config

package
v0.13.2 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Oct 31, 2020 License: AGPL-3.0 Imports: 14 Imported by: 122

Documentation

Index

Constants

View Source
const (
	// RedHat is
	RedHat = "redhat"

	// Debian is
	Debian = "debian"

	// Ubuntu is
	Ubuntu = "ubuntu"

	// CentOS is
	CentOS = "centos"

	// Fedora is
	Fedora = "fedora"

	// Amazon is
	Amazon = "amazon"

	// Oracle is
	Oracle = "oracle"

	// FreeBSD is
	FreeBSD = "freebsd"

	// Raspbian is
	Raspbian = "raspbian"

	// Windows is
	Windows = "windows"

	// OpenSUSE is
	OpenSUSE = "opensuse"

	// OpenSUSELeap is
	OpenSUSELeap = "opensuse.leap"

	// SUSEEnterpriseServer is
	SUSEEnterpriseServer = "suse.linux.enterprise.server"

	// SUSEEnterpriseDesktop is
	SUSEEnterpriseDesktop = "suse.linux.enterprise.desktop"

	// SUSEOpenstackCloud is
	SUSEOpenstackCloud = "suse.openstack.cloud"

	// Alpine is
	Alpine = "alpine"
)
View Source
const (
	// Fast is fast scan mode
	Fast = byte(1 << iota)
	// FastRoot is fast-root scan mode
	FastRoot
	// Deep is deep scan mode
	Deep
	// Offline is offline scan mode
	Offline
)
View Source
const (
	// ServerTypePseudo is used for ServerInfo.Type
	ServerTypePseudo = "pseudo"
)

Variables

View Source
var (
	// Colors has ansi color list
	Colors = []string{
		"\033[32m",
		"\033[33m",
		"\033[36m",
		"\033[35m",
		"\033[31m",
		"\033[34m",
	}
	// ResetColor is reset color
	ResetColor = "\033[0m"
)
View Source
var Revision string

Revision of Git

View Source
var Version = "`make build` or `make install` will show the version"

Version of Vuls

Functions

func Load

func Load(path, keyPass string) error

Load loads configuration

Types

type AWS added in v0.5.0

type AWS struct {
	// AWS profile to use
	Profile string `json:"profile"`

	// AWS region to use
	Region string `json:"region"`

	// S3 bucket name
	S3Bucket string `json:"s3Bucket"`

	// /bucket/path/to/results
	S3ResultsDir string `json:"s3ResultsDir"`

	// The Server-side encryption algorithm used when storing the reports in S3 (e.g., AES256, aws:kms).
	S3ServerSideEncryption string `json:"s3ServerSideEncryption"`
}

AWS is aws config

type Azure added in v0.5.0

type Azure struct {
	// Azure account name to use. AZURE_STORAGE_ACCOUNT environment variable is used if not specified
	AccountName string `json:"accountName"`

	// Azure account key to use. AZURE_STORAGE_ACCESS_KEY environment variable is used if not specified
	AccountKey string `json:"-"`

	// Azure storage container name
	ContainerName string `json:"containerName"`
}

Azure is azure config

type ChatWorkConf added in v0.5.0

type ChatWorkConf struct {
	APIToken string `json:"-"`
	Room     string `json:"-"`
}

ChatWorkConf is ChatWork config

func (*ChatWorkConf) Validate added in v0.5.0

func (c *ChatWorkConf) Validate() (errs []error)

Validate validates configuration

type Config

type Config struct {
	Debug      bool   `json:"debug,omitempty"`
	DebugSQL   bool   `json:"debugSQL,omitempty"`
	Lang       string `json:"lang,omitempty"`
	HTTPProxy  string `valid:"url" json:"httpProxy,omitempty"`
	LogDir     string `json:"logDir,omitempty"`
	ResultsDir string `json:"resultsDir,omitempty"`
	Pipe       bool   `json:"pipe,omitempty"`
	Quiet      bool   `json:"quiet,omitempty"`
	NoProgress bool   `json:"noProgress,omitempty"`

	Default       ServerInfo            `json:"default,omitempty"`
	Servers       map[string]ServerInfo `json:"servers,omitempty"`
	CvssScoreOver float64               `json:"cvssScoreOver,omitempty"`

	IgnoreUnscoredCves    bool `json:"ignoreUnscoredCves,omitempty"`
	IgnoreUnfixed         bool `json:"ignoreUnfixed,omitempty"`
	IgnoreGitHubDismissed bool `json:"ignore_git_hub_dismissed,omitempty"`

	SSHNative bool `json:"sshNative,omitempty"`
	SSHConfig bool `json:"sshConfig,omitempty"`

	ContainersOnly bool `json:"containersOnly,omitempty"`
	LibsOnly       bool `json:"libsOnly,omitempty"`
	WordPressOnly  bool `json:"wordpressOnly,omitempty"`

	CacheDBPath     string `json:"cacheDBPath,omitempty"`
	TrivyCacheDBDir string `json:"trivyCacheDBDir,omitempty"`

	SkipBroken bool `json:"skipBroken,omitempty"`
	Vvv        bool `json:"vvv,omitempty"`
	UUID       bool `json:"uuid,omitempty"`
	DetectIPS  bool `json:"detectIps,omitempty"`

	CveDict    GoCveDictConf  `json:"cveDict,omitempty"`
	OvalDict   GovalDictConf  `json:"ovalDict,omitempty"`
	Gost       GostConf       `json:"gost,omitempty"`
	Exploit    ExploitConf    `json:"exploit,omitempty"`
	Metasploit MetasploitConf `json:"metasploit,omitempty"`

	Slack    SlackConf    `json:"-"`
	EMail    SMTPConf     `json:"-"`
	HTTP     HTTPConf     `json:"-"`
	Syslog   SyslogConf   `json:"-"`
	AWS      AWS          `json:"-"`
	Azure    Azure        `json:"-"`
	Stride   StrideConf   `json:"-"`
	HipChat  HipChatConf  `json:"-"`
	ChatWork ChatWorkConf `json:"-"`
	Telegram TelegramConf `json:"-"`
	Saas     SaasConf     `json:"-"`

	RefreshCve        bool `json:"refreshCve,omitempty"`
	ToSlack           bool `json:"toSlack,omitempty"`
	ToStride          bool `json:"toStride,omitempty"`
	ToHipChat         bool `json:"toHipChat,omitempty"`
	ToChatWork        bool `json:"toChatWork,omitempty"`
	ToTelegram        bool `json:"ToTelegram,omitempty"`
	ToEmail           bool `json:"toEmail,omitempty"`
	ToSyslog          bool `json:"toSyslog,omitempty"`
	ToLocalFile       bool `json:"toLocalFile,omitempty"`
	ToS3              bool `json:"toS3,omitempty"`
	ToAzureBlob       bool `json:"toAzureBlob,omitempty"`
	ToSaas            bool `json:"toSaas,omitempty"`
	ToHTTP            bool `json:"toHTTP,omitempty"`
	FormatXML         bool `json:"formatXML,omitempty"`
	FormatJSON        bool `json:"formatJSON,omitempty"`
	FormatOneEMail    bool `json:"formatOneEMail,omitempty"`
	FormatOneLineText bool `json:"formatOneLineText,omitempty"`
	FormatList        bool `json:"formatList,omitempty"`
	FormatFullText    bool `json:"formatFullText,omitempty"`
	GZIP              bool `json:"gzip,omitempty"`
	Diff              bool `json:"diff,omitempty"`
	WpIgnoreInactive  bool `json:"wpIgnoreInactive,omitempty"`
}

Config is struct of Configuration

var Conf Config

Conf has Configuration

func (Config) ValidateOnConfigtest added in v0.2.0

func (c Config) ValidateOnConfigtest() bool

ValidateOnConfigtest validates

func (Config) ValidateOnReport added in v0.2.0

func (c Config) ValidateOnReport() bool

ValidateOnReport validates configuration

func (Config) ValidateOnReportDB added in v0.5.0

func (c Config) ValidateOnReportDB() bool

ValidateOnReportDB validates configuration

func (Config) ValidateOnScan added in v0.2.0

func (c Config) ValidateOnScan() bool

ValidateOnScan validates configuration

func (Config) ValidateOnTui added in v0.2.0

func (c Config) ValidateOnTui() bool

ValidateOnTui validates configuration

type Container added in v0.1.4

type Container struct {
	ContainerID string
	Name        string
	Image       string
}

Container has Container information.

type ContainerSetting added in v0.5.0

type ContainerSetting struct {
	Cpes             []string `json:"cpes,omitempty"`
	OwaspDCXMLPath   string   `json:"owaspDCXMLPath"`
	IgnorePkgsRegexp []string `json:"ignorePkgsRegexp,omitempty"`
	IgnoreCves       []string `json:"ignoreCves,omitempty"`
}

ContainerSetting is used for loading container setting in config.toml

type Distro added in v0.1.6

type Distro struct {
	Family  string
	Release string
}

Distro has distribution info

func (Distro) MajorVersion added in v0.3.0

func (l Distro) MajorVersion() (int, error)

MajorVersion returns Major version

func (Distro) String added in v0.1.6

func (l Distro) String() string

type ExploitConf added in v0.6.0

type ExploitConf struct {
	// DB type for exploit dictionary (sqlite3, mysql, postgres or redis)
	Type string

	// http://exploit-dictionary.com:1324 or DB connection string
	URL string `json:"-"`

	// /path/to/exploit.sqlite3
	SQLite3Path string `json:"-"`
}

ExploitConf is exploit config

func (*ExploitConf) IsFetchViaHTTP added in v0.6.1

func (cnf *ExploitConf) IsFetchViaHTTP() bool

IsFetchViaHTTP returns wether fetch via http

func (*ExploitConf) Overwrite added in v0.6.0

func (cnf *ExploitConf) Overwrite(cmdOpt ExploitConf)

Overwrite set options with the following priority. 1. Command line option 2. Environment variable 3. config.toml

type GitHubConf added in v0.6.3

type GitHubConf struct {
	Token string `json:"-"`
}

GitHubConf is used for GitHub integration

type GoCveDictConf added in v0.5.0

type GoCveDictConf struct {
	// DB type of CVE dictionary (sqlite3, mysql, postgres or redis)
	Type string

	// http://cve-dictionary.com:1323 or DB connection string
	URL string `json:"-"`

	// /path/to/cve.sqlite3
	SQLite3Path string `json:"-"`
}

GoCveDictConf is go-cve-dictionary config

func (*GoCveDictConf) IsFetchViaHTTP added in v0.6.1

func (cnf *GoCveDictConf) IsFetchViaHTTP() bool

IsFetchViaHTTP returns wether fetch via http

func (*GoCveDictConf) Overwrite added in v0.5.0

func (cnf *GoCveDictConf) Overwrite(cmdOpt GoCveDictConf)

Overwrite set options with the following priority. 1. Command line option 2. Environment variable 3. config.toml

type GostConf added in v0.5.0

type GostConf struct {
	// DB type for gost dictionary (sqlite3, mysql, postgres or redis)
	Type string

	// http://gost-dictionary.com:1324 or DB connection string
	URL string `json:"-"`

	// /path/to/gost.sqlite3
	SQLite3Path string `json:"-"`
}

GostConf is gost config

func (*GostConf) IsFetchViaHTTP added in v0.6.1

func (cnf *GostConf) IsFetchViaHTTP() bool

IsFetchViaHTTP returns wether fetch via http

func (*GostConf) Overwrite added in v0.5.0

func (cnf *GostConf) Overwrite(cmdOpt GostConf)

Overwrite set options with the following priority. 1. Command line option 2. Environment variable 3. config.toml

type GovalDictConf added in v0.5.0

type GovalDictConf struct {

	// DB type of OVAL dictionary (sqlite3, mysql, postgres or redis)
	Type string

	// http://goval-dictionary.com:1324 or DB connection string
	URL string `json:"-"`

