Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
View Source
var ( // Network is the default network to use. Network = "tcp" // Dialer is the default dialer to use, with a 1s timeout. Dialer = &net.Dialer{Timeout: time.Second} )
View Source
var Connectivity = &Family{ Description: "Scans for basic connectivity with the host through DNS and TCP/TLS dials", Scanners: map[string]*Scanner{ "DNSLookup": { "Host can be resolved through DNS", dnsLookupScan, }, "TCPDial": { "Host accepts TCP connection", tcpDialScan, }, "TLSDial": { "Host can perform TLS handshake", tlsDialScan, }, }, }
Connectivity contains scanners testing basic connectivity to the host
View Source
var Default = FamilySet{ "Connectivity": Connectivity, "TLSHandshake": TLSHandshake, "TLSSession": TLSSession, "PKI": PKI, }
Default contains each scan Family that is defined
View Source
var PKI = &Family{ Description: "Scans for the Public Key Infrastructure", Scanners: map[string]*Scanner{ "IntermediateCAs": { "Scans a CIDR IP range for unknown Intermediate CAs", intermediateCAScan, }, }, }
PKI contains scanners to test application layer HTTP(S) features
View Source
var TLSHandshake = &Family{ Description: "Scans for host's SSL/TLS version and cipher suite negotiation", Scanners: map[string]*Scanner{ "CipherSuite": { "Determines host's cipher suites accepted and prefered order", cipherSuiteScan, }, }, }
TLSHandshake contains scanners testing host cipher suite negotiation
View Source
var TLSSession = &Family{ Description: "Scans host's implementation of TLS session resumption using session tickets/session IDs", Scanners: map[string]*Scanner{ "SessionResume": { "Host is able to resume sessions across all addresses", sessionResumeScan, }, }, }
TLSSession contains tests of host TLS Session Resumption via Session Tickets and Session IDs
Functions ¶
This section is empty.
Types ¶
type Family ¶
type Family struct {
// Description gives a short description of the scans performed scan/scan_common.goon the host.
Description string `json:"description"`
// Scanners is a list of scanners that are to be run in sequence.
Scanners map[string]*Scanner `json:"scanners"`
}
Family defines a set of related scans meant to be run together in sequence.
type FamilyResult ¶
type FamilyResult map[string]ScannerResult
FamilyResult contains a scan response for a single Family
type Grade ¶
type Grade int
Grade gives a subjective rating of the host's success in a scan.
const ( // Bad describes a host with serious misconfiguration or vulnerability. Bad Grade = iota // Legacy describes a host with non-ideal configuration that maintains support for legacy clients. Legacy // Good describes host performing the expected state-of-the-art. Good // Skipped descibes the "grade" of a scan that has been skipped. Skipped )
type Scanner ¶
type Scanner struct {
// Description describes the nature of the scan to be performed.
Description string `json:"description"`
// contains filtered or unexported fields
}
Scanner describes a type of scan to perform on a host.
type ScannerResult ¶
type ScannerResult struct {
Grade string `json:"grade"`
Output Output `json:"output,omitempty"`
Error error `json:"error,omitempty"`
}
ScannerResult contains the result for a single scan.
Source Files
Click to show internal directories.
Click to hide internal directories.