pull from GitHub [container]( “container” ) registry.

git clone https://github.com/redeye-framework/Redeye.git
cd Redeye
docker-compose up -d

Start/Stop the container

sudo docker-compose start/stop

Save/Load Redeye

docker save ghcr.io/redeye-framework/redeye:latest neo4j:4.4.9 > Redeye.tar
docker load

### Source

git clone https://github.com/redeye-framework/Redeye.git
cd Redeye
sudo apt install python3.8-venv
python3 -m venv RedeyeVirtualEnv
source RedeyeVirtualEnv/bin/activate
pip3 install -r requirements.txt
python3 RedDB/db.py
python3 redeye.py –safe

### General

Redeye will listen on:
Default Credentials:

* username: redeye
* password: redeye

Neo4j will listen on:
Default Credentials:

* username: neo4j
* password: redeye

## Special-Thanks

* Yoav Danino for mental support and beta testing.

## Credits

* Sidebar

*
*
* flowchart

*
* download.js

*
* dropzone

*
* Pictures and Icons

*
* licensed by –
* [https://www.freepik.com]( “https://www.freepik.com” )
* Logs

*
* licensed by –

If you own any Code/File in Redeye that is not under MIT License please contact us at: [email protected]

**[Download Redeye]( “Download Redeye” )**Read More

References

Back to Main

Subscribe for the latest news: