Deploy Watchdog: Open-Source Asset Management & Security Scanning Platform
This guide introduces Watchdog, an upgraded, web-based security platform derived from Bayonet, and provides step-by-step instructions for installing, configuring, and deploying it across multiple Ubuntu nodes, including database setup, Flask service launch, and activation of sub-domain, port, URL, and Xray scanning modules.
Introduction
Bayonet is an integrated web‑based security tool suite that helps penetration testers manage IT assets.
Features
Sub‑domain scanning: oneforall
Port service scanning: Shodan + asynchronous socket + Nmap (IP database, CDN detection)
URL availability probing
Browser‑driven crawler: crawlergo
Passive vulnerability scanning: xray
Watchdog – the upgraded version
Watchdog is a modified Bayonet with redesigned database, web interface, and scanning modules; it is currently under development.
Demo
Three VPS are deployed: node a runs the database, web server, and client tools; nodes b and c run only the client tools.
Installation
Example on a fresh Ubuntu 16.04 system.
# 1. Install Python 3 environment (Miniconda recommended)
wget https://repo.anaconda.com/miniconda/Miniconda3-latest-Linux-x86_64.sh
sh Miniconda3-latest-Linux-x86_64.sh # follow prompts
# 2. Create a Python 3.8 environment
conda create --name python python=3.8
conda activate python
# 3. Install required system packages
apt-get update
apt install build-essential libssl-dev libffi-dev python3-dev
apt install nmap
sudo apt-get install chromium-browser
# 4. Install Python dependencies
git clone https://github.com/CTF-MissFeng/Watchdog.git
cd Watchdog
pip install -r requirements.txt
# 5. Install and configure PostgreSQL
apt install postgresql postgresql-contrib
sudo -u postgres psql
\password postgres
# 6. Enable remote access for PostgreSQL (modify postgresql.conf and pg_hba.conf)
# 7. Adjust project configuration files
vim Watchdog/web/config.py
vim Watchdog/client/database.py
# 8. Run Watchdog
cd Watchdog
export FLASK_APP=app.py:APP
flask createdb
flask createuser # default root/qazxsw@123
flask run -p 80 -h 0.0.0.0
nohup flask run -p 80 -h 0.0.0.0 > web.log 2>&1 &
# 9. Configure and start each tool module
# Sub‑domain scanning (oneforall) – set Shodan API key in client/subdomain/oneforall/config.py
cd client/subdomain/oneforall
nohup python -u sbudomain_run.py > dns.log 2>&1 &
cat dns.log
# Port scanning
cd client/portscan
nohup python -u portscan_run.py > port.log 2>&1 &
cat port.log
# URL probing
cd client/urlscan/url_probe
nohup python -u urlscan_run.py > url.log 2>&1 &
cat url.log
# Xray scanning
cd client/urlscan/xray
nohup python -u xray_run.py > xray.log 2>&1 &
cat xray.logMulti‑node deployment
Additional nodes do not need the database or web server; they only require the client environment and a database connection pointing to the primary node.
Related Links
DevSecOps研发安全实践—测试篇
DevOps中安全测试工具推荐
【安全测试】Ostorlab:一款功能强大的资产安全扫描平台
Software Development Quality
Discussions on software development quality, R&D efficiency, high availability, technical quality, quality systems, assurance, architecture design, tool platforms, test development, continuous delivery, continuous testing, etc. Contact me with any article questions.
How this landed with the community
Was this worth your time?
0 Comments
Thoughtful readers leave field notes, pushback, and hard-won operational detail here.