I have been meaning to look at Cartography since I saw their talk at BSidesSF last year and I finally had a chance to start looking at it today. One of the first things I noticed was that is was not containerized so I built a quick container for it and decided to document my progress here.
Prerequisites
- AWS CLI (Installed and configured)
- Docker 18.0+
Build The Cartography Container
- Create a local
cartography
directory. - Create a
Dockerfile
and copy this into it:
# syntax = docker/dockerfile:experimental
FROM ubuntu:latest
# Install Python
RUN apt-get update \
&& apt-get install -y python3-pip python3-dev wget apt-utils \
&& cd /usr/local/bin \
&& ln -s /usr/bin/python3 python \
&& pip3 install --upgrade pip
RUN pip install awscli \
&& pip install cartography
- In your terminal open the
cartography
directory. - Build the container using:
DOCKER_BUILDKIT=1 docker build -t cartography .
Run Neo4J Container
docker container run \
-e NEO4J_AUTH=none \
-v neo4j-data:/data \
-p 7474:7474 \
-p 7687:7687 \
-d \
neo4j:3.5.12
Run Cartography Container
docker run --rm -v $HOME/.aws:/root/.aws --net=host cartography cartography --neo4j-uri bolt://127.0.0.1:7687
This step will take a few minutes depending on the size of your environment.
![](https://i0.wp.com/jerrygamblin.com/wp-content/uploads/2019/10/Screen-Shot-2019-10-23-at-3.58.20-PM.png?fit=960%2C809&ssl=1)
Accessing The Interface
Once the container is done building you can access the web interface at http://127.0.0.1:7474/browser/
![](https://i1.wp.com/jerrygamblin.com/wp-content/uploads/2019/10/Screen-Shot-2019-10-23-at-4.03.29-PM.png?fit=960%2C541&ssl=1)
Closing Thoughts & ToDo List
- Lyft provides some sample quires here
- I am looking forward to setting this up for multi-cloud environments
- Need to investigate authentication for Neo4J