passive

package
v0.0.0-...-d1533f9 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jul 28, 2025 License: MIT Imports: 19 Imported by: 0

Documentation

Overview

pkg/passive/archive.go

pkg/passive/certificate.go

pkg/passive/coderepo.go

pkg/passive/email_security.go

pkg/passive/helpers.go

pkg/passive/modules.go

pkg/passive/types.go

Index

Constants

View Source 
const (
	SourceWebArchive  = "web_archive"
	SourceDNS         = "dns"
	SourceCertificate = "certificate"
	SourceCodeRepo    = "code_repository"
)

Source constants

Variables

This section is empty.

Functions

This section is empty.

Types

type APIDoc 

type APIDoc struct {
	URL         string    `json:"url"`
	Title       string    `json:"title"`
	Version     string    `json:"version"`
	Endpoints   []string  `json:"endpoints"`
	Timestamp   time.Time `json:"timestamp"`
	Description string    `json:"description"`
}

APIDoc represents API documentation found in archives

type APIKeyPatternStrategy 

type APIKeyPatternStrategy struct {
	// contains filtered or unexported fields
}

APIKeyPatternStrategy searches for API key patterns

func NewAPIKeyPatternStrategy 

func NewAPIKeyPatternStrategy(ci *CodeIntel) *APIKeyPatternStrategy

func (*APIKeyPatternStrategy) Name 

func (a *APIKeyPatternStrategy) Name() string

func (*APIKeyPatternStrategy) Priority 

func (a *APIKeyPatternStrategy) Priority() int

func (*APIKeyPatternStrategy) Search 

func (a *APIKeyPatternStrategy) Search(ctx context.Context, target string) ([]CodeSearchResult, error)

type ArchiveFindings 

type ArchiveFindings struct {
	Domain           string                    `json:"domain"`
	DeletedEndpoints []ArchivedEndpoint        `json:"deleted_endpoints"`
	OldParameters    []string                  `json:"old_parameters"`
	DevURLs          []string                  `json:"dev_urls"`
	APIDocumentation []APIDoc                  `json:"api_documentation"`
	ExposedSecrets   []Secret                  `json:"exposed_secrets"`
	TechStackChanges []TechChange              `json:"tech_stack_changes"`
	SecurityHeaders  map[string][]HeaderChange `json:"security_headers"`
}

ArchiveFindings represents intelligence extracted from web archives

type ArchiveIntel 

type ArchiveIntel struct {
	// contains filtered or unexported fields
}

ArchiveIntel provides web archive archaeological intelligence

func NewArchiveIntel 

func NewArchiveIntel(logger *logger.Logger) *ArchiveIntel

NewArchiveIntel creates a new archive intelligence module

func (*ArchiveIntel) AnalyzeChanges 

func (a *ArchiveIntel) AnalyzeChanges(snapshots []Snapshot) []SecurityDegradation

AnalyzeChanges performs deep analysis of security changes over time

func (*ArchiveIntel) ExtractIntelligence 

func (a *ArchiveIntel) ExtractIntelligence(domain string) (*ArchiveFindings, error)

ExtractIntelligence performs comprehensive archive analysis

type ArchiveModule 

type ArchiveModule interface {
	ExtractIntelligence(target string) (*ArchiveFindings, error)
}

ArchiveModule interface for archive intelligence

type ArchiveSource 

type ArchiveSource interface {
	Name() string
	GetSnapshots(domain string) ([]Snapshot, error)
	GetSnapshotContent(url string, timestamp time.Time) (string, error)
}

ArchiveSource represents a web archive source

type ArchiveToday 

type ArchiveToday struct {
	// contains filtered or unexported fields
}

ArchiveToday implements the ArchiveSource interface

func NewArchiveToday 

func NewArchiveToday() *ArchiveToday

func (*ArchiveToday) GetSnapshotContent 

func (a *ArchiveToday) GetSnapshotContent(url string, timestamp time.Time) (string, error)

func (*ArchiveToday) GetSnapshots 

func (a *ArchiveToday) GetSnapshots(domain string) ([]Snapshot, error)

func (*ArchiveToday) Name 

func (a *ArchiveToday) Name() string

type ArchivedEndpoint 

type ArchivedEndpoint struct {
	URL          string    `json:"url"`
	Method       string    `json:"method"`
	Parameters   []string  `json:"parameters"`
	LastSeen     time.Time `json:"last_seen"`
	FirstSeen    time.Time `json:"first_seen"`
	Status       string    `json:"status"` // active, deleted, moved
	Technologies []string  `json:"technologies"`
	StillExists  bool      `json:"still_exists"`
}

ArchivedEndpoint represents an endpoint found in archives

type CTLogAPI 

type CTLogAPI interface {
	Name() string
	SearchDomain(domain string) ([]CertificateRecord, error)
	StreamNewCertificates(domain string) <-chan CertificateRecord
}

CTLogAPI represents a Certificate Transparency log API

type CensysCertAPI 

type CensysCertAPI struct {
	// contains filtered or unexported fields
}

CensysCertAPI implements the CTLogAPI interface

func NewCensysCertAPI 

func NewCensysCertAPI() *CensysCertAPI

func (*CensysCertAPI) Name 

func (c *CensysCertAPI) Name() string

func (*CensysCertAPI) SearchDomain 

func (c *CensysCertAPI) SearchDomain(domain string) ([]CertificateRecord, error)

func (*CensysCertAPI) StreamNewCertificates 

func (c *CensysCertAPI) StreamNewCertificates(domain string) <-chan CertificateRecord

type CertIntel 

type CertIntel struct {
	// contains filtered or unexported fields
}

CertIntel provides certificate transparency intelligence

func NewCertIntel 

func NewCertIntel(logger *logger.Logger) *CertIntel

NewCertIntel creates a new certificate intelligence module

func (*CertIntel) CorrelateWithEmailDomains 

func (c *CertIntel) CorrelateWithEmailDomains(emails []string) []string

CorrelateWithEmailDomains finds certificates using email domain patterns

func (*CertIntel) DiscoverAllCertificates 

func (c *CertIntel) DiscoverAllCertificates(ctx context.Context, domain string) ([]CertificateRecord, error)

DiscoverAllCertificates finds all certificates for a domain across CT logs

func (*CertIntel) ExtractIntel 

func (c *CertIntel) ExtractIntel(cert Certificate) CertificateIntel

ExtractIntel extracts intelligence from a certificate

func (*CertIntel) IdentifyNamingPatterns 

func (c *CertIntel) IdentifyNamingPatterns(certs []Certificate) []Pattern

IdentifyNamingPatterns analyzes certificates to find naming conventions

func (*CertIntel) StreamCertificates 

func (c *CertIntel) StreamCertificates(domain string) <-chan Certificate

StreamCertificates monitors CT logs for new certificates in real-time

type Certificate 

type Certificate struct {
	Raw                   []byte
	DNSNames              []string
	Subject               Name
	Issuer                Name
	SerialNumber          *big.Int
	NotBefore             time.Time
	NotAfter              time.Time
	KeyUsage              x509.KeyUsage
	ExtKeyUsage           []x509.ExtKeyUsage
	UnknownExtKeyUsage    []string
	BasicConstraintsValid bool
	IsCA                  bool
	MaxPathLen            int
	MaxPathLenZero        bool
}

Certificate represents an X.509 certificate for passive scanning

type CertificateIntel 

type CertificateIntel struct {
	Domain           string    `json:"domain"`
	SANs             []string  `json:"sans"`
	Organizations    []string  `json:"organizations"`
	Emails           []string  `json:"emails"`
	IssuedDate       time.Time `json:"issued_date"`
	ExpiryDate       time.Time `json:"expiry_date"`
	Issuer           string    `json:"issuer"`
	SerialNumber     string    `json:"serial_number"`
	Fingerprint      string    `json:"fingerprint"`
	WildcardPatterns []string  `json:"wildcard_patterns"`
	InternalNames    []string  `json:"internal_names"`
}

CertificateIntel represents intelligence extracted from certificates

type CertificateModule 

type CertificateModule interface {
	DiscoverAllCertificates(ctx context.Context, domain string) ([]CertificateRecord, error)
	IdentifyNamingPatterns(certs []Certificate) []Pattern
}

CertificateModule interface for certificate intelligence

type CertificateRecord 

type CertificateRecord struct {
	Domain         string
	SANs           []string
	CommonName     string
	Organizations  []string
	EmailAddresses []string
	NotBefore      time.Time
	NotAfter       time.Time
	SerialNumber   string
	Issuer         string
	Fingerprint    string
	LogURL         string
	EntryTimestamp time.Time
}

CertificateRecord represents a certificate from CT logs

type CloudFlareModule 

type CloudFlareModule interface {
	DetectCloudFlare(domain string) (bool, error)
	FindOriginIP(domain string) ([]OriginCandidate, error)
}

CloudFlareModule interface for CloudFlare bypass

type CodeIntel 

type CodeIntel struct {
	// contains filtered or unexported fields
}

CodeIntel provides code repository intelligence gathering

func NewCodeIntel 

func NewCodeIntel(logger *logger.Logger, githubToken, gitlabToken, bitbucketToken string) *CodeIntel

NewCodeIntel creates a new code repository intelligence module

func (*CodeIntel) AnalyzeRepository 

func (c *CodeIntel) AnalyzeRepository(repo Repository) []Finding

AnalyzeRepository performs deep analysis on a discovered repository

func (*CodeIntel) SearchAllPlatforms 

func (c *CodeIntel) SearchAllPlatforms(ctx context.Context, target string) ([]CodeSearchResult, error)

SearchAllPlatforms searches across multiple code platforms

type CodeRepositoryModule 

type CodeRepositoryModule interface {
	SearchAllPlatforms(ctx context.Context, target string) ([]CodeResult, error)
}

CodeRepositoryModule interface for code repository scanning

type CodeResult 

type CodeResult struct {
	Platform    string
	Type        string
	URL         string
	SecretType  string
	SecretValue string
	Severity    types.Severity
}

CodeResult from code repository search

type CodeSearchResult 

type CodeSearchResult struct {
	Platform    string
	Repository  string
	FilePath    string
	LineNumber  int
	Content     string
	CommitHash  string
	Author      string
	AuthorEmail string
	Timestamp   time.Time
	URL         string
	IsPrivate   bool
}

CodeSearchResult represents a result from code search

type CommonCrawl 

type CommonCrawl struct {
	// contains filtered or unexported fields
}

CommonCrawl implements the ArchiveSource interface

func NewCommonCrawl 

func NewCommonCrawl() *CommonCrawl

func (*CommonCrawl) GetSnapshotContent 

func (c *CommonCrawl) GetSnapshotContent(url string, timestamp time.Time) (string, error)

func (*CommonCrawl) GetSnapshots 

func (c *CommonCrawl) GetSnapshots(domain string) ([]Snapshot, error)

func (*CommonCrawl) Name 

func (c *CommonCrawl) Name() string

type ConfigAnalyzer 

type ConfigAnalyzer struct {
	// contains filtered or unexported fields
}

ConfigAnalyzer analyzes configuration files

func NewConfigAnalyzer 

func NewConfigAnalyzer() *ConfigAnalyzer

func (*ConfigAnalyzer) AnalyzeConfig 

func (c *ConfigAnalyzer) AnalyzeConfig(content, filePath string) []ConfigFinding

type ConfigFileStrategy 

type ConfigFileStrategy struct {
	// contains filtered or unexported fields
}

ConfigFileStrategy searches for configuration files

func NewConfigFileStrategy 

func NewConfigFileStrategy(ci *CodeIntel) *ConfigFileStrategy

func (*ConfigFileStrategy) Name 

func (c *ConfigFileStrategy) Name() string

func (*ConfigFileStrategy) Priority 

func (c *ConfigFileStrategy) Priority() int

func (*ConfigFileStrategy) Search 

func (c *ConfigFileStrategy) Search(ctx context.Context, target string) ([]CodeSearchResult, error)

type ConfigFinding 

type ConfigFinding struct {
	Type        string
	Title       string
	Description string
	Severity    string
	FilePath    string
	LineNumber  int
	Context     string
	ConfigType  string
}

type ConfigIssue 

type ConfigIssue struct {
	Pattern     *regexp.Regexp
	Type        string
	Title       string
	Description string
	Severity    string
}

type ConfigPattern 

type ConfigPattern struct {
	Name        string
	FilePattern *regexp.Regexp
	Issues      []ConfigIssue
}

type CrtShAPI 

type CrtShAPI struct {
	// contains filtered or unexported fields
}

CrtShAPI implements the CTLogAPI interface for crt.sh

func NewCrtShAPI 

func NewCrtShAPI() *CrtShAPI

func (*CrtShAPI) Name 

func (c *CrtShAPI) Name() string

func (*CrtShAPI) SearchDomain 

func (c *CrtShAPI) SearchDomain(domain string) ([]CertificateRecord, error)

func (*CrtShAPI) StreamNewCertificates 

func (c *CrtShAPI) StreamNewCertificates(domain string) <-chan CertificateRecord

type DKIMRecord 

type DKIMRecord struct {
	Selector    string
	Exists      bool
	Raw         string
	Version     string
	KeyType     string
	PublicKey   string
	KeyStrength int
	Flags       []string
	Issues      []string
}

DKIMRecord represents DKIM configuration

type DMARCRecord 

type DMARCRecord struct {
	Exists          bool
	Raw             string
	Version         string
	Policy          string // none, quarantine, reject
	SubdomainPolicy string
	Percentage      int
	RUA             []string // Aggregate report URIs
	RUF             []string // Forensic report URIs
	ADKIM           string   // DKIM alignment
	ASPF            string   // SPF alignment
	ReportFormat    string
	ReportInterval  int
	IsTooPermissive bool
	Issues          []string
}

DMARCRecord represents DMARC configuration analysis

type DetectedSecret 

type DetectedSecret struct {
	Type          string
	Value         string
	RedactedValue string
	FilePath      string
	LineNumber    int
	Line          string
	Severity      string
	Confidence    float64
}

type DiffEngine 

type DiffEngine struct {
	// contains filtered or unexported fields
}

DiffEngine compares content between different time periods

func NewDiffEngine 

func NewDiffEngine() *DiffEngine

NewDiffEngine creates a new diff engine

type DomainMentionStrategy 

type DomainMentionStrategy struct {
	// contains filtered or unexported fields
}

DomainMentionStrategy searches for domain mentions in code

func NewDomainMentionStrategy 

func NewDomainMentionStrategy(ci *CodeIntel) *DomainMentionStrategy

func (*DomainMentionStrategy) Name 

func (d *DomainMentionStrategy) Name() string

func (*DomainMentionStrategy) Priority 

func (d *DomainMentionStrategy) Priority() int

func (*DomainMentionStrategy) Search 

func (d *DomainMentionStrategy) Search(ctx context.Context, target string) ([]CodeSearchResult, error)

type EmailFindings 

type EmailFindings struct {
	Issues []EmailIssue
}

EmailFindings from email security analysis

type EmailIssue 

type EmailIssue struct {
	Type        string
	Severity    types.Severity
	Description string
	Evidence    []string
}

EmailIssue represents an email security issue

type EmailParser 

type EmailParser struct {
	// contains filtered or unexported fields
}

EmailParser extracts and analyzes email patterns

func NewEmailParser 

func NewEmailParser() *EmailParser

func (*EmailParser) ExtractDomainsFromEmails 

func (e *EmailParser) ExtractDomainsFromEmails(emails []string) []string

func (*EmailParser) IdentifyEmailPatterns 

func (e *EmailParser) IdentifyEmailPatterns(emails []string) []EmailPattern

type EmailPattern 

type EmailPattern struct {
	Format   string
	Examples []string
	Domain   string
}

type EmailProvider 

type EmailProvider struct {
	Name       string
	Type       string // hosting, protection, relay
	Confidence float64
	Features   []string
}

EmailProvider represents an email service provider

type EmailSecurityFindings 

type EmailSecurityFindings struct {
	Domain         string
	SPF            SPFRecord
	DKIM           []DKIMRecord
	DMARC          DMARCRecord
	MX             []MXRecord
	Issues         []SecurityIssue
	Opportunities  []SpoofingOpportunity
	RelatedDomains []string
	EmailProviders []EmailProvider
	Timestamp      time.Time
}

EmailSecurityFindings contains all email security analysis results

type EmailSecurityIntel 

type EmailSecurityIntel struct {
	// contains filtered or unexported fields
}

EmailSecurityIntel performs email security analysis on domains

func NewEmailSecurityIntel 

func NewEmailSecurityIntel(logger *logger.Logger) *EmailSecurityIntel

NewEmailSecurityIntel creates a new email security intelligence module

func (*EmailSecurityIntel) AnalyzeDomain 

func (e *EmailSecurityIntel) AnalyzeDomain(ctx context.Context, domain string) (*EmailSecurityFindings, error)

AnalyzeDomain performs comprehensive email security analysis

type EmailSecurityModule 

type EmailSecurityModule interface {
	AnalyzeDomain(ctx context.Context, domain string) (*EmailFindings, error)
}

EmailSecurityModule interface for email security analysis

type EmployeeCommitStrategy 

type EmployeeCommitStrategy struct {
	// contains filtered or unexported fields
}

EmployeeCommitStrategy searches for commits by known employees

func NewEmployeeCommitStrategy 

func NewEmployeeCommitStrategy(ci *CodeIntel) *EmployeeCommitStrategy

func (*EmployeeCommitStrategy) Name 

func (e *EmployeeCommitStrategy) Name() string

func (*EmployeeCommitStrategy) Priority 

func (e *EmployeeCommitStrategy) Priority() int

func (*EmployeeCommitStrategy) Search 

func (e *EmployeeCommitStrategy) Search(ctx context.Context, target string) ([]CodeSearchResult, error)

type FacebookCTAPI 

type FacebookCTAPI struct {
	// contains filtered or unexported fields
}

FacebookCTAPI implements the CTLogAPI interface

func NewFacebookCTAPI 

func NewFacebookCTAPI() *FacebookCTAPI

func (*FacebookCTAPI) Name 

func (f *FacebookCTAPI) Name() string

func (*FacebookCTAPI) SearchDomain 

func (f *FacebookCTAPI) SearchDomain(domain string) ([]CertificateRecord, error)

func (*FacebookCTAPI) StreamNewCertificates 

func (f *FacebookCTAPI) StreamNewCertificates(domain string) <-chan CertificateRecord

type Finding 

type Finding struct {
	Type        string
	Severity    string
	Title       string
	Description string
	Evidence    map[string]interface{}
	Repository  string
	URL         string
	Timestamp   time.Time
}

type GitHubSearchItem 

type GitHubSearchItem struct {
	Name       string `json:"name"`
	Path       string `json:"path"`
	HTMLURL    string `json:"html_url"`
	Repository struct {
		FullName string `json:"full_name"`
		Private  bool   `json:"private"`
	} `json:"repository"`
	TextMatches []TextMatch `json:"text_matches"`
}

type GitHubSearchResponse 

type GitHubSearchResponse struct {
	TotalCount int                `json:"total_count"`
	Items      []GitHubSearchItem `json:"items"`
}

type GoogleCTAPI 

type GoogleCTAPI struct {
	// contains filtered or unexported fields
}

GoogleCTAPI implements the CTLogAPI interface

func NewGoogleCTAPI 

func NewGoogleCTAPI() *GoogleCTAPI

func (*GoogleCTAPI) Name 

func (g *GoogleCTAPI) Name() string

func (*GoogleCTAPI) SearchDomain 

func (g *GoogleCTAPI) SearchDomain(domain string) ([]CertificateRecord, error)

func (*GoogleCTAPI) StreamNewCertificates 

func (g *GoogleCTAPI) StreamNewCertificates(domain string) <-chan CertificateRecord

type HardcodedCredsStrategy 

type HardcodedCredsStrategy struct {
	// contains filtered or unexported fields
}

HardcodedCredsStrategy searches for hardcoded credentials

func NewHardcodedCredsStrategy 

func NewHardcodedCredsStrategy(ci *CodeIntel) *HardcodedCredsStrategy

func (*HardcodedCredsStrategy) Name 

func (h *HardcodedCredsStrategy) Name() string

func (*HardcodedCredsStrategy) Priority 

func (h *HardcodedCredsStrategy) Priority() int

func (*HardcodedCredsStrategy) Search 

func (h *HardcodedCredsStrategy) Search(ctx context.Context, target string) ([]CodeSearchResult, error)

type HeaderChange 

type HeaderChange struct {
	Timestamp time.Time `json:"timestamp"`
	OldValue  string    `json:"old_value"`
	NewValue  string    `json:"new_value"`
	Removed   bool      `json:"removed"`
}

HeaderChange represents a security header change over time

type InfrastructureStrategy 

type InfrastructureStrategy struct {
	// contains filtered or unexported fields
}

InfrastructureStrategy searches for infrastructure-related code

func NewInfrastructureStrategy 

func NewInfrastructureStrategy(ci *CodeIntel) *InfrastructureStrategy

func (*InfrastructureStrategy) Name 

func (i *InfrastructureStrategy) Name() string

func (*InfrastructureStrategy) Priority 

func (i *InfrastructureStrategy) Priority() int

func (*InfrastructureStrategy) Search 

func (i *InfrastructureStrategy) Search(ctx context.Context, target string) ([]CodeSearchResult, error)

type InternalURLStrategy 

type InternalURLStrategy struct {
	// contains filtered or unexported fields
}

InternalURLStrategy searches for internal URLs

func NewInternalURLStrategy 

func NewInternalURLStrategy(ci *CodeIntel) *InternalURLStrategy

func (*InternalURLStrategy) Name 

func (i *InternalURLStrategy) Name() string

func (*InternalURLStrategy) Priority 

func (i *InternalURLStrategy) Priority() int

func (*InternalURLStrategy) Search 

func (i *InternalURLStrategy) Search(ctx context.Context, target string) ([]CodeSearchResult, error)

type JavaScriptAnalyzer 

type JavaScriptAnalyzer struct {
	// contains filtered or unexported fields
}

JavaScriptAnalyzer analyzes JavaScript for intelligence

func NewJavaScriptAnalyzer 

func NewJavaScriptAnalyzer() *JavaScriptAnalyzer

NewJavaScriptAnalyzer creates a new JavaScript analyzer

func (*JavaScriptAnalyzer) AnalyzeJavaScript 

func (js *JavaScriptAnalyzer) AnalyzeJavaScript(content, sourceURL string) JavaScriptFindings

AnalyzeJavaScript analyzes JavaScript content for intelligence

type JavaScriptFindings 

type JavaScriptFindings struct {
	Parameters   []string `json:"parameters"`
	APIEndpoints []string `json:"api_endpoints"`
	Secrets      []Secret `json:"secrets"`
}

JavaScriptFindings represents findings from JavaScript analysis

type MXRecord 

type MXRecord struct {
	Priority   uint16
	Host       string
	IPs        []string
	Provider   string
	Reputation float64
}

MXRecord represents mail exchanger information

type Name 

type Name struct {
	Country            []string
	Organization       []string
	OrganizationalUnit []string
	Locality           []string
	Province           []string
	StreetAddress      []string
	PostalCode         []string
	SerialNumber       string
	CommonName         string
}

Name represents a distinguished name for certificates

type OriginCandidate 

type OriginCandidate struct {
	IP         string
	Domain     string
	Method     string
	Evidence   []string
	Confidence float64
	Validated  bool
}

OriginCandidate represents a potential origin IP

type PassiveIntel 

type PassiveIntel struct {
	Target                string
	Timestamp             time.Time
	CloudFlareOrigins     []OriginCandidate
	ArchivedEndpoints     []ArchivedEndpoint
	CertificateSubdomains []string
	TechStack             map[string]TechInfo
	SecurityTimeline      []SecurityEvent
	DiscoveredSecrets     []Secret
	NamingPatterns        []Pattern
}

PassiveIntel represents aggregated passive intelligence

type PassiveModules 

type PassiveModules struct {
	Certificate CertificateModule
	Archive     ArchiveModule
	CloudFlare  CloudFlareModule
	EmailSec    EmailSecurityModule
	CodeRepo    CodeRepositoryModule
}

PassiveModules contains all passive scanning modules

type Pattern 

type Pattern struct {
	Type        string   `json:"type"`
	Template    string   `json:"template"`
	Examples    []string `json:"examples"`
	Confidence  float64  `json:"confidence"`
	Predictions []string `json:"predictions"`
}

Pattern represents a naming pattern found in certificates

type PatternDatabase 

type PatternDatabase struct {
	// contains filtered or unexported fields
}

PatternDatabase analyzes and stores naming patterns

func NewPatternDatabase 

func NewPatternDatabase() *PatternDatabase

func (*PatternDatabase) AnalyzePatterns 

func (p *PatternDatabase) AnalyzePatterns(domains []string) []Pattern

type Repository 

type Repository struct {
	Name        string
	Platform    string
	Owner       string
	IsPrivate   bool
	URL         string
	CloneURL    string
	Language    string
	LastUpdated time.Time
}

type RepositoryFile 

type RepositoryFile struct {
	Path       string
	Size       int64
	LastCommit string
	URL        string
}

type SPFMechanism 

type SPFMechanism struct {
	Type      string // a, mx, include, ip4, ip6, exists, ptr
	Qualifier string // +, -, ~, ?
	Value     string
}