	// /path/to/oval.sqlite3
	SQLite3Path string `json:"-"`
}

GovalDictConf is goval-dictionary config

func (*GovalDictConf) IsFetchViaHTTP added in v0.6.1

func (cnf *GovalDictConf) IsFetchViaHTTP() bool

IsFetchViaHTTP returns wether fetch via http

func (*GovalDictConf) Overwrite added in v0.5.0

func (cnf *GovalDictConf) Overwrite(cmdOpt GovalDictConf)

Overwrite set options with the following priority. 1. Command line option 2. Environment variable 3. config.toml

type HTTPConf added in v0.5.0

type HTTPConf struct {
	URL string `valid:"url" json:"-"`
}

HTTPConf is HTTP config

func (*HTTPConf) Overwrite added in v0.5.0

func (c *HTTPConf) Overwrite(cmdOpt HTTPConf)

Overwrite set options with the following priority. 1. Command line option 2. Environment variable 3. config.toml

func (*HTTPConf) Validate added in v0.5.0

func (c *HTTPConf) Validate() (errs []error)

Validate validates configuration

type HipChatConf added in v0.5.0

type HipChatConf struct {
	AuthToken string `json:"-"`
	Room      string `json:"-"`
}

HipChatConf is HipChat config

func (*HipChatConf) Validate added in v0.5.0

func (c *HipChatConf) Validate() (errs []error)

Validate validates configuration

type IPS added in v0.8.3

type IPS string

IPS is

const (
	// DeepSecurity is
	DeepSecurity IPS = "deepsecurity"
)

type JSONLoader

type JSONLoader struct {
}

JSONLoader loads configuration

func (JSONLoader) Load

func (c JSONLoader) Load(path, sudoPass, keyPass string) (err error)

Load load the configuration JSON file specified by path arg.

type Loader

type Loader interface {
	Load(string, string) error
}

Loader is interface of concrete loader

type MetasploitConf added in v0.11.0

type MetasploitConf struct {
	// DB type for metasploit dictionary (sqlite3, mysql, postgres or redis)
	Type string

	// http://metasploit-dictionary.com:1324 or DB connection string
	URL string `json:"-"`

	// /path/to/metasploit.sqlite3
	SQLite3Path string `json:"-"`
}

MetasploitConf is metasploit config

func (*MetasploitConf) IsFetchViaHTTP added in v0.11.0

func (cnf *MetasploitConf) IsFetchViaHTTP() bool

IsFetchViaHTTP returns wether fetch via http

func (*MetasploitConf) Overwrite added in v0.11.0

func (cnf *MetasploitConf) Overwrite(cmdOpt MetasploitConf)

Overwrite set options with the following priority. 1. Command line option 2. Environment variable 3. config.toml

type SMTPConf added in v0.3.0

type SMTPConf struct {
	SMTPAddr      string   `toml:"smtpAddr,omitempty" json:"-"`
	SMTPPort      string   `toml:"smtpPort,omitempty" valid:"port" json:"-"`
	User          string   `toml:"user,omitempty" json:"-"`
	Password      string   `toml:"password,omitempty" json:"-"`
	From          string   `toml:"from,omitempty" json:"-"`
	To            []string `toml:"to,omitempty" json:"-"`
	Cc            []string `toml:"cc,omitempty" json:"-"`
	SubjectPrefix string   `toml:"subjectPrefix,omitempty" json:"-"`
}

SMTPConf is smtp config

func (*SMTPConf) Validate added in v0.3.0

func (c *SMTPConf) Validate() (errs []error)

Validate SMTP configuration

type SaasConf added in v0.5.0

type SaasConf struct {
	GroupID int64  `json:"-"`
	Token   string `json:"-"`
	URL     string `json:"-"`
}

SaasConf is stride config

func (*SaasConf) Validate added in v0.5.0

func (c *SaasConf) Validate() (errs []error)

