maltego

package
v0.6.11 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 30, 2022 License: BSD-3-Clause, GPL-3.0 Imports: 14 Imported by: 0

Documentation

Index

Constants

View Source 
const (

	// ExecutablePath points to the netcap binary on disk
	ExecutablePath = "/usr/local/bin/net"

	// PropertyIpAddr is the name of maltego property that contains the IP address
	PropertyIpAddr = "ipaddr"

	// PropertyIpAddrLabel is the label for the ip address property
	PropertyIpAddrLabel = "IPAddress"
)

Variables

View Source 
var CountIPPackets = func(profile *types.IPProfile, mac string, min, max *uint64, _ map[string]*types.IPProfile) {
	if uint64(profile.NumPackets) < *min {
		*min = uint64(profile.NumPackets)
	}
	if uint64(profile.NumPackets) > *max {
		*max = uint64(profile.NumPackets)
	}
}

CountIPPackets returns the lowest and highest number of packets seen for a given IPProfile.

View Source 
var CountIncomingConnBytesFiltered = func(conn *types.Connection, ipaddr string, min, max *uint64, sizes *[]int) {
	if conn.DstIP == ipaddr {
		name := resolvers.LookupDNSNameLocal(conn.SrcIP)
		if name != "" {
			if !resolvers.IsWhitelistedDomain(name) {
				*sizes = append(*sizes, int(conn.TotalSize))

				if uint64(conn.TotalSize) < *min {
					*min = uint64(conn.TotalSize)
				}
				if uint64(conn.TotalSize) > *max {
					*max = uint64(conn.TotalSize)
				}
			}
		} else {

			*sizes = append(*sizes, int(conn.TotalSize))

			if uint64(conn.TotalSize) < *min {
				*min = uint64(conn.TotalSize)
			}
			if uint64(conn.TotalSize) > *max {
				*max = uint64(conn.TotalSize)
			}
		}
	}
}

CountIncomingConnBytesFiltered countIncomingconnPackets returns the lowest and highest number of bytes transferred as well as an array of sizes seen for all incoming conns for a given ip address filtered against the domain whitelist.

View Source 
var CountOutgoingConnBytesFiltered = func(conn *types.Connection, ipaddr string, min, max *uint64, sizes *[]int) {
	if conn.SrcIP == ipaddr {
		name := resolvers.LookupDNSNameLocal(conn.DstIP)
		if name != "" {
			if !resolvers.IsWhitelistedDomain(name) {
				*sizes = append(*sizes, int(conn.TotalSize))

				if uint64(conn.TotalSize) < *min {
					*min = uint64(conn.TotalSize)
				}
				if uint64(conn.TotalSize) > *max {
					*max = uint64(conn.TotalSize)
				}
			}
		} else {

			*sizes = append(*sizes, int(conn.TotalSize))

			if uint64(conn.TotalSize) < *min {
				*min = uint64(conn.TotalSize)
			}
			if uint64(conn.TotalSize) > *max {
				*max = uint64(conn.TotalSize)
			}
		}
	}
}

CountOutgoingConnBytesFiltered returns the lowest and highest number of bytes transferred as well as an array of sizes seen for all outgoing conns from a given ip address filtered against the domain whitelist.

View Source 
var CountPacketsContactIPs = func(profile *types.DeviceProfile, mac string, min, max *uint64, ips map[string]*types.IPProfile) {
	if profile.MacAddr != mac {
		return
	}
	for _, ip := range profile.Contacts {
		countIP(ips, ip, min, max)
	}
}

CountPacketsContactIPs returns the lowest and highest number of packets seen for all ContactIPs of a given DeviceProfile.

View Source 
var CountPacketsDeviceIPs = func(profile *types.DeviceProfile, mac string, min, max *uint64, ips map[string]*types.IPProfile) {
	if profile.MacAddr != mac {
		for _, ip := range profile.DeviceIPs {
			countIP(ips, ip, min, max)
		}
	}
}

CountPacketsDeviceIPs CountPacketsDevices returns the lowest and highest number of packets seen for all DeviceIPs of a given DeviceProfile.

