Documentation
¶
Index ¶
- Constants
- Variables
- func AutoMigrate(db *gorm.DB, key uint8)
- func GetGormProfileDatabase() *gorm.DB
- func GetGormProjectDatabase() *gorm.DB
- func KeySchemaToName(i uint8) string
- func RegisterDatabaseSchema(key uint8, schema ...any)
- func SetBroadCast_Data(f func(typeString string, data any))
- func SetGormProfileDatabase(d *gorm.DB)
- func SetGormProjectDatabase(d *gorm.DB)
- type AliveHost
- type BackProject
- type Briefing
- type BroadCastHandler
- type CPE
- type CodecFlow
- type Domain
- type ExecHistory
- type ExecResult
- type ExtraDescInfo
- type ExtractedData
- type GeneralRule
- type GeneralStorage
- type HTTPFlow
- func (f *HTTPFlow) AddTag(appendTags ...string)
- func (f *HTTPFlow) AddTagToFirst(appendTags ...string)
- func (f *HTTPFlow) AfterCreate(tx *gorm.DB) (err error)
- func (f *HTTPFlow) AfterDelete(tx *gorm.DB) (err error)
- func (f *HTTPFlow) AfterUpdate(tx *gorm.DB) (err error)
- func (f *HTTPFlow) BeforeSave() error
- func (f *HTTPFlow) Blue()
- func (f *HTTPFlow) CalcCacheHash(full bool) string
- func (f *HTTPFlow) CalcHash() string
- func (f *HTTPFlow) ColorSharp(rgbHex string)
- func (f *HTTPFlow) Cyan()
- func (f *HTTPFlow) Green()
- func (f *HTTPFlow) Grey()
- func (f *HTTPFlow) Orange()
- func (f *HTTPFlow) Purple()
- func (f *HTTPFlow) Red()
- func (f *HTTPFlow) RemoveColor()
- func (f *HTTPFlow) Yellow()
- type Host
- type HybridScanTask
- type MapEx
- type MarkdownDoc
- type MenuItem
- type NaslScript
- type NavigationBar
- type Payload
- type PluginGroup
- type Port
- type Progress
- type Project
- type ProjectGeneralStorage
- type Report
- func (r *Report) BarGraphHorizontal(items ...interface{})
- func (r *Report) BarGraphVertical(items ...interface{})
- func (r *Report) Code(items interface{})
- func (r *Report) Divider()
- func (r *Report) From(i interface{}, items ...interface{})
- func (r *Report) Markdown(i string)
- func (r *Report) Owner(i interface{}, items ...interface{})
- func (r *Report) PieGraph(items ...interface{})
- func (r *Report) Raw(items interface{})
- func (r *Report) Save() int
- func (r *Report) SearchTable(i interface{}, raw ...interface{})
- func (r *Report) Table(i interface{}, raw ...interface{})
- func (r *Report) Title(i interface{}, items ...interface{})
- func (r *Report) ToRecord() (*ReportRecord, error)
- func (r *Report) WordCloud(items ...interface{})
- type ReportItem
- type ReportRecord
- type Risk
- type RssFeed
- type SSAProgram
- type ScreenRecorder
- type SlicesEx
- type SyntaxFlowRule
- type SyntaxFlowRuleGroup
- type SyntaxFlowRulePurposeType
- type SyntaxFlowRuleType
- type SyntaxFlowSeverity
- type TrafficPacket
- type TrafficSession
- type TrafficTCPReassembledFrame
- type WebFuzzerConfig
- type WebFuzzerLabel
- type WebFuzzerResponse
- type WebFuzzerTask
- type WebShell
- type WebsocketFlow
- type YakScript
- func (s *YakScript) AfterCreate(tx *gorm.DB) (err error)
- func (s *YakScript) AfterDelete(tx *gorm.DB) (err error)
- func (s *YakScript) AfterUpdate(tx *gorm.DB) (err error)
- func (s *YakScript) BeforeSave() error
- func (s *YakScript) GetParams() []*ypb.YakScriptParam
- func (s *YakScript) ToGRPCModel() *ypb.YakScript
Constants ¶
View Source
const ( KEY_SCHEMA_YAKIT_DATABASE uint8 = iota KEY_SCHEMA_PROFILE_DATABASE KEY_SCHEMA_CVE_DATABASE KEY_SCHEMA_CVE_DESCRIPTION_DATABASE KEY_SCHEMA_VULINBOX_DATABASE KEY_SCHEMA_SSA_DATABASE )
View Source
