### Dockerfile Plugin Example Source: https://github.com/syslifters/sysreptor/blob/main/docs/docs/setup/plugins.md Example Dockerfile setup for extending the SysReptor image with custom plugins. ```dockerfile ARG SYSREPTOR_VERSION="latest" # Optional build stage for frontend assets FROM node:24-alpine3.22 AS plugin-builder ``` -------------------------------- ### Install reptor from source Source: https://github.com/syslifters/sysreptor/blob/main/docs/docs/python-library/index.md Clone the repository and install the package locally using pip. ```bash git clone https://github.com/Syslifters/reptor.git cd reptor pip3 install . ``` -------------------------------- ### Install Docker Source: https://github.com/syslifters/sysreptor/blob/main/docs/docs/setup/installation.md Standard installation command for Docker. ```shell curl -fsSL https://get.docker.com | sudo bash ``` -------------------------------- ### Install and Start Cron Service Source: https://github.com/syslifters/sysreptor/blob/main/docs/docs/setup/updates.md Install the cron service if it's not already present and ensure it is running. This is a prerequisite for scheduling automatic updates. ```shell sudo apt update sudo apt install -y cron sudo systemctl start cron ``` -------------------------------- ### Install reptor from PyPi Source: https://github.com/syslifters/sysreptor/blob/main/docs/docs/python-library/index.md Use pip to install the library from the Python Package Index. ```bash pip3 install reptor ``` -------------------------------- ### Initialize Environment Configuration Source: https://github.com/syslifters/sysreptor/blob/main/docs/docs/setup/installation.md Prepares the app.env file from the provided example. ```shell cd sysreptor/deploy cp app.env.example app.env ``` -------------------------------- ### Run Automated Installation Script Source: https://github.com/syslifters/sysreptor/blob/main/docs/docs/setup/installation.md Executes the SysReptor installation script directly from the documentation source. ```shell bash <(curl -s https://docs.sysreptor.com/install.sh) ``` -------------------------------- ### Install SysReptor Prerequisites and Docker Source: https://context7.com/syslifters/sysreptor/llms.txt Installs necessary system packages and Docker for self-hosted SysReptor deployments. ```bash sudo apt update sudo apt install -y sed curl openssl uuid-runtime coreutils curl -fsSL https://get.docker.com | sudo bash sudo groupadd docker 2>/dev/null sudo usermod -aG docker $USER newgrp - bash <(curl -s https://docs.sysreptor.com/install.sh) # Access SysReptor at http://127.0.0.1:8000/ ``` -------------------------------- ### Install System Dependencies Source: https://github.com/syslifters/sysreptor/blob/main/docs/docs/setup/installation.md Required packages for the SysReptor installation script. ```shell sudo apt update sudo apt install -y sed curl openssl uuid-runtime coreutils ``` -------------------------------- ### Install Nginx Source: https://github.com/syslifters/sysreptor/blob/main/docs/docs/setup/webserver-nginx.md Installs the Nginx web server on Debian-based systems. Ensure your package list is up-to-date before installation. ```shell sudo apt-get update sudo apt-get install -y nginx ``` -------------------------------- ### Manage backup keys Source: https://github.com/syslifters/sysreptor/blob/main/docs/docs/setup/configuration.md Commands and examples for generating or setting a secure backup key. ```shell printf "BACKUP_KEY=$(openssl rand -base64 25 | tr -d '\n=')\n" ``` ```shell BACKUP_KEY="WfyqYzRVZAOFbCtltYEFN36XBzRz6Ys6ZA" ``` -------------------------------- ### Setup Caddy Webserver with Docker Source: https://github.com/syslifters/sysreptor/blob/main/docs/docs/setup/webserver.md Run this script to set up an additional Docker container with Caddy as a webserver. Ensure you are in the correct directory. ```bash bash deploy/caddy/setup.sh ``` -------------------------------- ### Build Frontend Assets for SysReptor Plugin Source: https://github.com/syslifters/sysreptor/blob/main/docs/docs/setup/plugins.md Commands to install dependencies and generate static assets for a plugin frontend. ```bash cd demoplugin/frontend # Install JS dependencies npm install # Build the frontend assets npm run generate ``` -------------------------------- ### Template Field Mapping Example Source: https://github.com/syslifters/sysreptor/blob/main/plugins/scanimport/README.md This Python example demonstrates how to map imported data to SysReptor fields using template variables and control structures. It shows how to set standard fields, custom fields, and utilize tool-specific variables within a template. ```python # In your template's data: { "tags": ["scanimport:nessus:12345"], # Template selector tag for mapping "title": "Custom finding title or ", "cvss": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "severity": "critical", "summary": "", "description": """ Provide your own finding description here or include (parts of) the imported description via variables. Plugin outputs: ``` ``` """, "recommendation": """ To fix the issue, Nessus recommends: """ } ``` -------------------------------- ### Initialize SysReptor Python Client Source: https://context7.com/syslifters/sysreptor/llms.txt Instantiate the Reptor client by providing the server URL and API token. Ensure the 'reptor' library is installed via pip. ```python # Install: pip install reptor from reptor import Reptor # Initialize client reptor = Reptor( server="https://sysreptor.example.com", api_token="sysreptor_..." ) ``` -------------------------------- ### Create backup via CLI Source: https://github.com/syslifters/sysreptor/blob/main/docs/docs/setup/backups.md Execute this command to create a backup archive containing a database export and all uploaded files. Ensure you have Docker Compose installed and running. ```bash docker compose run --rm app python3 manage.py backup > backup.zip ``` -------------------------------- ### GET /api/v1/projecttypes/ Source: https://context7.com/syslifters/sysreptor/llms.txt List all available project types or designs. ```APIDOC ## GET /api/v1/projecttypes/ ### Description Retrieves a list of all project types (designs) available in the system. ### Method GET ### Endpoint /api/v1/projecttypes/ ``` -------------------------------- ### Launch SysReptor Source: https://github.com/syslifters/sysreptor/blob/main/docs/docs/setup/downgrades.md Starts the SysReptor containers in detached mode. ```bash docker compose up -d ``` -------------------------------- ### Python Plugin Import Example Source: https://github.com/syslifters/sysreptor/blob/main/docs/docs/setup/plugins.md Demonstrates the preferred method of using relative imports for modules within your own plugin, as opposed to absolute imports from the SysReptor core. ```python # Prefer relative imports from .models import DemoPluginModel # over absolute imports from sysreptor_plugins.demoplugin.models import DemoPluginModel ``` -------------------------------- ### Get Application Settings Source: https://context7.com/syslifters/sysreptor/llms.txt Retrieves the current application settings. Requires an API token for authentication. ```bash curl -X GET http://localhost:8000/api/public/utils/settings/ \ -H "Authorization: Bearer " ``` -------------------------------- ### Webhook Event Trigger Example Source: https://github.com/syslifters/sysreptor/blob/main/plugins/webhooks/README.md Configure specific events to trigger webhooks, including filtering for field updates. ```shell finding_updated:status ``` ```shell section_updated:data.custom_field_id ``` -------------------------------- ### Build Custom SysReptor Docker Image with Plugins Source: https://github.com/syslifters/sysreptor/blob/main/docs/docs/setup/plugins.md This Dockerfile snippet shows how to copy custom plugins and install their dependencies before extending the base SysReptor image. ```dockerfile COPY custom_plugins /custom_plugins RUN cd /custom_plugins/myplugin1/frontend && npm install && npm run generate # Extend the SysReptor image with custom plugins FROM syslifters/sysreptor:${SYSREPTOR_VERSION} # Optional: install additional dependencies # RUN pip install ... ENV PLUGIN_DIRS=${PLUGIN_DIRS},/custom_plugins COPY --from=plugin-builder /custom_plugins /custom_plugins ``` -------------------------------- ### Begin Backup Codes Registration Source: https://context7.com/syslifters/sysreptor/llms.txt Starts the process of generating backup codes for MFA. These codes can be used as an alternative login method. ```bash curl -X POST http://localhost:8000/api/v1/pentestusers/self/mfa/register/backup/begin/ \ -H "Authorization: Bearer " \ -H "Content-Type: application/json" \ -d '{"name": "Backup Codes"}' ``` -------------------------------- ### Render Table of Contents with Styling Source: https://github.com/syslifters/sysreptor/blob/main/docs/docs/designer/headings-and-table-of-contents.md This example demonstrates how to render a table of contents using the `` component. It includes heading titles, leaders, page numbers, and links. Ensure the CSS is applied to style the TOC elements. ```html

Table of Contents