View Source 
var CountPacketsDevices = func(profile *types.DeviceProfile, mac string, min, max *uint64, _ map[string]*types.IPProfile) {
	if uint64(profile.NumPackets) < *min {
		*min = uint64(profile.NumPackets)
	}
	if uint64(profile.NumPackets) > *max {
		*max = uint64(profile.NumPackets)
	}
}

CountPacketsDevices returns the lowest and highest number of packets seen for a given DeviceProfile.

Functions

func ARPTransform 

func ARPTransform(count ARPCountFunc, transform ARPTransformationFunc, continueTransform bool)

ARPTransform applies a maltego transformation over ARP audit records.

func ConnectionTransform 

func ConnectionTransform(count connCountFunc, transform connTransformationFunc)

ConnectionTransform applies a maltego transformation over types.Connection audit records.

func CredentialsTransform 

func CredentialsTransform(count credentialsCountFunc, transform credentialsTransformationFunc)

CredentialsTransform applies a maltego transformation over Credentials profiles seen for a target Credentials.

func DHCPV4Transform 

func DHCPV4Transform(count DHCPCountFunc, transform DHCPV4TransformationFunc, continueTransform bool)

DHCPV4Transform applies a maltego transformation over DHCP audit records.

func DHCPV6Transform 

func DHCPV6Transform(count DHCPCountFunc, transform DHCPV6TransformationFunc, continueTransform bool)

DHCPV6Transform applies a maltego transformation over DHCP audit records.

func DNSTransform 

func DNSTransform(count DNSCountFunc, transform DNSTransformationFunc, continueTransform bool)

DNSTransform applies a maltego transformation over DNS audit records.

func DeviceProfileTransform 

func DeviceProfileTransform(count deviceProfileCountFunc, transform deviceProfileTransformationFunc)

DeviceProfileTransform applies a maltego transformation DeviceProfile audit records.

func EthernetTransform 

func EthernetTransform(count EthernetCountFunc, transform EthernetTransformationFunc, continueTransform bool)

EthernetTransform applies a maltego transformation over Ethernet audit records.

func ExploitTransform 

func ExploitTransform(count exploitCountFunc, transform exploitTransformationFunc)

ExploitTransform applies a maltego transformation over Exploit exploits seen for a target Exploit.

func FilesTransform 

func FilesTransform(count filesCountFunc, transform filesTransformationFunc)

FilesTransform applies a maltego transformation over File audit records.

func HTTPTransform 

func HTTPTransform(count HTTPCountFunc, transform HTTPTransformationFunc, continueTransform bool)

HTTPTransform applies a maltego transformation over HTTP audit records.

func ICMPv4Transform 

func ICMPv4Transform(count ICMPv4CountFunc, transform ICMPv4TransformationFunc)

ICMPv4Transform applies a maltego transformation over ICMPv4 audit records.

func ICMPv6Transform 

func ICMPv6Transform(count ICMPv6CountFunc, transform ICMPv6TransformationFunc)

ICMPv6Transform applies a maltego transformation over ICMPv6 audit records.

func IGMPTransform 

func IGMPTransform(count IGMPCountFunc, transform IGMPTransformationFunc, continueTransform bool)

IGMPTransform applies a maltego transformation over IGMP audit records.

func IPProfileTransform 

func IPProfileTransform(count ipProfileCountFunc, transform IPProfileTransformationFunc)

IPProfileTransform applies a maltego transformation over IP profiles

func IPv4Transform 

func IPv4Transform(count ipCountFunc, transform IPv4TransformationFunc, continueTransform bool)

IPv4Transform applies a maltego transformation over IP profiles

func IPv6HopByHopTransform 

func IPv6HopByHopTransform(count ipv6CountFunc, transform IPv6HopByHopTransformationFunc)

