Blackdagger GitHub Infra revolutionizes DAST (Dynamic Application Security Testing) by leveraging GitHub Actions runners for enhanced operational security. This guide will walk you through setting up and using the system for your security testing needs.
- Enhanced OPSEC: Perform scans from GitHub's trusted infrastructure
- Avoid Detection: Reduce likelihood of detection by web defenses
- Bypass IP Blocking: Get around IP-based blocking mechanisms
- Stealthy Operations: Conduct security testing with minimal digital footprint
Blackdagger is a single binary tool that is capable of managing and automating complex workflows for various purposes. To improve the experience of users while using Blackdagger, various repositories that contains tested YAML files for complex workflows, easy-to-setup infrastructure for CART and DevSecOps purposes are suggested by the team. With major additions to these repositories, everything that makes Blackdagger better is collected under a framework called Blackdagger: Cyber Workflow Automation Framework.
The framework consist of 5 components:
- Blackdagger: Core of the framework for orchestrating the components and workflows
- Blackcart: A specialized Docker container optimized for Continuous Automated Red Teaming (CART) and DevSecOps pipeline tasks.
- Blackdagger YAMLs: Pre-tested example workflows, demonstrating real-world DevSecOps and CART use-cases, facilitating quick adoption and adaptation.
- Blackdagger Github Infra (this repository): A suite of advanced workflows utilizing GitHub Actions infrastructure for enhanced defense evasion techniques, scalability, and performance.
- Blackdagger Web Kit: A browser extension integrating all core functionalities, enabling direct interaction and execution of Blackdagger workflows from within the browser.
Each component is compatible with each other to run on any environment, for any case and as easy, fast and effective as possible. The framework also enables adding, removing or modifying components to add extra features for new purposes.
- Visit the blackdagger-github-infra GitHub repository
- Click the "Fork" button in the upper right corner
- Wait for the repository to be forked to your account
- After the repository is forked, go to "Actions" tab and enable workflows
- Go to your GitHub account settings
- Navigate to Developer Settings > Personal Access Tokens > Tokens (classic)
- Click "Generate new token"
- Select the following permissions:
repo(Full control of private repositories)workflow(Update GitHub Action workflows)
- Set an expiration date as needed
- Click "Generate token"
- Copy the token immediately (you won't be able to see it again)
- Install the Blackdagger Web Kit extension in your browser
- Open the Web Kit interface
- Navigate to the DAST settings section
- Fill in the required fields:
- Username: Your GitHub username
- Repository Name: Your forked repository name (typically "blackdagger-github-infra")
- GitHub Token: Paste the personal access token you generated
Screenshot of the Blackdagger Web Kit (BWK) interface that allows users to execute attack YAMLs through GitHub. This web interface enables security professionals to configure and launch security tests directly from the browser while utilizing GitHub's runners in the background.
- From the Blackdagger Web Kit interface, browse available YAML configurations:
- Subdomain enumeration tools (subfinder, assetfinder)
- Web scanning tools (httpx, nuclei, ffuf)
- API scanning tools (zap-api-scanner)
- And more!
- Select the desired YAML configuration for your testing needs
- Configure target parameters as required
- Click "Launch" to begin your security test
Image showing the attack initiation screen, which confirms that a security test has been successfully launched. This interface provides confirmation that the Blackdagger system is now executing the configured test through GitHub's infrastructure.
The repository includes numerous pre-configured YAML files for different security testing scenarios:
| Tool | Description | File |
|---|---|---|
| AMAS | Asset Management and Analysis | amas.yaml |
| Assetfinder | Subdomain discovery | assetfinder.yaml |
| BBOT | Security reconnaissance | bbot.yaml |
| Certgrabber | Certificate enumeration | certgrabber.yaml |
| FFUF | Web fuzzing | ffuf.yaml |
| GAU | URL discovery | gau.yaml |
| HTTP Request | Basic HTTP testing | httprequest.yml |
| HTTPX | HTTP probe | httpx.yaml |
| IIS Scanner | IIS server scanning | iis-scanner.yaml |
| Java IIS | Java application scanning | java-iis.yaml |
| Nuclei | Vulnerability scanner | nuclei-scan.yml |
| Nuclei v2 | Enhanced vulnerability scanner | nuclei-scanV2.yml |
| Subfinder | Subdomain discovery | subfinder.yaml |
| ZAP API Scanner | API security scanning | zap-api-scanner.yaml |
| ZAP | Web application scanning | zap.yaml |
- Once a scan is launched, you can monitor its progress:
- Through the Blackdagger Web Kit interface
- Via GitHub Actions in your forked repository
- Results will be available once the workflow completes
Blackdagger integrates with GitHub infrastructure to perform security testing and enumeration. This architecture enables attacks and reconnaissance to be executed through GitHub runners, providing enhanced operational security by leveraging GitHub's trusted infrastructure.
- Blackdagger Core
- BlackCart Docker Container
- Blackdagger Example Workflows
- Blackdagger DevSecOps Workflows
- Blackdagger CART Workflows
- Blackdagger Web Kit
If you encounter issues:
- Verify your GitHub token has the correct permissions
- Ensure your forked repository is properly configured
- Check GitHub Actions logs for detailed error information
- Make sure the Web Kit extension is properly installed and configured
Remember to use these tools responsibly and ethically. Always ensure you have proper authorization before performing security testing against any system or application.