``` ```css #toc li { list-style: none; margin: 0; padding: 0; } #toc .ref::before { padding-right: 0.5em; } #toc .ref::after { content: " " leader(".") " " target-counter(attr(href), page); } #toc .toc-level1 { font-size: 1.5rem; font-weight: bold; margin-top: 0.8rem; } #toc .toc-level2 { font-size: 1.2rem; font-weight: bold; margin-top: 0.5rem; margin-left: 2rem; } #toc .toc-level3 { font-size: 1rem; margin-top: 0.4rem; margin-left: 4rem; } #toc .toc-level4 { font-size: 1rem; margin-top: 0; margin-left: 6rem; } ``` -------------------------------- ### Initialize Reptor Client Source: https://github.com/syslifters/sysreptor/blob/main/docs/docs/python-library/tutorial/part-1/projects.md Initialize the Reptor client with server and token. Ensure REPTOR_SERVER and REPTOR_TOKEN environment variables are set. ```python import os from reptor import Reptor reptor = Reptor( server=os.environ.get("REPTOR_SERVER"), token=os.environ.get("REPTOR_TOKEN"), ) ``` -------------------------------- ### Create Superuser Source: https://github.com/syslifters/sysreptor/blob/main/docs/docs/setup/installation.md Initializes the administrative account for the application. ```shell username=reptor docker compose exec app python3 manage.py createsuperuser --username "$username" ``` -------------------------------- ### Create Backup Source: https://context7.com/syslifters/sysreptor/llms.txt Initiates a system backup. This endpoint is for administrators only and requires a Professional license. The output is saved to 'backup.zip'. ```bash curl -X POST http://localhost:8000/api/v1/utils/backup/ \ -H "Authorization: Bearer " \ -H "Content-Type: application/json" \ -d '{}' \ --output backup.zip ``` -------------------------------- ### GET /api/v1/pentestprojects//sections/ Source: https://context7.com/syslifters/sysreptor/llms.txt List or retrieve report sections within a project. ```APIDOC ## GET /api/v1/pentestprojects//sections/ ### Description Lists all report sections associated with a specific project. ### Method GET ### Endpoint /api/v1/pentestprojects//sections/ ### Parameters #### Path Parameters - **project-uuid** (string) - Required - The unique identifier of the project. ``` -------------------------------- ### Customize Project Number Format Source: https://github.com/syslifters/sysreptor/blob/main/plugins/projectnumber/README.md Examples of Django template strings for formatting project numbers. ```django {% now 'Y' %}-{{project_number|stringformat:'04d'}} ``` ```django P{% now 'y' %}-{{project_number|stringformat:'04d'}} ``` ```django {% now 'Y' %}-{% now 'm' %}-{% now 'd' %}-{{project_number}}-A ``` ```django {{project_number}}{% random_number 10 77|stringformat:'02d' %} ``` -------------------------------- ### Create Project Note Source: https://context7.com/syslifters/sysreptor/llms.txt Create a new note for a pentest project. Notes can include markdown-formatted text and can be hierarchical. Specify 'parent' for child notes. ```bash curl -X POST http://localhost:8000/api/v1/pentestprojects//notes/ \ -H "Authorization: Bearer " \ -H "Content-Type: application/json" \ -d '{ "title": "Recon Notes", "text": "## Target Information\n\n- IP: 192.168.1.1\n- Services: HTTP, SSH", "parent": null, "checked": false }' ``` -------------------------------- ### Navigate to backup directory Source: https://github.com/syslifters/sysreptor/blob/main/docs/docs/setup/downgrades.md Change the working directory to the deployment folder of the previous version's backup. ```bash cd sysreptor-backup-/deploy ``` -------------------------------- ### Get License Info Source: https://context7.com/syslifters/sysreptor/llms.txt Retrieves information about the current Sysreptor license. Requires an API token. ```bash curl -X GET http://localhost:8000/api/v1/utils/license/ \ -H "Authorization: Bearer " ``` -------------------------------- ### Configure Professional License Source: https://github.com/syslifters/sysreptor/blob/main/docs/docs/setup/installation.md Placeholder for adding a professional license key to the environment file. ```shell LICENSE="" ``` -------------------------------- ### Initialize Reptor for Specific Project Source: https://github.com/syslifters/sysreptor/blob/main/docs/docs/python-library/tutorial/part-1/projects.md Initialize the Reptor client for a specific project by providing the project ID during initialization or by calling `init_project`. ```python reptor = Reptor( server=os.environ.get("REPTOR_SERVER"), token=os.environ.get("REPTOR_TOKEN"), project_id="41c09e60-44f1-453b-98f3-3f1875fe90fe", ) ``` -------------------------------- ### Get CWE Definitions Source: https://context7.com/syslifters/sysreptor/llms.txt Fetches definitions for Common Weakness Enumeration (CWE) items. Requires an API token. ```bash curl -X GET http://localhost:8000/api/v1/utils/cwes/ \ -H "Authorization: Bearer " ``` -------------------------------- ### Import Demo Data Source: https://github.com/syslifters/sysreptor/blob/main/docs/docs/setup/installation.md Imports projects, designs, and templates into the SysReptor instance. ```shell # Projects url="https://docs.sysreptor.com/assets/demo-projects.tar.gz" curl -s "$url" | docker compose exec --no-TTY app python3 manage.py importdemodata --type=project --add-member="$username" # Designs url="https://docs.sysreptor.com/assets/demo-designs.tar.gz" curl -s "$url" | docker compose exec --no-TTY app python3 manage.py importdemodata --type=design # Finding templates url="https://docs.sysreptor.com/assets/demo-templates.tar.gz" curl -s "$url" | docker compose exec --no-TTY app python3 manage.py importdemodata --type=template ``` -------------------------------- ### Get User Personal Notes Source: https://context7.com/syslifters/sysreptor/llms.txt Retrieve all personal notes for the currently authenticated user. Requires an API token. ```bash curl -X GET http://localhost:8000/api/v1/pentestusers/self/notes/ \ -H "Authorization: Bearer " ``` -------------------------------- ### Frontend plugin entrypoint Source: https://github.com/syslifters/sysreptor/blob/main/docs/docs/setup/plugins.md Use plugin.js to register menu entries and pages in the SysReptor web UI. ```javascript --8<-- "../plugins/demoplugin/frontend/public/plugin.js" ``` -------------------------------- ### Configure FIDO2/WebAuthn Source: https://github.com/syslifters/sysreptor/blob/main/docs/docs/setup/configuration.md Define the hostname (WebAuthn Relying Party ID) for your installation if you plan to use FIDO2/WebAuthn for multi-factor authentication. ```shell MFA_FIDO2_RP_ID="sysreptor.example.com" ``` -------------------------------- ### Run SysReptor Update Script with Backup (Pro Only) Source: https://github.com/syslifters/sysreptor/blob/main/docs/docs/setup/updates.md Use the --backup switch with the update script to create a SysReptor backup before updating. The update will fail if the backup process fails. Monitor disk space for backup storage. ```shell bash sysreptor/update.sh --backup ``` -------------------------------- ### Check Project Archive Status with cURL Source: https://context7.com/syslifters/sysreptor/llms.txt Verify if a specific project can be archived by sending a GET request to the archive-check endpoint. ```bash curl -X GET http://localhost:8000/api/v1/pentestprojects//archive-check/ \ -H "Authorization: Bearer " ``` -------------------------------- ### Get available sections and report fields Source: https://github.com/syslifters/sysreptor/blob/main/docs/docs/python-library/tutorial/part-2/findings.md Inspects the project structure to identify available sections and their associated report fields. ```python my_project.sections # Out: #[Section(id="executive_summary"), # Section(id="scope"), # Section(id="customer"), # Section(id="other"), # Section(id="appendix")] my_project.sections[1].fields # Out: #['scope', 'start_date', 'end_date', 'duration', 'provided_users'] ``` -------------------------------- ### Define Custom Statuses Source: https://github.com/syslifters/sysreptor/blob/main/docs/docs/setup/configuration.md Configure custom statuses for findings and sections. This example shows how to define 'ready-for-review' and 'needs-improvement' statuses with icons. ```json [ {"id": "ready-for-review", "label": "Ready for review", "icon": "mdi-check"}, {"id": "needs-improvement", "label": "Needs improvement", "icon": "mdi-exclamation-thick"}, ] ``` -------------------------------- ### License Key Configuration Source: https://context7.com/syslifters/sysreptor/llms.txt Set the license key in app.env to enable professional features in SysReptor. ```bash # License key (Professional features) LICENSE="your-license-key" ``` -------------------------------- ### SQL Injection Example Source: https://github.com/syslifters/sysreptor/blob/main/docs/docs/d/web/sql-injection.md Demonstrates how malicious user input can alter the intended SQL query, leading to unintended data retrieval. ```sql sqlStmnt = 'SELECT * FROM Users WHERE UserId = ' or 1=1; ``` -------------------------------- ### Enable Render Findings Plugin Source: https://github.com/syslifters/sysreptor/blob/main/plugins/renderfindings/README.md Set the environment variable to activate the plugin. ```bash ENABLED_PLUGINS="renderfindings" ``` -------------------------------- ### Get Specific Project using Reptor Python Library Source: https://context7.com/syslifters/sysreptor/llms.txt Retrieve details for a single project by its UUID using the reptor.api.projects.get() method. ```python # Get specific project project = reptor.api.projects.get("project-uuid") ``` -------------------------------- ### Configure OpenAI-compatible LLM providers Source: https://github.com/syslifters/sysreptor/blob/main/docs/docs/setup/configuration.md Use the deepseek provider to connect to OpenAI-compatible APIs, enabling reasoning output display. ```bash AI_AGENT_MODEL="deepseek:gpt-oss-120b" DEEPSEEK_API_KEY="..." DEEPSEEK_API_BASE="https://llm.example.com:4000/" ``` -------------------------------- ### List