openhound 0.1.1__tar.gz → 0.1.3.dev2__tar.gz

{openhound-0.1.1 → openhound-0.1.3.dev2}/.github/workflows/build-and-sign-container.yml

@@ -19,10 +19,10 @@ jobs:
         include:
           - target: cli
             suffix: ""
-            publish_latest: true
+            latest_tag: "latest"
           - target: enterprise
             suffix: "-enterprise"
-            publish_latest: false
+            latest_tag: "latest-enterprise"
     env:
       DOCKER_REGISTRY: ${{ vars.DOCKER_REGISTRY }}
       DOCKER_REPOSITORY: ${{ vars.DOCKER_REPOSITORY }}
@@ -57,8 +57,8 @@ jobs:
         run: |
           TAGS="${{ steps.image-ref.outputs.version_tag }}"
 
-          if [ "${{ matrix.publish_latest }}" = "true" ]; then
-            TAGS="${TAGS}"$'\n'"${DOCKER_REGISTRY}/${DOCKER_REPOSITORY}:latest"
+          if [ -n "${{ matrix.latest_tag }}" ]; then
+            TAGS="${TAGS}"$'\n'"${DOCKER_REGISTRY}/${DOCKER_REPOSITORY}:${{ matrix.latest_tag }}"
           fi
 
           {

{openhound-0.1.1 → openhound-0.1.3.dev2}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: openhound
-Version: 0.1.1
+Version: 0.1.3.dev2
 Summary: OpenGraph collector framework for BloodHound
 License-File: LICENSE.md
 Requires-Python: >=3.13

{openhound-0.1.1 → openhound-0.1.3.dev2}/deployments/helm/openhound/README.md

@@ -26,7 +26,7 @@ helm install -f values.yml openhound-<name> ./deployments/helm/openhound
 # Example values for the JAMF collector
 image:
   repository: docker.io/specterops/openhound
-  tag: "0.1.0-enterprise"
+  tag: "latest-enterprise"
 
 # Optional environment variables.
 env:

{openhound-0.1.1 → openhound-0.1.3.dev2}/deployments/helm/values.example.yaml

@@ -1,7 +1,7 @@
 # Example values for the JAMF collector
 image:
   repository: docker.io/specterops/openhound
-  tag: "0.1.0-enterprise"
+  tag: "latest-enterprise"
 
 # Optional environment variables.
 env:

openhound-0.1.3.dev2/example-configurations/bloodhound-community/.dlt-example/config.toml

@@ -0,0 +1,16 @@
+# Example configuration: https://bloodhound.specterops.io/openhound/configuration
+[runtime]
+http_show_error_body = true
+log_cli_level = "WARNING"
+log_format = "JSON"
+log_rotate_when = "midnight"
+
+[extract]
+workers = 8
+
+[normalize]
+workers = 3
+
+[load]
+delete_completed_jobs = true
+truncate_staging_dataset = true

openhound-0.1.3.dev2/example-configurations/bloodhound-community/.dlt-example/secrets_github.toml

@@ -0,0 +1,6 @@
+# Example configuration for github secrets: https://bloodhound.specterops.io/openhound/collectors/github/collect-data#example-configuration
+[sources.source.github.credentials]
+app_id = "myappid"
+client_id = "myclientid"
+key_path = "/app/.dlt/github.pem"
+org_name = "myorgname"

openhound-0.1.3.dev2/example-configurations/bloodhound-community/.dlt-example/secrets_jamf.toml

@@ -0,0 +1,5 @@
+# Example configuration for jamf secrets: https://bloodhound.specterops.io/openhound/collectors/jamf/collect-data#example-configuration
+[sources.source.jamf]
+username = "myusername"
+host = "https://tenant.jamfcloud.com"
+password = "mypassword"

openhound-0.1.3.dev2/example-configurations/bloodhound-community/.dlt-example/secrets_okta.toml

@@ -0,0 +1,5 @@
+# Example configuration for okta secrets: https://bloodhound.specterops.io/openhound/collectors/okta/collect-data#example-configuration
+[sources.source.okta.credentials]
+base_url = "https://mytenant.oktapreview.com"
+client_id = "myclientid"
+private_key_path = "/app/.dlt/okta.json"

openhound-0.1.3.dev2/example-configurations/bloodhound-community/README.md

@@ -0,0 +1,17 @@
+## Quick-start
+
+   1. Copy `.dlt-example` to `${HOME}/.dlt`and `docker-compose.yml` to `${HOME}`.
+   2. Fill in your credentials in the toml files.
+   3. Place any required key files (github.pem, okta.json) in `${HOME}/.dlt`.
+   4. Pull image from SpecterOps Docker Hub:  `docker pull specterops/openhound:latest`
+      or run to pull from docker-compose.yml: `docker compose pull`
+   5. Run all collectors:    `docker compose up -d`
+      or run a single one:   `docker compose up -d collect-jamf preprocess-jamf convert-jamf`
+
+ Example docker-compose file for running OpenHound with Jamf, GitHub, and Okta collectors.
+ Collector output is written to local bind-mount directories under `./output/<collector>/`.
+
+## WARNING: 
+ All config and secret files referenced below MUST exist before running
+ `docker compose up`. If they are missing, Docker will create them as directories,
+ which will cause the collector to fail.

openhound-0.1.3.dev2/example-configurations/bloodhound-community/docker-compose.yml

@@ -0,0 +1,162 @@
+x-cli: &cli
+  image: specterops/openhound:latest
+  restart: no
+
+  # These environment variables can also be set inside the ~/.dlt/config.toml file
+  # and act as an example. Configuring openhound can be done using environment variables,
+  # configuration files or a combination of both.
+  environment: &env
+    LOG_LEVEL: INFO
+    EXTRACT__WORKERS: 8
+    LOG_CONTAINER: true
+
+x-jamf: &jamf
+  <<: *cli
+  volumes:
+    - ${HOME}/.dlt/config.toml:/app/.dlt/config.toml:ro
+    - ./output/jamf:/tmp/output
+  secrets:
+    - source: secrets_jamf
+      target: /app/.dlt/secrets.toml
+
+x-github: &github
+  <<: *cli
+  volumes:
+    - ${HOME}/.dlt/config.toml:/app/.dlt/config.toml:ro
+    - ./output/github:/tmp/output
+  secrets:
+    - source: secrets_github
+      target: /app/.dlt/secrets.toml
+    - source: key_github
+      target: /app/.dlt/github.pem
+
+x-okta: &okta
+  <<: *cli
+  volumes:
+    - ${HOME}/.dlt/config.toml:/app/.dlt/config.toml:ro
+    - ./output/okta:/tmp/output
+  secrets:
+    - source: secrets_okta
+      target: /app/.dlt/secrets.toml
+    - source: key_okta
+      target: /app/.dlt/okta.json
+
+services:
+  # --- Jamf ---
+  collect-jamf:
+    <<: *jamf
+    command:
+      - collect
+      - jamf
+      - /tmp/output/raw
+      - --progress=log
+
+  preprocess-jamf:
+    <<: *jamf
+    command:
+      - preprocess
+      - jamf
+      - /tmp/output/raw/jamf
+      - /tmp/output/lookup.duckdb
+      - --progress=log
+    depends_on:
+      collect-jamf:
+        condition: service_completed_successfully
+
+  convert-jamf:
+    <<: *jamf
+    command:
+      - convert
+      - jamf
+      - /tmp/output/raw/jamf
+      - /tmp/output/graph
+      - --lookup-file=/tmp/output/lookup.duckdb
+      - --progress=log
+    depends_on:
+      preprocess-jamf:
+        condition: service_completed_successfully
+
+  # --- GitHub ---
+  collect-github:
+    <<: *github
+    command:
+      - collect
+      - github
+      - /tmp/output/raw
+      - --progress=log
+
+  preprocess-github:
+    <<: *github
+    command:
+      - preprocess
+      - github
+      - /tmp/output/raw/github
+      - /tmp/output/lookup.duckdb
+      - --progress=log
+    depends_on:
+      collect-github:
+        condition: service_completed_successfully
+
+  convert-github:
+    <<: *github
+    command:
+      - convert
+      - github
+      - /tmp/output/raw/github
+      - /tmp/output/graph
+      - --lookup-file=/tmp/output/lookup.duckdb
+      - --progress=log
+    depends_on:
+      preprocess-github:
+        condition: service_completed_successfully
+
+  # --- Okta ---
+  collect-okta:
+    <<: *okta
+    command:
+      - collect
+      - okta
+      - /tmp/output/raw
+      - --progress=log
+
+  preprocess-okta:
+    <<: *okta
+    command:
+      - preprocess
+      - okta
+      - /tmp/output/raw/okta
+      - /tmp/output/lookup.duckdb
+      - --progress=log
+    depends_on:
+      collect-okta:
+        condition: service_completed_successfully
+
+  convert-okta:
+    <<: *okta
+    command:
+      - convert
+      - okta
+      - /tmp/output/raw/okta
+      - /tmp/output/graph
+      - --lookup-file=/tmp/output/lookup.duckdb
+      - --progress=log
+    depends_on:
+      preprocess-okta:
+        condition: service_completed_successfully
+
+secrets:
+  # Jamf: username + password auth
+  secrets_jamf:
+    file: ${HOME}/.dlt/secrets_jamf.toml
+
+  # GitHub: GitHub App auth (app_id, client_id, org_name) + private key PEM (github.pem)
+  secrets_github:
+    file: ${HOME}/.dlt/secrets_github.toml
+  key_github:
+    file: ${HOME}/.dlt/github.pem
+
+  # Okta: OAuth client credentials (base_url, client_id) + private key JSON (okta.json)
+  secrets_okta:
+    file: ${HOME}/.dlt/secrets_okta.toml
+  key_okta:
+    file: ${HOME}/.dlt/okta.json