const ( REPORT_ITEM_TYPE_MARKDOWN = "markdown" REPORT_ITEM_TYPE_DIVIDER = "divider" REPORT_ITEM_TYPE_TABLE = "json-table" REPORT_ITEM_SEARCH_TYPE_TABLE = "search-json-table" REPORT_ITEM_TYPE_PIE_GRAPH = "pie-graph" REPORT_ITEM_TYPE_VERTICAL_BAR_GRAPH = "vertical-bar-graph" REPORT_ITEM_TYPE_HORIZONTAL_BAR_GRAPH = "horizontal-bar-graph" REPORT_ITEM_TYPE_RAW = "raw" REPORT_ITEM_TYPE_CODE = "code" REPORT_ITEM_TYPE_WORDCLOUD = "wordcloud" )
View Source
const ( SFR_SEVERITY_LOW = "info" SFR_SEVERITY_WARNING = "middle" SFR_SEVERITY_CRITICAL = "critical" SFR_SEVERITY_HIGH = "high" )
View Source
const COLORPREFIX = "YAKIT_COLOR_"
Variables ¶
View Source
var ProfileTables = []interface{}{ &YakScript{}, &Payload{}, &MenuItem{}, &GeneralStorage{}, &MarkdownDoc{}, &Project{}, &NavigationBar{}, &NaslScript{}, &WebFuzzerLabel{}, &PluginGroup{}, &CodecFlow{}, &SSAProgram{}, &GeneralRule{}, &SyntaxFlowRule{}, &SyntaxFlowRuleGroup{}, }
ProfileTables 这些表是独立与项目之外的,每一个用户的数据都不一样
View Source
var ProjectTables = []interface{}{ &WebsocketFlow{}, &HTTPFlow{}, &ExecHistory{}, &ExtractedData{}, &Port{}, &Domain{}, &Host{}, &MarkdownDoc{}, &ExecResult{}, &Risk{}, &WebFuzzerTask{}, &WebFuzzerResponse{}, &ReportRecord{}, &ScreenRecorder{}, &ProjectGeneralStorage{}, &Briefing{}, &RssFeed{}, &WebShell{}, &AliveHost{}, &TrafficSession{}, &TrafficPacket{}, &TrafficTCPReassembledFrame{}, &HybridScanTask{}, &Progress{}, &WebFuzzerConfig{}, }
ProjectTables 这些表是和项目关联的,导出项目可以直接复制给用户
View Source
var (
WebFuzzerResponseTTLCache = utils.NewTTLCache[*ypb.FuzzerResponse](30 * time.Minute)
)
View Source
var WebFuzzerTaskTTLCache = utils.NewTTLCache[*ypb.HistoryHTTPFuzzerTask](30 * time.Minute)
Functions ¶
func AutoMigrate ¶
func GetGormProfileDatabase ¶
func GetGormProjectDatabase ¶
func KeySchemaToName ¶
func RegisterDatabaseSchema ¶
func SetBroadCast_Data ¶
Types ¶
type BackProject ¶
func (*BackProject) BackGRPCModel ¶
func (p *BackProject) BackGRPCModel() *ypb.ProjectDescription
type Briefing ¶
type Briefing struct {
gorm.Model
SourceXmlUrl string
RssFeedHash string
Hash string `gorm:"columns:hash;unique_index"`
Title string `json:"title,omitempty"`
Description string `json:"description,omitempty"`
Content string `json:"content,omitempty"`
Link string `json:"link,omitempty"`
Updated string `json:"updated,omitempty"`
UpdatedParsed *time.Time `json:"updatedParsed,omitempty"`
Published string `json:"published,omitempty"`
PublishedParsed *time.Time `json:"publishedParsed,omitempty"`
Author string `json:"author,omitempty"`
AuthorEmail string `json:"author_email,omitempty"`
GUID string `json:"guid,omitempty"`
ImageUrl string `json:"image_url,omitempty"`
ImageName string `json:"image_name,omitempty"`
Categories string `json:"categories,omitempty"`
Tags string `json:"tags"`
IsRead bool `json:"is_read"`
}
func (*Briefing) BeforeSave ¶
type BroadCastHandler ¶
type BroadCastHandler struct {
// contains filtered or unexported fields
}
func GetBroadCast_Data ¶
func GetBroadCast_Data() *BroadCastHandler
func (*BroadCastHandler) Call ¶
func (b *BroadCastHandler) Call(typeString string, data any)
type CPE ¶
type CPE struct {
Part string `yaml:"part,omitempty" json:"part"`
Vendor string `yaml:"vendor,omitempty" json:"vendor"`
Product string `yaml:"product,omitempty" json:"product"`
Version string `yaml:"version,omitempty" json:"version"`
Update string `yaml:"update,omitempty" json:"update"`
Edition string `yaml:"edition,omitempty" json:"edition"`