Projects using Reptor Python Library Source: https://context7.com/syslifters/sysreptor/llms.txt Iterate through and print the ID and name of all projects fetched using the Reptor client's projects.list() method. ```python # List projects projects = reptor.api.projects.list() for project in projects: print(f"{project.id}: {project.name}") ``` -------------------------------- ### Get Current User Info Source: https://context7.com/syslifters/sysreptor/llms.txt Retrieve information about the currently authenticated user. This endpoint is useful for verifying authentication and user details. ```bash curl -X GET http://localhost:8000/api/v1/pentestusers/self/ \ -H "Authorization: Bearer " ``` -------------------------------- ### Get Project Image by Name Source: https://context7.com/syslifters/sysreptor/llms.txt Retrieve an uploaded image from a project using its name. The image can then be used in markdown or saved to a file. ```bash curl -X GET "http://localhost:8000/api/v1/pentestprojects//images/name/login-page-screenshot.png" \ -H "Authorization: Bearer " \ --output image.png ``` -------------------------------- ### Download Note as PDF Source: https://github.com/syslifters/sysreptor/blob/main/docs/docs/python-library/tutorial/part-3/notes.md Render a note as a PDF document and save it to a file. Ensure the file is opened in binary write mode. ```python with open("note.pdf", "wb") as f: f.write( reptor.api.notes.render(id="dda820d2-57d7-4ff8-b4ac-99d102a5c8bf") ) ``` -------------------------------- ### Manage Project Types Source: https://context7.com/syslifters/sysreptor/llms.txt Endpoints for retrieving project design configurations and templates. ```bash curl -X GET http://localhost:8000/api/v1/projecttypes/ \ -H "Authorization: Bearer " ``` ```bash curl -X GET http://localhost:8000/api/v1/projecttypes// \ -H "Authorization: Bearer " ``` -------------------------------- ### Generate Self-Signed SSL Certificates Source: https://github.com/syslifters/sysreptor/blob/main/docs/docs/setup/webserver-nginx.md Installs the ssl-cert package and generates default self-signed SSL certificates. This is useful for development or testing environments. ```shell sudo apt-get update sudo apt-get install -y ssl-cert sudo make-ssl-cert generate-default-snakeoil ``` -------------------------------- ### Webhook POST Request Body Example Source: https://github.com/syslifters/sysreptor/blob/main/plugins/webhooks/README.md The JSON payload sent with each webhook request includes the event type and the relevant project ID. ```json { "event": "project_finished", "project_id": "11223344-5566-7788-9900-aabbccddeeff" } ``` -------------------------------- ### Configure Allowed Hosts Source: https://github.com/syslifters/sysreptor/blob/main/docs/docs/setup/configuration.md Specify a comma-separated list of allowed hostnames or domain names for the SysReptor installation. This can help resolve WebSocket connection issues. ```shell ALLOWED_HOSTS="sysreptor.example.com,sysreptor.example.local" ``` -------------------------------- ### Create Docker Volumes Source: https://github.com/syslifters/sysreptor/blob/main/docs/docs/setup/installation.md Initializes persistent storage volumes for the database and application data. ```shell docker volume create sysreptor-db-data docker volume create sysreptor-app-data ``` -------------------------------- ### Enable Plugins Source: https://github.com/syslifters/sysreptor/blob/main/docs/docs/setup/configuration.md Defines a comma-separated list of plugin names or IDs to enable. Plugins are disabled by default. ```shell ENABLED_PLUGINS="cyberchef,graphqlvoyager,checkthehash" ``` -------------------------------- ### Import OffSec Designs with Docker Compose Source: https://github.com/syslifters/sysreptor/blob/main/docs/docs/offsec-reporting-with-sysreptor.md This command imports all OffSec designs into SysReptor when self-hosting. Ensure you are in the sysreptor/deploy directory and have Docker Compose installed. ```shell cd sysreptor/deploy url="https://docs.sysreptor.com/assets/offsec-designs.tar.gz" curl -s "$url" | docker compose exec --no-TTY app python3 manage.py importdemodata --type=design ``` -------------------------------- ### Define Linear Status Workflow Source: https://github.com/syslifters/sysreptor/blob/main/docs/docs/setup/configuration.md Enforce a linear status transition workflow. This example defines transitions for 'in-progress', 'ready-for-review', 'needs-improvement', and 'finished' statuses. ```json [ {"id": "in-progress", "label": "In progress", "icon": "mdi-pencil", "allowed_next_statuses": ["ready-for-review"]}, {"id": "ready-for-review", "label": "Ready for