Getting Started with Command Center

This page will help you get started with Command Center. You'll be up and running in a jiffy!

Suggest Edits

Welcome to the Command Center docs page; we are thrilled that you have decided to use Command Center as your trusted Attack surface management and vulnerability management tool. Command Center was originally designed to help penetration testers produce consistent and repeatable processes for continuous penetration testing engagements and to have a central place to share real-time findings with clients and dynamically aid in report writing.

Since its inception, Command Center has grown in features to include the following:

  • Cyber Attack Surface Management

    • Cloud Environments integrations

      • AWS

      • Azure

    • On-Premises Environments integrations

      • Cisco IOS

      • Cisco ASAOS

      • Palo Alto Networks

      • VMware vCenter

    • EDR Integrations

      • SentinelOne

      • Carbon Black

      • CrowdStrike

  • DevSecOps

    • GitHub

    • GitLab

    • BitBucket

  • OSINT

    • AT&T Open Threat Exchange (OTX)

    • Shodan

    • SpyCloud dark web data lake

The architecture is a Client-Server model. The client, CCScanner, is available on GitHub as an open-source project. CCScanner is written in the go programming language. CCScanner communicates with Command Center every 30 seconds to receive tasks. CCScanner uses many of the same tools that a penetration tester would use; most of these tools are containerized.

Docker images used in CCScanner:

package docker

const OwaspZapImage = "docker.io/owasp/zap2docker-stable"
const KaliLinuxImage = "docker.io/trolleye/kali-linux:latest"
const DnsReconImage = "docker.io/trolleye/dnsrecon:latest"
const NetReconImage = "docker.io/trolleye/netrecon:latest"
const SnykCliImage = "docker.io/trolleye/snyk-cli:latest"

CCscanner tasks include:

  • Provision/de-provision scanner users.

    • Based on the user role of penetration tester and if the penetration tester has added their SSH public key to their user profile, the user will be provisioned.

    • If the user is removed from Command Center, their user account also will be removed from the scanners.

  • Enable or Disable the OpenVPN connection.

    • In Command Center, you can upload an OpenVPN (.ovpn) file to the scanner and toggle the VPN on/off to allow the penetration tester to connect to scanners behind a client firewall.

  • Run penetration testing tasks.

    • Infrastructure discovery

      • For performing On-Premises Environments integrations

    • SAST

    • DAST

    • Obtaining screenshots from web applications

    • URL Inspections

    • DNS analysis

    • OSINT

      • Shodan

      • OTX

    • Nmap Host Discovery / Port Scans/ NSE Scans

    • GVM vulnerability scans

Updated 6 months ago