rules

package
v0.0.0-...-d2cf145 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 23, 2016 License: Apache-2.0 Imports: 9 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func NewBadTempFile

func NewBadTempFile(conf map[string]interface{}) (gas.Rule, []ast.Node)

func NewBindsToAllNetworkInterfaces

func NewBindsToAllNetworkInterfaces(conf map[string]interface{}) (gas.Rule, []ast.Node)

func NewBlacklist_crypto_des

func NewBlacklist_crypto_des(conf map[string]interface{}) (gas.Rule, []ast.Node)

func NewBlacklist_crypto_md5

func NewBlacklist_crypto_md5(conf map[string]interface{}) (gas.Rule, []ast.Node)

func NewBlacklist_crypto_rc4

func NewBlacklist_crypto_rc4(conf map[string]interface{}) (gas.Rule, []ast.Node)

func NewBlacklist_net_http_cgi

func NewBlacklist_net_http_cgi(conf map[string]interface{}) (gas.Rule, []ast.Node)

func NewCompatTlsCheck

func NewCompatTlsCheck(conf map[string]interface{}) (gas.Rule, []ast.Node)

func NewFilePerms

func NewFilePerms(conf map[string]interface{}) (gas.Rule, []ast.Node)

func NewHardcodedCredentials

func NewHardcodedCredentials(conf map[string]interface{}) (gas.Rule, []ast.Node)

func NewIntermediateTlsCheck

func NewIntermediateTlsCheck(conf map[string]interface{}) (gas.Rule, []ast.Node)

func NewMkdirPerms

func NewMkdirPerms(conf map[string]interface{}) (gas.Rule, []ast.Node)

func NewModernTlsCheck

func NewModernTlsCheck(conf map[string]interface{}) (gas.Rule, []ast.Node)

func NewNoErrorCheck

func NewNoErrorCheck(conf map[string]interface{}) (gas.Rule, []ast.Node)

func NewSqlStrConcat

func NewSqlStrConcat(conf map[string]interface{}) (gas.Rule, []ast.Node)

func NewSqlStrFormat

func NewSqlStrFormat(conf map[string]interface{}) (gas.Rule, []ast.Node)

func NewSubproc

func NewSubproc(conf map[string]interface{}) (gas.Rule, []ast.Node)

func NewTemplateCheck

func NewTemplateCheck(conf map[string]interface{}) (gas.Rule, []ast.Node)

func NewUsesWeakCryptography

func NewUsesWeakCryptography(conf map[string]interface{}) (gas.Rule, []ast.Node)

Uses des.* md5.* or rc4.*

func NewUsingUnsafe

func NewUsingUnsafe(conf map[string]interface{}) (gas.Rule, []ast.Node)

func NewWeakKeyStrength

func NewWeakKeyStrength(conf map[string]interface{}) (gas.Rule, []ast.Node)

func NewWeakRandCheck

func NewWeakRandCheck(conf map[string]interface{}) (gas.Rule, []ast.Node)

Types

type BadTempFile

type BadTempFile struct {
	gas.MetaData
	// contains filtered or unexported fields
}

func (*BadTempFile) Match

func (t *BadTempFile) Match(n ast.Node, c *gas.Context) (gi *gas.Issue, err error)

type BindsToAllNetworkInterfaces

type BindsToAllNetworkInterfaces struct {
	gas.MetaData
	// contains filtered or unexported fields
}

Looks for net.Listen("0.0.0.0") or net.Listen(":8080")

func (*BindsToAllNetworkInterfaces) Match

func (r *BindsToAllNetworkInterfaces) Match(n ast.Node, c *gas.Context) (gi *gas.Issue, err error)

type BlacklistImport

type BlacklistImport struct {
	gas.MetaData
	Path string
}

func (*BlacklistImport) Match

func (r *BlacklistImport) Match(n ast.Node, c *gas.Context) (gi *gas.Issue, err error)

type Credentials

type Credentials struct {
	gas.MetaData
	// contains filtered or unexported fields
}

func (*Credentials) Match

func (r *Credentials) Match(n ast.Node, ctx *gas.Context) (*gas.Issue, error)

type FilePermissions

type FilePermissions struct {
	gas.MetaData
	// contains filtered or unexported fields
}

func (*FilePermissions) Match

func (r *FilePermissions) Match(n ast.Node, c *gas.Context) (*gas.Issue, error)

type InsecureConfigTLS

type InsecureConfigTLS struct {
	MinVersion int16
	MaxVersion int16
	// contains filtered or unexported fields
}

func (*InsecureConfigTLS) Match

func (t *InsecureConfigTLS) Match(n ast.Node, c *gas.Context) (gi *gas.Issue, err error)

type NoErrorCheck

type NoErrorCheck struct {
	gas.MetaData
	// contains filtered or unexported fields
}

func (*NoErrorCheck) Match

func (r *NoErrorCheck) Match(n ast.Node, ctx *gas.Context) (*gas.Issue, error)

type SqlStatement

type SqlStatement struct {
	gas.MetaData
	// contains filtered or unexported fields
}

type SqlStrConcat

type SqlStrConcat struct {
	SqlStatement
}

func (*SqlStrConcat) Match

func (s *SqlStrConcat) Match(n ast.Node, c *gas.Context) (*gas.Issue, error)

Look for "SELECT * FROM table WHERE " + " ' OR 1=1"

type SqlStrFormat

type SqlStrFormat struct {
	SqlStatement
	// contains filtered or unexported fields
}

func (*SqlStrFormat) Match

func (s *SqlStrFormat) Match(n ast.Node, c *gas.Context) (gi *gas.Issue, err error)

Looks for "fmt.Sprintf("SELECT * FROM foo where '%s', userInput)"

type Subprocess

type Subprocess struct {
	// contains filtered or unexported fields
}

func (*Subprocess) Match

func (r *Subprocess) Match(n ast.Node, c *gas.Context) (*gas.Issue, error)

type TemplateCheck

type TemplateCheck struct {
	gas.MetaData
	// contains filtered or unexported fields
}

func (*TemplateCheck) Match

func (t *TemplateCheck) Match(n ast.Node, c *gas.Context) (gi *gas.Issue, err error)

type UsesWeakCryptography

type UsesWeakCryptography struct {
	gas.MetaData
	// contains filtered or unexported fields
}

func (*UsesWeakCryptography) Match

func (r *UsesWeakCryptography) Match(n ast.Node, c *gas.Context) (*gas.Issue, error)

type UsingUnsafe

type UsingUnsafe struct {
	gas.MetaData
	// contains filtered or unexported fields
}

func (*UsingUnsafe) Match

func (r *UsingUnsafe) Match(n ast.Node, c *gas.Context) (gi *gas.Issue, err error)

type WeakKeyStrength

type WeakKeyStrength struct {
	gas.MetaData
	// contains filtered or unexported fields
}

func (*WeakKeyStrength) Match

func (w *WeakKeyStrength) Match(n ast.Node, c *gas.Context) (*gas.Issue, error)

type WeakRand

type WeakRand struct {
	gas.MetaData
	// contains filtered or unexported fields
}

func (*WeakRand) Match

func (w *WeakRand) Match(n ast.Node, c *gas.Context) (*gas.Issue, error)

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL