PCF Archive Cleaner is a Rust-based utility designed to automatically delete archived and deleted projects from the Pentest Collaboration Framework (PCF). This tool is specifically tailored for version 1.5.0 of PCF and aims to assist cybersecurity professionals in managing data protection requirements.
- Download the File
wget https://github.com/evait-security/pcf_archive_cleaner/releases/download/linux_x64/pcf_archive_cleaner
- Downlaod the config file vor version PCF 1.5.0
wget https://github.com/evait-security/pcf_archive_cleaner/releases/tag/config-v1.5.0
chmod +x pcf_archive_cleaner./pcf_archive_cleaner <<Path_to_PCF_Folder>>
The config file config.yaml will be in the same folder as the pcf_archive_cleaner. The log file pcf_del_archive.log will be in the same folder as the pcf_archive_cleaner and the config.yaml files are.
The PCF Archive Cleaner implements a robust database schema validation mechanism using SHA-256 hashing. This feature ensures that the cleaning operation only runs on a compatible database structure, preventing potential data corruption or inconsistent deletions.
-
The tool generates a unique hash for each database table and its structure:
- Each column's hash is calculated using its name and type
- Table hashes are created by combining the table name with all its column hashes
- A final schema hash is generated by combining all table hashes
-
The expected schema hash is stored in the config.yaml file under the DataBase file_paths entry:
file_paths: DataBase: path: configuration/database.sqlite3 hash: 55a956d201415f44e3577887d894e2481958441352ab50d03c2ddb3216f9410f
-
Before performing any operations, the cleaner:
- Calculates the current database schema hash
- Compares it with the expected hash from the configuration
- Proceeds only if the hashes match
- Logs an error and exits if there's a mismatch
When upgrading PCF or making changes to the database structure:
- Run the cleaner once - it will log the new schema hash
- Update the config.yaml with the new hash value
This ensures safe operation across database schema updates.
- Open the crontab file
crontab -e
- Add the following line to run the script daily at midnight
0 0 * * * /path/to/pcf_archive_cleaner/pcf_archive_cleaner /path/to/pcf/folder
Runs as a cron job on the server, automatically cleaning archived projects.
Uses a YAML configuration file, allowing easy updates to database structure and file deletion patterns without recompiling.
Removes data from multiple related tables and associated files. Logging: Maintains detailed logs of all operations for auditing purposes.
The tool uses a config.yaml file to define the database structure and file paths. It supports a hierarchical workflow structure, allowing for the deletion of related data across multiple tables. The configuration includes:
- Database tables and their relationships
- Columns to query for deletion
- File paths for associated documents
The cleaner supports deletion from the following PCF tables: Projects, Files, Issues, PoC, Chats, Messages, Credentials, Hosts, Hostnames, Logs, NetworkPaths, Networks, Notes, Ports, Tasks, tool_sniffer_http_info, tool_sniffer_http_data
Helps maintain data hygiene in long-running PCF installations Assists in complying with data protection regulations Reduces database bloat and improves performance Customizable to fit specific organizational needs
- Always backup your PCF database before running this tool, especially when first setting it up or after making configuration changes.
- Verify the schema hash in your config.yaml matches your PCF version.
- Test the cleaner on a non-production environment first.
Contributions, issues, and feature requests are welcome. Feel free to check issues page if you want to contribute.
This tool is provided as-is. Users are responsible for ensuring it meets their specific data protection and security requirements.