review", "icon": "mdi-check", "allowed_next_statuses": ["needs-improvement", "finished"]}, {"id": "needs-improvement", "label": "Needs improvement", "icon": "mdi-exclamation-thick", "allowed_next_statuses": ["ready-for-review"]}, {"id": "finished", "label": "Finished", "icon": "mdi-check-all", "allowed_next_statuses": ["finished"]} ] ``` -------------------------------- ### Create New User Source: https://context7.com/syslifters/sysreptor/llms.txt Creates a new user account. This endpoint requires administrator privileges and includes fields for username, email, password, and active status. ```bash curl -X POST http://localhost:8000/api/v1/pentestusers/ \ -H "Authorization: Bearer " \ -H "Content-Type: application/json" \ -d '{ "username": "newuser", "email": "newuser@example.com", "password": "secure-password", "is_active": true }' ``` -------------------------------- ### Render report and save as file Source: https://github.com/syslifters/sysreptor/blob/main/docs/docs/python-library/tutorial/part-2/findings.md Generates the project report as a PDF and writes it to the local filesystem. ```python with open("my_report.pdf", "wb") as f: f.write(reptor.api.projects.render()) ``` -------------------------------- ### Export Project using Reptor Python Library Source: https://context7.com/syslifters/sysreptor/llms.txt Export an entire project as a tar.gz archive and save it to a local file. ```python # Export project archive = reptor.api.projects.export("project-uuid") with open("project.tar.gz", "wb") as f: f.write(archive) ``` -------------------------------- ### Configure OIDC SSO authentication Source: https://github.com/syslifters/sysreptor/blob/main/docs/docs/setup/configuration.md Sets up OIDC providers including Azure, Google, and custom Keycloak configurations. ```shell OIDC_AZURE_TENANT_ID="azure-tenant-id" OIDC_AZURE_CLIENT_ID="azure-client-id" OIDC_AZURE_CLIENT_SECRET="azure-client-secret" OIDC_GOOGLE_CLIENT_ID="google-client-id" OIDC_GOOGLE_CLIENT_SECRET="google-client-secret" OIDC_AUTHLIB_OAUTH_CLIENTS='{ "keycloak": { "label": "Keycloak", "client_id": "", "client_secret": "", "server_metadata_url": "https://keycloak.example.com/auth/realms/dev/.well-known/openid-configuration", "client_kwargs": { "scope": "openid email", "code_challenge_method": "S256" }, "reauth_supported": false } }' ``` -------------------------------- ### Report Stylesheet Source: https://context7.com/syslifters/sysreptor/llms.txt CSS for styling SysReptor reports, including page setup, cover page, and finding details. Uses @page rules for print-specific styling. ```css /* Report styles (report_styles field) */ @import '/assets/global/base.css'; /* Page setup */ @page { size: A4 portrait; margin: 2.5cm 2cm; @top-center { content: "CONFIDENTIAL"; font-size: 10pt; color: #666; } @bottom-center { content: "Page " counter(page) " of " counter(pages); font-size: 10pt; } } /* Cover page styling */ #cover { page-break-after: always; text-align: center; padding-top: 30%; } #cover h1 { font-size: 32pt; color: #1a1a1a; margin-bottom: 2em; } /* Finding styling */ .finding { page-break-inside: avoid; margin-bottom: 2em; border-left: 4px solid #007bff; padding-left: 1em; } .finding-meta { width: 100%; margin: 1em 0; border-collapse: collapse; } .finding-meta td { padding: 0.5em; border: 1px solid #ddd; } .finding-meta td:first-child { font-weight: bold; width: 30%; background: #f5f5f5; } ``` -------------------------------- ### Create encrypted backup via CLI Source: https://github.com/syslifters/sysreptor/blob/main/docs/docs/setup/backups.md To create an encrypted backup, specify a 256-bit AES key as a hex string using the `--key` argument. The output file will have a .crypt extension. ```bash docker compose run --rm app python3 manage.py backup --key "" > backup.zip.crypt ``` -------------------------------- ### Fetch Specific Project Details Source: https://github.com/syslifters/sysreptor/blob/main/docs/docs/python-library/tutorial/part-1/projects.md Fetch detailed information for the currently initialized project. Access its ID, name, findings, and sections. ```python my_project = reptor.api.projects.fetch_project() my_project.id ``` ```python my_project.name ``` ```python my_project.findings ``` ```python my_project.sections ``` ```python my_project.sections[1].data.duration ``` -------------------------------- ### Enable Plugins Configuration Source: https://github.com/syslifters/sysreptor/blob/main/docs/docs/setup/plugins.md Add the ENABLED_PLUGINS variable to your app.env file to activate specific plugins. ```text ENABLED_PLUGINS=cyberchef,checkthehash ``` -------------------------------- ### Get Project Notes Source: https://github.com/syslifters/sysreptor/blob/main/docs/docs/python-library/tutorial/part-3/notes.md Retrieve all note