Documentation
¶
Index ¶
- Constants
- type AFHashReply
- type Configuration
- type Context
- type CyHashReply
- type DBQueueMessage
- type File
- type FileReply
- type HashReply
- type IPReply
- type JoinSlack
- type MaliciousContent
- type OAuthState
- type Statistics
- type Team
- func (t *Team) ClearAFKey() (string, error)
- func (t *Team) ClearToken() (string, error)
- func (t *Team) ClearVTKey() (string, error)
- func (t *Team) ClearXFEKey() (string, error)
- func (t *Team) ClearXFEPass() (string, error)
- func (t *Team) SecureAFKey() (string, error)
- func (t *Team) SecureToken() (string, error)
- func (t *Team) SecureVTKey() (string, error)
- func (t *Team) SecureXFEKey() (string, error)
- func (t *Team) SecureXFEPass() (string, error)
- type TeamBot
- type URLReply
- type User
- type UserStatus
- type UserType
- type VtHashReply
- type VtIPReply
- type VtURLReply
- type WorkReply
- type WorkRequest
- type XfeHashReply
- type XfeIPReply
- type XfeURLReply
Constants ¶
View Source
const ( // UserTypeSlack is a Slack user UserTypeSlack = iota // UserTypeHipchat is a Hipchat user UserTypeHipchat )
View Source
const ( // UserStatusActive is an active user UserStatusActive = iota // UserStatusDeleted is a deleted user UserStatusDeleted )
View Source
const ( // ReplyTypeHash for hash replies ReplyTypeHash int = 1 << iota // ReplyTypeURL for URL replies ReplyTypeURL // ReplyTypeIP for IP replies ReplyTypeIP // ReplyTypeFile for File replies ReplyTypeFile )
View Source
const ( // ResultClean from the scan if it is not known bad and at least one service found it to be clean ResultClean int = iota // ResultDirty if at least one service convicted it ResultDirty // ResultUnknown if none of the services knowns about the request ResultUnknown )
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AFHashReply ¶
type AFHashReply struct {
Error string `json:"error"`
Result autofocus.Reputation `json:"result"`
}
AFHashReply ....
type Configuration ¶
type Configuration struct {
Team string `json:"team"`
Channels []string `json:"channels"`
Groups []string `json:"groups"`
IM bool `json:"im"`
Regexp string `json:"regexp"`
All bool `json:"all"`
VerboseChannels []string `json:"verbose_channels"`
VerboseGroups []string `json:"verbose_groups"`
VerboseIM bool `json:"verbose_im"`
}
Configuration holds the user configuration
func (*Configuration) IsActive ¶
func (c *Configuration) IsActive() bool
IsActive returns true if there is at least one active part for the user
func (*Configuration) IsInterestedIn ¶
func (c *Configuration) IsInterestedIn(channel, channelName string) bool
IsInterestedIn the given channel
func (*Configuration) IsVerbose ¶
func (c *Configuration) IsVerbose(channel string) bool
IsVerbose checks if the channel is verbose
type Context ¶
type Context struct {
Team string `json:"team"`
User string `json:"user"`
OriginalUser string `json:"original_user"`
Channel string `json:"channel"`
Type string `json:"type"`
}
Context to push with each message to identify the relevant team and user
func GetContext ¶
GetContext from a message based on actual type
type CyHashReply ¶
type CyHashReply struct {
Error string `json:"error"`
Result infinigo.QueryResponse `json:"result"`
}
CyHashReply ....
type DBQueueMessage ¶
type DBQueueMessage struct {
ID int64 `json:"id"`
Name string `json:"name"`
MessageType string `json:"message_type" db:"message_type"`
Message string `json:"message"`
Timestamp time.Time `json:"ts" db:"ts"`
}
DBQueueMessage holds a message passed via the database
type File ¶
type File struct {
ID string `json:"id"`
URL string `json:"url"`
Name string `json:"name"`
Size int `json:"size"`
Token string `json:"token"`
}
File details for a request
type FileReply ¶
type FileReply struct {
Result int `json:"result"`
FileTooLarge bool `json:"file_too_large"`
Virus string `json:"virus"`
Error string `json:"error"`
Details File `json:"details"`
}
FileReply holds the information about a File
type HashReply ¶
type HashReply struct {
Details string `json:"details"`
Result int `json:"result"`
XFE XfeHashReply `json:"xfe"`
VT VtHashReply `json:"vt"`
Cy CyHashReply `json:"cy"`
AF AFHashReply `json:"af"`
}
HashReply holds the information about a hash
type IPReply ¶
type IPReply struct {
Details string `json:"details"`
Result int `json:"result"`
Private bool `json:"isPrivate"`
XFE XfeIPReply `json:"xfe"`
VT VtIPReply `json:"vt"`
}
IPReply holds the information about an IP
type JoinSlack ¶
type JoinSlack struct {
Email string `json:"email"`
Timestamp time.Time `json:"ts" db:"ts"`
Invited bool `json:"invited"`
}
JoinSlack holds invite information to join our Slack channel
type MaliciousContent ¶
type MaliciousContent struct {
Team string `json:"team"`
Channel string `json:"channel"`
MessageID string `json:"message_id" db:"message_id"`
ContentType int `json:"content_type" db:"content_type"`
Content string `json:"content"`
FileName string `json:"file_name" db:"file_name"`
VT string `json:"vt"`
XFE string `json:"xfe"`
Cy string `json:"cy"`
ClamAV string `json:"clamav"`
AF string `json:"af"`
}
MaliciousContent holds info about convicted content
func (*MaliciousContent) UniqueID ¶
func (mc *MaliciousContent) UniqueID() string
UniqueID of the message
type OAuthState ¶
OAuthState holds oauth validation state
type Statistics ¶
type Statistics struct {
Team string `json:"team"`
Timestamp time.Time `json:"ts" db:"ts"`
Messages int64 `json:"messages"`
FilesClean int64 `json:"files_clean" db:"files_clean"`
FilesDirty int64 `json:"files_dirty" db:"files_dirty"`
FilesUnknown int64 `json:"files_unknown" db:"files_unknown"`
URLsClean int64 `json:"urls_clean" db:"urls_clean"`
URLsDirty int64 `json:"urls_dirty" db:"urls_dirty"`
URLsUnknown int64 `json:"urls_unknown" db:"urls_unknown"`
HashesClean int64 `json:"hashes_clean" db:"hashes_clean"`
HashesDirty int64 `json:"hashes_dirty" db:"hashes_dirty"`
HashesUnknown int64 `json:"hashes_unknown" db:"hashes_unknown"`
IPsClean int64 `json:"ips_clean" db:"ips_clean"`
IPsDirty int64 `json:"ips_dirty" db:"ips_dirty"`
IPsUnknown int64 `json:"ips_unknown" db:"ips_unknown"`
}
Statistics holds message and detection statistics for a team
func (*Statistics) HasSomething ¶
func (s *Statistics) HasSomething() bool
HasSomething that is not 0 in the statistics
type Team ¶
type Team struct {
ID string `json:"id"`
Name string `json:"name"`
Status UserStatus `json:"status"`
EmailDomain string `json:"email_domain" db:"email_domain"`
Domain string `json:"domain"`
Plan string `json:"plan"`
ExternalID string `json:"external_id" db:"external_id"`
Created time.Time `json:"created"`
BotUserID string `json:"bot_user_id" db:"bot_user_id"`
BotToken string `json:"bot_token" db:"bot_token"`
VTKey string `json:"vt_key" db:"vt_key"`
XFEKey string `json:"xfe_key" db:"xfe_key"`
XFEPass string `json:"xfe_pass" db:"xfe_pass"`
AFKey string `json:"af_key" db:"af_key"`
}
Team holds information about the team
func (*Team) ClearAFKey ¶
ClearAFKey is returned from the encrypted af key
func (*Team) ClearToken ¶
ClearToken is returned from the encrypted token
func (*Team) ClearVTKey ¶
ClearVTKey is returned from the encrypted vt key
func (*Team) ClearXFEKey ¶
ClearXFEKey is returned from the encrypted xfe key
func (*Team) ClearXFEPass ¶
ClearXFEPass is returned from the encrypted xfe pass
func (*Team) SecureAFKey ¶
SecureAFKey is returned from the clear AF key
func (*Team) SecureToken ¶
SecureToken is returned from the clear token
func (*Team) SecureVTKey ¶
SecureVTKey is returned from the clear vt key
func (*Team) SecureXFEKey ¶
SecureXFEKey is returned from the clear xfe key
func (*Team) SecureXFEPass ¶
SecureXFEPass is returned from the clear xfe pass
type TeamBot ¶
type TeamBot struct {
Team string `json:"team"`
Bot string `json:"bot"`
Timestamp time.Time `json:"ts" db:"ts"`
Version int `json:"version"`
}
TeamBot holds allocation of bot for team
type URLReply ¶
type URLReply struct {
Details string `json:"details"`
Result int `json:"result"`
XFE XfeURLReply `json:"xfe"`
VT VtURLReply `json:"vt"`
}
URLReply holds the information about a URL
type User ¶
type User struct {
ID string `json:"id"`
Team string `json:"team"`
Name string `json:"name"`
Type UserType `json:"type"`
Status UserStatus `json:"status"`
RealName string `json:"real_name" db:"real_name"`
Email string `json:"email"`
IsBot bool `json:"is_bot" db:"is_bot"`
IsAdmin bool `json:"is_admin" db:"is_admin"`
IsOwner bool `json:"is_owner" db:"is_owner"`
IsPrimaryOwner bool `json:"is_primary_owner" db:"is_primary_owner"`
IsRestricted bool `json:"is_restricted" db:"is_restricted"`
IsUltraRestricted bool `json:"is_ultra_restricted" db:"is_ultra_restricted"`
ExternalID string `json:"external_id" db:"external_id"`
Token string `json:"token"`
Created time.Time `json:"created"`
}
User contains all the information of a user
func (*User) ClearToken ¶
ClearToken is returned from the encrypted token
func (*User) SecureToken ¶
SecureToken is returned from the clear token
type VtHashReply ¶
type VtHashReply struct {
Error string `json:"error"`
FileReport govt.FileReport `json:"fileReport"`
}
VtHashReply ...
type VtURLReply ¶
type WorkReply ¶
type WorkReply struct {
Type int `json:"type"`
MessageID string `json:"message_id"`
Hashes []HashReply `json:"hashes"`
URLs []URLReply `json:"urls"`
IPs []IPReply `json:"ips"`
File FileReply `json:"file"`
Context interface{} `json:"context"`
}
WorkReply to a work request being done
type WorkRequest ¶
type WorkRequest struct {
MessageID string `json:"message_id"`
Type string `json:"type"`
Text string `json:"text"`
File File `json:"file"`
ReplyQueue string `json:"reply_queue"`
Context interface{} `json:"context"`
Online bool `json:"online"` // Are we running this request from online details page
VTKey string `json:"vt_key"` // This team has his own vt key
XFEKey string `json:"xfe_key"` // This team has his own xfe key
XFEPass string `json:"xfe_pass"` // This team has his own xfe pass
AFKey string `json:"af_key"` // This team has his own AutoFocus key pass
}
WorkRequest contains the relevant fields for a work request
func WorkRequestFromMessage ¶
func WorkRequestFromMessage(msg util.Object, token, vtKey, xfeKey, xfePass, afKey string) *WorkRequest
WorkRequestFromMessage converts a message to a work request
type XfeHashReply ¶
type XfeHashReply struct {
NotFound bool `json:"notFound"`
Error string `json:"error"`
Malware goxforce.Malware `json:"malware"`
}
XfeHashReply ...
type XfeIPReply ¶
type XfeIPReply struct {
NotFound bool `json:"notFound"`
Error string `json:"error"`
IPReputation goxforce.IPReputation `json:"ipReputation"`
IPHistory goxforce.IPHistory `json:"ipHistory"`
}
XfeIPReply ...
type XfeURLReply ¶
type XfeURLReply struct {
NotFound bool `json:"notFound"`
Error string `json:"error"`
Resolve goxforce.ResolveResp `json:"resolve"`
URLDetails goxforce.URL `json:"urlDetails"`
URLMalware goxforce.URLMalwareResp `json:"urlMalware"`
}
Source Files
Click to show internal directories.
Click to hide internal directories.