Documentation ¶
Index ¶
- func ConvertToModelsExploit(es []exploitmodels.Exploit) (exploits []models.Exploit)
- func ConvertToModelsMsf(ms []metasploitmodels.Metasploit) (modules []models.Metasploit)
- func Detect(rs []models.ScanResult, dir string) ([]models.ScanResult, error)
- func DetectCpeURIsCves(r *models.ScanResult, cpes []Cpe, cnf config.GoCveDictConf, ...) error
- func DetectGitHubCves(r *models.ScanResult, githubConfs map[string]config.GitHubConf) error
- func DetectGitHubSecurityAlerts(r *models.ScanResult, owner, repo, token string, ignoreDismissed bool) (nCVEs int, err error)
- func DetectLibsCves(r *models.ScanResult, cacheDir string, noProgress bool) (err error)
- func DetectPkgCves(r *models.ScanResult, ovalCnf config.GovalDictConf, gostCnf config.GostConf) error
- func DetectWordPressCves(r *models.ScanResult, wpCnf config.WpScanConf) error
- func FillCvesWithNvdJvn(r *models.ScanResult, cnf config.GoCveDictConf, logOpts logging.LogOpts) (err error)
- func FillCweDict(r *models.ScanResult)
- func FillWithExploit(r *models.ScanResult, cnf config.ExploitConf) (nExploitCve int, err error)
- func FillWithKEVuln(r *models.ScanResult, cnf config.KEVulnConf) error
- func FillWithMetasploit(r *models.ScanResult, cnf config.MetasploitConf) (nMetasploitCve int, err error)
- func ListValidJSONDirs(resultsDir string) (dirs []string, err error)
- type Cpe
- type References
- type SecurityAlerts
- type WpCveInfo
- type WpCveInfos
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func ConvertToModelsExploit ¶ added in v0.18.1
func ConvertToModelsExploit(es []exploitmodels.Exploit) (exploits []models.Exploit)
ConvertToModelsExploit converts exploit model to vuls model
func ConvertToModelsMsf ¶
func ConvertToModelsMsf(ms []metasploitmodels.Metasploit) (modules []models.Metasploit)
ConvertToModelsMsf converts metasploit model to vuls model
func Detect ¶
func Detect(rs []models.ScanResult, dir string) ([]models.ScanResult, error)
Detect vulns and fill CVE detailed information
func DetectCpeURIsCves ¶
func DetectCpeURIsCves(r *models.ScanResult, cpes []Cpe, cnf config.GoCveDictConf, logOpts logging.LogOpts) error
DetectCpeURIsCves detects CVEs of given CPE-URIs
func DetectGitHubCves ¶
func DetectGitHubCves(r *models.ScanResult, githubConfs map[string]config.GitHubConf) error
DetectGitHubCves fetches CVEs from GitHub Security Alerts
func DetectGitHubSecurityAlerts ¶
func DetectGitHubSecurityAlerts(r *models.ScanResult, owner, repo, token string, ignoreDismissed bool) (nCVEs int, err error)
DetectGitHubSecurityAlerts access to owner/repo on GitHub and fetch security alerts of the repository via GitHub API v4 GraphQL and then set to the given ScanResult. https://help.github.com/articles/about-security-alerts-for-vulnerable-dependencies/
func DetectLibsCves ¶
func DetectLibsCves(r *models.ScanResult, cacheDir string, noProgress bool) (err error)
DetectLibsCves fills LibraryScanner information
func DetectPkgCves ¶
func DetectPkgCves(r *models.ScanResult, ovalCnf config.GovalDictConf, gostCnf config.GostConf) error
DetectPkgCves detects OS pkg cves pass 2 configs
func DetectWordPressCves ¶
func DetectWordPressCves(r *models.ScanResult, wpCnf config.WpScanConf) error
DetectWordPressCves detects CVEs of WordPress
func FillCvesWithNvdJvn ¶
func FillCvesWithNvdJvn(r *models.ScanResult, cnf config.GoCveDictConf, logOpts logging.LogOpts) (err error)
FillCvesWithNvdJvn fills CVE detail with NVD, JVN
func FillWithExploit ¶
func FillWithExploit(r *models.ScanResult, cnf config.ExploitConf) (nExploitCve int, err error)
FillWithExploit fills exploit information that has in Exploit
func FillWithKEVuln ¶ added in v0.19.0
func FillWithKEVuln(r *models.ScanResult, cnf config.KEVulnConf) error
FillWithKEVuln :
func FillWithMetasploit ¶
func FillWithMetasploit(r *models.ScanResult, cnf config.MetasploitConf) (nMetasploitCve int, err error)
FillWithMetasploit fills metasploit module information that has in module
func ListValidJSONDirs ¶
ListValidJSONDirs returns valid json directory as array Returned array is sorted so that recent directories are at the head
Types ¶
type References ¶
type References struct { URL []string `json:"url"` Cve []string `json:"cve"` Secunia []string `json:"secunia"` }
References is for wpscan json
type SecurityAlerts ¶
type SecurityAlerts struct { Data struct { Repository struct { URL string `json:"url"` VulnerabilityAlerts struct { PageInfo struct { EndCursor string `json:"endCursor"` HasNextPage bool `json:"hasNextPage"` StartCursor string `json:"startCursor"` } `json:"pageInfo"` Edges []struct { Node struct { ID string `json:"id"` DismissReason string `json:"dismissReason"` DismissedAt time.Time `json:"dismissedAt"` SecurityVulnerability struct { Package struct { Name string `json:"name"` Ecosystem string `json:"ecosystem"` } `json:"package"` Severity string `json:"severity"` VulnerableVersionRange string `json:"vulnerableVersionRange"` FirstPatchedVersion struct { Identifier string `json:"identifier"` } `json:"firstPatchedVersion"` } `json:"securityVulnerability"` SecurityAdvisory struct { Description string `json:"description"` GhsaID string `json:"ghsaId"` Permalink string `json:"permalink"` PublishedAt time.Time `json:"publishedAt"` Summary string `json:"summary"` UpdatedAt time.Time `json:"updatedAt"` WithdrawnAt time.Time `json:"withdrawnAt"` Origin string `json:"origin"` Severity string `json:"severity"` References []struct { URL string `json:"url"` } `json:"references"` Identifiers []struct { Type string `json:"type"` Value string `json:"value"` } `json:"identifiers"` } `json:"securityAdvisory"` } `json:"node"` } `json:"edges"` } `json:"vulnerabilityAlerts"` } `json:"repository"` } `json:"data"` }
SecurityAlerts has detected CVE-IDs, PackageNames, Refs
type WpCveInfo ¶
type WpCveInfo struct { ID string `json:"id"` Title string `json:"title"` CreatedAt time.Time `json:"created_at"` UpdatedAt time.Time `json:"updated_at"` VulnType string `json:"vuln_type"` References References `json:"references"` FixedIn string `json:"fixed_in"` }
WpCveInfo is for wpscan json
type WpCveInfos ¶
type WpCveInfos struct { ReleaseDate string `json:"release_date"` ChangelogURL string `json:"changelog_url"` // Status string `json:"status"` LatestVersion string `json:"latest_version"` LastUpdated string `json:"last_updated"` // Popular bool `json:"popular"` Vulnerabilities []WpCveInfo `json:"vulnerabilities"` Error string `json:"error"` }
WpCveInfos is for wpscan json