Documentation ¶
Index ¶
- Constants
- func CreateSubmoasOutput(input string, results map[string]*ScanResult) ([]byte, error)
- func GenerateTargetsFromSeed(seed string, increment, offset int64, targetChan chan *Target, ...)
- func LineCounter(filename string) (int64, error)
- func Marshal(output interface{}) ([]byte, error)
- func ReadCiphersFromAsset() map[uint16]string
- func ReadGitVersionFromAsset() string
- func ReadIPsFromTxt(filename string, targetChan chan *Target, newTarget func(string) Target)
- func ReadTargetsFromJSON(filename string, targetChan chan *Target, newTarget func(string) Target)
- type CertHostTLSTarget
- func (h *CertHostTLSTarget) AddResult(address string, res *ScanResult)
- func (h *CertHostTLSTarget) Domains() []string
- func (h *CertHostTLSTarget) Dump(hostFh, certFh, chrFh, httpFh *os.File, timediff time.Duration, ...) error
- func (h *CertHostTLSTarget) IPs() []string
- func (h *CertHostTLSTarget) Results() map[string]*ScanResult
- type DumpTLSTarget
- type DumpableTarget
- type HTTPResult
- type IPProvider
- type JSONableTarget
- type MultiTLSTarget
- func (h *MultiTLSTarget) AddResult(address string, res *ScanResult)
- func (h *MultiTLSTarget) Domains() []string
- func (h *MultiTLSTarget) Dump(baseDir string) error
- func (h *MultiTLSTarget) IPs() []string
- func (h *MultiTLSTarget) JSON() ([]byte, error)
- func (h *MultiTLSTarget) Results() map[string]*ScanResult
- type Processor
- type ProtocolScanner
- type ResultProcessor
- func NewSSHHostKeyHostProcessor(hostkeyfile, hostfile, relfile string, skipErrors bool) ResultProcessor
- func NewTLSCertHostProcessor(certfile, hostfile, chrfile, httpfile string, skipErrors bool, hashCache int) ResultProcessor
- func NewTLSDumpProcessor(certDir string) (ResultProcessor, error)
- func NewTLSLiveProcessor(jsonFilename, certDir, tableName string) (ResultProcessor, error)
- type SSHHostKeyHostProcessor
- type SSHResult
- type SSHScanner
- type SSHTarget
- type ScanDb
- type ScanResult
- type Scanner
- type SubmoasInput
- type SubmoasOutput
- type SubmoasTarget
- type TLSCertHostProcessor
- type TLSDumpProcessor
- type TLSLiveProcessor
- type TLSResult
- type TLSScanner
- type TLSTarget
- type Target
Constants ¶
const ( // Hash cache enum HashCacheSHA256 = 1 HashCacheSHA1 = 2 HashCacheNone = 3 )
Variables ¶
This section is empty.
Functions ¶
func CreateSubmoasOutput ¶
func CreateSubmoasOutput(input string, results map[string]*ScanResult) ([]byte, error)
CreateSubmoasOutput returns the SubmoasOutput for an input string and IP address-ScanResult pairs
func GenerateTargetsFromSeed ¶
func GenerateTargetsFromSeed(seed string, increment, offset int64, targetChan chan *Target, newTarget func(string) Target)
GenerateTargetsFromSeed generates target IPs using a seeded LCG and sends them to the channnel
func LineCounter ¶
LineCounter returns the number of lines in a file Adapted from: http://stackoverflow.com/questions/24562942/golang-how-do-i-determine-the-number-of-lines-in-a-file-efficiently
func ReadCiphersFromAsset ¶
ReadCiphersFromAsset reads TLS cipher suites http://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml
func ReadGitVersionFromAsset ¶
func ReadGitVersionFromAsset() string
ReadGitVersionFromAsset reads current git version hash
func ReadIPsFromTxt ¶
ReadIPsFromTxt reads IP addresses separated by newlines from an input file and sends them to the channel
