Horizon3.ai - Automated Pen Testing as a Service

Documentation

NodeZero Host

NodeZero Host is a Docker host that runs the NodeZero container. Think of it as the starting point for an attacker. You decide where you want the Attacker's Perspective to start and drop a NodeZero Host there. This host has to be running prior to the operation in order to download and execute NodeZero, and must continue running during the operation. Once the operation is complete, you are free to shutdown or remove the host from the network.

If a different distribution is desired contact the H3 team to determine suitability. It is likely that most distributions will run NodeZero without issue, we just haven't written checks or validated all of them.

Ideal Host System Requirements

  • OS
    • Ubuntu 16.04, or 18.04
    • Redhat 7 or greater.
  • 2 CPU
  • 4GB RAM
  • Network Access (See Connectivity Requirements below for more specific information)
    • HTTPS:443 access to AWS SQS, Cognito, S3, and ECR
  • 10GB free HDD space
  • Docker installed (Latest version)
    • See Docker installation instructions below
Connectivity Requirements

The brains of your personal ethical hacker lives in a single use architecture in the cloud. We call it Core. The NodeZero host needs access to Core over https:443 in order to communicate with it. Think of this communication as the central nervous system. Your brain, must send messages to your hands and your hands need to send feedback to your brain so that it can analyze and decide the next best action.

  • From a Service perspective, NodeZero must be able to communicate with Core. We currently utilize AWS SQS, Cognito, and S3 over HTTPS:443. This is NOT used as part of the assessment and must be allowed.
  • Assessment Perspective: Do NOT modify your environment. NodeZero is not like any other service or tool. If you wouldn't modify it for an attacker, don't modify it for NodeZero...If your firewall is configured to block your marketing VLAN from reaching your finance VLAN, leave it. NodeZero will VERIFY that is actually happening.

If your environment connects to the internet via a proxy, this will affect NodeZero's ability to communicate out. Contact us to facilitate compatibility.


Docker

https://opensource.com/resources/what-docker

"Docker is a tool designed to make it easier to create, deploy, and run applications by using containers. Containers allow a developer to package up an application with all of the parts it needs, such as libraries and other dependencies, and deploy it as one package. By doing so, thanks to the container, the developer can rest assured that the application will run on any other Linux machine regardless of any customized settings that machine might have that could differ from the machine used for writing and testing the code."

Installation

To install docker on Ubuntu, perform the following steps:

sudo su
apt-get update
apt-get install docker-ce docker-ce-cli containerd.io

You can get more information on installing docker engine for different operating systems in the docker documentation

Validation

Once the installation is complete, validate your NodeZero host is ready to run operations by running the NodeZero environment validation script (preferred)

Run the following command to run the script

curl https://h3ai-web.s3.amazonaws.com/checkenv.sh | bash

The output should look similar to the following


# curl https://h3ai-web.s3.amazonaws.com/checkenv.sh | bash
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100 18646  100 18646    0     0  61134      0 --:--:-- --:--:-- --:--:-- 61134

[#] This script validates the environment is ready to run NodeZero.

[#] Checking Operating System:
[+] PASSED: macOS is a supported Operating System.

[#] Gathering environmental variables to conduct further checks:
[+] PASSED: All environmental variables set and proceeding with next checks.

[#] Checking Docker functionality by running the hello-world test container:
[+] PASSED: Docker is installed and functioning properly.

[#] Checking Docker permissions to volume mount files from /Users/test/test directory:
[+] PASSED: Docker permissions are correct for the /Users/test/test directory location.

[#] Checking connectivity to AWS resources:
[+] PASSED: s3.us-east-2.amazonaws.com is reachable.

[#] Checking 6GB HDD space requirements:
[+] PASSED: There is enough space for the NodeZero container: 34.0386GB

[#] Checking memory requirements:
[+] PASSED: This system has 32GB RAM which meets the recommended minimum to support NodeZero.

[#] Checking compute resource requirements:
[+] PASSED: This system has 20 CPUs which meets the minimum logical CPU requirements to run NodeZero.

[#] Script complete. If any checks failed, correct and re-run before attempting to 'Run a Pen Test'. If all checks passed, the environment is NodeZero ready. If there are warnings, the environment is still NodeZero ready and you may choose to accept or correct the warnings.

If you run into any Failures, please contact us via the chat icon in the lower right hand corner of the portal, or shoot us a message at customer.success@horizon3.ai