IPv6HopByHopTransform applies a maltego transformation over IP profiles

func IPv6Transform 

func IPv6Transform(count ipv6CountFunc, transform IPv6TransformationFunc, continueTransform bool)

IPv6Transform applies a maltego transformation over IP profiles

func LoadIPProfiles 

func LoadIPProfiles() map[string]*types.IPProfile

LoadIPProfiles will load the ipProfiles into memory and return them.

func LoadMails 

func LoadMails() map[string]*types.Mail

LoadMails will load the email audit records into memory and return them.

func MailTransform 

func MailTransform(count MailCountFunc, transform MailTransformationFunc)

MailTransform applies a maltego transformation over Mail audit records.

func NTPTransform 

func NTPTransform(count NTPCountFunc, transform NTPTransformationFunc, continueTransform bool)

NTPTransform applies a maltego transformation over NTP audit records.

func POP3Transform 

func POP3Transform(count POP3CountFunc, transform POP3TransformationFunc, continueTransform bool)

POP3Transform applies a maltego transformation over POP3 audit records.

func SMTPTransform 

func SMTPTransform(count SMTPCountFunc, transform SMTPTransformationFunc, continueTransform bool)

SMTPTransform applies a maltego transformation over SMTP audit records.

func SSHTransform 

func SSHTransform(count SSHCountFunc, transform SSHTransformationFunc)

SSHTransform applies a maltego transformation over SSH sshs seen for a target SSH.

func ServiceTransform 

func ServiceTransform(count serviceCountFunc, transform serviceTransformationFunc, continueTransform bool)

ServiceTransform applies a maltego transformation over Service profiles seen for a target Service.

func SoftwareTransform 

func SoftwareTransform(count softwareCountFunc, transform softwareTransformationFunc)

SoftwareTransform applies a maltego transformation over Software profiles seen for a target Software.

func TCPTransform 

func TCPTransform(count TCPCountFunc, transform TCPTransformationFunc, continueTransform bool)

TCPTransform applies a maltego transformation over TCP audit records.

func TLSClientHelloTransform 

func TLSClientHelloTransform(count TLSClientHelloCountFunc, transform TLSClientHelloTransformationFunc)

TLSClientHelloTransform applies a maltego transformation over TLSClientHello audit records.

func TLSServerHelloTransform 

func TLSServerHelloTransform(count TLSServerHelloCountFunc, transform TLSServerHelloTransformationFunc)

TLSServerHelloTransform applies a maltego transformation over TLSServerHello audit records.

func UDPTransform 

func UDPTransform(count UDPCountFunc, transform UDPTransformationFunc, continueTransform bool)

UDPTransform applies a maltego transformation over UDP audit records.

func VulnerabilityTransform 

func VulnerabilityTransform(count vulnerabilityCountFunc, transform vulnerabilityTransformationFunc)

VulnerabilityTransform applies a maltego transformation over Vulnerability vulns seen for a target Vulnerability.

Types

type ARPCountFunc 

type ARPCountFunc func()

ARPCountFunc is a function that counts something over multiple ARP audit records.

type ARPTransformationFunc 

type ARPTransformationFunc = func(lt maltego.LocalTransform, trx *maltego.Transform, arp *types.ARP, min, max uint64, path string, ip string)

ARPTransformationFunc is a transformation over ARP audit records.

type DHCPCountFunc 

type DHCPCountFunc func()

DHCPCountFunc is a function that counts something over multiple DHCP audit records.

type DHCPV4TransformationFunc 

type DHCPV4TransformationFunc = func(lt maltego.LocalTransform, trx *maltego.Transform, dhcp *types.DHCPv4, min, max uint64, path string, ip string)

DHCPV4TransformationFunc is a transformation over DHCPv4 audit records.

type DHCPV6TransformationFunc 

type DHCPV6TransformationFunc = func(lt maltego.LocalTransform, trx *maltego.Transform, dhcp *types.DHCPv6, min, max uint64, path string, ip string)