Language string `yaml:"language,omitempty" json:"language"`
}
type Domain ¶
type Domain struct {
gorm.Model
Domain string `json:"domain" gorm:"index"`
IPAddr string `json:"ip_addr"`
IPInteger int64 `json:"ip_integer"`
HTTPTitle string
Hash string `json:"hash" gorm:"unique_index"`
Tags string `json:"tags"`
}
func (*Domain) BeforeSave ¶
func (*Domain) FillDomainHTTPInfo ¶
func (d *Domain) FillDomainHTTPInfo()
type ExecHistory ¶
type ExecHistory struct {
gorm.Model
Hash string `gorm:"unique_index"`
RuntimeId string `json:"runtime_id" gorm:"unique_index"`
Script string `json:"script"`
ScriptId string `json:"script_id" gorm:"index"`
TimestampNano int64 `json:"timestamp"`
FromYakModule string `json:"from_yak_module" gorm:"index"`
DurationMs int64 `json:"duration_ms"`
Params string `json:"params"`
Stdout string `json:"stdout"`
Stderr string `json:"stderr"`
Ok bool `json:"ok"`
Reason string `json:"reason"`
StdoutLen int64 `json:"stdout_len" gorm:"-"`
StderrLen int64 `json:"stderr_len" gorm:"-"`
// json
Messages string `json:"messages"`
}
func (*ExecHistory) BeforeSave ¶
func (f *ExecHistory) BeforeSave() error
func (*ExecHistory) CalcHash ¶
func (f *ExecHistory) CalcHash() string
func (*ExecHistory) ToGRPCModel ¶
func (f *ExecHistory) ToGRPCModel() *ypb.ExecHistoryRecord
type ExecResult ¶
type ExecResult struct {
gorm.Model
YakScriptName string `json:"yak_script_name" gorm:"index"`
Raw string `json:"raw"`
}
func (*ExecResult) ToGRPCModel ¶
func (e *ExecResult) ToGRPCModel() *ypb.ExecResult
type ExtraDescInfo ¶
type ExtraDescInfo struct {
Level SyntaxFlowSeverity
Purpose SyntaxFlowRulePurposeType
Msg string
OnlyMsg bool
ExtraInfo map[string]string
}
type ExtractedData ¶
type ExtractedData struct {
gorm.Model
// sourcetype 一般来说是标注数据来源
SourceType string `gorm:"index"`
// trace id 表示数据源的 ID
TraceId string `gorm:"index"`
// 提取数据的正则数据
Regexp string
// 规则 Verbose
RuleVerbose string
// UTF8 safe escape
Data string
// DataIndex 表示数据的位置
DataIndex int
// Length 表示数据的长度
Length int
// IsMatchRequest 表示是否是匹配请求
IsMatchRequest bool
}
type GeneralRule ¶
type GeneralRule struct {
gorm.Model
*CPE
RuleName string `json:"指纹名称" gorm:"unique_index"`
WebPath string `json:"web路径"`
ExtInfo string
MatchExpression string `json:"指纹规则"`
}
func FromFingerprintGRPCModel ¶
func FromFingerprintGRPCModel(gr *ypb.FingerprintRule) *GeneralRule
func (*GeneralRule) String ¶
func (g *GeneralRule) String() string
func (*GeneralRule) ToGRPCModel ¶
func (gr *GeneralRule) ToGRPCModel() *ypb.FingerprintRule
type GeneralStorage ¶
type GeneralStorage struct {
gorm.Model
Key string `json:"key" gorm:"unique_index"`
// 经过 JSON + Strconv
Value string `json:"value"`
// 过期时间
ExpiredAt time.Time
// YAKIT SUBPROC_ENV
ProcessEnv bool
// 帮助信息,描述这个变量是干嘛的
Verbose string
// 描述变量所在的组是啥
Group string
}
func (*GeneralStorage) EnableProcessEnv ¶
func (s *GeneralStorage) EnableProcessEnv()
func (*GeneralStorage) ToGRPCModel ¶
func (s *GeneralStorage) ToGRPCModel() *ypb.GeneralStorage
type HTTPFlow ¶
type HTTPFlow struct {
gorm.Model
HiddenIndex string
NoFixContentLength bool `json:"no_fix_content_length"`
Hash string `gorm:"unique_index"`
IsHTTPS bool
Url string `gorm:"index"`
Path string
Method string
BodyLength int64
ContentType string
StatusCode int64
SourceType string
Request string
Response string
Duration int64
GetParamsTotal int
PostParamsTotal int
CookieParamsTotal int
IPAddress string
RemoteAddr string
IPInteger int
Tags string // 用来打标!
