Tool for catching and logging different types of requests.
This project was initially started as a part of Digital Security's internship "Summer of Hack 2020".
TukTuk is an open source tool that designed to make pentester's life easier by catching and logging different types of requests. TukTuk is written in Go, but has a little part of python code.
Also if you wondering why project naming is so strange - TukTuk stands for Knock-Knock in Russian.
pip3 install git+https://github.com/ArturSS7/[email protected]
In order to set up DNS do the following: - Make A record ns.example.com which points your ip - Make NS record e.example.com with contents of ns.example.com - Make A record on example.com which points your ip - Make MX record on example.com
Example shows how to setup TukTuk for *.h.example.com if your VPS' IP is 1.3.3.7. Main DNS is Cloudflare in our case, but you can use what you want
Just run two scripts: - install.sh - db_init.sh
After doing the project will be moved to $GOPATH/src/TukTuk You can run it with ./TukTuk
The example configuration file is located in
config/Config.json.example. There you can configure your domain settings, credentials and alerts Move the file to
Config.jsonif you are going to run the project. Please change default credentials.
Create a bot and get a token is here. You can get
Chatidusing this bot
@m4n_idbot. Set Telegram token in the
TelegramBotfield. In the
Chatidfield, set your chat id. The default length of the alert is "short" (protocol name + source ip + link to the admin panel), "long alert" - all information about the message)
Server settings->
Webhooks->
Create Webhook.
Set Discord Webhook URL in the
Webhookfield.
Go to Quickstart Go to get the
Config.jsonfile then put it at the
emailalert/Config.jsonpath and run tuktuk. After starting, follow the generated link and give permission to send emails. Enter the received token into the console. Restart the server. Yes, it's not convenient. In the future we will bring the configuration to the admin panel.
You will have to get a wildcard certificate for your domain. You can do this with cert-bot. A good article which will help you is here. First start the app and then start the bot. During setting up certificates cert-bot will ask you to add TXT challenge to you domain. Add the TXT challenge in the
Config.jsonfile and continue. After getting certificate put its path to the config file.
TukTuk is designed not only to log requests, but to alert in case of it. Current alert options are: - Telegram - Discord Webhook - GMail
Additional alert types can be added by writing a module. Feel free to make a pull request!
TukTuk is featuring a little web interface where user can manage some of the settings or look for logged request.