DHCPV6TransformationFunc is a transformation over DHCPv6 audit records.

type DNSCountFunc 

type DNSCountFunc func()

DNSCountFunc is a function that counts something over multiple DNS audit records.

type DNSTransformationFunc 

type DNSTransformationFunc = func(lt maltego.LocalTransform, trx *maltego.Transform, dns *types.DNS, min, max uint64, path string, ip string)

DNSTransformationFunc is a transformation over DNS audit records.

type EthernetCountFunc 

type EthernetCountFunc func()

EthernetCountFunc is a function that counts something over multiple Ethernet audit records.

type EthernetTransformationFunc 

type EthernetTransformationFunc = func(lt maltego.LocalTransform, trx *maltego.Transform, ethernet *types.Ethernet, min, max uint64, path string, ip string)

EthernetTransformationFunc is a transformation over Ethernet audit records.

type HTTPCountFunc 

type HTTPCountFunc = func(http *types.HTTP, min, max *uint64)

HTTPCountFunc is a function that counts something over multiple HTTP audit records.

type HTTPTransformationFunc 

type HTTPTransformationFunc = func(lt maltego.LocalTransform, trx *maltego.Transform, http *types.HTTP, min, max uint64, path string, ip string)

HTTPTransformationFunc is a transformation over HTTP audit records.

type ICMPv4CountFunc 

type ICMPv4CountFunc func()

ICMPv4CountFunc is a function that counts something over multiple ICMPv4 audit records.

type ICMPv4TransformationFunc 

type ICMPv4TransformationFunc = func(lt maltego.LocalTransform, trx *maltego.Transform, icmp *types.ICMPv4, min, max uint64, path string, ip string)

ICMPv4TransformationFunc is a transformation over ICMPv4 audit records.

type ICMPv6CountFunc 

type ICMPv6CountFunc func()

ICMPv6CountFunc is a function that counts something over multiple ICMPv6 audit records.

type ICMPv6TransformationFunc 

type ICMPv6TransformationFunc = func(lt maltego.LocalTransform, trx *maltego.Transform, icmp *types.ICMPv6, min, max uint64, path string, ip string)

ICMPv6TransformationFunc is a transformation over ICMPv6 audit records.

type IGMPCountFunc 

type IGMPCountFunc func()

IGMPCountFunc is a function that counts something over multiple IGMP audit records.

type IGMPTransformationFunc 

type IGMPTransformationFunc = func(lt maltego.LocalTransform, trx *maltego.Transform, igmp *types.IGMP, min, max uint64, path string, ip string)

IGMPTransformationFunc is a transformation over IGMP audit records.

type IPProfileTransformationFunc 

type IPProfileTransformationFunc = func(lt maltego.LocalTransform, trx *maltego.Transform, profile *types.IPProfile, min, max uint64, path string, mac string, ip string)

IPProfileTransformationFunc is a transformation over IP profiles

type IPTransformationFunc 

type IPTransformationFunc = func(lt maltego.LocalTransform, trx *maltego.Transform, profile *types.IPProfile, min, max uint64, path string, mac string, ip string)

IPTransformationFunc is a transformation over IP profiles for a selected DeviceProfile.

type IPv4TransformationFunc 

type IPv4TransformationFunc = func(lt maltego.LocalTransform, trx *maltego.Transform, ipv4 *types.IPv4, min, max uint64, path string, mac string, ip string)

IPv4TransformationFunc is a transformation over IPv4 audit records

type IPv6HopByHopTransformationFunc 

type IPv6HopByHopTransformationFunc = func(lt maltego.LocalTransform, trx *maltego.Transform, ipv6 *types.IPv6HopByHop, min, max uint64, path string, mac string, ip string)

IPv6HopByHopTransformationFunc is a transformation over IPv6HopByHop audit records

type IPv6TransformationFunc 

type IPv6TransformationFunc = func(lt maltego.LocalTransform, trx *maltego.Transform, ipv6 *types.IPv6, min, max uint64, path string, mac string, ip string)

