View Issue Details

IDProjectCategoryView StatusLast Update
0002615Kali LinuxQueued Tool Additionpublic2020-12-01 11:12
Reporterwillis Assigned To 
PrioritynormalSeverityminorReproducibilityN/A
Status acknowledgedResolutionopen 
Summary0002615: SERPICO - penetration testing report generation and collaboration tool
Description

Serpico is a penetration testing report generation and collaboration tool. It was developed to cut down on the amount of time it takes to write a penetration testing report.

Is the tool useful/functional in a Penetration Testing environment?

  • Yes. There are a number of companies that use Serpico to create their pen testing reports.

Does the tool overlap functionality of other existing tools?

  • For some use cases Dradis and Serpico have overlapping goals. Serpico is primarily focused in cutting down the amount of time the reporting process takes. Collaboration is a complimentary component to simplifying reporting.

Does the licensing of the tool allow for free redistribution?

  • Yes; 3-Clause BSD license.

How much resources does the tool require? Will it work in a “standard” environment?

  • Very little; for Blackhat Arsenal last year we had it running on a raspberry pi which users could connect to. It is written in ruby and requires 8 (mostly standard) gems.

Requirements for fresh install of Kali-2.0 Light:
apt-get install libsqlite3-dev libxslt-dev libxml2-dev ruby ruby-dev gcc zlib1g-dev

The code is available on github:
https://github.com/MooseDojo/Serpico

Activities

willis

willis

2015-11-09 22:16

reporter   ~0004209

Added a video on YouTube to demonstrate basic functionality:

https://www.youtube.com/watch?v=G_qYcL4ynSc

g0tmi1k

g0tmi1k

2018-01-29 14:12

administrator   ~0008336

To help speed up the process of evaluating the tool, please make sure to include the following information (the more information you include, the more beneficial it will for us):

  • [Name] - The name of the tool
  • [Version] - What version of the tool should be added?
    --- If it uses source control (such as git), please make sure there is a release to match (e.g. git tag)
  • [Homepage] - Where can the tool be found online? Where to go to get more information?
  • [Download] - Where to go to get the tool?
  • [Author] - Who made the tool?
  • [Licence] - How is the software distributed? What conditions does it come with?
  • [Description] - What is the tool about? What does it do?
  • [Dependencies] - What is needed for the tool to work?
  • [Similar tools] - What other tools are out there?
  • [How to install] - How do you compile it?
  • [How to use] - What are some basic commands/functions to demonstrate it?
willis

willis

2018-02-08 14:28

reporter   ~0008639

Thanks @g0tmi1k.

  • [Name] - The name of the tool
    Serpico

  • [Version] - What version of the tool should be added?
    Serpico 1.2.2.1 is the newest release (https://github.com/SerpicoProject/Serpico/releases/tag/1.2.2.1) and compatible with Kali's version of Ruby. Should we create a specific release or tag for Kali?

  • [Homepage] - Where can the tool be found online? Where to go to get more information?
    https://github.com/SerpicoProject/Serpico

  • [Download] - Where to go to get the tool?
    https://github.com/SerpicoProject/Serpico/releases

  • [Author] - Who made the tool?
    https://github.com/BuffaloWill originally, though we have had a number of different contributors since then.

  • [Licence] - How is the software distributed? What conditions does it come with?
    BSD 3-Clause

  • [Description] - What is the tool about? What does it do?
    Serpico is a penetration testing report creation tool primarily focused on cutting down on the amount of time it takes to create a custom report. Our mantra is make reporting suck less.

  • [Dependencies] - What is needed for the tool to work?
    We recently updated Serpico to match the Ruby version used in Kali. For dependencies, the Gemfile has the additional Gems needed and the following packages are also required:

    apt-get install libsqlite3-dev libxslt-dev libxml2-dev zlib1g-dev gcc
  • [Similar tools] - What other tools are out there?

  • [How to install] - How do you compile it?

  • [How to use] - What are some basic commands/functions to demonstrate it?
    This video shows off the main features of Serpico in two minutes or less:
    https://youtu.be/Sj7DkaQyx5o

g0tmi1k

g0tmi1k

2020-03-25 13:38

administrator   ~0012544

@kali-team, please could this be packaged up.
@author, If you want to help the packaging process, you can check the documentation here ~ https://www.kali.org/docs/development/public-packaging

Issue History

Date Modified Username Field Change
2015-09-03 14:03 willis New Issue
2015-11-09 22:16 willis Note Added: 0004209
2015-12-04 22:29 alexhj451 Issue cloned: 0002895
2018-01-29 14:12 g0tmi1k Summary New Tool Request: SERPICO => SERPICO
2018-01-29 14:12 g0tmi1k Note Added: 0008336
2018-02-08 14:28 willis Note Added: 0008639
2020-03-25 13:38 g0tmi1k Note Added: 0012544
2020-03-25 13:39 g0tmi1k Status new => acknowledged
2020-03-25 13:39 g0tmi1k Category New Tool Requests => Queued Tool Addition
2020-06-17 14:58 g0tmi1k Severity feature => minor
2020-12-01 11:12 g0tmi1k Summary SERPICO => SERPICO - penetration testing report generation and collaboration tool