openhound-0.1.3.dev2/example-configurations/bloodhound-enterprise/.dlt-example/config.toml

@@ -0,0 +1,16 @@
+# Example configuration: https://bloodhound.specterops.io/openhound/enterprise#full-configuration-example
+[runtime]
+http_show_error_body = true
+log_cli_level = "WARNING"
+log_format = "JSON"
+log_rotate_when = "midnight"
+
+[extract]
+workers = 8
+
+[normalize]
+workers = 3
+
+[load]
+delete_completed_jobs = true
+truncate_staging_dataset = true

openhound-0.1.3.dev2/example-configurations/bloodhound-enterprise/.dlt-example/secrets_github.toml

@@ -0,0 +1,12 @@
+[destination.bloodhoundenterprise]
+interval = "300"
+token_id = "client_token_id"
+token_key = "client_token_key"
+url = "bhe_url"
+
+# Example configuration for github secrets: https://bloodhound.specterops.io/openhound/collectors/github/collect-data#example-configuration
+[sources.source.github.credentials]
+app_id = "myappid"
+client_id = "myclientid"
+key_path = "/app/.dlt/github.pem"
+org_name = "myorgname"

openhound-0.1.3.dev2/example-configurations/bloodhound-enterprise/.dlt-example/secrets_jamf.toml

@@ -0,0 +1,11 @@
+[destination.bloodhoundenterprise]
+interval = "300"
+token_id = "client_token_id"
+token_key = "client_token_key"
+url = "bhe_url"
+
+# Example configuration for jamf secrets: https://bloodhound.specterops.io/openhound/collectors/jamf/collect-data#example-configuration
+[sources.source.jamf]
+username = "myusername"
+host = "https://mytenant.jamfcloud.com"
+password = "mypassword"

openhound-0.1.3.dev2/example-configurations/bloodhound-enterprise/.dlt-example/secrets_okta.toml

@@ -0,0 +1,11 @@
+[destination.bloodhoundenterprise]
+interval = "300"
+token_id = "client_token_id"
+token_key = "client_token_key"
+url = "bhe_url"
+
+# Example configuration for okta secrets: https://bloodhound.specterops.io/openhound/collectors/okta/collect-data#example-configuration
+[sources.source.okta.credentials]
+base_url = "https://mytenant.oktapreview.com"
+client_id = "myclientid"
+private_key_path = "/app/.dlt/okta.json"

openhound-0.1.3.dev2/example-configurations/bloodhound-enterprise/README.md

@@ -0,0 +1,16 @@
+## Quick-start
+
+   1. Copy `.dlt-example` to `${HOME}/.dlt`and `docker-compose.yml` to `${HOME}`.
+   2. Fill in your credentials in the toml files.
+   3. Place any required key files (github.pem, okta.json) in `${HOME}/.dlt`.
+   4. Pull image from SpecterOps Docker Hub:  `docker pull specterops/openhound:latest-enterprise`
+      or run to pull from docker-compose.yml: `docker compose pull`
+   5. Run all collectors:    `docker compose up -d`
+      or run a single one:   `docker compose up -d scheduler-jamf`
+
+Full configuration reference: https://bloodhound.specterops.io/openhound/enterprise
+
+## WARNING: 
+ All config and secret files referenced below MUST exist before running
+ `docker compose up`. If they are missing, Docker will create them as directories,
+ which will cause the collector to fail.

openhound-0.1.1/docker-compose.bhe.yml → openhound-0.1.3.dev2/example-configurations/bloodhound-enterprise/docker-compose.yml

@@ -1,5 +1,5 @@
 x-scheduler: &scheduler
-  image: specterops/openhound:${IMAGE_VERSION:-0.1.0-enterprise}
+  image: specterops/openhound:${IMAGE_VERSION:latest-enterprise}
   restart: unless-stopped
   init: true
   volumes:
@@ -14,6 +14,7 @@ x-scheduler: &scheduler
     LOG_CONTAINER: true
 
 services:
+  # --- Jamf ---
   scheduler-jamf:
     <<: *scheduler
     environment:
@@ -23,6 +24,7 @@ services:
       - source: secrets_jamf
         target: /app/.dlt/secrets.toml
 
+  # --- GitHub ---
   scheduler-github:
     <<: *scheduler
     environment:
@@ -34,6 +36,7 @@ services:
       - source: key_github
         target: /app/.dlt/github.pem
 
+  # --- Okta ---
   scheduler-okta:
     <<: *scheduler
     environment:
@@ -46,12 +49,20 @@ services:
         target: /app/.dlt/okta.json
 
 secrets:
+  # Copy the .dlt-example folder to ${HOME}/.dlt as a starting point for each secrets file.
+  # Each secrets file must also contain [destination.bloodhoundenterprise] with url, token_id, and token_key.
+
+  # Jamf: username + password auth
   secrets_jamf:
     file: ${HOME}/.dlt/secrets_jamf.toml
+
+  # GitHub: GitHub App auth (app_id, client_id, org_name) + private key PEM (github.pem)
   secrets_github:
     file: ${HOME}/.dlt/secrets_github.toml
   key_github:
     file: ${HOME}/.dlt/github.pem
+
+  # Okta: OAuth client credentials (base_url, client_id) + private key JSON (okta.json)
   secrets_okta:
     file: ${HOME}/.dlt/secrets_okta.toml
   key_okta:

{openhound-0.1.1 → openhound-0.1.3.dev2}/pyproject.toml

@@ -65,7 +65,7 @@ local_scheme = "no-local-version"
 
 [dependency-groups]
 dev = [
-    "openhound-faker==0.0.4",
+    "openhound-faker==0.0.6",
     "ipython>=9.12.0",
     "pre-commit>=4.5.1",
     "pytest>=9.0.1",

openhound-0.1.1/docker-compose.yml

@@ -1,63 +0,0 @@
-# This is an example docker-compose file for running OpenHound with the JAMF collector.
-# the output graph will be stored inside a named volume. You can copy the OpenGraph contents using the
-# following command: `<docker|podman> cp <container_name>:/tmp/output/graph <destination_path>`
-
-x-cli: &cli
-  image: specterops/openhound:latest
-  restart: no
-  volumes:
-    - ${HOME}/.dlt/config.toml:/app/.dlt/config.toml:ro
-    - jamf-output:/tmp/output
-
-  # These environment variables can also be set inside the ~/.dlt/config.toml file
-  # and act as an example. Configuring openhound can be done using environment variables,
-  # configuration files or a combination of both.
-  environment: &env
-    LOG_LEVEL: INFO
-    EXTRACT__WORKERS: 8
-    LOG_CONTAINER: true
-
-  secrets:
-    - source: secrets_jamf
-      target: /app/.dlt/secrets.toml
-
-services:
-  collect-jamf:
-    <<: *cli
-    command:
-      - collect
-      - jamf
-      - /tmp/output/raw
-      - --progress=log
-
-  preprocess-jamf:
-    <<: *cli
-    command:
-      - preprocess
-      - jamf
-      - /tmp/output/raw/jamf
-      - /tmp/output/lookup.duckdb
-      - --progress=log
-    depends_on:
-      collect-jamf:
-        condition: service_completed_successfully
-
-  convert-jamf:
-    <<: *cli
-    command:
-      - convert
-      - jamf
-      - /tmp/output/raw/jamf
-      - /tmp/output/graph
-      - --lookup-file=/tmp/output/lookup.duckdb
-      - --progress=log
-    depends_on:
-      preprocess-jamf:
-        condition: service_completed_successfully
-
-volumes:
-  jamf-output:
-
-secrets:
-  secrets_jamf:
-    file: ${HOME}/.dlt/secrets_jamf.toml