plugins

package
v0.3.22 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Sep 7, 2018 License: Apache-2.0 Imports: 26 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func Asset

func Asset(name string) ([]byte, error)

Asset loads and returns the asset for the given name. It returns an error if the asset could not be found or could not be loaded.

func AssetDir

func AssetDir(name string) ([]string, error)

AssetDir returns the file names below a certain directory embedded in the file by go-bindata. For example if you run go-bindata on data/... and data contains the following hierarchy:

data/
  foo.txt
  img/
    a.png
    b.png

then AssetDir("data") would return []string{"foo.txt", "img"} AssetDir("data/img") would return []string{"a.png", "b.png"} AssetDir("foo.txt") and AssetDir("notexist") would return an error AssetDir("") will return []string{"data"}.

func AssetInfo

func AssetInfo(name string) (os.FileInfo, error)

AssetInfo loads and returns the asset info for the given name. It returns an error if the asset could not be found or could not be loaded.

func AssetNames

func AssetNames() []string

AssetNames returns the names of the assets.

func DeletePlugin

func DeletePlugin(name string) error

DeletePlugin deletes a plugin

func GetCategories

func GetCategories() []string

GetCategories returns all categories

func InstallPlugin

func InstallPlugin(plugin *Plugin) (err error)

InstallPlugin installs a new malice plugin

func InstalledPluginsCheck

func InstalledPluginsCheck(docker *client.Docker) bool

InstalledPluginsCheck checks that all enabled plugins are installed

func ListAllPlugins

func ListAllPlugins(detail bool)

ListAllPlugins lists all plugins

func ListEnabledPlugins

func ListEnabledPlugins(detail bool)

ListEnabledPlugins lists enabled plugins

func Load

func Load()

Load plugins.toml into Plug var Try to load plugins from - .malice folder : $HOME/.malice/plugins.toml - binary embedded file : bindata

func MustAsset

func MustAsset(name string) []byte

MustAsset is like Asset but panics when Asset would return an error. It simplifies safe initialization of global variables.

func PostResults

func PostResults(url string, resultJSON []byte, taskID string)

PostResults post plugin results to Malice Webhook

func RestoreAsset

func RestoreAsset(dir, name string) error

RestoreAsset restores an asset under the given directory

func RestoreAssets

func RestoreAssets(dir, name string) error

RestoreAssets restores an asset under the given directory recursively

func RunIntelPlugins

func RunIntelPlugins(docker *client.Docker, hash string, scanID string, logs, elasticsearchInDocker bool)

RunIntelPlugins run all Intel plugins

func ToMarkDownTable

func ToMarkDownTable(plugins []Plugin)

ToMarkDownTable prints plugins out as Markdown table

func UpdateAllPlugins

func UpdateAllPlugins(docker *client.Docker)

UpdateAllPlugins performs a docker pull on all registered plugins checking for updates

func UpdateAllPluginsFromSource

func UpdateAllPluginsFromSource(docker *client.Docker)

UpdateAllPluginsFromSource performs a docker build on a plugins remote repository on all registered plugins

func UpdateEnabledPlugins

func UpdateEnabledPlugins(docker *client.Docker)

UpdateEnabledPlugins performs a docker pull on all enabled plugins checking for updates

Types

type Configuration

type Configuration struct {
	Plugins []Plugin `toml:"plugin"`
}

Configuration represents the malice runtime plugins.

var Plugs Configuration

Plugs represents the Malice runtime configuration

type Plugin

type Plugin struct {
	Name        string   `toml:"name"`
	Enabled     bool     `toml:"enabled"`
	Category    string   `toml:"category"`
	Description string   `toml:"description"`
	Image       string   `toml:"image"`
	Repository  string   `toml:"repository"`
	Build       bool     `toml:"build"`
	APIKey      string   `toml:"apikey"`
	Mime        string   `toml:"mime"`
	HashTypes   []string `toml:"hashtypes"`
	Cmd         string   `toml:"cmd"`
	Env         []string `toml:"env"`
	Installed   bool
}

Plugin represents a single plugin setting.

func GetAllPluginsInCategory

func GetAllPluginsInCategory(category string) []Plugin

GetAllPluginsInCategory returns all plugins in a give category

func GetEnabledPlugins

func GetEnabledPlugins() []Plugin

GetEnabledPlugins will return all enabled plugins

func GetIntelPlugins

func GetIntelPlugins(hashType string, enabled bool) []Plugin

GetIntelPlugins will return all Intel plugins

func GetPluginByName

func GetPluginByName(name string) Plugin

GetPluginByName will return plugin for the given name

func GetPluginsForMime

func GetPluginsForMime(mime string, enabled bool) []Plugin

GetPluginsForMime will return all plugins that can consume the mime type file

func (Plugin) StartPlugin

func (plugin Plugin) StartPlugin(docker *client.Docker, arg string, scanID string, logs, elasticsearchInDocker bool, wg *sync.WaitGroup)

StartPlugin starts plugin

func (Plugin) UpdatePlugin

func (plugin Plugin) UpdatePlugin(docker *client.Docker)

UpdatePlugin performs a docker pull on all registered plugins checking for updates

func (Plugin) UpdatePluginFromRepository

func (plugin Plugin) UpdatePluginFromRepository(docker *client.Docker)

UpdatePluginFromRepository performs a docker build on a plugins remote repository

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL