stage

package

v1.0.3 Latest Latest Go to latest Published: Nov 21, 2024 License: MIT Imports: 26 Imported by: 1

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/zcyberseclab/zscan

Documentation ¶

Index ¶

func InitGlobalScanner(configPath, pluginsDir string, enableGeo, enableCensys bool, ...) error
func MergeCensysData(node *Node, censysData *CensysHostResult)
func PrintResults(nodes []Node) error
func ScanTCPPort(ip string, port int) bool
func ScanUDPPort(ip string, port int) bool
type CensysCertificate
type CensysClient
- func NewCensysClient(apiKey, apiSecret string) *CensysClient
- func (c *CensysClient) GetHostInfo(ip string) (*CensysHostResult, error)
type CensysHostResult
type CensysLocation
type CensysService
type ClientConfig
type Config
type ExprContext
type Fingerprint
type IPDetails
type IPInfo
- func NewIPInfo(dbDir string) (*IPInfo, error)
- func (i *IPInfo) Close()
- func (i *IPInfo) GetIPInfo(ip string) (*IPDetails, error)
type Node
type POC
type POCContext
type POCExecutor
- func NewPOCExecutor(client *http.Client) *POCExecutor
- func (pe *POCExecutor) ExecutePOC(poc *POC, target string) POCResult
type POCResult
type PortFingerprint
type RawFingerprint
type Rule
type Scanner
- func GetGlobalScanner() *Scanner
- func NewScanner(configPath string, templatesDir string, enableGeo bool, enableCensys bool, ...) (*Scanner, error)
- func (s *Scanner) Close()
- func (s *Scanner) Scan(target string) ([]Node, error)
type ServiceAnalyzer
type ServiceDetector
- func NewServiceDetector(templatesDir string) *ServiceDetector
- func (sd *ServiceDetector) Close()
- func (sd *ServiceDetector) DetectService(ip string, port int, protocol string) []ServiceInfo
type ServiceInfo
type TLSInfo

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func InitGlobalScanner ¶

func InitGlobalScanner(configPath, pluginsDir string, enableGeo, enableCensys bool, censysAPIKey, censysSecret string) error

func MergeCensysData ¶

func MergeCensysData(node *Node, censysData *CensysHostResult)

MergeCensysData merges Censys data into the existing Node

func PrintResults ¶

func PrintResults(nodes []Node) error

func ScanTCPPort ¶

func ScanTCPPort(ip string, port int) bool

func ScanUDPPort ¶

func ScanUDPPort(ip string, port int) bool

Types ¶

type CensysCertificate ¶

type CensysCertificate struct {
	Fingerprint string `json:"fingerprint"`
	Issuer      string `json:"issuer"`
	Subject     string `json:"subject"`
}

type CensysClient ¶

type CensysClient struct {
	APIKey    string
	APISecret string
	// contains filtered or unexported fields
}

func NewCensysClient ¶

func NewCensysClient(apiKey, apiSecret string) *CensysClient

NewCensysClient initializes a new Censys API client

func (*CensysClient) GetHostInfo ¶

func (c *CensysClient) GetHostInfo(ip string) (*CensysHostResult, error)

GetHostInfo retrieves host information from Censys API

type CensysHostResult ¶

type CensysHostResult struct {
	IP       string          `json:"ip"`
	LastSeen time.Time       `json:"last_seen"`
	Services []CensysService `json:"services"`
	Location CensysLocation  `json:"location"`
}

type CensysLocation ¶

type CensysLocation struct {
	Country     string `json:"country"`
	City        string `json:"city"`
	Coordinates struct {
		Latitude  float64 `json:"latitude"`
		Longitude float64 `json:"longitude"`
	} `json:"coordinates"`
}

type CensysService ¶

type CensysService struct {
	Port        int                `json:"port"`
	ServiceName string             `json:"service_name"`
	Transport   string             `json:"transport_protocol"`
	Certificate *CensysCertificate `json:"tls,omitempty"`
	Banner      string             `json:"banner,omitempty"`
}

type ClientConfig ¶

type ClientConfig struct {
	Timeout           time.Duration
	MaxIdleConns      int
	IdleConnTimeout   time.Duration
	MaxConnsPerHost   int
	DisableKeepAlives bool
}

type Config ¶

type Config struct {
	TCPPorts []int `yaml:"tcp_ports"`
	UDPPorts []int `yaml:"udp_ports"`
}

type ExprContext ¶

type ExprContext struct {
	StatusCode int
	Body       string
	Headers    http.Header
}

type Fingerprint ¶

type Fingerprint struct {
	Headers      []string `json:"headers"`
	Body         []string `json:"body"`
	IconMD5      []string `json:"icon_md5"`
	URL          []string `json:"url"`
	Type         string   `json:"type,omitempty"`
	Manufacturer string   `json:"manufacturer,omitempty"`
	Ports        []int    `json:"ports,omitempty"`
}

Fingerprint represents a service fingerprint

type IPDetails ¶

type IPDetails struct {
	Continent     string  `json:"continent,omitempty"`
	ContinentCode string  `json:"continent_code,omitempty"`
	Country       string  `json:"country,omitempty"`
	CountryCode   string  `json:"country_code,omitempty"`
	Region        string  `json:"region,omitempty"`
	RegionCode    string  `json:"region_code,omitempty"`
	City          string  `json:"city,omitempty"`
	PostalCode    string  `json:"postal_code,omitempty"`
	Latitude      float64 `json:"latitude,omitempty"`
	Longitude     float64 `json:"longitude,omitempty"`
	TimeZone      string  `json:"timezone,omitempty"`

	ASN         uint   `json:"asn,omitempty"`
	ASNOrg      string `json:"asn_org,omitempty"`
	ISP         string `json:"isp,omitempty"`
	Domain      string `json:"domain,omitempty"`
	NetworkType string `json:"network_type,omitempty"`

	IsAnonymous    bool   `json:"is_anonymous,omitempty"`
	IsAnonymousVPN bool   `json:"is_anonymous_vpn,omitempty"`
	IsHosting      bool   `json:"is_hosting,omitempty"`
	IsProxy        bool   `json:"is_proxy,omitempty"`
	IsTorExitNode  bool   `json:"is_tor_exit_node,omitempty"`
	AccuracyRadius uint16 `json:"accuracy_radius,omitempty"`
}

type IPInfo ¶

type IPInfo struct {
	// contains filtered or unexported fields
}

func NewIPInfo ¶

func NewIPInfo(dbDir string) (*IPInfo, error)

func (*IPInfo) Close ¶

func (i *IPInfo) Close()

func (*IPInfo) GetIPInfo ¶

func (i *IPInfo) GetIPInfo(ip string) (*IPDetails, error)

type Node ¶

type Node struct {
	IP               string         `json:"ip"`
	Domain           string         `json:"domain,omitempty"`
	MAC              string         `json:"mac,omitempty"`
	Hostname         string         `json:"hostname,omitempty"`
	Tags             []string       `json:"tags,omitempty"`
	OS               string         `json:"os,omitempty"`
	Ports            []*ServiceInfo `json:"ports,omitempty"`
	PortsHistory     []*ServiceInfo `json:"ports_history,omitempty"`
	PortsHistoryDesc []string       `json:"ports_history_desc,omitempty"`
	Manufacturer     string         `json:"manufacturer,omitempty"`
	Devicetype       string         `json:"devicetype,omitempty"`
	Model            string         `json:"model,omitempty"`
	SensitiveInfo    []string       `json:"sensitive_info,omitempty"`
	Vulnerabilities  []POCResult    `json:"vulnerabilities,omitempty"`

	// Geographic Information
	Continent     string  `json:"continent,omitempty"`
	ContinentCode string  `json:"continent_code,omitempty"`
	Country       string  `json:"country,omitempty"`
	CountryCode   string  `json:"country_code,omitempty"`
	Region        string  `json:"region,omitempty"`
	RegionCode    string  `json:"region_code,omitempty"`
	City          string  `json:"city,omitempty"`
	PostalCode    string  `json:"postal_code,omitempty"`
	Latitude      float64 `json:"latitude,omitempty"`
	Longitude     float64 `json:"longitude,omitempty"`
	TimeZone      string  `json:"timezone,omitempty"`

	// Network Information
	ASN         uint   `json:"asn,omitempty"`
	ASNOrg      string `json:"asn_org,omitempty"`
	ISP         string `json:"isp,omitempty"`
	NetworkType string `json:"network_type,omitempty"`

	// Security Information
	IsAnonymous    bool   `json:"is_anonymous,omitempty"`
	IsAnonymousVPN bool   `json:"is_anonymous_vpn,omitempty"`
	IsHosting      bool   `json:"is_hosting,omitempty"`
	IsProxy        bool   `json:"is_proxy,omitempty"`
	IsTorExitNode  bool   `json:"is_tor_exit_node,omitempty"`
	AccuracyRadius uint16 `json:"accuracy_radius,omitempty"`
	AccuracyDesc   string `json:"accuracy_description,omitempty"`
}

Node represents a scanned host with all its information

type POC ¶

type POC struct {
	CVEID    string            `yaml:"cve-id"`
	Set      map[string]string `yaml:"set"`
	Rules    []Rule            `yaml:"rules"`
	Severity string            `yaml:"severity"`
	Type     string            `yaml:"type"`
}

type POCContext ¶

type POCContext struct {
	Variables map[string]string
	Matches   map[string]string
}

type POCExecutor ¶

type POCExecutor struct {
	// contains filtered or unexported fields
}

func NewPOCExecutor ¶

func NewPOCExecutor(client *http.Client) *POCExecutor

func (*POCExecutor) ExecutePOC ¶

func (pe *POCExecutor) ExecutePOC(poc *POC, target string) POCResult

type POCResult ¶

type POCResult struct {
	CVEID    string `json:"cve-id"`
	Severity string `json:"severity"`
	Type     string `json:"type"`
}

type PortFingerprint ¶

type PortFingerprint struct {
	Devicetype   string `json:"devicetype"`
	Type         string `json:"type,omitempty"`
	Manufacturer string `json:"manufacturer,omitempty"`
	OS           string `json:"os,omitempty"`
}

PortFingerprint represents port-specific fingerprint information

type RawFingerprint ¶

type RawFingerprint struct {
	Type         string   `json:"type,omitempty"`
	Manufacturer string   `json:"manufacturer,omitempty"`
	Devicetype   string   `json:"devicetype,omitempty"`
	Patterns     []string `json:"patterns"`
}

RawFingerprint represents a raw service fingerprint

type Rule ¶

type Rule struct {
	Method      string            `yaml:"method"`
	Path        string            `yaml:"path"`
	Headers     map[string]string `yaml:"headers"`
	Body        string            `yaml:"body"`
	Expression  string            `yaml:"expression"`
	Search      string            `yaml:"search"`
	SearchRegex string            `yaml:"search_regex"`
}

type Scanner ¶

type Scanner struct {
	// contains filtered or unexported fields
}

func GetGlobalScanner ¶

func GetGlobalScanner() *Scanner

func NewScanner ¶

func NewScanner(
	configPath string,
	templatesDir string,
	enableGeo bool,
	enableCensys bool,
	censysAPIKey string,
	censysSecret string,
) (*Scanner, error)

func (*Scanner) Close ¶

func (s *Scanner) Close()

func (*Scanner) Scan ¶

func (s *Scanner) Scan(target string) ([]Node, error)

type ServiceAnalyzer ¶

type ServiceAnalyzer interface {
	Analyze(info ServiceInfo) ServiceInfo
}

ServiceAnalyzer interface for service analysis

type ServiceDetector ¶

type ServiceDetector struct {
	Fingerprints     map[string]Fingerprint
	RawFingerprints  map[string]RawFingerprint // 改为新的类型
	PortFingerprints map[int]PortFingerprint
	// contains filtered or unexported fields
}

ServiceDetector struct and methods remain unchanged

func NewServiceDetector ¶

func NewServiceDetector(templatesDir string) *ServiceDetector

func (*ServiceDetector) Close ¶

func (sd *ServiceDetector) Close()

添加关闭方法

func (*ServiceDetector) DetectService ¶

func (sd *ServiceDetector) DetectService(ip string, port int, protocol string) []ServiceInfo

type ServiceInfo ¶

type ServiceInfo struct {
	Port            int               `json:"port"`
	Protocol        string            `json:"protocol"`
	Types           []string          `json:"types,omitempty"`
	Title           string            `json:"title,omitempty"`
	Version         string            `json:"version,omitempty"`
	Banner          string            `json:"banner,omitempty"`
	Headers         map[string]string `json:"headers,omitempty"`
	OS              string            `json:"os,omitempty"`
	Manufacturer    string            `json:"manufacturer,omitempty"`
	Devicetype      string            `json:"devicetype,omitempty"`
	Extra           map[string]string `json:"extra,omitempty"`
	SensitiveInfo   []string          `json:"sensitive_info,omitempty"`
	TLS             *TLSInfo          `json:"tls,omitempty"`
	Vulnerabilities []POCResult       `json:"vulnerabilities,omitempty"`
}

ServiceInfo represents service detection information

type TLSInfo ¶

type TLSInfo struct {
	Fingerprint string `json:"fingerprint,omitempty"`
	Issuer      string `json:"issuer,omitempty"`
	Subject     string `json:"subject,omitempty"`
}

TLSInfo represents TLS certificate information

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL