Skip to content

Latest commit

 

History

History
120 lines (94 loc) · 9.61 KB

README.md

File metadata and controls

120 lines (94 loc) · 9.61 KB
Raw

Ghidra Terraform Module

This Terraform module will install Ghidra on an AWS EC2 instance or Linode instance.

Prequisites

General

AWS

Linode

Deploying the module

# Clone the module down
git clone https://github.com/zsrtp/ghidra-terraform-module
cd ghidra-terraform-module

# Initialize and apply Terraform
terraform init
terraform apply

Examples

See here for examples. To use them, reate a terraform.tfvars file in the directory root first before running terraform init and terraform apply.

General Module Information

Requirements

Name Version
terraform ~> 1.2
aws ~> 4.0
linode 1.29.2

Providers

No providers.

Modules

Name Source Version
aws ./modules/aws n/a
linode ./modules/linode n/a

Resources

No resources.

Inputs

Name Description Type Default Required
aws_cidr_block The CIDR range to use for the private network. string "10.0.0.0/24" no
aws_create_dns_record Whether or not to create a dedicated DNS record for the server. If you have a pre-existing Route53 zone in your AWS account, you can set this to true to create a dedicated record on it. bool false no
aws_create_networking Whether or not to create the networking infrastructure for the instance. If you already have a preexsting VPC for the instance(s) to go in, set this to false. bool true no
aws_dns_record_name The name of the DNS record to create on the zone looked up by dns_zone_name. string "ghidra" no
aws_dns_record_ttl The time-to-live for the DNS record number 60 no
aws_dns_zone_name The DNS zone to lookup in the account to provision the DNS record on. string "replaceme" no
aws_instance_type The EC2 instance type to use. string "t3.micro" no
aws_region The AWS region where this infrastructure will be deployed to. string "us-east-2" no
aws_s3_backup Whether or not to create an S3 backup. bool false no
aws_s3_bucket_name The name of the S3 bucket that will be used for the Ghidra database backups. Since S3 buckets have to be globally unique, it's recommended not to set this and let the module generate it for you. string null no
aws_subnet_id The ID of the subnet to lookup and place the instance(s) in. Do no set this if create_networking is true. string null no
aws_volume_type The EBS volume type that will house your Ghidra repos. string "gp2" no
aws_vpc_id The ID of the VPC to lookup and place the instance(s) in. Do not set this if create_networking is true. string null no
ghidra_install_path The filesystem path where the Ghidra server will be installed to. This path should be an absolute path from the filesystem root. string "/opt/ghidra/" no
ghidra_name The name that will be given to the Ghidra instance(s) as a prefix 'ghidra_name-version string "ghidra" no
ghidra_repo_path The filesystem path where any Ghidra repositories will be stored. This path should be an absolute path from the filesystem root. It is recommended to not have this be a subfolder under the Ghidra installation. string "/mnt/repos/" no
ghidra_server_config Config for the server. If you're setting any of the server.conf variables, don't set this. string null no
ghidra_server_log_level The log level of the Ghidra server. Should be one of: FATAL, ERROR, WARN, STATUS, INFO, DEBUG. (server.conf variable) string "INFO" no
ghidra_uri The URI that will be used along with the ghidra_version as a source endpoint for the Ghidra install files. You probably won't need to change this. string "https://github.com/NationalSecurityAgency/ghidra/releases/download/Ghidra_" no
ghidra_uri_override Use this to manually specify the download location of a compressed Ghidra archive. Only set this if you need to use a custom version of Ghidra. string null no
ghidra_version The version of Ghidra to install. string "10.0" no
ghidra_version_map Map of ghidra versions to release dates to properly look up the release URI. You probably won't need to change this unless a new version of Ghidra comes out. map(any) 
{
  "10.0": "20210621",
  "10.0.1": "20210708",
  "10.0.2": "20210804",
  "10.0.3": "20210908",
  "10.0.4": "20210928",
  "10.1": "20211210",
  "10.1.1": "20211221",
  "10.1.2": "20220125",
  "10.1.3": "20220421",
  "10.1.4": "20220519",
  "10.1.5": "20220726"
}
 no
initial_java_heap_size Initial Java Heap Size (in MB). (server.conf variable) number 396 no
linode_config_path Path to your local linode config file. string "~/.config/linode-cli" no
linode_instance_type The Linode instance type to use. string "g6-standard-1" no
linode_region The Linode region where this infrastructure will be deployed to. string "us-east" no
linode_root_password The root password of the Linode instance. string "replaceme" no
linode_token API token to connect to your Linode tenant. string "replaceme" no
max_java_heap_size Maximum Java Heap Size (in MB). (server.conf variable) number 768 no
platform The provider you're deploying to. Should be one of: aws. string "aws" no
repo_device_name The name given to the repo volume in Linux. string "/dev/sdb" no
repo_volume_size The size (in GBs) of the volume that will house your Ghidra repos. number 30 no

Outputs

Name Description
ghidra_private_ip The private IP of the Ghidra instance.
ghidra_public_dns_name The public DNS name given to the EC2 instance.
ghidra_public_ip The private IP of the Ghidra instance.
ghidra_uri The Ghidra download URI.

To-Do

  • All Platforms
    • Add more Terratest cases
    • Bring Ghidra locals block to top level
    • Auto lookup Ghidra archives using http data source
    • Support for Windows (bootstrap script and image support)
  • AWS
    • Spot instance support
    • Block device backup support
  • Linode
    • DNS Support
    • Block device backup support