Validate validates configuration

type ScanMode added in v0.5.0

type ScanMode struct {
	// contains filtered or unexported fields
}

ScanMode has a type of scan mode. fast, fast-root, deep and offline

func (ScanMode) IsDeep added in v0.5.0

func (s ScanMode) IsDeep() bool

IsDeep return whether scan mode is deep

func (ScanMode) IsFast added in v0.5.0

func (s ScanMode) IsFast() bool

IsFast return whether scan mode is fast

func (ScanMode) IsFastRoot added in v0.5.0

func (s ScanMode) IsFastRoot() bool

IsFastRoot return whether scan mode is fastroot

func (ScanMode) IsOffline added in v0.5.0

func (s ScanMode) IsOffline() bool

IsOffline return whether scan mode is offline

func (*ScanMode) Set added in v0.5.0

func (s *ScanMode) Set(f byte)

Set mode

func (ScanMode) String added in v0.5.0

func (s ScanMode) String() string

type ServerInfo

type ServerInfo struct {
	ServerName             string                      `toml:"-" json:"serverName,omitempty"`
	User                   string                      `toml:"user,omitempty" json:"user,omitempty"`
	Host                   string                      `toml:"host,omitempty" json:"host,omitempty"`
	JumpServer             []string                    `toml:"jumpServer,omitempty" json:"jumpServer,omitempty"`
	Port                   string                      `toml:"port,omitempty" json:"port,omitempty"`
	SSHConfigPath          string                      `toml:"sshConfigPath,omitempty" json:"sshConfigPath,omitempty"`
	KeyPath                string                      `toml:"keyPath,omitempty" json:"keyPath,omitempty"`
	KeyPassword            string                      `json:"-,omitempty" toml:"-"`
	CpeNames               []string                    `toml:"cpeNames,omitempty" json:"cpeNames,omitempty"`
	ScanMode               []string                    `toml:"scanMode,omitempty" json:"scanMode,omitempty"`
	DependencyCheckXMLPath string                      `toml:"dependencyCheckXMLPath,omitempty" json:"-"` // TODO Deprecated remove in near future
	OwaspDCXMLPath         string                      `toml:"owaspDCXMLPath,omitempty" json:"owaspDCXMLPath,omitempty"`
	ContainersIncluded     []string                    `toml:"containersIncluded,omitempty" json:"containersIncluded,omitempty"`
	ContainersExcluded     []string                    `toml:"containersExcluded,omitempty" json:"containersExcluded,omitempty"`
	ContainerType          string                      `toml:"containerType,omitempty" json:"containerType,omitempty"`
	Containers             map[string]ContainerSetting `toml:"containers" json:"containers,omitempty"`
	IgnoreCves             []string                    `toml:"ignoreCves,omitempty" json:"ignoreCves,omitempty"`
	IgnorePkgsRegexp       []string                    `toml:"ignorePkgsRegexp,omitempty" json:"ignorePkgsRegexp,omitempty"`
	GitHubRepos            map[string]GitHubConf       `toml:"githubs" json:"githubs,omitempty"` // key: owner/repo
	UUIDs                  map[string]string           `toml:"uuids,omitempty" json:"uuids,omitempty"`
	Memo                   string                      `toml:"memo,omitempty" json:"memo,omitempty"`
	Enablerepo             []string                    `toml:"enablerepo,omitempty" json:"enablerepo,omitempty"` // For CentOS, RHEL, Amazon
	Optional               map[string]interface{}      `toml:"optional,omitempty" json:"optional,omitempty"`     // Optional key-value set that will be outputted to JSON
	Lockfiles              []string                    `toml:"lockfiles,omitempty" json:"lockfiles,omitempty"`   // ie) path/to/package-lock.json
	FindLock               bool                        `toml:"findLock,omitempty" json:"findLock,omitempty"`
	Type                   string                      `toml:"type,omitempty" json:"type,omitempty"` // "pseudo" or ""

	WordPress WordPressConf `toml:"wordpress,omitempty" json:"wordpress,omitempty"`

	// used internal
	IPv4Addrs      []string       `toml:"-" json:"ipv4Addrs,omitempty"`
	IPv6Addrs      []string       `toml:"-" json:"ipv6Addrs,omitempty"`
	IPSIdentifiers map[IPS]string `toml:"-" json:"ipsIdentifiers,omitempty"`

	LogMsgAnsiColor string    `toml:"-" json:"-"` // DebugLog Color
	Container       Container `toml:"-" json:"-"`
	Distro          Distro    `toml:"-" json:"-"`
	Mode            ScanMode  `toml:"-" json:"-"`
}

ServerInfo has SSH Info, additional CPE packages to scan.

func (ServerInfo) GetServerName added in v0.1.7

func (s ServerInfo) GetServerName() string

GetServerName returns ServerName if this serverInfo is about host. If this serverInfo is about a container, returns containerID@ServerName

func (ServerInfo) IsContainer added in v0.1.4

func (s ServerInfo) IsContainer() bool

IsContainer returns whether this ServerInfo is about container

func (*ServerInfo) SetContainer added in v0.1.4

func (s *ServerInfo) SetContainer(d Container)

SetContainer set container

type SlackConf

type SlackConf struct {
	HookURL     string   `valid:"url" json:"-" toml:"hookURL,omitempty"`
	LegacyToken string   `json:"-" toml:"legacyToken,omitempty"`
	Channel     string   `json:"-" toml:"channel,omitempty"`
	IconEmoji   string   `json:"-" toml:"iconEmoji,omitempty"`
	AuthUser    string   `json:"-" toml:"authUser,omitempty"`
	NotifyUsers []string `toml:"notifyUsers,omitempty" json:"-"`
	Text        string   `json:"-"`
}

SlackConf is slack config

func (*SlackConf) Validate

func (c *SlackConf) Validate() (errs []error)

Validate validates configuration

type StrideConf added in v0.5.0

type StrideConf struct {
	HookURL   string `json:"-"`
	AuthToken string `json:"-"`
}

StrideConf is stride config

func (*StrideConf) Validate added in v0.5.0

func (c *StrideConf) Validate() (errs []error)

Validate validates configuration

type SyslogConf added in v0.5.0

type SyslogConf struct {
	Protocol string `json:"-"`
	Host     string `valid:"host" json:"-"`
	Port     string `valid:"port" json:"-"`
	Severity string `json:"-"`
	Facility string `json:"-"`
	Tag      string `json:"-"`
	Verbose  bool   `json:"-"`
}

SyslogConf is syslog config

func (*SyslogConf) GetFacility added in v0.5.0

func (c *SyslogConf) GetFacility() (syslog.Priority, error)

GetFacility gets facility

func (*SyslogConf) GetSeverity added in v0.5.0

func (c *SyslogConf) GetSeverity() (syslog.Priority, error)

GetSeverity gets severity

func (*SyslogConf) Validate added in v0.5.0

func (c *SyslogConf) Validate() (errs []error)

Validate validates configuration

type TOMLLoader

type TOMLLoader struct {
}

TOMLLoader loads config

func (TOMLLoader) Load

func (c TOMLLoader) Load(pathToToml, keyPass string) error

Load load the configuration TOML file specified by path arg.

type TelegramConf added in v0.6.2

type TelegramConf struct {
	Token  string `json:"-"`
	ChatID string `json:"-"`
}

TelegramConf is Telegram config

func (*TelegramConf) Validate added in v0.6.2

func (c *TelegramConf) Validate() (errs []error)

Validate validates configuration

type WordPressConf added in v0.7.0

type WordPressConf struct {
	OSUser         string `toml:"osUser" json:"osUser,omitempty"`
	DocRoot        string `toml:"docRoot" json:"docRoot,omitempty"`
	CmdPath        string `toml:"cmdPath" json:"cmdPath,omitempty"`
	WPVulnDBToken  string `toml:"wpVulnDBToken" json:"-,omitempty"`
	IgnoreInactive bool   `json:"ignoreInactive,omitempty"`
}

WordPressConf used for WordPress Scanning

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL