Summary

Rumal Docker

A working version of rumal_docker can now be easily installed to test the platform. This only requires you to have Docker installed on your system. Documentation on installing Rumal Docker can be found here.

Docker Python API to Replace Subprocces

Subproccess popen module that was originally used for launching docker scans is currently the most viable option. Docker-py has limitations in controlling docker containers as certain options cannot be used such as –rm.

It is not officially supported by docker and lacks clear and up to date documentations. Error messages can sometimes be very vague. More information about docker-py’s limitation can be found this link.

RabbitMQ Communication System

The previous REST API has been replaced with RabbitMQ queue messaging system using the pika python library. This communication system has been developed to handle the issues with distributed multiple backend/frontends, and specifically these problems:

  • Is it possible to have multiple consumers (backends) and a single frontend?
  • Is it possible to choose what backend you want to use?
  • Would it be possible to have multiple publishers (frontends) as well?

When running a new scan you can now select which backend you want to run the scan on, which will send this scan via a private queue to the backend you specified. If you have no preference on which backend to runs the scan you can select ANY option which will place it on a public queue and to be picked up by the 1st available backend.

A list of backends and the location of the public ANY queue is specified on the frontend backend.conf file.

You can find more information on the communication architecture used including diagrams and explanations in our Rumal documentation.

Rumal Social

A couple of elements have been integrated for proving the social network in Rumal. This is where Rumal becomes a really powerful tool.

Thug’s analysis may be complex to understand and the elements that we provide can be used to show the most important information out of a scan without the effort of going deep within Thugs output.

You can create groups and share scans within them, keep scans to yourself or release the scan publicly so anyone can contribute.

The collaborative tools built during this year’s GSoC are:

  • Functional public, private and group scans
  • Creating and managing groups
  • Commenting on analysis tree nodes
  • Creating tags for scans.

Documentation

To support Rumal’s development, a GitHub page was created for reference on Rumals architecture, installation and use. This documentation can be found on this link.