Prancer On-Premise Discovery and Penetration Testing Guide
Follow these professional guidelines to conduct discovery and penetration testing within your on-premise environment using Prancer:
Step 1: Create an API Token
Generate a secure token in your environment.
Detailed instructions can be found here: Create Token
Step 2: Install Prancer PAC
To install Prancer PAC, follow these instructions:
-
Download the latest version of Prancer PAC: prancer-pac-latest.tar.gz
-
Extract the downloaded file using:
tar -xvf prancer-pac-latest.tar.gz
- If installing for the first time, set the appropriate permissions for the installation script:
cd prancer-pac-latest/
sudo chmod 0777 install.sh
- Run the installation script:
sudo ./install.sh
- Verify the installation by running:
prancer-pac version
Expected output:
The version of prancer pac is 1.4.4 linux/amd64
Step 3: Autonomous Discovery Wizard
- Open the autonomous discovery wizard in your Prancer portal.
- Select "On Premise" and enter your IP address range.
- Submit the information, and you'll receive a generated command.
prancer-pac discovery -i <customer tenant name> -t <token> -c <collectionid>
- Run the provided command on your on-premise environment to start the discovery process.
Step 4: Verify Inventory
Once the discovery is complete, navigate to the Inventory Management page on the Prancer portal.
You should see all discovered hosts listed.
Step 5: Conduct Penetration Testing
-
Identify the pentest configuration ID by opening the relevant manifest file (PAC) from the Inventory Management page.
The configuration ID is located at the top of the file. -
Execute the pentest with the following command:
prancer-pac pentest --config CONFIGURATION_ID -d prod --customer abccustomer --token APITOKEN
- To monitor logs during the pentesting process, run:
docker logs prancer-scanner -f
Step 6: View Results
After completion, return to the Prancer portal.
The pentesting results will be available under Application Findings.
Step 7: Required Network and Software Configurations
Ensure the following prerequisites are met for smooth operation:
- Docker is installed on your system.
- Your firewall permits outbound connections to:
portal.prancer.io
[customer-id].core.windows.net
(Recommended: allow*.core.windows.net
for ease of use)
For additional details, refer to our knowledge base here.