models

package
v0.0.0-...-c5d900d Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 10, 2019 License: Apache-2.0 Imports: 4 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Address 

type Address struct {
	Name    string `json:"name,omitempty"`
	Address string `json:"address,omitempty"`
}

type Archive 

type Archive struct {
	Files              []*ArchiveFile      `json:"files,omitempty"`
	DecompressedSize   int64               `json:"decompressed_size_bytes"`
	ArchiveType        string              `json:"type,omitempty"`
	SubArchives        map[string]*Archive `json:"sub_archives,omitempty"`
	ContainsExecutable bool                `json:"contains_exe"`
}

type ArchiveFile 

type ArchiveFile struct {
	Name        string `json:"name,omitempty"`
	Extension   string `json:"extension,omitempty"`
	Type        string `json:"type,omitempty"`
	Compression string `json:"compression,omitempty"`
}

type Attachment 

type Attachment struct {
	Name           string                 `json:"name,omitempty"`
	InferredType   string                 `json:"inferred_type,omitempty"`
	ReportedType   string                 `json:"reported_type,omitempty"`
	Size           int64                  `json:"size_bytes"`
	Hash           string                 `json:"hash,omitempty"`
	PDFMetadata    *PDFMeta               `json:"pdf_metadata,omitempty"`
	DocMetadata    *DocMeta               `json:"doc_metadata,omitempty"`
	ExeMetadata    map[string]interface{} `json:"exe_metadata,omitempty"`
	EventsMetadata []*Event               `json:"event_metadata,omitempty"`
	// TODO: ImageMetadata should be more defined
	ImageMetadata map[string]interface{} `json:"image_metadata,omitempty"`
	Archives      map[string]*Archive    `json:"archive_content,omitempty"`
	SubAttachment *Attachment            `json:"sub_attachment,omitempty"`
	// TODO
	Executable bool `json:"is_executable"`
}

type BaseInfos 

type BaseInfos struct {
	MailFrom     string    `json:"mail_from,omitempty"`
	RcptTo       []string  `json:"rcpt_to,omitempty" yaml:",flow"`
	Host         string    `json:"host,omitempty"`
	Family       string    `json:"family,omitempty"`
	Port         int       `json:"port"`
	Addr         string    `json:"addr,omitempty"`
	Helo         string    `json:"helo,omitempty"`
	TimeReported time.Time `json:"-" yaml:"-"`
	UID          [16]byte  `json:"-" yaml:"-"`
}

func (*BaseInfos) DecodeMsg 

func (z *BaseInfos) DecodeMsg(dc *msgp.Reader) (err error)

DecodeMsg implements msgp.Decodable

func (*BaseInfos) EncodeMsg 

func (z *BaseInfos) EncodeMsg(en *msgp.Writer) (err error)

EncodeMsg implements msgp.Encodable

func (*BaseInfos) MarshalMsg 

func (z *BaseInfos) MarshalMsg(b []byte) (o []byte, err error)

MarshalMsg implements msgp.Marshaler

func (*BaseInfos) Msgsize 

func (z *BaseInfos) Msgsize() (s int)

Msgsize returns an upper bound estimate of the number of bytes occupied by the serialized message

func (*BaseInfos) UnmarshalMsg 

func (z *BaseInfos) UnmarshalMsg(bts []byte) (o []byte, err error)

UnmarshalMsg implements msgp.Unmarshaler

type DKIMValidation 

type DKIMValidation struct {
	Error         string             `json:"error,omitempty"`
	Verifications []DKIMVerification `json:"verifications,omitempty"`
}

type DKIMVerification 

type DKIMVerification struct {
	Domain     string `json:"domain,omitempty"`
	Identifier string `json:"identifier,omitempty"`
}

type DocMeta 

type DocMeta struct {
	HasMacro   bool                   `json:"has_macro"` // TODO
	Language   string                 `json:"language,omitempty"`
	Keywords   []string               `json:"keywords,omitempty"`
	Phrases    []string               `json:"phrases,omitempty"`
	Properties map[string]interface{} `json:"properties,omitempty"`
}

type Event 

type Event struct {
	Summary     string     `json:"summary,omitempty"`
	Description string     `json:"description,omitempty"`
	Location    string     `json:"location,omitempty"`
	Start       *time.Time `json:"start,omitempty"`
	End         *time.Time `json:"end,omitempty"`
}

type FeaturesMail 

type FeaturesMail struct {
	BaseInfos   `yaml:",inline"`
	UID         string              `json:"uid,omitempty"`
	Size        int64               `json:"size_bytes"`
	ContentType string              `json:"content_type,omitempty"`
	Reported    string              `json:"timereported,omitempty"`
	Headers     map[string][]string `json:"headers,omitempty"`
	Attachments []*Attachment       `json:"attachments,omitempty"`
	BagOfWords  map[string]int      `json:"bag_of_words,omitempty"`
	Keywords    []string            `json:"keywords,omitempty" yaml:",flow"`
	Phrases     []string            `json:"phrases,omitempty" yaml:",flow"`
	Language    string              `json:"language,omitempty"`
	TimeHeader  string              `json:"time_header,omitempty"`
	Received    []ReceivedElement   `json:"received,omitempty"`
	// TODO: check that From is consistent/scam
	From          *FromAddress      `json:"from,omitempty"`
	To            []Address         `json:"to,omitempty" yaml:",flow"`
	Title         string            `json:"title,omitempty"`
	Emails        []string          `json:"emails,omitempty"`
	URLs          []string          `json:"urls,omitempty"`
	PhishtankURLS []*PhishtankEntry `json:"phishtank_urls,omitempty"`
	Images        []string          `json:"images,omitempty"`
	DKIM          *DKIMValidation   `json:"dkim,omitempty"`
}

func (*FeaturesMail) Encode 

func (f *FeaturesMail) Encode(indent bool) ([]byte, error)

type FromAddress 

type FromAddress struct {
	Address
	Error               string `json:"error,omitempty"`
	NameContainsAddress bool   `json:"name_contains_address"`
	Multiple            bool   `json:"multiple"`
	Different           bool   `json:"different"`
	Spoofed             bool   `json:"spoofed"`
}

type GeoIPResult 

type GeoIPResult struct {
	Country     string  `json:"country,omitempty"`
	Continent   string  `json:"continent,omitempty"`
	City        string  `json:"city,omitempty"`
	Coordinates *LatLon `json:"coordinates,omitempty"`
}

type IncomingMail 

type IncomingMail struct {
	BaseInfos
	Data []byte `json:"data,omitempty"`
}

func (*IncomingMail) DecodeMsg 

func (z *IncomingMail) DecodeMsg(dc *msgp.Reader) (err error)

DecodeMsg implements msgp.Decodable

func (*IncomingMail) EncodeMsg 

func (z *IncomingMail) EncodeMsg(en *msgp.Writer) (err error)

EncodeMsg implements msgp.Encodable

func (*IncomingMail) MarshalMsg 

func (z *IncomingMail) MarshalMsg(b []byte) (o []byte, err error)

MarshalMsg implements msgp.Marshaler

func (*IncomingMail) Msgsize 

func (z *IncomingMail) Msgsize() (s int)

Msgsize returns an upper bound estimate of the number of bytes occupied by the serialized message

func (*IncomingMail) UnmarshalMsg 

func (z *IncomingMail) UnmarshalMsg(bts []byte) (o []byte, err error)

UnmarshalMsg implements msgp.Unmarshaler

type LatLon 

type LatLon struct {
	Latitude  float64 `json:"lat"`
	Longitude float64 `json:"lon"`
}

type PDFMeta 

type PDFMeta struct {
	Title          string     `json:"title,omitempty"`
	Author         string     `json:"author,omitempty"`
	Creator        string     `json:"creator,omitempty"`
	Producer       string     `json:"producer,omitempty"`
	CreationDate   *time.Time `json:"creation_date,omitempty"`
	ModDate        *time.Time `json:"mod_date,omitempty"`
	Tagged         bool       `json:"tagged"`
	UserProperties bool       `json:"user_properties"`
	Form           string     `json:"form,omitempty"`
	Javascript     bool       `json:"javascript"`
	Pages          int64      `json:"pages"`
	Encrypted      bool       `json:"encrypted"`
	PageSize       string     `json:"page_size,omitempty"`
	FileSize       int64      `json:"file_size_bytes"`
	Optimized      bool       `json:"optimized"`
	Version        string     `json:"version,omitempty"`
	Language       string     `json:"language,omitempty"`
	Keywords       []string   `json:"keywords,omitempty"`
	Phrases        []string   `json:"phrases,omitempty"`
}

type PhishtankEntry 

type PhishtankEntry struct {
	URL              string     `json:"url,omitempty"`
	PhishID          int        `json:"phish_id"`
	DetailsURL       string     `json:"details_url,omitempty"`
	SubmissionTime   *time.Time `json:"submission_time,omitempty"`
	Online           bool       `json:"online"`
	Verified         bool       `json:"verified"`
	VerificationTime *time.Time `json:"verification_time,omitempty"`
}

type ReceivedBy 

type ReceivedBy struct {
	Name     string `json:"name,omitempty"`
	Software string `json:"software,omitempty"`
}

type ReceivedElement 

type ReceivedElement struct {
	From         *ReceivedFrom `json:"from,omitempty"`
	By           *ReceivedBy   `json:"by,omitempty"`
	Protocol     string        `json:"protocol,omitempty"`
	ID           string        `json:"id,omitempty"`
	TLS          string        `json:"tls,omitempty"`
	For          string        `json:"for,omitempty"`
	Timestamp    *time.Time    `json:"time,omitempty"`
	EnvelopeFrom string        `json:"envelope_from,omitempty"`
	Helo         string        `json:"helo,omitempty"`
	Raw          string        `json:"raw,omitempty"`
}

type ReceivedFrom 

type ReceivedFrom struct {
	ReportedName    string      `json:"reported_name,omitempty"`
	IP              *ReceivedIP `json:"ip,omitempty"`
	DNSReversedName string      `json:"reversed_name,omitempty"`
}

type ReceivedIP 

type ReceivedIP struct {
	Parsed   net.IP       `json:"parsed_ip,omitempty"`
	Reported string       `json:"reported,omitempty"`
	Public   bool         `json:"public"`
	Location *GeoIPResult `json:"location,omitempty"`
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.