Merge pull request #1349 from yogeshojha/release/2.2.0

reNgine 2.2.0
yogeshojha · Sep 7, 2024 · 302b5f3 · 302b5f3
2 parents 5ea2673 + 589a7f3
commit 302b5f3
Show file tree

Hide file tree

Showing 91 changed files with 7,572 additions and 1,704 deletions.
diff --git a/.github/workflows/auto-release.yml b/.github/workflows/auto-release.yml
@@ -0,0 +1,60 @@
+name: Update Version and Changelog and Readme
+
+on:
+  release:
+    types: [published]
+
+jobs:
+  update-version-and-changelog:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: write
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+
+      - name: Get latest release info
+        id: get_release
+        uses: actions/github-script@v6
+        with:
+          script: |
+            const release = await github.rest.repos.getLatestRelease({
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+            });
+            core.setOutput('tag_name', release.data.tag_name);
+            core.setOutput('body', release.data.body);
+
+      - name: Update version file
+        run: echo ${{ steps.get_release.outputs.tag_name }} > web/.version
+
+      - name: Update CHANGELOG.md
+        run: |
+          echo "# Changelog" > CHANGELOG.md.new
+          echo "" >> CHANGELOG.md.new
+          echo "## ${{ steps.get_release.outputs.tag_name }}" >> CHANGELOG.md.new
+          echo "" >> CHANGELOG.md.new
+          echo "${{ steps.get_release.outputs.body }}" >> CHANGELOG.md.new
+          echo "" >> CHANGELOG.md.new
+          if [ -f CHANGELOG.md ]; then
+            sed '1,2d' CHANGELOG.md >> CHANGELOG.md.new
+          fi
+          mv CHANGELOG.md.new CHANGELOG.md
+
+      - name: Update README.md
+        run: |
+          sed -i 's|https://img.shields.io/badge/version-.*-informational|https://img.shields.io/badge/version-${{ steps.get_release.outputs.tag_name }}-informational|g' README.md
+
+      - name: Commit and push changes
+        run: |
+          git config --local user.email "41898282+github-actions[bot]@users.noreply.github.com"
+          git config --local user.name "github-actions[bot]"
+          git add web/.version CHANGELOG.md README.md
+          if git diff --staged --quiet; then
+            echo "No changes to commit"
+          else
+            git commit -m "reNgine release: ${{ steps.get_release.outputs.tag_name }} :rocket:"
+            git push origin HEAD:${{ github.event.repository.default_branch }}
+          fi
diff --git a/README.md b/README.md
@@ -30,9 +30,12 @@
 <a href="https://opensourcesecurityindex.io/" target="_blank" rel="noopener">
 <img style="width: 282px; height: 56px" src="https://opensourcesecurityindex.io/badge.svg" alt="Open Source Security Index - Fastest Growing Open Source Security Projects" width="282" height="56" /> </a>
 </p>
+<h4>reNgine 2.2.0 is released!</h4>
+<p>
+  reNgine 2.2.0 comes with bounty hub where you can sync and import your hackerone programs, in app notifications, chaos as subdomain enumeration tool, ability to upload multiple nuclei and gf patterns, support for regex in out of scope subdomain config, additional pdf report template and many more. 
+  <b>Check out <a href="https://rengine.wiki/whatisnew/2.2.0">What's new in reNgine 2.2.0!</a></b>
+</p>
 
-<h3>reNgine 2.1.0 is released!</h3>
-<p align="left">Unleash the power of LLM toolkit! Now you can use local LLM models to generate attack surface and vulnerability reports!, Checkout the release-notes!</p>
 