structures for your project. This method returns a list of Note objects, each containing properties like title, ID, and parent ID. ```python notes = reptor.api.notes.get_notes() # Out: # [Note(title="Scoping", id="c90dbe1b-3ea7-4054-925d-c4c55b8d7404", parent="None"), # Note(title="Findings", id="38779b8f-a910-4191-8e0d-066f6b79cd95", parent="None") # Note(title="Web Security Checklist", id="c052da53-0b2e-401e-973d-3c1c92255b77", parent="None"), # Note(title="Session management", id="3e0cb97f-23a9-470d-a885-68cd9dbb5ada", parent="c052da53-0b2e-401e-973d-3c1c92255b77"), # ] notes[0].title # Out: 'Scoping' notes[0].text # Out: 'Those are our scoping notes.' notes[0].icon_emoji # Out: '🧐' ``` -------------------------------- ### Schedule Daily SysReptor Update with Cron Source: https://github.com/syslifters/sysreptor/blob/main/docs/docs/setup/updates.md Configure cron to run the SysReptor update script daily at midnight. Ensure the user has write permissions to the parent directory of the SysReptor installation. ```shell 0 0 * * * /bin/bash /home/yourpath/sysreptor/update.sh # Optional (pro only): --backup ``` -------------------------------- ### Manage Pentest Projects via API Source: https://context7.com/syslifters/sysreptor/llms.txt Provides endpoints for creating, listing, retrieving, updating, exporting, importing, and copying pentest projects. ```bash # List all projects curl -X GET http://localhost:8000/api/v1/pentestprojects/ \ -H "Authorization: Bearer " # Create a new project curl -X POST http://localhost:8000/api/v1/pentestprojects/ \ -H "Authorization: Bearer " \ -H "Content-Type: application/json" \ -d '{ "name": "Web Application Assessment Q1 2024", "project_type": "", "language": "en-US", "tags": ["webapp", "external"] }' # Get project details curl -X GET http://localhost:8000/api/v1/pentestprojects// \ -H "Authorization: Bearer " # Update project curl -X PATCH http://localhost:8000/api/v1/pentestprojects// \ -H "Authorization: Bearer " \ -H "Content-Type: application/json" \ -d '{"name": "Updated Project Name", "readonly": false}' # Generate PDF report curl -X POST http://localhost:8000/api/v1/pentestprojects//generate/ \ -H "Authorization: Bearer " \ -H "Content-Type: application/json" \ -d '{"password": "optional-pdf-password"}' \ --output report.pdf # Preview PDF (returns JSON with base64 PDF and messages) curl -X POST http://localhost:8000/api/v1/pentestprojects//preview/ \ -H "Authorization: Bearer " \ -H "Content-Type: application/json" \ -d '{}' # Export project as archive curl -X POST http://localhost:8000/api/v1/pentestprojects//export/ \ -H "Authorization: Bearer " \ --output project-export.tar.gz # Import project from archive curl -X POST http://localhost:8000/api/v1/pentestprojects/import/ \ -H "Authorization: Bearer " \ -F "file=@project-export.tar.gz" # Copy a project curl -X POST http://localhost:8000/api/v1/pentestprojects//copy/ \ -H "Authorization: Bearer " \ -H "Content-Type: application/json" \ -d '{"name": "Project Copy"}' ``` -------------------------------- ### Import HTB Designs and Reports Source: https://github.com/syslifters/sysreptor/blob/main/docs/docs/htb-reporting-with-sysreptor.md Use these commands to import all Hack The Box designs and reports into your self-hosted SysReptor instance. Ensure you are in the sysreptor/deploy directory and have Docker running. ```shell cd sysreptor/deploy ``` ```shell curl -s "https://docs.sysreptor.com/assets/htb-designs.tar.gz" | docker compose exec --no-TTY app python3 manage.py importdemodata --type=design ``` ```shell curl -s "https://docs.sysreptor.com/assets/htb-demo-projects.tar.gz" | docker compose exec --no-TTY app python3 manage.py importdemodata --type=project ``` -------------------------------- ### Override SysReptor Image in Docker Compose Override File Source: https://github.com/syslifters/sysreptor/blob/main/docs/docs/setup/plugins.md This example shows how to override the default SysReptor image and specify a build context for your custom Docker image within the `sysreptor.docker-compose.override.yml` file. ```yaml services: app: # Override the docker image image: !reset null build: # Note: Path is relative to sysreptor/deploy/docker-compose.yml (or an absolute path) context: ../../plugin-repository args: SYSREPTOR_VERSION: ${SYSREPTOR_VERSION:-latest} ``` -------------------------------- ### Include Items in Table of Contents Source: https://github.com/syslifters/sysreptor/blob/main/docs/docs/designer/headings-and-table-of-contents.md This example shows how to mark elements to be included in the table of contents by adding the `in-toc` class. The `numbered` class is used for headings that should have numbers. Elements without `in-toc` will not appear in the TOC. ```html

Table of Contents

Section 1

Subsection 1.1

Subsubsection 1.1.1

Section 2: Not in TOC

Appendix A

Appendix A.1

``` -------------------------------- ### Configure Plugin Environment Variables Source: https://github.com/syslifters/sysreptor/blob/main/plugins/customizetheme/README.md Set the required environment variables to enable the plugin and define the theme configuration object. ```bash ENABLED_PLUGINS="customizetheme" PLUGIN_CUSTOMIZETHEME_CONFIG='{"light": {...}, "dark": {...}, "all": {...}}' ``` -------------------------------- ### Duplicate Project and Render with Alternative Design Source: https://github.com/syslifters/sysreptor/blob/main/docs/docs/python-library/tutorial/part-2/findings.md Use the `duplicate_and_cleanup` context manager to duplicate a project, modify its design, render a PDF, and automatically clean up the duplicated project upon exiting the context. ```python design_id = "9eb56f02-c71b-4c1a-8392-06ab4d633336" with reptor.api.projects.duplicate_and_cleanup(): reptor.api.projects.update_project_design(design_id, force=True) with open("my_report.pdf", "wb") as f: f.write(reptor.api.projects.render()) ``` -------------------------------- ### Create Child Project Note Source: https://context7.com/syslifters/sysreptor/llms.txt Create a sub-note under an existing project note. This allows for organizing information hierarchically within a project. ```bash curl -X POST http://localhost:8000/api/v1/pentestprojects//notes/ \ -H "Authorization: Bearer " \ -H "Content-Type: application/json" \ -d '{ "title": "Port Scan Results", "text": "```\nnmap -sV 192.168.1.1\n```", "parent": "" }' ``` -------------------------------- ### Define and Use Helper Functions and Variables in Vue Source: https://github.com/syslifters/sysreptor/blob/main/docs/docs/designer/formatting-utils.md Helper functions and variables are defined at the start of the template using inline JavaScript expressions and can be accessed by subsequent elements. Note that this is a workaround and not an officially supported feature of the Vue template language. ```html
{{ helperFunction = function() { return report.title + ' processed by helper function'; } }} {{ calculateCustomScore = (finding) => finding.exploitability * finding.impact }} {{ helperVariable = 'Helper variable' }} {{ computedProperty = computed(() => report.title + ' processed by computed property') }} {{ tr = function (label, options = undefined) { // Define your translation table here const translations = { 'en': { example: 'Example', fallback: 'Fallback value' }, 'de': { example: 'Beispiel', }, 'fr': { example: 'exemple', }, }; // Use "en" as fallback language. Warnings are still generated when a fallback value is used. const translationFallback = translations['en']; // Get the current report language (configured in project settings) // Remove country postfix from language string e.g. "de-DE", "de-AT" and "de-CH" all use "de" translations const lang = (options?.lang || document.documentElement.getAttribute('lang'))?.split('-')?.[0]; // Check if a translation exists. If not generate a warning message. // The warning is displayed in the PDF preview and the project warning list before generating/publishing the final DF. if (!lang || !translations[lang]) { const msg = `Language "${lang}" not defined in the design's translation table` console.warn(msg, { message: 'Translation not defined', details: msg }); } else if (!(label in translations[lang])) { const msg = `Translation for "${label}" is not defined in translation table for language "${lang}"` console.warn(msg, { message: 'Translation not defined', details: msg }); } return translations[lang]?.[label] ?? translationFallback[label] ?? ''; } }}
Call helper function (without arguments): {{ helperFunction() }}
Call helper function (with arguments): {{ calculateCustomScore(report.findings[0]) }}
Use helper variable: {{ helperVariable }}
Use computed property: {{ computedProperty.value }}
Call translation function: {{ tr('example') }}
``` -------------------------------- ### Create backup via API Source: https://github.com/syslifters/sysreptor/blob/main/docs/docs/setup/backups.md Use this `curl` command to create a backup via the API. Requires authentication with a bearer token and a valid backup key in the JSON payload. The output is saved to backup.zip. ```bash curl -X POST https://sysreptor.example.com/api/v1/backup/ -d '{"key": ""}' -H 'Authorization: Bearer ' -H "Content-Type: application/json" -o backup.zip ``` -------------------------------- ### Test LLM settings Source: https://github.com/syslifters/sysreptor/blob/main/docs/docs/setup/configuration.md Run a test chat command to verify the LLM agent configuration. ```bash docker compose run --rm app python3 manage.py aichat --agent=project_ask --user= --project= ```