Payload string
// Websocket 相关字段
IsWebsocket bool
// 用来计算 websocket hash, 每次连接都不一样,一般来说,内部对象 req 指针足够了
WebsocketHash string
RuntimeId string
FromPlugin string
// friendly for gorm build instance, not for store
// 这两个字段不参与数据库存储,但是在序列化的时候,会被覆盖
// 主要用来标记用户的 Request 和 Response 是否超大
IsRequestOversize bool `gorm:"-"`
IsResponseOversize bool `gorm:"-"`
IsTooLargeResponse bool
TooLargeResponseHeaderFile string
TooLargeResponseBodyFile string
// 同步到企业端
UploadOnline bool `json:"upload_online"`
}
func (*HTTPFlow) AddTagToFirst ¶
func (*HTTPFlow) BeforeSave ¶
func (*HTTPFlow) CalcCacheHash ¶
func (*HTTPFlow) ColorSharp ¶
func (*HTTPFlow) RemoveColor ¶
func (f *HTTPFlow) RemoveColor()
type HybridScanTask ¶
type HybridScanTask struct {
gorm.Model
TaskId string `gorm:"unique_index"`
// executing
// paused
// done
Status string
Reason string // user cancel / finished / recover failed so on
SurvivalTaskIndexes string // 暂停的时候正在执行的任务
// struct{ https bool; request bytes }[]
Targets string
// string[]
Plugins string
TotalTargets int64
TotalPlugins int64
TotalTasks int64
FinishedTasks int64
FinishedTargets int64
ScanConfig []byte
HybridScanTaskSource string
}
type MapEx ¶
type MapEx[K comparable, V any] map[K]V
type MarkdownDoc ¶
type MenuItem ¶
type MenuItem struct {
gorm.Model
Group string `json:"group" `
Verbose string `json:"verbose"`
YakScriptName string `json:"yak_script_name"`
Hash string `json:"-" gorm:"unique_index"`
// quoted json
BatchPluginFilterJson string `json:"batch_plugin_filter_json"`
Mode string `json:"mode"`
MenuSort int64 `json:"menu_sort"`
GroupSort int64 `json:"group_sort"`
}
func (*MenuItem) BeforeSave ¶
type NaslScript ¶
type NaslScript struct {
gorm.Model
OriginFileName string `json:"origin_file_name"`
Hash string `json:"hash" gorm:"unique_index"`
OID string `json:"oid"`
CVE string `json:"cve"`
ScriptName string `json:"script_name"`
Script string `json:"script"`
Tags string `json:"tags,omitempty"`
Version string `json:"version"`
Category string `json:"category"`
Family string `json:"family"`
Copyright string `json:"copyright"`
Dependencies string `json:"dependencies,omitempty"`
RequirePorts string `json:"require_ports,omitempty"`
RequireUdpPorts string `json:"require_udp_ports,omitempty"`
ExcludeKeys string `json:"exclude_keys,omitempty"`
Xref string `json:"xref,omitempty"`
Preferences string `json:"preferences,omitempty"`
BugtraqId string `json:"bugtraqId,omitempty"`
MandatoryKeys string `json:"mandatory_keys,omitempty"`
Timeout int `json:"timeout,omitempty"`
RequireKeys string `json:"require_keys,omitempty"`
}
func (*NaslScript) CalcHash ¶
func (p *NaslScript) CalcHash() string
func (*NaslScript) CreateOrUpdateNaslScript ¶
func (p *NaslScript) CreateOrUpdateNaslScript(db *gorm.DB) error
func (*NaslScript) ToYakScript ¶
func (p *NaslScript) ToYakScript() *YakScript
type NavigationBar ¶
type NavigationBar struct {
}
func (*NavigationBar) CalcHash ¶
func (m *NavigationBar) CalcHash() string
type Payload ¶
type Payload struct {
gorm.Model
// Must: payload group
Group string `json:"group" gorm:"index"`
// payload folder
Folder *string `json:"folder" gorm:"column:folder;default:''"` // default empty string
GroupIndex *int64 `json:"group_index" gorm:"column:group_index;default:0"` // default 0
// strconv Quoted
// Must: payload data
Content *string `json:"content"`
// hit count
HitCount *int64 `json:"hit_count" gorm:"column:hit_count;default:0"` // default 0
// the group save in file only contain one payload, and this `payload.IsFile = true` `payload.Content` is filepath
IsFile *bool `json:"is_file" gorm:"column:is_file;default:false"` // default false
// Hash string
Hash string `json:"hash" gorm:"unique_index"`
}
func (*Payload) BeforeCreate ¶
func (*Payload) BeforeSave ¶
func (*Payload) BeforeUpdate ¶
type PluginGroup ¶
type PluginGroup struct {
gorm.Model
YakScriptName string `json:"yak_script_name" gorm:"index"`
Group string `json:"group"`
Hash string `json:"hash" gorm:"unique_index"`
TemporaryId string `json:"temporary_id"`
IsPocBuiltIn bool `json:"is_poc_built_in"`
}
func (*PluginGroup) CalcHash ¶
func (p *PluginGroup) CalcHash() string
type Port ¶
type Port struct {
gorm.Model
Host string `json:"host" gorm:"index"`
IPInteger int `json:"ip_integer" gorm:"column:ip_integer" json:"ip_integer"`
Port int `json:"port" gorm:"index"`
Proto string `json:"proto"`
ServiceType string `json:"service_type"`
State string `json:"state"`
Reason string `json:"reason"`
Fingerprint string `json:"fingerprint"`
CPE string `json:"cpe"`
HtmlTitle string `json:"html_title"`
