BlackCat

🐈🎃 Dependencies can be spooky! 🎃🐈

BlackCat is a tool for the centralization of github dependency scanning outputs, mainly through output to splunk, which allows for
better tracking and reporting at an organizational level using GitHub’s dependency scanning functionality.

Setup and Installation

Configuration

Before you begin, There’s a few pieces of information blackcat needs:

A github token for accessing dependencies. This will require read:org and repo
permissions on an account with visibility to your security vulnerabilities (likely an admin).
(Optional) A token for splunks’ HTTP Event Collectors (HECs)

You should put these two items in the config.yml(see config.example.yml for reference) file, along with any other additional options
If you’re using kubernetes, put these values in k8s/secrets.yml instead.

Deployment Info

Now that you’ve configured BlackCat, it can be deployed in a few ways:

Using pythons’ pipenv
Using Docker
Using kubernetes

Using Pipenv

Install pipenv: pip install pipenv
Install the dependencies (from within the project directory): pipenv install
Run the enable command (will enable dependency scans organization-wide, may be noisy):
pipenv run python blackcat/main.py --enable
Run: pipenv run python blackcat/main.py

Using Docker

Install docker
Build the image using docker build -t blackcat:latest .
Run the enable command (will enable dependency scans organization-wide, may be noisy):
docker run blackcat:latest --enable
Run the main command docker run blackcat:latest

Using Kubernetes

This assumes a basic knowledge of kubernetes, as well as an existing cluster and registry.

Go through the steps described in the Using Docker section above and publish that image to your container registry
Modify k8s-cron.spec to run at whatever interval you want (Defaults to every day at 15:00:00)
Put your secrets in secrets.yml (More Info)
Run kubectl apply -f ./k8s/secrets.yml
Run kubectl create -f ./k8s/k8s-cron.spec
Run kubectl create -f ./k8s/enabler-cron.spec