Types ¶
type CertHostTLSTarget ¶
type CertHostTLSTarget struct { Target // contains filtered or unexported fields }
CertHostTLSTarget contains multiple TLS hosts to be scanned
func (*CertHostTLSTarget) AddResult ¶
func (h *CertHostTLSTarget) AddResult(address string, res *ScanResult)
AddResult appends one host result to this TLS target
func (*CertHostTLSTarget) Domains ¶
func (h *CertHostTLSTarget) Domains() []string
Domains returns a slice with one domain string, SNI is enabled
func (*CertHostTLSTarget) Dump ¶
func (h *CertHostTLSTarget) Dump(hostFh, certFh, chrFh, httpFh *os.File, timediff time.Duration, certCache map[string]bool, cipherSuites map[uint16]string, skipErrors bool, cacheFunc func([]byte) []byte) error
Dump writes the retrieved certificates to a csv file
func (*CertHostTLSTarget) IPs ¶
func (h *CertHostTLSTarget) IPs() []string
IPs returns a slice of IPs for this TLS target
func (*CertHostTLSTarget) Results ¶
func (h *CertHostTLSTarget) Results() map[string]*ScanResult
Results returns the results for all scanned hosts of this TLS host
type DumpTLSTarget ¶
type DumpTLSTarget struct { Target DumpableTarget // contains filtered or unexported fields }
DumpTLSTarget contains a single TLS target whose result can be dumped
func (*DumpTLSTarget) AddResult ¶
func (h *DumpTLSTarget) AddResult(address string, res *ScanResult)
AddResult sets the result for this TLS host
func (*DumpTLSTarget) Domains ¶
func (h *DumpTLSTarget) Domains() []string
Domains returns a slice with one empty string, SNI is not implemented.
func (*DumpTLSTarget) Dump ¶
func (h *DumpTLSTarget) Dump(baseDir string) error
Dump writes the retrieved certificates to a directory
func (*DumpTLSTarget) IPs ¶
func (h *DumpTLSTarget) IPs() []string
IPs returns a slice of IPs for this TLS target
func (*DumpTLSTarget) Results ¶
func (h *DumpTLSTarget) Results() map[string]*ScanResult
Results returns the result for this TLS host
type DumpableTarget ¶
DumpableTarget allows to dump output in a directory
type HTTPResult ¶
type HTTPResult struct {
// contains filtered or unexported fields
}
HTTPResult is the result of a HTTPS connection with a specific HTTP request
type IPProvider ¶
type IPProvider struct {
// contains filtered or unexported fields
}
IPProvider is an instance of the LCG-based IP address generator
func NewIPProvider ¶
func NewIPProvider(seed string, increment, offset int64) *IPProvider
NewIPProvider returns a pointer to a new IPProvider struct
func (*IPProvider) GenerateNextRandomIP ¶
func (ip *IPProvider) GenerateNextRandomIP() (net.IP, error)
GenerateNextRandomIP returns the next IP address skipping private and other reserved ranges
type JSONableTarget ¶
type JSONableTarget interface { Target JSON() interface{} }
JSONableTarget allows to create a JSON represenation of the target
type MultiTLSTarget ¶
type MultiTLSTarget struct { Target DumpableTarget JSONableTarget // contains filtered or unexported fields }
MultiTLSTarget contains multiple TLS hosts to be scanned
func (*MultiTLSTarget) AddResult ¶
func (h *MultiTLSTarget) AddResult(address string, res *ScanResult)
AddResult appends one host result to this TLS target
func (*MultiTLSTarget) Domains ¶
func (h *MultiTLSTarget) Domains() []string
Domains returns a slice with empty strings, SNI is not implemented.
func (*MultiTLSTarget) Dump ¶
func (h *MultiTLSTarget) Dump(baseDir string) error
Dump writes the retrieved certificates to a directory
func (*MultiTLSTarget) IPs ¶
func (h *MultiTLSTarget) IPs() []string
IPs returns a list of TLS IPs to be scanned
func (*MultiTLSTarget) JSON ¶
func (h *MultiTLSTarget) JSON() ([]byte, error)
JSON returns a JSON encoding for this target
func (*MultiTLSTarget) Results ¶
func (h *MultiTLSTarget) Results() map[string]*ScanResult
Results returns the results for all scanned hosts of this TLS host
type Processor ¶
type Processor struct { ResultProcessor OutputChan <-chan *Target }
Processor is the base result processing struct, embedding a ResultProcessor
type ProtocolScanner ¶
type ProtocolScanner interface { ScanProtocol(conn net.Conn, target *Target, timeout time.Duration, synStart time.Time, synEnd time.Time) InputChannel() chan *Target OutputChannel() chan *Target }
ProtocolScanner is used to implement protocol scanning
type ResultProcessor ¶
type ResultProcessor interface { Prepare() ProcessResult(*Target) Finish() }
ResultProcessor has one function for processing results, additionally Prepare and Finish functions
func NewSSHHostKeyHostProcessor ¶
func NewSSHHostKeyHostProcessor(hostkeyfile, hostfile, relfile string, skipErrors bool) ResultProcessor
NewSSHHostKeyHostProcessor returns a new processor for results of scanned SSH hosts
func NewTLSCertHostProcessor ¶
func NewTLSCertHostProcessor(certfile, hostfile, chrfile, httpfile string, skipErrors bool, hashCache int) ResultProcessor
NewTLSCertHostProcessor returns a new processor for results of scanned TLS hosts
func NewTLSDumpProcessor ¶
func NewTLSDumpProcessor(certDir string) (ResultProcessor, error)
NewTLSDumpProcessor returns a new processor for results of live scanned TLS hosts
func NewTLSLiveProcessor ¶
func NewTLSLiveProcessor(jsonFilename, certDir, tableName string) (ResultProcessor, error)
NewTLSLiveProcessor returns a new processor for results of live scanned TLS hosts
type SSHHostKeyHostProcessor ¶
type SSHHostKeyHostProcessor struct {
// contains filtered or unexported fields
}
SSHHostKeyHostProcessor implements the processing of SSH scanning results
func (SSHHostKeyHostProcessor) Finish ¶
func (t SSHHostKeyHostProcessor) Finish()
Finish is called after the results have been processed
func (SSHHostKeyHostProcessor) Prepare ¶
func (t SSHHostKeyHostProcessor) Prepare()
Prepare is called before the results are being processed
func (SSHHostKeyHostProcessor) ProcessResult ¶
func (t SSHHostKeyHostProcessor) ProcessResult(hIn *Target)
ProcessResult dumps the hostKey
type SSHResult ¶
type SSHResult struct {
// contains filtered or unexported fields
}
SSHResult is an instance of result from ScanResult with SSH host keys, version and cipher
type SSHScanner ¶
type SSHScanner struct {
// contains filtered or unexported fields
}
SSHScanner implements the scanning of the SSH protocol
func NewSSHScanner ¶
func NewSSHScanner() SSHScanner
NewSSHScanner returns an initialized SSHScanner struct
func (SSHScanner) InputChannel ¶
func (s SSHScanner) InputChannel() chan *Target
InputChannel returns the input channel for reading and writing targets
func (SSHScanner) OutputChannel ¶
func (s SSHScanner) OutputChannel() chan *Target
OutputChannel returns the output channel for reading and writing results
type SSHTarget ¶
type SSHTarget struct { Target // contains filtered or unexported fields }
func (*SSHTarget) AddResult ¶
func (h *SSHTarget) AddResult(address string, res *ScanResult)
AddResult sets the result for this SSH host
func (*SSHTarget) Domains ¶
Domains returns a slice with an empty string, SNI is not implemented this function only exists to match the Target interface
func (*SSHTarget) Dump ¶
func (h *SSHTarget) Dump(hostFh, hostKeyFh, relFh *os.File, timediff time.Duration, hostKeyCache map[string]bool, skipErrors bool) error
Dump writes the retrieved certificates to a csv file
func (*SSHTarget) Results ¶
func (h *SSHTarget) Results() map[string]*ScanResult
Results returns the result for this SSH host
type ScanDb ¶
type ScanDb struct {
// contains filtered or unexported fields
}
ScanDb represents an SQL database along with the table name used for queries
func PostgresDb ¶
PostgresDb returns a ScanDb with an underlying PostgreSQL database
type ScanResult ¶
type ScanResult struct {
// contains filtered or unexported fields
}
ScanResult contains the time when the measurement occurred and the result
type Scanner ¶
type Scanner struct { ProtocolScanner NumRoutines int QPS int ConnTimeout time.Duration SynTimeout time.Duration SourceIP *net.TCPAddr InputFile string }
Scanner is the base struct that handles the scanning loop
type SubmoasInput ¶
type SubmoasInput struct { Least string `json:"least"` LeastO []int `json:"least_o"` Most string `json:"most"` MostO []int `json:"most_o"` Targets []string `json:"targets"` }
SubmoasInput is one JSON object read from the input file
func Unmarshal ¶
func Unmarshal(input []byte) ([]SubmoasInput, error)
Unmarshal returns the SubmoasInput when passing the bytes read from a file
type SubmoasOutput ¶
type SubmoasOutput struct { Least string `json:"least"` LeastO []int `json:"least_o"` Most string `json:"most"` MostO []int `json:"most_o"` Targets map[string]SubmoasTarget `json:"targets"` }
SubmoasOutput is one JSON object which will be written to the output file
type SubmoasTarget ¶
SubmoasTarget is the result of the scanning procedure
type TLSCertHostProcessor ¶
type TLSCertHostProcessor struct {
// contains filtered or unexported fields
}
TLSCertHostProcessor implements the processing of TLS scanning results
func (TLSCertHostProcessor) Finish ¶
func (t TLSCertHostProcessor) Finish()
Finish is called after the results have been processed
func (TLSCertHostProcessor) Prepare ¶
func (t TLSCertHostProcessor) Prepare()
Prepare is called before the results are being processed
func (TLSCertHostProcessor) ProcessResult ¶
func (t TLSCertHostProcessor) ProcessResult(hIn *Target)
ProcessResult dumps the certificate chain
type TLSDumpProcessor ¶
type TLSDumpProcessor struct {
// contains filtered or unexported fields
}
TLSDumpProcessor implements the processing of TLS scanning results
func (TLSDumpProcessor) Finish ¶
func (t TLSDumpProcessor) Finish()
Finish is called after the results have been processed
func (TLSDumpProcessor) Prepare ¶
func (t TLSDumpProcessor) Prepare()
Prepare is called before the results are being processed
func (TLSDumpProcessor) ProcessResult ¶
func (t TLSDumpProcessor) ProcessResult(hIn *Target)
ProcessResult dumps the certificate chain
type TLSLiveProcessor ¶
type TLSLiveProcessor struct {
// contains filtered or unexported fields
}
TLSLiveProcessor implements the processing of TLS scanning results
func (TLSLiveProcessor) Finish ¶
func (t TLSLiveProcessor) Finish()
Finish is called after the results have been processed
func (TLSLiveProcessor) Prepare ¶
func (t TLSLiveProcessor) Prepare()
Prepare is called before the results are being processed
func (TLSLiveProcessor) ProcessResult ¶
func (t TLSLiveProcessor) ProcessResult(hIn *Target)
ProcessResult checks the database, writes the JSON output and dumps the certificate chain
type TLSResult ¶
type TLSResult struct {
// contains filtered or unexported fields
}
TLSResult is an instance of result from ScanResult with TLS certificates, version and cipher
type TLSScanner ¶
type TLSScanner struct { HTTPHeaders []string HTTPRequests []string // contains filtered or unexported fields }
TLSScanner implements the scanning of the TLS protocol
func NewTLSScanner ¶
func NewTLSScanner(httpHeaders string, httpRequests []string) TLSScanner
NewTLSScanner returns an initialized TLSScanner struct
func (TLSScanner) InputChannel ¶
func (s TLSScanner) InputChannel() chan *Target
InputChannel returns the input channel for reading and writing targets
func (TLSScanner) OutputChannel ¶
func (s TLSScanner) OutputChannel() chan *Target
OutputChannel returns the output channel for reading and writing resutls
type TLSTarget ¶
type TLSTarget struct { Target // contains filtered or unexported fields }
TLSTarget contains a single TLS host to be scanned
func (*TLSTarget) AddResult ¶
func (h *TLSTarget) AddResult(address string, res *ScanResult)
AddResult sets the result for this TLS host
func (*TLSTarget) Results ¶
func (h *TLSTarget) Results() map[string]*ScanResult
Results returns the result for this TLS host
type Target ¶
type Target interface { IPs() []string Results() map[string]*ScanResult AddResult(string, *ScanResult) Domains() []string }
Target symbolizes a host or a group of hosts
func NewCertHostTLSTarget ¶
NewCertHostTLSTarget returns a pointer to a TLS target with multiple hosts
func NewDumpTLSTarget ¶
NewDumpTLSTarget returns a pointer to a new DumpTLSTarget struct
func NewMultiTLSTarget ¶
NewMultiTLSTarget returns a pointer to a TLS target with multiple hosts
func NewSSHTarget ¶
NewSSHTarget returns a pointer to a new SSHTarget struct
func NewTLSTarget ¶
NewTLSTarget returns a pointer to a new TLSTarget struct