Documentation ¶
Index ¶
- Constants
- type Certificate
- type DatasetSummary
- type GeoLocation
- type GeoPoint
- type L9Event
- func (event *L9Event) AddSource(source string)
- func (event *L9Event) AddTag(tag string)
- func (event *L9Event) HasSource(source string) bool
- func (event *L9Event) HasTag(tag string) bool
- func (event *L9Event) HasTransport(transport string) bool
- func (event *L9Event) MatchServicePlugin(plugin ServicePluginInterface) bool
- func (event *L9Event) RemoveTransport(transportCheck string)
- func (event *L9Event) UpdateFingerprint() error
- func (event *L9Event) Url() string
- type L9HttpEvent
- type L9LeakEvent
- type L9SSHEvent
- type L9SSLEvent
- type L9ServiceEvent
- type Network
- type ServiceCredentials
- type ServicePluginBase
- func (plugin ServicePluginBase) DialContext(ctx context.Context, network string, addr string) (conn net.Conn, err error)
- func (plugin ServicePluginBase) GetHttpClient(ctx context.Context, ip string, port string) *http.Client
- func (plugin ServicePluginBase) GetL9NetworkConnection(event *L9Event) (conn net.Conn, err error)
- func (plugin ServicePluginBase) GetNetworkConnection(network string, addr string) (conn net.Conn, err error)
- func (plugin ServicePluginBase) GetReportDescription(event *L9Event) string
- func (plugin ServicePluginBase) GetReportTitle(event *L9Event) string
- func (plugin ServicePluginBase) IdentifyHttp(_ *L9Event, _ string, _ *goquery.Document) bool
- func (plugin ServicePluginBase) IdentifyTcp(_ *L9Event, _ []byte, _ []string) bool
- func (plugin ServicePluginBase) Init() error
- type ServicePluginInterface
- type Software
- type SoftwareModule
- type WebPluginInterface
- type WebPluginRequest
- func (request *WebPluginRequest) AddTag(tag string)
- func (request *WebPluginRequest) AddTags(tags []string)
- func (request *WebPluginRequest) Equal(testRequest WebPluginRequest) bool
- func (request *WebPluginRequest) EqualAny(testRequests []WebPluginRequest) bool
- func (request *WebPluginRequest) GetHash() string
- func (request *WebPluginRequest) HasAnyTags(tags []string) bool
- func (request *WebPluginRequest) HasTag(tag string) bool
- type WebPluginResponse
Constants ¶
View Source
const SEVERITY_CRITICAL = "critical"
View Source
const SEVERITY_HIGH = "high"
View Source
const SEVERITY_INFO = "info"
View Source
const SEVERITY_LOW = "low"
View Source
const SEVERITY_MEDIUM = "medium"
View Source
const STAGE_EXFILTRATE = "exfiltrate"
View Source
const STAGE_EXPLORE = "explore"
View Source
const STAGE_OPEN = "open"
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Certificate ¶
type Certificate struct { CommonName string `json:"cn"` Domains []string `json:"domain"` Fingerprint string `json:"fingerprint"` KeyAlgo string `json:"key_algo"` KeySize int `json:"key_size"` IssuerName string `json:"issuer_name"` NotBefore time.Time `json:"not_before"` NotAfter time.Time `json:"not_after"` Valid bool `json:"valid"` }
type DatasetSummary ¶
type GeoLocation ¶
type GeoLocation struct { ContinentName string `json:"continent_name"` RegionISOCode string `json:"region_iso_code"` CityName string `json:"city_name"` CountryISOCode string `json:"country_iso_code"` CountryName string `json:"country_name"` RegionName string `json:"region_name"` GeoPoint GeoPoint `json:"location"` }
type L9Event ¶
type L9Event struct { EventType string `json:"event_type"` EventSource string `json:"event_source"` EventPipeline []string `json:"event_pipeline"` EventFingerprint string `json:"event_fingerprint"` Ip string `json:"ip"` Host string `json:"host"` Reverse string `json:"reverse"` Port string `json:"port"` Mac string `json:"mac"` Vendor string `json:"vendor"` Transports []string `json:"transport"` Protocol string `json:"protocol"` Http L9HttpEvent `json:"http"` Summary string `json:"summary"` Time time.Time `json:"time"` SSL L9SSLEvent `json:"ssl"` SSH L9SSHEvent `json:"ssh"` Service L9ServiceEvent `json:"service"` Leak L9LeakEvent `json:"leak"` Tags []string `json:"tags"` GeoIp GeoLocation `json:"geoip"` Network Network `json:"network"` }
func (*L9Event) HasTransport ¶
func (*L9Event) MatchServicePlugin ¶
func (event *L9Event) MatchServicePlugin(plugin ServicePluginInterface) bool
func (*L9Event) RemoveTransport ¶
func (*L9Event) UpdateFingerprint ¶
type L9HttpEvent ¶
type L9LeakEvent ¶
type L9LeakEvent struct { Stage string `json:"stage"` Type string `json:"type"` Severity string `json:"severity"` Dataset DatasetSummary `json:"dataset"` }
type L9SSHEvent ¶
type L9SSLEvent ¶
type L9ServiceEvent ¶
type L9ServiceEvent struct { Credentials ServiceCredentials `json:"credentials"` Software Software `json:"software"` }
type ServiceCredentials ¶
type ServicePluginBase ¶
type ServicePluginBase struct { }
func (ServicePluginBase) DialContext ¶
func (ServicePluginBase) GetHttpClient ¶
func (ServicePluginBase) GetL9NetworkConnection ¶
func (plugin ServicePluginBase) GetL9NetworkConnection(event *L9Event) (conn net.Conn, err error)
func (ServicePluginBase) GetNetworkConnection ¶
func (ServicePluginBase) GetReportDescription ¶
func (plugin ServicePluginBase) GetReportDescription(event *L9Event) string
func (ServicePluginBase) GetReportTitle ¶
func (plugin ServicePluginBase) GetReportTitle(event *L9Event) string
func (ServicePluginBase) IdentifyHttp ¶
func (ServicePluginBase) IdentifyTcp ¶
func (plugin ServicePluginBase) IdentifyTcp(_ *L9Event, _ []byte, _ []string) bool
func (ServicePluginBase) Init ¶
func (plugin ServicePluginBase) Init() error
type ServicePluginInterface ¶
type ServicePluginInterface interface { // GetVersion returns plugin version GetVersion() (int, int, int) // GetProtocols returns the protocol supported by the plugin GetProtocols() []string // GetName returns the plugin unique name GetName() string // GetStage returns the stage for the plugin : // - open // - explore // - .... (custom stages) GetStage() string // Run runs the plugin against the remote service Run(ctx context.Context, event *L9Event, options map[string]string) (hasLeak bool) // Init called once when loading plugins : optional Init() error // IdentifyHttp Used to check tcpid payloads and identify the software : optional IdentifyHttp(event *L9Event, body string, document *goquery.Document) bool // IdentifyTcp Used to check tcpid payloads and identify the software : optional IdentifyTcp(event *L9Event, bannerBytes []byte, bannerPrintables []string) bool // GetReportTitle gets a descriptive title based on event for report title GetReportTitle(event *L9Event) string // GetReportDescription gets a description based on event for report description. Markdown supported GetReportDescription(event *L9Event) string }
type Software ¶
type Software struct { Name string `json:"name"` Version string `json:"version"` OperatingSystem string `json:"os"` Modules []SoftwareModule `json:"modules"` Fingerprint string `json:"fingerprint"` }
type SoftwareModule ¶
type WebPluginInterface ¶
type WebPluginInterface interface { GetVersion() (int, int, int) GetRequests() []WebPluginRequest GetName() string GetStage() string Verify(request WebPluginRequest, response WebPluginResponse, event *L9Event, options map[string]string) (hasLeak bool) // IdentifyHttp Used to check tcpid payloads and identify the software : optional IdentifyHttp(event *L9Event, body string, document *goquery.Document) bool // GetReportTitle gets a descriptive title based on event for report title GetReportTitle(event *L9Event) string // GetReportDescription gets a description based on event for report description. Markdown supported GetReportDescription(event *L9Event) string }
type WebPluginRequest ¶
type WebPluginRequest struct { Method string Path string Headers map[string]string Body []byte Tags []string // contains filtered or unexported fields }
func (*WebPluginRequest) AddTag ¶
func (request *WebPluginRequest) AddTag(tag string)
func (*WebPluginRequest) AddTags ¶
func (request *WebPluginRequest) AddTags(tags []string)
func (*WebPluginRequest) Equal ¶
func (request *WebPluginRequest) Equal(testRequest WebPluginRequest) bool
func (*WebPluginRequest) EqualAny ¶
func (request *WebPluginRequest) EqualAny(testRequests []WebPluginRequest) bool
func (*WebPluginRequest) GetHash ¶
func (request *WebPluginRequest) GetHash() string
func (*WebPluginRequest) HasAnyTags ¶
func (request *WebPluginRequest) HasAnyTags(tags []string) bool
func (*WebPluginRequest) HasTag ¶
func (request *WebPluginRequest) HasTag(tag string) bool
Click to show internal directories.
Click to hide internal directories.