GitHub

Community

SpecterOps

Home

GraphQL API

Support

Learn More

Get the Code

Examples of automating tasks and integrating external tools with Ghostwriter via the GraphQL API

Overview

GraphQL Usage Examples

Introducing the SpecterOps project management and reporting platform

Welcome to Ghostwriter

Quickstart

Updating Ghostwriter

How to use Ghostwriter CLI to monitor and manage your Ghostwriter installation

Managing the Server with Ghostwriter CLI

Managing cookie age and logon session expirations

Managing Logon Sessions

Creating and Managing Backups

Configuring global variables for Ghostwriter and report generation

Introduction to Command Center

Configuring your company's information for reporting

Personalizing Company Information

Configuring Global Report Options

Enabling Slack WebHooks for notifications

Configuring Slack

Configuring VirusTotal

Configuring Namecheap

Configuring Cloud Services

Configuring Extra Fields

Everything that manages how users authenticate, what they can access, and how their web sessions work

Access, Authentication, & Session Controls

Authentication and account creation via an external SSO provider

Single Sign-On

Two-Factor Authentication

Role-Based Access Controls

Session Management

Client Dashboard

Managing finding templates with the Finding Library

Populating the Findings Library

Template Values for Findings

Observations Library

Infrastructure Management

Creating a New Operation Log

Interacting with the Operation Log Table

Configuring the API endpoint for automatic activity logging

Setting up Automated Logging

Exporting and importing activity log data

Exporting / Importing Operation Logs

Reporting

Templating and Rich Text Fields

Examples of simple and advanced Jinja2 code for reporting

Jinja2 Tips & Tricks

Configuring and scheduling background tasks

Configuring tasks to run repeatedly on a schedule

Scheduling Tasks

Prebuilt Tasks

Authentication

Description and explanation of common API actions

Common API Actions

How to enable and use the Hasura Console to access the GraphQL API

Using the Hasura Console

How to monitor the health of Ghostwriter services

Health Monitoring

Reporting a Problem

Reporting a Security Issue

Understanding the basic workflow of Ghostwriter

The Workflow

Finding Edit & Review Workflow

Coding style guide for the Ghostwriter code base

Form Layouts & Design

Formset Layout & Design

The Ghostwriter project's custom additions to django-crispy-forms

Custom Layout Objects

A look at the thought process behind Ghostwriter's development

Behind the Scenes

Modifying and then deploying code changes

Making changes to the environment variables inside the containers

Modifying Environment Variables

Testing Code

How to go about contributing code to the project

Contributing to the Project

Step-by-step instructions for preparing a release or PR

Pre-Release Checklist

UML diagrams for Ghostwriter database models

Database Models

API Models

The client and project management application, Rolodex, and related models track everything related to a client and their projects.

Client & Project Models

The CommandCenter application contains models based on a custom singleton model class. The models manage global configurations and only allow one entry per model.

Features