IPv6TransformationFunc is a transformation over IPv6 audit records

type MailCountFunc 

type MailCountFunc func()

MailCountFunc is a function that counts something over multiple Mail audit records.

type MailTransformationFunc 

type MailTransformationFunc = func(lt maltego.LocalTransform, trx *maltego.Transform, mail *types.Mail, min, max uint64, path string, ip string)

MailTransformationFunc is a transformation over Mail audit records.

type NTPCountFunc 

type NTPCountFunc func()

NTPCountFunc is a function that counts something over multiple NTP audit records.

type NTPTransformationFunc 

type NTPTransformationFunc = func(lt maltego.LocalTransform, trx *maltego.Transform, ntp *types.NTP, min, max uint64, path string, ip string)

NTPTransformationFunc is a transformation over NTP audit records.

type POP3CountFunc 

type POP3CountFunc func()

POP3CountFunc is a function that counts something over multiple POP3 audit records.

type POP3TransformationFunc 

type POP3TransformationFunc = func(lt maltego.LocalTransform, trx *maltego.Transform, pop3 *types.POP3, min, max uint64, path string, ip string)

POP3TransformationFunc is a transformation over POP3 audit records.

type SMTPCountFunc 

type SMTPCountFunc func()

SMTPCountFunc is a function that counts something over multiple SMTP audit records.

type SMTPTransformationFunc 

type SMTPTransformationFunc = func(lt maltego.LocalTransform, trx *maltego.Transform, smtp *types.SMTP, min, max uint64, path string, ip string)

SMTPTransformationFunc is a transformation over SMTP audit records.

type SSHCountFunc 

type SSHCountFunc = func(ssh *types.SSH, mac string, min, max *uint64)

SSHCountFunc deviceProfileCountFunc is a function that counts something over DeviceProfiles.

type SSHTransformationFunc 

type SSHTransformationFunc = func(lt maltego.LocalTransform, trx *maltego.Transform, ssh *types.SSH, min, max uint64, sshsFile string, mac string, ip string)

SSHTransformationFunc is a transformation over SSH sshs for a selected SSH.

type TCPCountFunc 

type TCPCountFunc func()

TCPCountFunc is a function that counts something over multiple TCP audit records.

type TCPTransformationFunc 

type TCPTransformationFunc = func(lt maltego.LocalTransform, trx *maltego.Transform, tcp *types.TCP, min, max uint64, path string, ip string)

TCPTransformationFunc is a transformation over TCP audit records.

type TLSClientHelloCountFunc 

type TLSClientHelloCountFunc func()

TLSClientHelloCountFunc is a function that counts something over multiple TLSClientHello audit records.

type TLSClientHelloTransformationFunc 

type TLSClientHelloTransformationFunc = func(lt maltego.LocalTransform, trx *maltego.Transform, hello *types.TLSClientHello, min, max uint64, path string, ip string)

TLSClientHelloTransformationFunc is a transformation over TLSClientHello audit records.

type TLSServerHelloCountFunc 

type TLSServerHelloCountFunc func()

TLSServerHelloCountFunc is a function that counts something over multiple TLSServerHello audit records.

type TLSServerHelloTransformationFunc 

type TLSServerHelloTransformationFunc = func(lt maltego.LocalTransform, trx *maltego.Transform, pop3 *types.TLSServerHello, min, max uint64, path string, ip string)

TLSServerHelloTransformationFunc is a transformation over TLSServerHello audit records.

type UDPCountFunc 

type UDPCountFunc func()

UDPCountFunc is a function that counts something over multiple UDP audit records.

type UDPTransformationFunc 

type UDPTransformationFunc = func(lt maltego.LocalTransform, trx *maltego.Transform, udp *types.UDP, min, max uint64, path string, ip string)

UDPTransformationFunc is a transformation over UDP audit records.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.