providers

package

v0.0.0-...-95c9b66 Latest Latest Go to latest Published: Nov 9, 2024 License: Apache-2.0 Imports: 11 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/jonhadfield/ipscout

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
Variables
func AgeToHours(age string) (int64, error)
func DashIfEmpty(value interface{}) string
func FormatTimeOrDash(s string, format string) string
func PadRight(str string, length int) string
func PortMatchFilter(in PortMatchFilterInput) (ageMatch, netMatch bool, err error)
func PortNetworkMatch(incomingPort string, matchPorts []string) bool
func PreProcessValueOutput(sess *session.Session, in string) string
func ReadRatingConfigFile(path string) ([]byte, error)
func RowEmphasisColor(sess session.Session) func(format string, a ...interface{}) string
func UpdateScoreIfLarger(a *float64, b float64)
type IPQSRatingConfig
type PortMatchFilterInput
type PortTransport
type ProviderClient
type ProviderRatingConfig
type RateResult
type RatingConfig
- func LoadRatingConfig(ratingConfigJSON []byte) (*RatingConfig, error)
type TableWithPriority
type ThreatIndicators

Constants ¶

View Source

const (
	DefaultUA          = "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:125.0) Gecko/20100101 Firefox/125."
	TimeFormat         = "2006-01-02 15:04:05 MST"
	Column1MinWidth    = 14
	WideColumnMaxWidth = 75
	WideColumnMinWidth = 50
)

Variables ¶

View Source

var (
	ErrFailedToFetchData   = errors.New("failed to fetch data")
	ErrNoDataFound         = errors.New("no data found")
	ErrNoMatchFound        = errors.New("no match found")
	ErrForbiddenByProvider = errors.New("forbidden by provider")
	CacheProviderPrefix    = "provider_"
	CacheKeySHALen         = 15
)

Functions ¶

func AgeToHours ¶

func AgeToHours(age string) (int64, error)

func DashIfEmpty ¶

func DashIfEmpty(value interface{}) string

func FormatTimeOrDash ¶

func FormatTimeOrDash(s string, format string) string

func PadRight ¶

func PadRight(str string, length int) string

func PortMatchFilter ¶

func PortMatchFilter(in PortMatchFilterInput) (ageMatch, netMatch bool, err error)

PortMatchFilter returns true by default, and false if either age or netmatch is specified and doesn't match

func PortNetworkMatch ¶

func PortNetworkMatch(incomingPort string, matchPorts []string) bool

PortNetworkMatch returns true if the incomingPort matches any of the matchPorts

func PreProcessValueOutput ¶

func PreProcessValueOutput(sess *session.Session, in string) string

func ReadRatingConfigFile ¶

func ReadRatingConfigFile(path string) ([]byte, error)

func RowEmphasisColor ¶

func RowEmphasisColor(sess session.Session) func(format string, a ...interface{}) string

func UpdateScoreIfLarger ¶

func UpdateScoreIfLarger(a *float64, b float64)

Types ¶

type IPQSRatingConfig ¶

type IPQSRatingConfig struct {
	ProxyScore                    *float64 `json:"proxyScore,omitempty"`
	VPNScore                      *float64 `json:"vpnScore,omitempty"`
	TORScore                      *float64 `json:"torScore,omitempty"`
	BotScore                      *float64 `json:"botScore,omitempty"`
	RecentAbuseScore              *float64 `json:"recentAbuseScore,omitempty"`
	HighThreatCountryMatchScore   *float64 `json:"highThreatCountryMatchScore,omitempty"`
	MediumThreatCountryMatchScore *float64 `json:"mediumThreatCountryMatchScore,omitempty"`
}

type PortMatchFilterInput ¶

type PortMatchFilterInput struct {
	Provider            string
	IncomingPort        string
	Logger              *slog.Logger
	MatchPorts          []string
	ConfirmedDate       string
	ConfirmedDateFormat string
	MaxAge              string
}

type PortTransport ¶

type PortTransport struct {
	// contains filtered or unexported fields
}

type ProviderClient ¶

type ProviderClient interface {
	Enabled() bool
	GetConfig() *session.Session
	Initialise() error
	FindHost() ([]byte, error)
	CreateTable([]byte) (*table.Writer, error)
	Priority() *int32
	RateHostData([]byte, []byte) (RateResult, error)
	ExtractThreatIndicators([]byte) (*ThreatIndicators, error)
}

type ProviderRatingConfig ¶

type ProviderRatingConfig struct {
	DefaultMatchScore float64 `json:"defaultMatchScore"`
}

type RateResult ¶

type RateResult struct {
	Detected bool
	Score    float64
	Reasons  []string
	Threat   string
}

type RatingConfig ¶

type RatingConfig struct {
	Global struct {
		BlockScoreThreshold      float64  `json:"blockScoreThreshold"`
		HighThreatCountryCodes   []string `json:"highThreatCountryCodes"`
		MediumThreatCountryCodes []string `json:"mediumThreatCountryCodes"`
	}
	ProviderRatingsConfigs struct {
		AWS struct {
			DefaultMatchScore float64 `json:"defaultMatchScore,omitempty"`
		} `json:"aws"`
		Azure struct {
			DefaultMatchScore float64 `json:"defaultMatchScore,omitempty"`
		} `json:"azure"`
		Bingbot struct {
			DefaultMatchScore float64 `json:"defaultMatchScore,omitempty"`
		} `json:"bingbot"`
		CriminalIP struct {
			HoneypotAttackedScore float64 `json:"honeypotAttackedScore,omitempty"`
			ScannerMatchScore     float64 `json:"scannerMatchScore,omitempty"`
			VPNMatchScore         float64 `json:"vpnMatchScore,omitempty"`
			CloudMatchScore       float64 `json:"cloudMatchScore,omitempty"`
			TORMatchScore         float64 `json:"torMatchScore,omitempty"`
			ProxyMatchScore       float64 `json:"proxyMatchScore,omitempty"`
			HostingMatchScore     float64 `json:"hostingMatchScore,omitempty"`
			DarkwebMatchScore     float64 `json:"darkwebMatchScore,omitempty"`
		} `json:"criminalip"`
		DigitalOcean struct {
			DefaultMatchScore float64 `json:"defaultMatchScore,omitempty"`
		} `json:"digitalocean"`
		GCP struct {
			DefaultMatchScore float64 `json:"defaultMatchScore,omitempty"`
		} `json:"gcp"`
		Google struct {
			DefaultMatchScore float64 `json:"defaultMatchScore,omitempty"`
		} `json:"google"`
		Googlebot struct {
			DefaultMatchScore float64 `json:"defaultMatchScore,omitempty"`
		} `json:"googlebot"`
		GoogleSC struct {
			DefaultMatchScore float64 `json:"defaultMatchScore,omitempty"`
		} `json:"googlesc"`
		ICloudPR struct {
			DefaultMatchScore float64 `json:"defaultMatchScore,omitempty"`
		} `json:"icloudpr"`
		IPAPI struct {
			HighThreatCountryMatchScore   float64 `json:"highThreatCountryMatchScore,omitempty"`
			MediumThreatCountryMatchScore float64 `json:"mediumThreatCountryMatchScore,omitempty"`
		} `json:"ipapi"`
		IPQS  IPQSRatingConfig `json:"ipqs"`
		IPURL struct {
			DefaultMatchScore float64 `json:"defaultMatchScore,omitempty"`
		} `json:"ipurl"`
		Linode struct {
			DefaultMatchScore float64 `json:"defaultMatchScore,omitempty"`
		} `json:"linode"`
		Shodan struct {
			OpenPortsScore                float64 `json:"openPortsScore,omitempty"`
			HighThreatCountryMatchScore   float64 `json:"highThreatCountryMatchScore,omitempty"`
			MediumThreatCountryMatchScore float64 `json:"mediumThreatCountryMatchScore,omitempty"`
		} `json:"shodan"`
		VirusTotal struct {
			SuspiciousScore *float64 `json:"suspiciousScore,omitempty"`
			MaliciousScore  *float64 `json:"maliciousScore,omitempty"`
		} `json:"virustotal"`
	} `json:"providers"`
}

func LoadRatingConfig ¶

func LoadRatingConfig(ratingConfigJSON []byte) (*RatingConfig, error)

type TableWithPriority ¶

type TableWithPriority struct {
	Table    *table.Writer
	Priority *int32
}

type ThreatIndicators ¶

type ThreatIndicators struct {
	Provider   string
	Indicators map[string]string
}

Source Files ¶

View all Source files

providers.go

Directories ¶

Path	Synopsis
abuseipdb
annotated
aws
azure
azurewaf
bingbot
criminalip
digitalocean
gcp
google
googlebot
googlesc
icloudpr
ipapi
ipqs
ipurl
linode
ptr
shodan
virustotal

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL