utils

package module

v0.0.2 Latest Latest Go to latest Published: Jul 12, 2024 License: MIT Imports: 12 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/leakdump/utils

README ¶

l9format

l9format is a schema declaration targeted at interoperability between network recon tools used at LeakIX.

Golang

This repository includes the Golang headers used as library in our components.

Other languages

Check l9event.json can be used to derive classes for your favorite language ( python, php ect)

python

Documentation ¶

Index ¶

Constants
type Certificate
type DatasetSummary
type Event
- func (event *Event) AddSource(source string)
- func (event *Event) AddTag(tag string)
- func (event *Event) HasSource(source string) bool
- func (event *Event) HasTag(tag string) bool
- func (event *Event) HasTransport(transport string) bool
- func (event *Event) MatchServicePlugin(plugin ServicePluginInterface) bool
- func (event *Event) RemoveTransport(transportCheck string)
- func (event *Event) UpdateFingerprint() error
- func (event *Event) Url() string
type GeoLocation
type GeoPoint
type HttpEvent
type LeakEvent
type Network
type SSHEvent
type ServiceCredentials
type ServiceEvent
type ServicePluginBase
- func (plugin ServicePluginBase) DialContext(ctx context.Context, network string, addr string) (conn net.Conn, err error)
- func (plugin ServicePluginBase) GetEventNetworkConnection(event *Event) (conn net.Conn, err error)
- func (plugin ServicePluginBase) GetHttpClient(ctx context.Context, ip string, port string) *http.Client
- func (plugin ServicePluginBase) GetNetworkConnection(network string, addr string) (conn net.Conn, err error)
- func (plugin ServicePluginBase) Init() error
type ServicePluginInterface
type Software
type SoftwareModule
type SslEvent
type WebPluginInterface
type WebPluginRequest
- func (request *WebPluginRequest) AddTag(tag string)
- func (request *WebPluginRequest) AddTags(tags []string)
- func (request *WebPluginRequest) Equal(testRequest WebPluginRequest) bool
- func (request *WebPluginRequest) EqualAny(testRequests []WebPluginRequest) bool
- func (request *WebPluginRequest) GetHash() string
- func (request *WebPluginRequest) HasAnyTags(tags []string) bool
- func (request *WebPluginRequest) HasTag(tag string) bool
type WebPluginResponse
- func (resp *WebPluginResponse) GetHash() string

Constants ¶

View Source

const (
	SEVERITY_CRITICAL string = "critical"
	SEVERITY_HIGH            = "high"
	SEVERITY_MEDIUM          = "medium"
	SEVERITY_LOW             = "low"
	SEVERITY_INFO            = "info"
)

View Source

const (
	STAGE_OPEN       string = "open"
	STAGE_EXPLORE           = "explore"
	STAGE_EXFILTRATE        = "exfiltrate"
)

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Certificate ¶

type Certificate struct {
	CommonName  string    `json:"cn"`
	Domains     []string  `json:"domain"`
	Fingerprint string    `json:"fingerprint"`
	KeyAlgo     string    `json:"key_algo"`
	KeySize     int       `json:"key_size"`
	IssuerName  string    `json:"issuer_name"`
	NotBefore   time.Time `json:"not_before"`
	NotAfter    time.Time `json:"not_after"`
	Valid       bool      `json:"valid"`
}

type DatasetSummary ¶

type DatasetSummary struct {
	Rows        int64    `json:"rows"`
	Files       int64    `json:"files"`
	Size        int64    `json:"size"`
	Collections int64    `json:"collections"`
	Infected    bool     `json:"infected"`
	RansomNotes []string `json:"ransom_notes"`
}

type Event ¶

type Event struct {
	EventType        string       `json:"event_type"`
	EventSource      string       `json:"event_source"`
	EventPipeline    []string     `json:"event_pipeline"`
	EventFingerprint string       `json:"event_fingerprint"`
	Ip               string       `json:"ip"`
	Host             string       `json:"host"`
	Reverse          string       `json:"reverse"`
	Port             string       `json:"port"`
	Mac              string       `json:"mac"`
	Vendor           string       `json:"vendor"`
	Transports       []string     `json:"transport"`
	Protocol         string       `json:"protocol"`
	Http             HttpEvent    `json:"http"`
	Summary          string       `json:"summary"`
	Time             time.Time    `json:"time"`
	SSL              SslEvent     `json:"ssl"`
	SSH              SSHEvent     `json:"ssh"`
	Service          ServiceEvent `json:"service"`
	Leak             LeakEvent    `json:"leak"`
	Tags             []string     `json:"tags"`
	GeoIp            GeoLocation  `json:"geoip"`
	Network          Network      `json:"network"`
}

func (*Event) AddSource ¶

func (event *Event) AddSource(source string)

func (*Event) AddTag ¶

func (event *Event) AddTag(tag string)

func (*Event) HasSource ¶

func (event *Event) HasSource(source string) bool

func (*Event) HasTag ¶

func (event *Event) HasTag(tag string) bool

func (*Event) HasTransport ¶

func (event *Event) HasTransport(transport string) bool

func (*Event) MatchServicePlugin ¶

func (event *Event) MatchServicePlugin(plugin ServicePluginInterface) bool

func (*Event) RemoveTransport ¶

func (event *Event) RemoveTransport(transportCheck string)

func (*Event) UpdateFingerprint ¶

func (event *Event) UpdateFingerprint() error

func (*Event) Url ¶

func (event *Event) Url() string

type GeoLocation ¶

type GeoLocation struct {
	ContinentName  string   `json:"continent_name"`
	RegionISOCode  string   `json:"region_iso_code"`
	CityName       string   `json:"city_name"`
	CountryISOCode string   `json:"country_iso_code"`
	CountryName    string   `json:"country_name"`
	RegionName     string   `json:"region_name"`
	GeoPoint       GeoPoint `json:"location"`
}

type GeoPoint ¶

type GeoPoint struct {
	Latitude  float64 `json:"lat"`
	Longitude float64 `json:"lon"`
}

type HttpEvent ¶

type HttpEvent struct {
	Root        string            `json:"root"`
	Url         string            `json:"url"`
	Status      int               `json:"status"`
	Length      int64             `json:"length"`
	Headers     map[string]string `json:"header"`
	Title       string            `json:"title"`
	FaviconHash string            `json:"favicon_hash"`
}

type LeakEvent ¶

type LeakEvent struct {
	Stage    string         `json:"stage"`
	Type     string         `json:"type"`
	Severity string         `json:"severity"`
	Dataset  DatasetSummary `json:"dataset"`
}

type Network ¶

type Network struct {
	OrganisationName string `json:"organization_name"`
	ASN              int    `json:"asn"`
	NetworkCIDR      string `json:"network"`
}

type SSHEvent ¶

type SSHEvent struct {
	Fingerprint string `json:"fingerprint"`
	Version     int    `json:"version"`
	Banner      string `json:"banner"`
	Motd        string `json:"motd"`
}

type ServiceCredentials ¶

type ServiceCredentials struct {
	NoAuth   bool   `json:"noauth"`
	Username string `json:"username"`
	Password string `json:"password"`
	Key      string `json:"key"`
	Raw      []byte `json:"raw"`
}

type ServiceEvent ¶

type ServiceEvent struct {
	Credentials ServiceCredentials `json:"credentials"`
	Software    Software           `json:"software"`
}

type ServicePluginBase ¶

type ServicePluginBase struct {
}

func (ServicePluginBase) DialContext ¶

func (plugin ServicePluginBase) DialContext(ctx context.Context, network string, addr string) (conn net.Conn, err error)

func (ServicePluginBase) GetEventNetworkConnection ¶

func (plugin ServicePluginBase) GetEventNetworkConnection(event *Event) (conn net.Conn, err error)

func (ServicePluginBase) GetHttpClient ¶

func (plugin ServicePluginBase) GetHttpClient(ctx context.Context, ip string, port string) *http.Client

func (ServicePluginBase) GetNetworkConnection ¶

func (plugin ServicePluginBase) GetNetworkConnection(network string, addr string) (conn net.Conn, err error)

func (ServicePluginBase) Init ¶

func (plugin ServicePluginBase) Init() error

type ServicePluginInterface ¶

type ServicePluginInterface interface {
	GetVersion() (int, int, int)
	GetProtocols() []string
	GetName() string
	GetStage() string
	Run(ctx context.Context, event *Event, options map[string]string) (hasLeak bool)
	Init() error
}

type Software ¶

type Software struct {
	Name            string           `json:"name"`
	Version         string           `json:"version"`
	OperatingSystem string           `json:"os"`
	Modules         []SoftwareModule `json:"modules"`
	Fingerprint     string           `json:"fingerprint"`
}

type SoftwareModule ¶

type SoftwareModule struct {
	Name        string `json:"name"`
	Version     string `json:"version"`
	Fingerprint string `json:"fingerprint"`
}

type SslEvent ¶

type SslEvent struct {
	Detected    bool        `json:"detected"`
	Enabled     bool        `json:"enabled"`
	JARM        string      `json:"jarm"`
	CypherSuite string      `json:"cypher_suite"`
	Version     string      `json:"version"`
	Certificate Certificate `json:"certificate"`
}

type WebPluginInterface ¶

type WebPluginInterface interface {
	GetVersion() (int, int, int)
	GetRequests() []WebPluginRequest
	GetName() string
	GetStage() string
	Verify(request WebPluginRequest, response WebPluginResponse, event *Event, options map[string]string) (hasLeak bool)
}

type WebPluginRequest ¶

type WebPluginRequest struct {
	Method  string
	Path    string
	Headers map[string]string
	Body    []byte

	Tags []string
	// contains filtered or unexported fields
}

func (*WebPluginRequest) AddTag ¶

func (request *WebPluginRequest) AddTag(tag string)

func (*WebPluginRequest) AddTags ¶

func (request *WebPluginRequest) AddTags(tags []string)

func (*WebPluginRequest) Equal ¶

func (request *WebPluginRequest) Equal(testRequest WebPluginRequest) bool

func (*WebPluginRequest) EqualAny ¶

func (request *WebPluginRequest) EqualAny(testRequests []WebPluginRequest) bool

func (*WebPluginRequest) GetHash ¶

func (request *WebPluginRequest) GetHash() string

func (*WebPluginRequest) HasAnyTags ¶

func (request *WebPluginRequest) HasAnyTags(tags []string) bool

func (*WebPluginRequest) HasTag ¶

func (request *WebPluginRequest) HasTag(tag string) bool

type WebPluginResponse ¶

type WebPluginResponse struct {
	Response *http.Response
	Body     []byte
	Document *goquery.Document
}

func (*WebPluginResponse) GetHash ¶

func (resp *WebPluginResponse) GetHash() string

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
banner
cmd
genjson
utils
version

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL