'SWEETMON' is a fuzzer monitoring service based python3 + django. User can check their fuzzers and crashes on the web. It can reduce repetitive work for fuzz testers.

Sweetmon provides several useful things for monitoring fuzzers and crashes.

• Monitoring
  • Fuzzers
    • IP, fuzzer name, status
    • Number of crashes
• Monitoring Crashes
  • First or last reported time
  • Number of (duplicated) crashes
  • Generate one-time-url to download crash.
  • Crash logs
  • Crash informations (name, machine, summary, debug log, size)
  • Notification (via Telegram or email)
• Up/download fuzzer and testcase
  • Host testcase or fuzzer file
• Issue
• Support multiple user

1. Initial screen

   

2. User Profile

   

3. Fuzzer list

   

4. Fuzzer information

   

5. Crash list

   

6. Crash details

   

7. Crash details (2)

   

8. Testcase & Fuzzer list

   

9. Testcase & Fuzzer details

   

10. Issue list

    

11. Issue Details

    

12. Statistics

    

• Environment
  • Ubuntu 16.04.3 LTS (Server, Clean vm)

1. Install Ubuntu.

2. Download the installer

   wget https://raw.githubusercontent.com/sweetchipsw/sweetmon/master/install.sh -O install.sh

3. Set 'DOMAIN' on install.sh

   #!/bin/bash
   # SWEETMON Installer
   ###
   # Modify under contents
   ###
   DOMAIN='' # domain.com || 192.168.123.123
   EMAIL='[email protected]'

4. Run installer.

   bash install.sh

5. Done!

• Environment
  • Ubuntu 16.04.2 LTS (Server)

1. Install python3 + apache2 + virtualenv and sweetmon

   sudo apt install python3 python3-pip
   sudo apt install apache2
   sudo apt install virtualenv
   git clone https://github.com/sweetchipsw/sweetmon.git

2. Update your server and Install dependencies

   sudo apt update
   sudo apt upgrade -y
   sudo apt install -y python3 python3-pip apache2 virtualenv libapache2-mod-wsgi-py3 letsencrypt git

3. Clone sweetmon project & Set env

   git clone https://github.com/sweetchipsw/sweetmon.git
   export LOCATION=`pwd`
   export VENV='sweetmon_venv'

4. Install && Activate virtualenv.

   virtualenv -p python3 sweetmon_venv
   . sweetmon_venv/bin/activate

5. Install django + dependencies.

   sudo pip3 install -r requirements.txt

6. Make configuration file

   sudo vim /etc/apache2/sites-available/sweetmon.conf

7. Paste under contents.

   <VirtualHost *:80>
       WSGIScriptAlias / $LOCATION/sweetmon/sweetmon/wsgi.py
       WSGIDaemonProcess sweetmon python-path=$LOCATION/sweetmon/ python-home=$LOCATION/$VENV/lib/python3.5/site-packages
       WSGIProcessGroup sweetmon
   
       ServerName $DOMAIN
       ServerAlias $DOMAIN
       ServerAdmin $EMAIL
   
       DocumentRoot $LOCATION/sweetmon/
   
       ErrorLog /var/log/apache2/sweetmon_error.log
       CustomLog /var/log/apache2/sweetmon_custom.log combined
   
       Alias /robots.txt $LOCATION/sweetmon/static/robots.txt
       Alias /assets/admin $LOCATION/$VENV/lib/python3.5/site-packages/django/contrib/admin/static/admin
       Alias /assets $LOCATION/sweetmon/static/
       <Directory $LOCATION/sweetmon/>
           Require all granted
       </Directory>
   
       <Directory $LOCATION/sweetmon/sweetmon/ >
       <Files wsgi.py>
           Require all granted
       </Files>
       </Directory>
   
       <Directory $LOCATION/$VENV/lib/python3.5/site-packages/django/contrib/admin/static/admin/ >
           Require all granted
       </Directory>
   </VirtualHost>
   

8. Restart apache2 server

   sudo a2ensite sweetmon
   sudo service apache2 restart

9. Migrate DB / Set permission / Create super admin

   cd $LOCATION/sweetmon
   python3 manage.py makemigrations
   python3 manage.py migrate
   sudo chown www-data:www-data ./ -R
   python manage.py createsuperuser

10. Done.

• Not completed yet

1. Install Letsencrypt

   sudo apt install letsencrypt

2. Check your port-forwarding status.

   1. 80 (http)
   2. 443 (https)

3. Generate SSL Certificate

   sudo letsencrypt certonly -a standalone -d domain.com

4. Make configuration file for https.

5. Enable SSL & Restart apache2 server

6. Done!

• Not tested on these OS. But it will works.

• To make your server secure, you should change SECRET_KEY.

# SECURITY WARNING: keep the secret key used in production secret!
# - Please Change this key before install on server.
# SECRET_KEY = 'y3r$r7#g(g_6xt!q35ct=6sqt0kiihqe2vc#k%bktayz@vok2v'
SECRET_KEY = '....'

• Generate 'new' SECRET_KEY

import random
print(''.join(random.SystemRandom().choice('abcdefghijklmnopqrstuvwxyz0123456789!@#$%^&*(-_=+)') for i in range(50)))

# '(vj1g8ps3a7li%g%go6uno4!n(9dfegsj7mvbicy$vv&c#!ak4'

• Check https://github.com/sweetchipsw/sweetmon_client

1. Pull Requests are always welcome!
2. Please create Issue or send me an email to me if you have any questions or requests.

• Template : Dashgum by Alvarez.is / You can find it here.
• Donation
  • Bitcoin : 1M7usjq5PNz7vjWz1oyyzj2VHwKC6EmSsi
  • Ethereum : 0x93357b84488DDC8D52e2C6E51dF745B026F95B71