Rengine 2.0 has finally arrived

After some waiting, Rengine 2.0 is here and it comes with many changes:

New additions overview:

  • Projects: Projects help you better organize your efforts to explore and understand web applications.
  • Roles and Permissions: You can assign different jobs to your team members.
  • GPT-powered Report Generation: Thanks to OpenAI’s GPT technology, reNgine now creates detailed reports with information about vulnerabilities, how to fix them, and how they might impact your system.
  • API Vault: This feature lets you manage your API keys, like those for OpenAI or Netlas.
  • GPT-powered Attack Surface Generation: reNgine now uses GPT to help identify all the places where your system might be vulnerable.
  • Better URL Gathering: The process of collecting website addresses is now more efficient. It removes duplicates by looking at similar website responses, like having the same length or title.
  • Filtering URLs: You can now filter website addresses when you start scanning.
  • More Targets: In reNgine 2.0, you can use IP addresses, URLs, and more as targets.
  • Grouping Results: You can group similar subdomains based on their page titles and status. You can also group vulnerabilities based on their titles and how serious they are.
  • Improved OSINT Dork Results: It now finds things like admin pages, logins, and dashboards.
  • Better User Interface: When you click on a vulnerability, it opens a side panel with more details.
  • Added HTTP Request and Response: You can now see the HTTP request and response when looking at vulnerabilities.
  • User Management: You can now manage your users in reNgine.
  • New tools added:
    • Dalfox for XSS Vulnerability Scan
    • CRLFuzz for CRLF Vulnerability Scan
    • S3Scanner for scanning misconfigured S3 buckets
    • Custom Dorks
    • Katana for crawling and spidering URLs
    • Netlas for Whois and subdomain gathering
    • TLSX for subdomain gathering
    • CTFR for subdomain gathering
    • Support for Nmap: reNgine 2.0 allows running Nmap scripts and vuln scans on ports found by Naabu.

Install

$ git clone https://github.com/yogeshojha/rengine.git
$ edit .env
(Remember to change the Postgres password)

$ sudo ./install.sh

The first clean installation try gave these issues.

You have 148 unapplied migration(s). Your project may not work properly until you apply the migrations for app(s): admin, auth, contenttypes, dashboard, django_celery_b  
eat, recon_note, scanEngine, sessions, startScan, targetApp.  
Run 'python manage.py migrate' to apply them.  
Traceback (most recent call last):  
 File "/usr/local/lib/python3.10/dist-packages/django/db/backends/utils.py", line 84, in _execute  
   return self.cursor.execute(sql, params)  
psycopg2.errors.UndefinedTable: relation "auth_user" does not exist  
LINE 1: ...user"."is_active", "auth_user"."date_joined" FROM "auth_user...  
                                                            ^  
The above exception was the direct cause of the following exception:  
  
Traceback (most recent call last):  
 File "/usr/src/app/manage.py", line 26, in <module>  
   main()  
 File "/usr/src/app/manage.py", line 22, in main  
   execute_from_command_line(sys.argv)  
 File "/usr/local/lib/python3.10/dist-packages/django/core/management/__init__.py", line 419, in execute_from_command_line  
   utility.execute()  
...
 File "/usr/local/lib/python3.10/dist-packages/django/db/backends/utils.py", line 66, in execute  
   return self._execute_with_wrappers(sql, params, many=False, executor=self._execute)  
 File "/usr/local/lib/python3.10/dist-packages/django/db/backends/utils.py", line 75, in _execute_with_wrappers  
   return executor(sql, params, many, context)  
 File "/usr/local/lib/python3.10/dist-packages/django/db/backends/utils.py", line 79, in _execute  
   with self.db.wrap_database_errors:  
 File "/usr/local/lib/python3.10/dist-packages/django/db/utils.py", line 90, in __exit__  
   raise dj_exc_value.with_traceback(traceback) from exc_value  
 File "/usr/local/lib/python3.10/dist-packages/django/db/backends/utils.py", line 84, in _execute  
   return self.cursor.execute(sql, params)  
django.db.utils.ProgrammingError: relation "auth_user" does not exist  
LINE 1: ...user"."is_active", "auth_user"."date_joined" FROM "auth_user...  
                                                            ^  
make: *** [Makefile:28: username] Error 1

Then tried the same migration fix I needed for the old reNgine version.

$ docker-compose -f docker-compose.yml exec web python3 manage.py migrate

          _   _       _  
         | \ | |     (_)  
 _ __ ___|  \| | __ _ _ _ __   ___  
| '__/ _ \ . ` |/ _` | | '_ \ / _ \  
| | |  __/ |\  | (_| | | | | |  __/  
|_|  \___|_| \_|\__, |_|_| |_|\___| v2.0.0-jasper  
                 __/ |  
                |___/  
  
pikepdf._core | pikepdf C++ to Python logger bridge initialized  
System check identified some issues:  
  
WARNINGS:  
startScan.EndPoint.techs: (fields.W340) null has no effect on ManyToManyField.  
Operations to perform:  
 Apply all migrations: admin, auth, contenttypes, dashboard, django_celery_beat, recon_note, scanEngine, sessions, startScan, targetApp  
Running migrations:  
 Applying contenttypes.0001_initial... OK  
 Applying auth.0001_initial... OK  
 Applying admin.0001_initial... OK  
 Applying admin.0002_logentry_remove_auto_add... OK  
 Applying admin.0003_logentry_add_action_flag_choices... OK  
 Applying contenttypes.0002_remove_content_type_name... OK  
 Applying auth.0002_alter_permission_name_max_length... OK  
 Applying auth.0003_alter_user_email_max_length... OK  
 Applying auth.0004_alter_user_username_opts... OK  
 Applying auth.0005_alter_user_last_login_null... OK  
 Applying auth.0006_require_contenttypes_0002... OK  
 Applying auth.0007_alter_validators_add_error_messages... OK  
 Applying auth.0008_alter_user_username_max_length... OK  
 Applying auth.0009_alter_user_last_name_max_length... OK  
 Applying auth.0010_alter_group_name_max_length... OK  
 Applying auth.0011_update_proxy_permissions... OK  
 Applying auth.0012_alter_user_first_name_max_length... OK  
 Applying dashboard.0001_initial... OK  
 Applying dashboard.0002_rename_name_searchhistory_query... OK  
 Applying dashboard.0003_projects... OK  
 Applying dashboard.0004_rename_projects_project... OK  
 Applying dashboard.0005_alter_project_slug... OK  
 Applying dashboard.0006_project_insert_date.../usr/local/lib/python3.10/dist-packages/django/db/models/fields/__init__.py:1416: RuntimeWarning: DateTimeField Project.  
insert_date received a naive datetime (2023-06-06 00:00:00) while time zone support is active.  
 warnings.warn("DateTimeField %s received a naive datetime (%s)"  
OK  
 Applying dashboard.0007_openaikeys... OK  
 Applying dashboard.0007_netlasapikey_openaiapikey... OK  
 Applying dashboard.0008_merge_0007_netlasapikey_openaiapikey_0007_openaikeys... OK  
 Applying dashboard.0009_delete_openaikeys... OK  
 Applying django_celery_beat.0001_initial... OK  
 Applying django_celery_beat.0002_auto_20161118_0346... OK  
 Applying django_celery_beat.0003_auto_20161209_0049... OK  
 Applying django_celery_beat.0004_auto_20170221_0000... OK  
 Applying django_celery_beat.0005_add_solarschedule_events_choices... OK  
 Applying django_celery_beat.0006_auto_20180322_0932... OK  
 Applying django_celery_beat.0007_auto_20180521_0826... OK  
 Applying django_celery_beat.0008_auto_20180914_1922... OK  
 Applying django_celery_beat.0006_auto_20180210_1226... OK  
 Applying django_celery_beat.0006_periodictask_priority... OK  
 Applying django_celery_beat.0009_periodictask_headers... OK  
 Applying django_celery_beat.0010_auto_20190429_0326... OK  
 Applying django_celery_beat.0011_auto_20190508_0153... OK  
 Applying django_celery_beat.0012_periodictask_expire_seconds... OK  
 Applying django_celery_beat.0013_auto_20200609_0727... OK  
 Applying django_celery_beat.0014_remove_clockedschedule_enabled... OK  
 Applying django_celery_beat.0015_edit_solarschedule_events_choices... OK  
 Applying targetApp.0001_initial... OK  
 Applying scanEngine.0001_initial... OK  
 Applying startScan.0001_initial... OK  
 Applying recon_note.0001_initial... OK  
 Applying recon_note.0002_todonote_project... OK  
 Applying scanEngine.0002_auto_20220526_1457... OK  
 Applying scanEngine.0003_enginetype_waf_detection... OK  
 Applying scanEngine.0004_auto_20220816_0946... OK  
 Applying scanEngine.0005_notification_send_scan_tracebacks... OK  
 Applying sessions.0001_initial... OK  
 ...
 Applying targetApp.0002_auto_20220406_0216... OK  
 Applying targetApp.0003_auto_20220406_0243... OK  
 Applying targetApp.0004_auto_20220406_0306... OK  
 Applying targetApp.0005_rename_assocation_by_associateddomain_association_by... OK  
 Applying targetApp.0006_remove_associateddomain_association_by... OK  
...
 Applying targetApp.0030_domaininfo_geolocation_iso... OK  
 Applying targetApp.0031_auto_20230412_0549... OK  
 Applying targetApp.0032_domaininfo_whois_server... OK  
 Applying targetApp.0033_alter_nameserver_name... OK  
 Applying targetApp.0034_auto_20230412_2017... OK  
 Applying targetApp.0035_auto_20230412_2034... OK  
 Applying targetApp.0036_auto_20230414_1418... OK  
 Applying targetApp.0037_auto_20230416_0216... OK  
 Applying targetApp.0038_rename_associateddomain_relateddomain... OK  
 Applying targetApp.0039_domain_project... OK  
 Applying targetApp.0040_alter_domain_request_headers... OK  
 Applying targetApp.0041_organization_project... OK

After that, a second installation attempt everything was fine.

After login, you are redirected to a nice new window asking for initial configurations.

Happy recon!