06 Apr, 2023

How to Use DART

Introduction 

Penetration testing is a crucial process for assessing the security posture of systems and networks. It involves identifying and exploiting vulnerabilities in order to evaluate the risks and impacts of potential attacks. However, penetration testing can also be a tedious and time-consuming task, especially when it comes to documenting and reporting the findings. How can you streamline this process and focus more on the testing itself? 

One possible solution is DART, a test documentation tool created by the Lockheed Martin Red Team. DART stands for Documentation and Reporting Tool, and it is designed to help you document and report on penetration tests, especially in isolated network environments. In this blog post, we will introduce you to DART and show you how to use it effectively. 

Goals of DART 

DART has several goals that make it a useful tool for penetration testers. These are: 

• Easy to use: DART is quick to set up without internet connectivity and does not require extensive configuration. You can run it on a standalone machine or a private test network. You only need Python 2.7 and pip installed on your online system, and administrative credentials on your offline system. 

• Enabling: DART helps you maximize your testing time and minimize your reporting time. It allows you to apply NISPOM-friendly portion markings to your findings and capture test artifacts such as screenshots, files, and commands. It also generates a Microsoft Word report that follows the Lockheed Martin Red Team standards and includes all the test cases and artifacts. 

• Expendable: DART is not meant to be deployed on untrusted networks or left behind after the test. It generates a report and an artifact file that contain everything you need from the test. You can destroy the tool without losing any data. 

DART also has some features and benefits that make it stand out from other documentation tools. These are: 

• Multiple mission support: DART lets you create and manage multiple missions with different settings and objectives. You can switch between missions easily and keep track of your progress. You can also customize your classifications and business areas by editing the files in dart/missions/fixtures. 

• Test case & artifact tracking: DART lets you create and manage test cases for each mission. You can assign severity levels, status, and comments to each test case. You can also add artifacts such as screenshots, files, and commands to each test case. You can view, edit, or delete any test case or artifact at any time. 

• Microsoft Word report: DART generates a Microsoft Word report for each mission that includes all the test cases and artifacts. The report is formatted according to the Lockheed Martin Red Team standards and has a table of contents, an executive summary, a detailed findings section, and an appendix. You can export or save the report as a Word file and review or edit it before submitting it to your client or manager. 

Here is one example of the output generated by DART. Report is generated in Microsoft Word Format. 

As you can see, DART is a powerful and convenient tool for documenting and reporting on penetration tests. It helps you organize your findings, collect your evidence, and present your results in a professional way. In the next section, we will show you how to install and run DART on your machine. 

Installation 

DART is tested to work in the following configurations: 

• Windows system install 

• Docker (Experimental) 

Note: Other configurations may be successful, but we do not currently test DART’s operation in these configurations. 

The installation instructions are comprised of two steps: a dependency collection step performed on an internet-connected machine and an installation step performed on the isolated machine. 

Installing on Windows (system-wide) 

On an internet-connected machine: 

• Online system must meet the following requirements for automated scripts to work: 

• Python 2.7 must be already installed (python –version to check) 

• pip version must be > 9.0 (pip –version to check; pip install -U pip to update) 

• Clone the repo & get the dependencies 

• git clone https://github.com/lmco/dart.git 

• cd dart 

• python install\online\prep.py 

Note: Some command line options, like –proxy are supported for your convenience. Use python install\online\prep.py –help for more info. 

• Copy to offline machine 

On the isolated machine: 

• Offline system must meet the following requirements for automated scripts to work: 

• You must have administrative credentials (required for python installation) 

• Install the dependencies 

• cd dart 

• install\offline\install.bat 

• First Run Setup 

• python install\offline\setup.py 

Basic DART installation and database creation is now complete. In addition, you’ve loaded in common classification colors, a basic classification list, and some common business areas you may have. 

Installing with Docker (Experimental) 

On an internet-connected machine: 

• Online system must meet the following requirements for automated scripts to work: 

• Docker must be already installed (docker –version to check) 

• Clone the repo 

• git clone https://github.com/lmco/dart.git 

• cd dart 

• Build the Docker image 

• docker build -t dart . 

Note: This is an experimental feature and may not work as expected. Read the warning in the Dockerfile before using it. 

• Copy to offline machine 

On the isolated machine: 

• Offline system must meet the following requirements for automated scripts to work: 

• Docker must be already installed (docker –version to check) 

• Run the Docker image 

• docker run -p 8000:8000 dart 

• First Run Setup 

• docker exec -it <container_id> python install\offline\setup.py 

Basic DART installation and database creation is now complete. In addition you’ve loaded in common classification colors, a basic classification list, and some common business areas you may have. 

That’s it! You have successfully installed DART on your machine. In the next section, we will show you how to use DART for your penetration tests. 

Usage 

Once you have installed DART, you can start using it for your penetration tests. Here are the main features and functionalities of DART that you need to know: 

Starting and stopping DART 

To start DART, run the following command in the dart folder: 

• python run.py 

To stop DART, press CTRL+C in the terminal. 

Connecting to DART 

To connect to DART, you need to use a web browser and enter the following URL: 

• Localhost:127.0.0.1:8000 

• LAN:<server_ip_address>:8000 

You should see the DART homepage with a list of missions. 

Creating and managing missions 

A mission is a collection of test cases and artifacts for a specific penetration test. To create a new mission, click on the “Create Mission” button on the homepage. You will need to enter some information about the mission, such as: 

• Mission name: A unique name for the mission. 

• Classification: The security classification of the mission (e.g., Unclassified, Confidential, Secret, Top Secret). 

• Classification color: The color code for the classification (e.g., Green, Blue, Red, Purple). 

• Business area: The business area or domain of the mission (e.g., Aerospace, Defense, Energy). 

• Objective: The main goal or purpose of the mission. 

• Scope: The boundaries or limitations of the mission (e.g., targets, methods, rules of engagement). 

After creating a mission, you can edit or delete it by clicking on the corresponding buttons on the mission page. You can also switch between missions by clicking on the “Missions” button on the navigation bar. 

Creating and managing test cases 

A test case is a specific finding or vulnerability that you discover during your penetration test. To create a new test case for a mission, click on the “Create Test Case” button on the mission page. You will need to enter some information about the test case, such as: 

• Test case name: A unique name for the test case. 

• Severity: The impact or risk level of the test case (e.g., Critical, High, Medium, Low). 

• Status: The current state or progress of the test case (e.g., Open, In Progress, Closed). 

• Description: A brief summary of the test case. 

• Details: A detailed explanation of the test case, including steps to reproduce, evidence, and recommendations. 

After creating a test case, you can edit or delete it by clicking on the corresponding buttons on the test case page. You can also add artifacts to it by clicking on the “Add Artifact” button. 

Adding and managing artifacts 

An artifact is a piece of data or information that supports or proves your test case. It can be a screenshot, a file, or a command. To add an artifact to a test case, click on the “Add Artifact” button on the test case page. You will need to enter some information about the artifact, such as: 

• Artifact name: A unique name for the artifact. 

• Artifact type: The type or format of the artifact (e.g., Screenshot, File, Command). 

• Artifact data: The actual data or content of the artifact (e.g., image file, text file, command output). 

After adding an artifact, you can edit or delete it by clicking on the corresponding buttons on the artifact page. You can also view it by clicking on its name. 

Generating and exporting reports 

A report is a document that summarizes and presents your findings and recommendations from your penetration test. To generate a report for a mission, click on the “Generate Report” button on the mission page. You will see a preview of the report in Microsoft Word format. The report includes: 

• A cover page with basic information about the mission. 

• A table of contents with links to each section. 

• An executive summary with an overview of your findings and recommendations. 

• A detailed findings section with each test case and its artifacts. 

• An appendix with additional information and references. 

To export or save the report as a Word file, click on the “Export Report” button on the report page. You will be prompted to choose a location and a name for your report file. 

Conclusion 

In this blog post, we have introduced you to DART and showed you how to use it for your penetration tests. DART is a documentation and reporting tool that helps you streamline your testing process and focus more on finding vulnerabilities. It has several features and benefits that make it easy, enabling, and expendable. One of the unique feature of this tool is that you can destroy the tool without losing any data. This way, you can avoid leaving any traces or compromising any sensitive information. You can also protect your report and artifact file with encryption or password. 

Here are some tips and tricks for using DART effectively: 

• Customize your classifications and business areas by editing the files in dart/missions/fixtures. You can add or modify the entries to suit your needs and preferences. 

• Use command line options for the online prep script, such as –proxy, to facilitate the dependency collection step. You can use python install\online\prep.py –help to see all the available options. 

• Review and edit the report before submitting it to your client or manager. You can make changes to the report file using Microsoft Word or any compatible editor. 

We hope you found this blog post useful and informative. If you want to learn more about DART, you can visit the official GitHub repository of DART at https://github.com/lmco/dart. There you can find the source code, the README file, and other resources. You can also report any issues or feedback using the GitHub issue tracker. 

Thank you for reading and happy testing! 

Other Services

Ready to secure?

Let's get in touch