v1

package
v0.2.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 9, 2019 License: Apache-2.0 Imports: 6 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type AsyncScanInput 

type AsyncScanInput struct {
	ScanInput
	Identifier string `json:"id"`
}

AsyncScanInput is a wrapper around ScanInput that adds a tracking ID.

type AsyncScanOutput 

type AsyncScanOutput struct {
	Identifier string `json:"id"`
	HREF       string `json:"href"`
}

AsyncScanOutput is the response containing a tracking ID.

type AsyncScanQuery 

type AsyncScanQuery struct {
	Identifier string `json:"id"`
}

AsyncScanQuery is the container for a scan to check on.

type AsyncScanResult 

type AsyncScanResult struct {
	Status   string        `json:"status"`
	Findings []ScanFinding `json:"findings,omitempty"`
}

AsyncScanResult is the response to a query.

type Scan 

type Scan struct {
	LogFn           domain.LogFn
	Scanner         domain.Scanner
	ScriptedScanner domain.ScriptedScanner
	Producer        domain.Producer
}

Scan is a handler that manages scanning a host on-demand.

func (*Scan) Handle 

func (h *Scan) Handle(ctx context.Context, in ScanInput) (interface{}, error)

Handle is invoked on each request.

type ScanAsync 

type ScanAsync struct {
	LogFn           domain.LogFn
	Store           domain.Store
	Scanner         domain.Scanner
	ScriptedScanner domain.ScriptedScanner
	Producer        domain.Producer
}

ScanAsync manages processing async reuquests.

func (*ScanAsync) Handle 

func (h *ScanAsync) Handle(ctx context.Context, in AsyncScanInput) (interface{}, error)

Handle process the async job.

type ScanAsyncFetch 

type ScanAsyncFetch struct {
	Store domain.Store
}

ScanAsyncFetch is activated when attempting to retrieve the results.

func (*ScanAsyncFetch) Handle 

func (h *ScanAsyncFetch) Handle(ctx context.Context, in AsyncScanQuery) (AsyncScanResult, error)

Handle queries for the results of the async ID.

type ScanAsyncSubmit 

type ScanAsyncSubmit struct {
	LogFn       domain.LogFn
	Producer    domain.Producer
	Store       domain.Store
	BaseURL     *url.URL
	IDGenerator func() string
}

ScanAsyncSubmit handles pushing scan requests onto some queue or stream for later processing

func (*ScanAsyncSubmit) Handle 

func (h *ScanAsyncSubmit) Handle(ctx context.Context, in ScanInput) (interface{}, error)

Handle submits the request to a queue and returns a result href.

type ScanFinding 

type ScanFinding struct {
	// Timestamp is when the finding was detected.
	Timestamp time.Time `json:"timestamp"`
	// IP is the address that was scanned.
	IP string `json:"ip"`
	// Hostnames are optionally included names that resolve to the scan IP.
	Hostnames       []string            `json:"hostnames"`
	Vulnerabilities []ScanVulnerability `json:"vulnerabilities"`
}

ScanFinding is a JSON domain.Finding.

type ScanInput 

type ScanInput struct {
	Host       string   `json:"host"`
	Scripts    []string `json:"scripts"`
	ScriptArgs []string `json:"scripts_args"`
}

ScanInput is a container for the JSON request body.

type ScanOutput 

type ScanOutput struct {
	Findings []ScanFinding `json:"findings"`
}

ScanOutput is the response container.

type ScanVulnerability 

type ScanVulnerability struct {
	// Unique identity of the vulnerability as reported by nmap.
	Key string `json:"key"`
	// Title of the vulnerability.
	Title string `json:"title"`
	// State of the vuln. One of the VulnState* constants.
	State string `json:"state"`
	// External vulnerability database identifiers. (optional)
	IDs []ScanVulnerabilityID `json:"ids"`
	// Short-hand severity rating. One of HIGH, MEDIUM, or LOW. (optional)
	RiskFactor string `json:"riskFactor"`
	// Scores defined as CVSS or CVSSv2. (optional)
	Scores []ScanVulnerabilityScore `json:"scores"`
	// Long form description of the issue. (optional)
	Description string `json:"description"`
	// Critical dates associated with the vulnerability such as disclosure.
	// (optional)
	Dates []ScanVulnerabilityDate `json:"dates"`
	// CheckResults contains any output relevant to the scan or probe that might
	// help diagnose or confirm the vulnerability state. (optional)
	CheckResults []string `json:"checkResults"`
	// ExploitResults contains any output gathered during an exploit of a
	// system. (optional)
	ExploitResults []string `json:"exploitResults"`
	// ExtraInfo contains any arbitrary content from a scan or probe that does
	// not fit into other categories. (optional)
	ExtraInfo []string `json:"extraInfo"`
	// References are external links to vulnerability databases or pages that
	// contain additional content about the vulnerability.
	References []string `json:"references"`

	// Source is the script that generated the finding.
	Source string `json:"source"`
	// Port on which the vulnerability was detected.
	Port int `json:"port"`
	// Protocol used during network communications
	Protocol string `json:"protocol"`
	// Service is the kind of application running on the port. Ex: http
	Service string `json:"service"`
}

ScanVulnerability is a JSON domain.Vulnerability.

type ScanVulnerabilityDate 

type ScanVulnerabilityDate struct {
	Type  string `json:"type"`
	Year  int    `json:"year"`
	Month int    `json:"month"`
	Day   int    `json:"day"`
}

ScanVulnerabilityDate is a JSON domain.VulnerabilityDate.

type ScanVulnerabilityID 

type ScanVulnerabilityID struct {
	Type  string `json:"type"`
	Value string `json:"value"`
}

ScanVulnerabilityID is a JSON domain.VulnerabilityID.

type ScanVulnerabilityScore 

type ScanVulnerabilityScore struct {
	Type  string `json:"type"`
	Value string `json:"value"`
}

ScanVulnerabilityScore is a JSON domain.VulnerabilityScore.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.