Documentation
¶
Index ¶
- Constants
- func GenIssuesOutputForTable(in Issues) string
- func NewProviderClient(c session.Session) (providers.ProviderClient, error)
- type Client
- func (c *Client) CreateTable(data []byte) (*table.Writer, error)
- func (c *Client) Enabled() bool
- func (c *Client) ExtractThreatIndicators(findRes []byte) (*providers.ThreatIndicators, error)
- func (c *Client) FindHost() ([]byte, error)
- func (c *Client) GenPortDataForTable(in []PortDataEntry) (GeneratePortDataForTableOutput, error)
- func (c *Client) GetConfig() *session.Session
- func (c *Client) Initialise() error
- func (c *Client) Priority() *int32
- func (c *Client) RateHostData(findRes []byte, ratingConfigJSON []byte) (providers.RateResult, error)
- type Config
- type GeneratePortDataForTableInput
- type GeneratePortDataForTableOutput
- type HoneypotDataEntry
- type HostSearchResult
- type HostSearchResultData
- type HostSearchResultDomain
- type Issues
- type PortDataEntry
- type WrappedPortDataEntry
Constants ¶
View Source
const ( ProviderName = "criminalip" APIURL = "https://api.criminalip.io" HostIPPath = "/v1/asset/ip/report" IndentPipeHyphens = " |-----" ResultTTL = 24 * time.Hour APITimeout = 30 * time.Second )
Variables ¶
This section is empty.
Functions ¶
func GenIssuesOutputForTable ¶
func NewProviderClient ¶
func NewProviderClient(c session.Session) (providers.ProviderClient, error)
Types ¶
type Client ¶
func (*Client) ExtractThreatIndicators ¶
func (c *Client) ExtractThreatIndicators(findRes []byte) (*providers.ThreatIndicators, error)
func (*Client) GenPortDataForTable ¶
func (c *Client) GenPortDataForTable(in []PortDataEntry) (GeneratePortDataForTableOutput, error)
func (*Client) Initialise ¶
func (*Client) RateHostData ¶
type GeneratePortDataForTableInput ¶
type GeneratePortDataForTableInput struct{}
type GeneratePortDataForTableOutput ¶
type GeneratePortDataForTableOutput struct {
// contains filtered or unexported fields
}
type HoneypotDataEntry ¶
type HostSearchResult ¶
type HostSearchResult struct {
Raw []byte
IP string `json:"ip"`
Issues Issues `json:"issues"`
Score struct {
Inbound string `json:"inbound"`
Outbound string `json:"outbound"`
} `json:"score"`
UserSearchCount int `json:"user_search_count"`
ProtectedIP struct {
Count int `json:"count"`
Data []struct {
IPAddress string `json:"ip_address"`
ConfirmedTime string `json:"confirmed_time"`
} `json:"data"`
} `json:"protected_ip"`
Domain HostSearchResultDomain `json:"domain"`
Whois struct {
Count int `json:"count"`
Data []struct {
AsName string `json:"as_name"`
AsNo int `json:"as_no"`
City string `json:"city"`
Region string `json:"region"`
OrgName string `json:"org_name"`
PostalCode string `json:"postal_code"`
Longitude float64 `json:"longitude"`
Latitude float64 `json:"latitude"`
OrgCountryCode string `json:"org_country_code"`
ConfirmedTime string `json:"confirmed_time"`
} `json:"data"`
} `json:"ipapi"`
Hostname struct {
Count int `json:"count"`
Data []struct {
DomainNameRep string `json:"domain_name_rep"`
DomainNameFull string `json:"domain_name_full"`
ConfirmedTime string `json:"confirmed_time"`
} `json:"data"`
} `json:"hostname"`
IDs struct {
Count int `json:"count"`
Data []struct {
Classification string `json:"classification"`
URL string `json:"url"`
Message string `json:"message"`
ConfirmedTime string `json:"confirmed_time"`
SourceSystem string `json:"source_system"`
} `json:"data"`
} `json:"ids"`
Vpn struct {
Count int `json:"count"`
Data []struct {
VpnName string `json:"vpn_name"`
VpnURL string `json:"vpn_url"`
VpnSourceURL string `json:"vpn_source_url"`
SocketType string `json:"socket_type"`
ConfirmedTime string `json:"confirmed_time"`
} `json:"data"`
} `json:"vpn"`
AnonymousVpn struct {
Count int `json:"count"`
Data []struct {
VpnName string `json:"vpn_name"`
VpnURL string `json:"vpn_url"`
VpnSourceURL string `json:"vpn_source_url"`
SocketType string `json:"socket_type"`