From string `json:"from"`
Hash string `json:"hash"`
TaskName string `json:"task_name"`
// runtime id 运行时 ID
RuntimeId string `json:"runtime_id"`
}
func (*Port) BeforeSave ¶
type Project ¶
type Project struct {
gorm.Model
ProjectName string
Description string
DatabasePath string
IsCurrentProject bool
FolderID int64
ChildFolderID int64
Type string
}
Project 描述一个 Yakit 项目 一般项目数据都是应该用 ProjectDatabase 作为连接的 但是项目本身的元数据应该存在 ProfileDatabase 中
type ProjectGeneralStorage ¶
type Report ¶
type Report struct {
TitleValue string `json:"title"`
OwnerValue string `json:"owner"`
FromValue string `json:"from"`
Items []*ReportItem `json:"items"`
}
func (*Report) BarGraphHorizontal ¶
func (r *Report) BarGraphHorizontal(items ...interface{})
func (*Report) BarGraphVertical ¶
func (r *Report) BarGraphVertical(items ...interface{})
func (*Report) SearchTable ¶
func (r *Report) SearchTable(i interface{}, raw ...interface{})
func (*Report) ToRecord ¶
func (r *Report) ToRecord() (*ReportRecord, error)
type ReportItem ¶
type ReportRecord ¶
type ReportRecord struct {
gorm.Model
Title string
PublishedAt time.Time `json:"published_at"`
Hash string `json:"hash" gorm:"unique_index"`
Owner string `json:"owner"`
From string `json:"from"`
QuotedJson string `json:"quoted_json"`
}
func (*ReportRecord) BeforeSave ¶
func (r *ReportRecord) BeforeSave()
func (*ReportRecord) CalcHash ¶
func (r *ReportRecord) CalcHash() string
func (*ReportRecord) ToGRPCModel ¶
func (i *ReportRecord) ToGRPCModel() *ypb.Report
func (*ReportRecord) ToReport ¶
func (r *ReportRecord) ToReport() (*Report, error)
type Risk ¶
type Risk struct {
gorm.Model
Hash string `json:"hash"`
// essential
IP string `json:"ip"`
IPInteger int64 `json:"ip_integer"`
// extraTargets
Url string `json:"url"`
Port int `json:"port"`
Host string `json:"host"`
//
Title string `json:"title"`
TitleVerbose string `json:"title_verbose"`
Description string `json:"description"`
Solution string `json:"solution"`
RiskType string `json:"risk_type"`
RiskTypeVerbose string `json:"risk_verbose"`
Parameter string `json:"parameter"`
Payload string `json:"payload"`
Details string `json:"details"`
Severity string `json:"severity"`
// 来源于哪个插件?
FromYakScript string `json:"from_yak_script"`
YakScriptUUID string `json:"yak_script_uuid"`
// 等待验证中?
WaitingVerified bool `json:"waiting_verified"`
// 用于验证的 ReverseToken
ReverseToken string `json:"reverse_token"`
// 设置运行时 ID 为了关联具体漏洞
RuntimeId string `json:"runtime_id"`
QuotedRequest string `json:"quoted_request"`
QuotedResponse string `json:"quoted_response"`
// 潜在威胁:用于输出合规性质的漏洞内容
IsPotential bool `json:"is_potential"`
CVE string `json:"cve"`
IsRead bool `json:"is_read"`
Ignore bool `json:"ignore"`
UploadOnline bool `json:"upload_online"`
TaskName string `json:"task_name"`
CveAccessVector string `json:"cve_access_vector"`
CveAccessComplexity string `json:"cve_access_complexity"`
Tags string `json:"tags"`
}
func (*Risk) BeforeSave ¶
func (*Risk) ColorizedShow ¶
func (p *Risk) ColorizedShow()
func (*Risk) ToGRPCModel ¶
type RssFeed ¶
type RssFeed struct {
gorm.Model
SourceXmlUrl string
Hash string `gorm:"columns:hash;unique_index"`
Title string `json:"title,omitempty"`
Description string `json:"description,omitempty"`
Link string `json:"link,omitempty"`
FeedLink string `json:"feedLink,omitempty"`
Updated string `json:"updated,omitempty"`
UpdatedParsed *time.Time `json:"updatedParsed,omitempty"`
Published string `json:"published,omitempty"`
PublishedParsed *time.Time `json:"publishedParsed,omitempty"`
Author string `json:"author,omitempty"`
AuthorEmail string `json:"author_email,omitempty"`
Language string `json:"language,omitempty"`
ImageUrl string `json:"image_url,omitempty"`
ImageName string `json:"image_name,omitempty"`
Copyright string `json:"copyright,omitempty"`
Generator string `json:"generator,omitempty"`
Categories string `json:"categories,omitempty"`
FeedType string `json:"feedType"`
FeedVersion string `json:"feedVersion"`
}
func (*RssFeed) BeforeSave ¶
type SSAProgram ¶
type ScreenRecorder ¶
type ScreenRecorder struct {
gorm.Model
// 保存到本地的路径
Filename string
NoteInfo string
Project string
Hash string `json:"hash" gorm:"unique_index"`
VideoName string
Cover string `gorm:"type:longtext"`
Duration string
}
func (*ScreenRecorder) BeforeSave ¶
func (s *ScreenRecorder) BeforeSave() error
func (*ScreenRecorder) CalcHash ¶
func (s *ScreenRecorder) CalcHash() string
type SlicesEx ¶
type SlicesEx[K comparable] []K
type SyntaxFlowRule ¶
type SyntaxFlowRule struct {
gorm.Model
IsBuildInRule bool
// Language is the language of the rule.
// if the rule is not set, all languages will be used.
Language string
RuleName string `gorm:"unique_index"`
Title string
TitleZh string
Description string
Tag string
AlertDesc MapEx[string, *ExtraDescInfo] `gorm:"type:text"`
// yak or sf
Type SyntaxFlowRuleType
Severity SyntaxFlowSeverity
Content string
// Purpose is the purpose of the rule.
// audit / vuln / config / security / information
Purpose SyntaxFlowRulePurposeType
// DemoFileSystem will description the file system of the rule.
// This is a json string.
// save map[string]quotedString
TypicalHitFileSystem []byte
Verified bool
// AllowIncluded is the rule can be included by other rules.
// If the rule is included by other rules, the rule will not be shown in the result.
AllowIncluded bool
IncludedName string
OpCodes string
Hash string `json:"hash" gorm:"unique_index"`
}
func (*SyntaxFlowRule) BeforeSave ¶
func (s *SyntaxFlowRule) BeforeSave() error
func (*SyntaxFlowRule) CalcHash ¶
func (s *SyntaxFlowRule) CalcHash() string
func (*SyntaxFlowRule) GetAlertInfo ¶
func (s *SyntaxFlowRule) GetAlertInfo(msg string) (string, bool)
func (*SyntaxFlowRule) ToGRPCModel ¶
func (s *SyntaxFlowRule) ToGRPCModel() *ypb.SyntaxFlowRule
type SyntaxFlowRuleGroup ¶
type SyntaxFlowRuleGroup struct {
gorm.Model
RuleName string `gorm:"index"`
GroupName string `gorm:"index"`
Hash string `gorm:"unique_index"`
}
func (*SyntaxFlowRuleGroup) BeforeSave ¶
func (s *SyntaxFlowRuleGroup) BeforeSave() error
func (*SyntaxFlowRuleGroup) CalcHash ¶
func (s *SyntaxFlowRuleGroup) CalcHash() string
type SyntaxFlowRulePurposeType ¶
type SyntaxFlowRulePurposeType string
const ( SFR_PURPOSE_AUDIT SyntaxFlowRulePurposeType = "audit" SFR_PURPOSE_VULN SyntaxFlowRulePurposeType = "vuln" SFR_PURPOSE_CONFIG SyntaxFlowRulePurposeType = "config" SFR_PURPOSE_SECURITY SyntaxFlowRulePurposeType = "security" )
func ValidPurpose ¶
func ValidPurpose(i any) SyntaxFlowRulePurposeType
type SyntaxFlowRuleType ¶
type SyntaxFlowRuleType string
const ( SFR_RULE_TYPE_YAK SyntaxFlowRuleType = "yak" SFR_RULE_TYPE_SF SyntaxFlowRuleType = "sf" )
func ValidRuleType ¶
func ValidRuleType(i any) SyntaxFlowRuleType
type SyntaxFlowSeverity ¶
type SyntaxFlowSeverity string
func ValidSeverityType ¶
func ValidSeverityType(i any) SyntaxFlowSeverity
type TrafficPacket ¶
type TrafficPacket struct {
gorm.Model
SessionUuid string `gorm:"index"`
LinkLayerType string
NetworkLayerType string
TransportLayerType string
ApplicationLayerType string
Payload string
// QuotedRaw contains the raw bytes of the packet, quoted such that it can be
// caution: QuotedRaw is (maybe) not an utf8-valid string
// quoted-used for save to database
QuotedRaw string
EthernetEndpointHardwareAddrSrc string
EthernetEndpointHardwareAddrDst string
IsIpv4 bool
IsIpv6 bool
NetworkEndpointIPSrc string
NetworkEndpointIPDst string
TransportEndpointPortSrc int
TransportEndpointPortDst int
}
type TrafficSession ¶
type TrafficSession struct {
gorm.Model
Uuid string `gorm:"index"`
// Traffic SessionType Means a TCP Session / ICMP Request-Response / UDP Request-Response
// DNS Request-Response
// HTTP Request-Response
// we can't treat Proto as any transport layer proto or application layer proto
// because we can't know the proto of a packet before we parse it
//
// just use session type as a hint / verbose to group some frames(packets).
//
// 1. tcp (reassembled)
// 2. udp (try figure out request-response)
// 3. dns
// 4. http (flow)
// 5. icmp (request-response)
// 6. sni (tls client hello)
SessionType string `gorm:"index"`
DeviceName string `gorm:"index"`
DeviceType string
// LinkLayer physical layer
IsLinkLayerEthernet bool
LinkLayerSrc string
LinkLayerDst string
// NetworkLayer network layer
IsIpv4 bool
IsIpv6 bool
NetworkSrcIP string
NetworkSrcIPInt int64
NetworkDstIP string
NetworkDstIPInt int64
// TransportLayer transport layer
IsTcpIpStack bool
TransportLayerSrcPort int
TransportLayerDstPort int
// TCP State Flags
// PDU Reassembled
IsTCPReassembled bool
// TCP SYN Detected? If so, it's a new TCP Session
// 'half' means we haven't seen a FIN or RST
IsHalfOpen bool
// TCP FIN Detected
IsClosed bool
// TCP RST Detected
IsForceClosed bool
// TLS ClientHello
HaveClientHello bool
SNI string
}
type WebFuzzerConfig ¶
type WebFuzzerLabel ¶
type WebFuzzerLabel struct {
gorm.Model
Label string `json:"label"`
// 模版数据唯一标识,用来兼容做对比
DefaultDescription string `json:"default_description"`
Description string `json:"description"`
Hash string `gorm:"unique_index"`
}
func (*WebFuzzerLabel) CalcHash ¶
func (w *WebFuzzerLabel) CalcHash() string
type WebFuzzerResponse ¶
type WebFuzzerResponse struct {
gorm.Model
WebFuzzerTaskId int `json:"web_fuzzer_task_id" gorm:"index"`
OK bool `json:"ok"`
Request string `json:"request"`
Content string `json:"content"`
Payload string `json:"payload"`
Url string `json:"url"`
StatusCode int `json:"status_code"`
DurationMs int `json:"duration_ms"`
Timestamp int64 `json:"timestamp"`
HiddenIndex string `json:"hidden_index"`
}
func (*WebFuzzerResponse) CalcCacheHash ¶
func (w *WebFuzzerResponse) CalcCacheHash() string
func (*WebFuzzerResponse) ToGRPCModel ¶
func (w *WebFuzzerResponse) ToGRPCModel() (*ypb.FuzzerResponse, error)
type WebFuzzerTask ¶
type WebFuzzerTask struct {
gorm.Model
// 原始请求 json+quote
RawFuzzTaskRequest string `json:"raw_fuzz_task_request"`
// 对应前端的组织形式
FuzzerIndex string `json:"fuzzer_index"`
FuzzerTabIndex string `json:"fuzzer_tab_index"`
// HTTP 数据流总量
HTTPFlowTotal int `json:"http_flow_total"`
HTTPFlowSuccessCount int `json:"http_flow_success_count"`
HTTPFlowFailedCount int `json:"http_flow_failed_count"`
Ok bool `json:"ok"`
Reason string `json:"reason"` // if not ok
Host string `json:"host"`
Port int `json:"port"`
// retry 相关
RetryRootID uint `json:"retry_root_id"`
}
这个结构用于保存当前测试的结果
包含:基本参数+请求数据
耗时+执行结果
执行结果包含,失败原因与执行成功的原因。
总共有多少个请求
func (*WebFuzzerTask) CalcCacheHash ¶
func (w *WebFuzzerTask) CalcCacheHash() string
func (*WebFuzzerTask) ToGRPCModel ¶
func (w *WebFuzzerTask) ToGRPCModel() *ypb.HistoryHTTPFuzzerTask
func (*WebFuzzerTask) ToGRPCModelDetail ¶
func (w *WebFuzzerTask) ToGRPCModelDetail() *ypb.HistoryHTTPFuzzerTaskDetail
type WebShell ¶
type WebShell struct {
gorm.Model
Url string `json:"url" gorm:"index" `
// pass=payload
Pass string `json:"pass"`
// 加密密钥
SecretKey string `json:"secret_key" gorm:"not null"`
// 加密模式
EncryptedMode string `json:"enc_mode" gorm:"column:enc_mode"`
// 字符集编码
Charset string `json:"charset" gorm:"default:'UTF-8'"`
// 冰蝎还是哥斯拉,或者是其他
ShellType string `json:"shell_type"`
// 脚本语言
ShellScript string `json:"shell_script"`
Headers string `json:"headers" gorm:"type:json"`
Posts string `json:"posts" gorm:"type:json"`
Status bool `json:"status"`
Tag string `json:"tag"`
Proxy string `json:"proxy"`
Remark string `json:"remark"`
Hash string `json:"hash"`
PacketCodecName string `json:"packet_codec_name"`
PayloadCodecName string `json:"payload_codec_name"`
Os string `json:"os"` //操作系统
Timeout int64 `json:"timeout"` //超时时间
Retry int64 `json:"retry"` //重连次数
BlockSize int64 `json:"block_size"` //分块大小
MaxSize int64 `json:"max_size"` //上传的最大数量
IsSession bool `json:"is_session"` //是否是session类型
}
func (*WebShell) BeforeSave ¶
func (*WebShell) ToGRPCModel ¶
type WebsocketFlow ¶
type WebsocketFlow struct {
gorm.Model
// HTTPFlow 过来的应该有 WebsocketHash
WebsocketRequestHash string `json:"websocket_request_hash" gorm:"index"`
FrameIndex int `json:"frame_index" gorm:"index"`
FromServer bool `json:"from_server"`
QuotedData string `json:"quoted_data"`
MessageType string `json:"message_type"`
Hash string `json:"hash"`
}
func (*WebsocketFlow) BeforeSave ¶
func (f *WebsocketFlow) BeforeSave() error
func (*WebsocketFlow) CalcHash ¶
func (f *WebsocketFlow) CalcHash() string
func (*WebsocketFlow) ToGRPCModel ¶
func (i *WebsocketFlow) ToGRPCModel() *ypb.WebsocketFlow
type YakScript ¶
type YakScript struct {
gorm.Model
ScriptName string `json:"script_name" gorm:"unique_index"`
Type string `json:"type" gorm:"index"`
Content string `json:"content"`
Level string `json:"level"`
Params string `json:"params"`
Help string `json:"help"`
Author string `json:"author"`
Tags string `json:"tags,omitempty"`
Ignored bool `json:"ignore"`
// 加载本地的数据
FromLocal bool `json:"from_local"`
LocalPath string `json:"local_path"`
// History string
IsHistory bool `json:"is_history"`
// Force Interactive
// Means that this script will be executed in interactive mode
// cannot load as a plugin or a module by mix caller
ForceInteractive bool `json:"force_interactive"`
FromStore bool `json:"from_store"`
IsGeneralModule bool `json:"is_general_module"`
GeneralModuleVerbose string `json:"general_module_verbose"`
GeneralModuleKey string `json:"general_module_key"`
FromGit string `json:"from_git"`
// 这个是自动填写的,一般不需要自己来填写
// 条件是 Params 中有一个名字为 target 的必填参数
IsBatchScript bool `json:"is_batch_script"`
IsExternal bool `json:"is_external"`
EnablePluginSelector bool `json:"enable_plugin_selector"`
PluginSelectorTypes string `json:"plugin_selector_types"`
// Online ID: 线上插件的 ID
OnlineId int64 `json:"online_id"`
OnlineScriptName string `json:"online_script_name"`
OnlineContributors string `json:"online_contributors"`
OnlineIsPrivate bool `json:"online_is_private"`
// 这个插件所属用户 ID
UserId int64 `json:"user_id"`
// 这个插件的 UUID
Uuid string `json:"uuid"`
HeadImg string `json:"head_img"`
OnlineBaseUrl string `json:"online_base_url"`
BaseOnlineId int64 `json:"BaseOnlineId"`
OnlineOfficial bool `json:"online_official"`
OnlineGroup string `json:"online_group"`
IsCorePlugin bool `json:"is_core_plugin"` // 判断是否是核心插件
// 废弃字段
RiskType string `json:"risk_type"`
// 漏洞详情 建议,描述,cwe
RiskDetail string `json:"risk_detail"`
// 漏洞类型-补充说明 废弃
RiskAnnotation string `json:"risk_annotation"`
// 协作者
CollaboratorInfo string `json:"collaborator_info"`
// contains filtered or unexported fields
}
func (*YakScript) BeforeSave ¶
func (*YakScript) GetParams ¶
func (s *YakScript) GetParams() []*ypb.YakScriptParam
func (*YakScript) ToGRPCModel ¶
Source Files
¶
- alive_host.go
- briefing.go
- codec_flow.go
- database_schema.go
- domain.go
- exec_history.go
- exec_result.go
- extracted_data.go
- fingerprint_general_rule.go
- general_storage.go
- host.go
- httpflow.go
- hybird_scan_task.go
- markdown_doc.go
- menu_item.go
- nasl_script.go
- navigation_bar.go
- payload.go
- plugin_group.go
- port.go
- progress.go
- project.go
- project_general_storage.go
- report_record.go
- risk.go
- rss_feed.go
- screen_recorder.go
- ssa_program.go
- syntaxflow_rule.go
- syntaxflow_rule_group.go
- traffic_packet.go
- traffic_session.go
- traffic_tcp_reassembled_frame.go
- utils_broadcast_data.go
- webfuzzer_config.go
- webfuzzer_label.go
- webfuzzer_task.go
- webshell.go
- websocket_flow.go
- yak_script.go
Click to show internal directories.
Click to hide internal directories.