 <h4>What is reNgine?</h4>
 reNgine is your ultimate web application reconnaissance suite, designed to supercharge the recon process for security pros, pentesters, and bug bounty hunters. It is go-to web application reconnaissance suite that's designed to simplify and streamline the reconnaissance process for all the needs of security professionals, penetration testers, and bug bounty hunters. With its highly configurable engines, data correlation capabilities, continuous monitoring, database-backed reconnaissance data, and an intuitive user interface, reNgine redefines how you gather critical information about your target web applications.
@@ -58,10 +61,11 @@ Detailed documentation available at [https://rengine.wiki](https://rengine.wiki)
 * [About reNgine](#about-rengine)
 * [Workflow](#workflow)
 * [Features](#features)
-* [Scan Engine](#scan-engine)
 * [Quick Installation](#quick-installation)
-* [What's new in reNgine 2.0](#changelog)
+* [Installation Video](#installation-video-tutorial)
+* [Community-Curated Videos](#community-curated-videos)
 * [Screenshots](#screenshots)
+* [What's new in reNgine](https://github.com/yogeshojha/rengine/releases)
 * [Contributing](#contributing)
 * [reNgine Support](#rengine-support)
 * [Support and Sponsoring](#support-and-sponsoring)
@@ -158,126 +162,7 @@ reNgine is not an ordinary reconnaissance suite; it's a game-changer! We've turb
 * Identification of related domains and related TLDs for targets
 * Find actionable insights such as Most Common Vulnerability, Most Common CVE ID, Most Vulnerable Target/Subdomain, etc.
 * You can now use local LLMs for Attack surface identification and vulnerability description (NEW: reNgine 2.1.0)
-
-![-----------------------------------------------------](https://raw.githubusercontent.com/andreasbm/readme/master/assets/lines/aqua.png)
-
-## Scan Engine
-
-```yaml
-# Global vars for all tools
-#
-# custom_headers: ['Foo: bar', 'User-Agent: Anything']     # FFUF, Nuclei, Dalfox, CRL Fuzz, HTTP Crawl, Fetch URL, etc
-# enable_http_crawl: true           # All tools
-# threads: 30                       # All tools
-
-subdomain_discovery: {
-  'uses_tools': ['subfinder', 'ctfr', 'sublist3r', 'tlsx', 'oneforall', 'netlas'],  # amass-passive, amass-active, All
-  'enable_http_crawl': true,
-  'threads': 30,
-  'timeout': 5,
-  # 'use_subfinder_config': false,
-  # 'use_amass_config': false,
-  # 'amass_wordlist': 'deepmagic.com-prefixes-top50000'
-}
-http_crawl: {
-  # 'threads': 30,
-  # 'follow_redirect': true
-}
-port_scan: {
-  'enable_http_crawl': true,
-  'timeout': 5,
-  # 'exclude_ports': [],
-  # 'exclude_subdomains': [],
-  'ports': ['top-100'],
-  'rate_limit': 150,
-  'threads': 30,
-  'passive': false,
-  # 'use_naabu_config': false,
-  # 'enable_nmap': true,
-  # 'nmap_cmd': '',
-  # 'nmap_script': '',
-  # 'nmap_script_args': ''
-}
-osint: {
-  'discover': [
-      'emails',
-      'metainfo',
-      'employees'
-    ],
-  'dorks': [
-    'login_pages',
-    'admin_panels',
-    'dashboard_pages',
-    'stackoverflow',
-    'social_media',
-    'project_management',
-    'code_sharing',
-    'config_files',
-    'jenkins',
-    'wordpress_files',
-    'php_error',
-    'exposed_documents',
-    'db_files',
-    'git_exposed'
-  ],
-  # 'custom_dorks': [],
-  'intensity': 'normal',
-  'documents_limit': 50
-}
-dir_file_fuzz: {
-  'auto_calibration': true,
-  'enable_http_crawl': true,
-  'rate_limit': 150,
-  'extensions': ['html', 'php','git','yaml','conf','cnf','config','gz','env','log','db','mysql','bak','asp','aspx','txt','conf','sql','json','yml','pdf'],
-  'follow_redirect': false,
-  'max_time': 0,
-  'match_http_status': [200, 204],
-  'recursive_level': 2,
-  'stop_on_error': false,
-  'timeout': 5,
-  'threads': 30,
-  'wordlist_name': 'dicc'
-}
-fetch_url: {
-  'uses_tools': ['gospider', 'hakrawler', 'waybackurls', 'katana', 'gau'],
-  'remove_duplicate_endpoints': true,
-  'duplicate_fields': ['content_length', 'page_title'],
-  'enable_http_crawl': true,
-  'gf_patterns': ['debug_logic', 'idor', 'interestingEXT', 'interestingparams', 'interestingsubs', 'lfi', 'rce', 'redirect', 'sqli', 'ssrf', 'ssti', 'xss'],
-  'ignore_file_extensions': ['png', 'jpg', 'jpeg', 'gif', 'mp4', 'mpeg', 'mp3'],
-  'threads': 30,
-  # 'exclude_subdomains': false
-}
-vulnerability_scan: {
-  'run_nuclei': true,
-  'run_dalfox': false,
-  'run_crlfuzz': false,
-  'run_s3scanner': false,
-  'enable_http_crawl': true,
-  'concurrency': 50,
-  'intensity': 'normal',
-  'rate_limit': 150,
-  'retries': 1,
-  'timeout': 5,
-  'fetch_gpt_report': true,
-  'nuclei': {
-    'use_nuclei_config': false,
-    'severities': ['unknown', 'info', 'low', 'medium', 'high', 'critical'],
-    # 'tags': [],                 # Nuclei tags (https://github.com/projectdiscovery/nuclei-templates)
-    # 'templates': [],            # Nuclei templates (https://github.com/projectdiscovery/nuclei-templates)
-    # 'custom_templates': []      # Nuclei custom templates uploaded in reNgine
-  }
-}
-waf_detection: {
-  'enable_http_crawl': true
-}
-screenshot: {
-  'enable_http_crawl': true,
-  'intensity': 'normal',
-  'timeout': 10,
-  'threads': 40
-}
-```
+* BountyHub, a central hub to manage your hackerone targets
 
 ![-----------------------------------------------------](https://raw.githubusercontent.com/andreasbm/readme/master/assets/lines/aqua.png)
 
@@ -354,6 +239,12 @@ screenshot: {
 
 For Mac, Windows, or other systems, refer to our detailed installation guide [https://reNgine.wiki/install/detailed/](https://reNgine.wiki/install/detailed/)
 
+### Installation Video Tutorial
+
+If you encounter any issues during installation or prefer a visual guide, one of our community members has created an excellent installation video for Kali Linux installation. You can find it here: [https://www.youtube.com/watch?v=7OFfrU6VrWw](https://www.youtube.com/watch?v=7OFfrU6VrWw)
+
+Please note: This is community-curated content and is not owned by reNgine. The installation process may change, so please refer to the official documentation for the most up-to-date instructions.
+
 ## Updating
 
 1. To update reNgine, run:
@@ -368,11 +259,25 @@ For Mac, Windows, or other systems, refer to our detailed installation guide [ht
     sudo chmod +x update.sh
     ```
 
-## Changelog
+![-----------------------------------------------------](https://raw.githubusercontent.com/andreasbm/readme/master/assets/lines/aqua.png)
+
+## Community-Curated Videos
+
+reNgine has a vibrant community that often creates helpful content about installation, features, and usage. Below is a collection of community-curated videos that you might find useful. Please note that these videos are not official reNgine content, and the information they contain may become outdated as reNgine evolves.
+
+Always refer to the official documentation for the most up-to-date and accurate information. If you've created a video about reNgine and would like it featured here, please send a pull request updating this table.
 
-For the latest updates and changes, please check our [changelog.](https://rengine.wiki/changelog/)
+| Video Title | Language | Publisher | Date | Link |
+|-------------|----------|----------|------|------|
+| reNgine Installation on Kali Linux | English | Secure the Cyber World | 2024-02-29 | [Watch](https://www.youtube.com/watch?v=7OFfrU6VrWw) |
+| Resultados do ReNgine - Automação para Recon | Portuguese | Guia Anônima | 2023-04-18 | [Watch](https://www.youtube.com/watch?v=6aNvDy1FzIM) |
+| reNgine Introduction | Moroccan Arabic | Th3 Hacker News Bdarija | 2021-07-27 | [Watch](https://www.youtube.com/watch?v=9FuRrcmWgWU) |
+| Automated recon? ReNgine - Hacker Tools | English | Intigriti | 2021-07-21 | [Watch](https://www.youtube.com/watch?v=9FuRrcmWgWU) |
+
+We appreciate the community's contributions in creating these resources.
+
+![-----------------------------------------------------](https://raw.githubusercontent.com/andreasbm/readme/master/assets/lines/aqua.png)
 
-![-----------------------------------------------------](https://raw.githubusercontent.com/andreasbm/readme/master/assets/lines/aqua.png)  
 
 ## Screenshots
 
@@ -518,13 +423,6 @@ Thank you for your support!
 
 ![-----------------------------------------------------](https://raw.githubusercontent.com/andreasbm/readme/master/assets/lines/aqua.png)
 
-## License
-
-Distributed under the GNU GPL v3 License. See [LICENSE](LICENSE) for more information.
-
-![-----------------------------------------------------](https://raw.githubusercontent.com/andreasbm/readme/master/assets/lines/aqua.png)
-
-
 ## Reporting Security Vulnerabilities
 
 We appreciate your efforts to responsibly disclose your findings and will make every effort to acknowledge your contributions.
@@ -552,4 +450,10 @@ Thank you for helping to keep reNgine and its users safe!
 
 ![-----------------------------------------------------](https://raw.githubusercontent.com/andreasbm/readme/master/assets/lines/aqua.png)
 
-<p align="right"><i>Note: Parts of this README were written or refined using AI language models.</i></p>
+## License
+
+Distributed under the GNU GPL v3 License. See [LICENSE](LICENSE) for more information.
+
+![-----------------------------------------------------](https://raw.githubusercontent.com/andreasbm/readme/master/assets/lines/aqua.png)
+
+<p align="right"><i>Note: Parts of this README were written or refined using AI language models.</i></p>
diff --git a/docker-compose.dev.yml b/docker-compose.dev.yml
@@ -94,9 +94,6 @@ services:
       - POSTGRES_PASSWORD=${POSTGRES_PASSWORD}
       - POSTGRES_PORT=${POSTGRES_PORT}
       - POSTGRES_HOST=${POSTGRES_HOST}
-      # THIS IS A MUST FOR CHECKING UPDATE, EVERYTIME A COMMIT IS MERGED INTO
-      # MASTER, UPDATE THIS!!! MAJOR.MINOR.PATCH https://semver.org/
-      - RENGINE_CURRENT_VERSION='2.1.3'
     volumes:
       - ./web:/usr/src/app
       - github_repos:/usr/src/github

diff --git a/docker-compose.yml b/docker-compose.yml
@@ -96,9 +96,6 @@ services:
       - POSTGRES_PORT=${POSTGRES_PORT}
       - POSTGRES_HOST=${POSTGRES_HOST}
       - DJANGO_SUPERUSER_PASSWORD=${DJANGO_SUPERUSER_PASSWORD}
-      # THIS IS A MUST FOR CHECKING UPDATE, EVERYTIME A COMMIT IS MERGED INTO
-      # MASTER, UPDATE THIS!!! MAJOR.MINOR.PATCH https://semver.org/
-      - RENGINE_CURRENT_VERSION='2.1.3'
     volumes:
       - ./web:/usr/src/app
       - github_repos:/usr/src/github

diff --git a/scripts/uninstall.sh b/scripts/uninstall.sh
@@ -30,8 +30,8 @@ read -p "$(echo -e ${WARNING}"Are you sure you want to proceed? (y/Y/yes/YES to
 # change answer to lowecase for comparison
 ANSWER_LC=$(echo "$CONFIRM" | tr '[:upper:]' '[:lower:]')
 
-if [[ "$ANSWER_LC" != "y" && "$ANSWER_LC" != "yes" ]]; then
-    print_status "${YELLOW}Uninstall aborted by user.${RESET}"
+if [ -z "$CONFIRM" ] || { [ "$CONFIRM" != "y" ] && [ "$CONFIRM" != "Y" ] && [ "$CONFIRM" != "yes" ] && [ "$CONFIRM" != "Yes" ] && [ "$CONFIRM" != "YES" ]; }; then
+    print_status "${WARNING}Uninstall aborted by user.${RESET}"
     exit 0
 fi
 

diff --git a/web/.version b/web/.version
@@ -0,0 +1 @@
+v2.2.0
diff --git a/web/Dockerfile b/web/Dockerfile
@@ -85,6 +85,7 @@ RUN printf "\
     github.com/tomnomnom/waybackurls@latest\n\
     github.com/projectdiscovery/httpx/cmd/httpx@latest\n\
     github.com/projectdiscovery/subfinder/v2/cmd/subfinder@latest\n\
+    github.com/projectdiscovery/chaos-client/cmd/chaos@latest\n\
     github.com/projectdiscovery/nuclei/v3/cmd/nuclei@latest\n\
     github.com/projectdiscovery/naabu/v2/cmd/naabu@latest\n\
     github.com/hakluke/hakrawler@latest\n\
@@ -103,6 +104,9 @@ RUN printf "\
 # Update Nuclei and Nuclei-Templates
 RUN nuclei -update-templates
 
+# update chaos
+RUN chaos -update
+
 # Copy requirements
 COPY ./requirements.txt /tmp/requirements.txt
 RUN pip3 install --upgrade setuptools==72.1.0