Documentation ¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
View Source
var Decoder = &decoder.AbstractDecoder{ Type: types.Type_NC_Exploit, Name: "Exploit", Description: "An exploit proof of concept code snippet for a vulnerable application", PostInit: func(e *decoder.AbstractDecoder) error { // Load vulnerabilities DB index var ( err error indexName = filepath.Join(resolvers.DataBaseFolderPath, "exploit-db.bleve") ) exploitLog, _, err = logging.InitZapLogger( decoderconfig.Instance.Out, "exploit", decoderconfig.Instance.Debug, ) if err != nil { return err } db.ExploitsIndex, err = db.OpenBleve(indexName) if err != nil { db.ExploitsIndex = nil return err } return nil }, DeInit: func(decoder *decoder.AbstractDecoder) error { db.CloseBleve(db.ExploitsIndex) return exploitLog.Sync() }, }
Decoder for protocol analysis and writing audit records to disk.
Functions ¶
func ExploitsLookup ¶
ExploitsLookup searches for known exploits in the indexed bleve database TODO: - Make the threshold configurable on the commandline - add caching layer to avoid repeating matching operations.
Types ¶
This section is empty.
Click to show internal directories.
Click to hide internal directories.