ConfirmedTime string `json:"confirmed_time"`
} `json:"data"`
} `json:"anonymous_vpn"`
Webcam struct {
Count int `json:"count"`
Data []struct {
ImagePath string `json:"image_path"`
CamURL string `json:"cam_url"`
Country string `json:"country"`
City string `json:"city"`
OpenPortNo int `json:"open_port_no"`
Manufacturer string `json:"manufacturer"`
ConfirmedTime string `json:"confirmed_time"`
} `json:"data"`
} `json:"webcam"`
Honeypot struct {
Count int `json:"count"`
Data []HoneypotDataEntry `json:"data"`
} `json:"honeypot"`
IPCategory struct {
Count int `json:"count"`
Data []struct {
DetectSource string `json:"detect_source"`
Type string `json:"type"`
DetectInfo struct{} `json:"detect_info,omitempty"`
ConfirmedTime string `json:"confirmed_time"`
DetectInfo0 struct {
Md5 string `json:"md5"`
Domain string `json:"domain"`
} `json:"detect_info,omitempty"`
} `json:"data"`
} `json:"ip_category"`
Port struct {
Count int `json:"count"`
Data []PortDataEntry `json:"data"`
} `json:"port"`
Vulnerability struct {
Count int `json:"count"`
Data []struct {
CveID string `json:"cve_id"`
CveDescription string `json:"cve_description"`
Cvssv2Vector string `json:"cvssv2_vector"`
Cvssv2Score float64 `json:"cvssv2_score"`
Cvssv3Vector string `json:"cvssv3_vector"`
Cvssv3Score float64 `json:"cvssv3_score"`
ListCwe []struct {
CveID string `json:"cve_id"`
CweID int `json:"cwe_id"`
CweName string `json:"cwe_name"`
CweDescription string `json:"cwe_description"`
} `json:"list_cwe"`
ListEdb []struct {
CveID string `json:"cve_id"`
EdbID int `json:"edb_id"`
Type string `json:"type"`
Platform string `json:"platform"`
VerifyCode int `json:"verify_code"`
Title string `json:"title"`
ConfirmedTime string `json:"confirmed_time"`
} `json:"list_edb"`
AppName string `json:"app_name"`
AppVersion string `json:"app_version"`
OpenPortNoList struct {
TCP []int `json:"TCP"`
UDP []any `json:"UDP"`
} `json:"open_port_no_list"`
HaveMorePorts bool `json:"have_more_ports"`
OpenPortNo []struct {
Port int `json:"port"`
Socket string `json:"socket"`
} `json:"open_port_no"`
ListChild []struct {
AppName string `json:"app_name"`
AppVersion string `json:"app_version"`
Vendor string `json:"vendor"`
Type string `json:"type"`
IsVuln string `json:"is_vuln"`
TargetHw string `json:"target_hw"`
TargetSw string `json:"target_sw"`
Update string `json:"update"`
Edition string `json:"edition"`
} `json:"list_child"`
Vendor string `json:"vendor"`
Type string `json:"type"`
IsVuln string `json:"is_vuln"`
TargetHw string `json:"target_hw"`
TargetSw string `json:"target_sw"`
Update string `json:"update"`
Edition string `json:"edition"`
} `json:"data"`
} `json:"vulnerability"`
Mobile struct {
Count int `json:"count"`
Data []struct {
Broadband string `json:"broadband"`
Organization string `json:"organization"`
} `json:"data"`
} `json:"mobile"`
Message string `json:"message"`
Status int `json:"status"`
}
type HostSearchResultData ¶
type HostSearchResultData struct {
Hash int `json:"hash"`
Opts struct{} `json:"opts,omitempty"`
Timestamp string `json:"timestamp"`
Isp string `json:"isp"`
Data string `json:"data"`
CriminalIP struct {
Region string `json:"region"`
Module string `json:"module"`
Ptr bool `json:"ptr"`
Options struct{} `json:"options"`
ID string `json:"id"`
Crawler string `json:"crawler"`
} `json:"_criminalip,omitempty"`
Port int `json:"port"`
Hostnames []string `json:"hostnames"`
Location struct {
City string `json:"city"`
RegionCode string `json:"region_code"`
AreaCode any `json:"area_code"`
Longitude float64 `json:"longitude"`
CountryName string `json:"country_name"`
CountryCode string `json:"country_code"`
Latitude float64 `json:"latitude"`
} `json:"location"`
DNS struct {
ResolverHostname any `json:"resolver_hostname"`
Recursive bool `json:"recursive"`
ResolverID any `json:"resolver_id"`
Software any `json:"software"`
} `json:"dns,omitempty"`
HTTP struct {
Status int `json:"status"`
RobotsHash string `json:"robots_hash"`
Redirects []struct {
Host string `json:"host"`
Data string `json:"data"`
Location string `json:"location"`
}
SecurityTxt string `json:"security_txt"`
Title string `json:"title"`
SitemapHash string `json:"sitemap_hash"`
HTMLHash int `json:"html_hash"`
Robots string `json:"robots"`
Favicon struct {
Hash int `json:"hash"`
Data string `json:"data"`
Location string `json:"location"`
} `json:"favicon"`
HeadersHash int `json:"headers_hash"`
Host string `json:"host"`
HTML string `json:"html"`
Location string `json:"location"`
Components struct{} `json:"components"`
Server string `json:"server"`
Sitemap string `json:"sitemap"`
SecurityTxtHash string `json:"securitytxt_hash"`
} `json:"http,omitempty"`
IP string `json:"ip"`
Domains []string `json:"domains"`
Org string `json:"org"`
Os any `json:"os"`
Asn string `json:"asn"`
Transport string `json:"transport"`
IPStr string `json:"ip_str"`
Ssl struct {
ChainSha256 []string `json:"chain_sha256"`
Jarm string `json:"jarm"`
Chain []string `json:"chain"`
Dhparams any `json:"dhparams"`
Versions []string `json:"versions"`
AcceptableCas []any `json:"acceptable_cas"`
Tlsext []struct {
ID int `json:"id"`
Name string `json:"name"`
} `json:"tlsext"`
Ja3S string `json:"ja3s"`
Cert struct {
SigAlg string `json:"sig_alg"`
Issued string `json:"issued"`
Expires string `json:"expires"`
Expired bool `json:"expired"`
Version int `json:"version"`
Extensions []struct {
Critical bool `json:"critical,omitempty"`
Data string `json:"data"`
Name string `json:"name"`
} `json:"extensions"`
Fingerprint struct {
Sha256 string `json:"sha256"`
Sha1 string `json:"sha1"`
} `json:"fingerprint"`
Serial json.RawMessage `json:"serial"`
Subject struct {
Cn string `json:"CN"`
} `json:"subject"`
Pubkey struct {
Type string `json:"type"`
Bits int `json:"bits"`
} `json:"pubkey"`
Issuer struct {
C string `json:"C"`
Cn string `json:"CN"`
O string `json:"O"`
} `json:"issuer"`
} `json:"cert"`
Cipher struct {
Version string `json:"version"`
Bits int `json:"bits"`
Name string `json:"name"`
} `json:"cipher"`
Trust struct {
Revoked bool `json:"revoked"`
Browser any `json:"browser"`
} `json:"trust"`
HandshakeStates []string `json:"handshake_states"`
Alpn []any `json:"alpn"`
Ocsp struct{} `json:"ocsp"`
} `json:"ssl,omitempty"`
}
type HostSearchResultDomain ¶
type HostSearchResultDomain struct {
Count int `json:"count"`
Data []struct {
Domain string `json:"domain"`
IPType string `json:"ip_type"`
Registrar string `json:"registrar"`
CreateDate string `json:"create_date"`
ConfirmedTime string `json:"confirmed_time"`
Email string `json:"email"`
} `json:"data"`
}
type Issues ¶
type Issues struct {
IsVpn bool `json:"is_vpn"`
IsCloud bool `json:"is_cloud"`
IsTor bool `json:"is_tor"`
IsProxy bool `json:"is_proxy"`
IsHosting bool `json:"is_hosting"`
IsMobile bool `json:"is_mobile"`
IsDarkweb bool `json:"is_darkweb"`
IsScanner bool `json:"is_scanner"`
IsSnort bool `json:"is_snort"`
IsAnonymousVpn bool `json:"is_anonymous_vpn"`
}
type PortDataEntry ¶
type PortDataEntry struct {
AppName string `json:"app_name"`
ConfirmedTime string `json:"confirmed_time"`
Banner string `json:"banner"`
AppVersion string `json:"app_version"`
OpenPortNo int `json:"open_port_no"`
PortStatus string `json:"port_status"`
Protocol string `json:"protocol"`
Socket string `json:"socket"`
Tags []string `json:"tags"`
DNSNames string `json:"dns_names"`
SdnCommonName string `json:"sdn_common_name"`
JarmHash string `json:"jarm_hash"`
SslInfoRaw string `json:"ssl_info_raw"`
Technologies []struct {
TechName string `json:"tech_name"`
TechVersion string `json:"tech_version"`
TechLogoURL string `json:"tech_logo_url"`
} `json:"technologies"`
IsVulnerability bool `json:"is_vulnerability"`
}
type WrappedPortDataEntry ¶
type WrappedPortDataEntry struct {
AgeMatch bool
NetworkMatch bool
PortDataEntry
}
Source Files
Click to show internal directories.
Click to hide internal directories.