SPFMechanism represents an SPF mechanism

type SPFRecord 

type SPFRecord struct {
	Exists          bool
	Raw             string
	Version         string
	Mechanisms      []SPFMechanism
	Modifiers       map[string]string
	Includes        []string
	IPs             []string
	All             string // +all, -all, ~all, ?all
	IsTooPermissive bool
	Issues          []string
}

SPFRecord represents SPF configuration analysis

type SearchStrategy 

type SearchStrategy interface {
	Name() string
	Search(ctx context.Context, target string) ([]CodeSearchResult, error)
	Priority() int
}

SearchStrategy represents a code search strategy

type Secret 

type Secret struct {
	Type      string    `json:"type"`
	Value     string    `json:"value"` // redacted
	Source    string    `json:"source"`
	URL       string    `json:"url"`
	Timestamp time.Time `json:"timestamp"`
	Severity  string    `json:"severity"`
	Context   string    `json:"context"`
}

Secret represents exposed credentials found in archives

type SecretPattern 

type SecretPattern struct {
	Name     string
	Regex    *regexp.Regexp
	Severity string
	Entropy  float64
}

type SecretScanner 

type SecretScanner struct {
	// contains filtered or unexported fields
}

SecretScanner scans for secrets in code

func NewSecretScanner 

func NewSecretScanner() *SecretScanner

func (*SecretScanner) ScanContent 

func (s *SecretScanner) ScanContent(content, filePath string) []DetectedSecret

type SecurityDegradation 

type SecurityDegradation struct {
	Type        string    `json:"type"`
	Description string    `json:"description"`
	Timestamp   time.Time `json:"timestamp"`
	Severity    string    `json:"severity"`
	URLs        []string  `json:"urls"`
}

SecurityDegradation represents a security posture degradation

type SecurityEvent 

type SecurityEvent struct {
	Type        string
	Description string
	Timestamp   time.Time
	Severity    string
	Source      string
	Evidence    []string
}

SecurityEvent represents a security-related event

type SecurityIssue 

type SecurityIssue struct {
	Type        string
	Title       string
	Description string
	Severity    types.Severity
	Evidence    []string
	Remediation string
}

SecurityIssue represents an email security problem

type Snapshot 

type Snapshot struct {
	URL        string
	Timestamp  time.Time
	StatusCode int
	MimeType   string
	Digest     string
}

Snapshot represents a point-in-time capture of a webpage

type SpoofingOpportunity 

type SpoofingOpportunity struct {
	Type       string
	Method     string
	Target     string
	Likelihood float64
	Impact     string
	POC        string // Proof of concept
	Mitigation string
}

SpoofingOpportunity represents a potential spoofing vector

type TechChange 

type TechChange struct {
	Timestamp  time.Time `json:"timestamp"`
	OldTech    string    `json:"old_tech"`
	NewTech    string    `json:"new_tech"`
	ChangeType string    `json:"change_type"`
	Endpoints  []string  `json:"endpoints"`
}

TechChange represents a technology stack change over time

type TechInfo 

type TechInfo struct {
	Name     string
	Version  string
	LastSeen time.Time
}

TechInfo represents technology information

type TechStackChange 

type TechStackChange struct {
	OldTech   string
	NewTech   string
	Timestamp time.Time
}

TechStackChange represents a technology change over time

type TextMatch 

type TextMatch struct {
	Fragment string `json:"fragment"`
	Matches  []struct {
		Text    string `json:"text"`
		Indices []int  `json:"indices"`
	} `json:"matches"`
}

type WaybackMachine 

type WaybackMachine struct {
	// contains filtered or unexported fields
}

WaybackMachine implements the ArchiveSource interface

func NewWaybackMachine 

func NewWaybackMachine() *WaybackMachine

func (*WaybackMachine) GetSnapshotContent 

func (w *WaybackMachine) GetSnapshotContent(url string, timestamp time.Time) (string, error)

func (*WaybackMachine) GetSnapshots 

func (w *WaybackMachine) GetSnapshots(domain string) ([]Snapshot, error)

func (*WaybackMachine) Name 

func (w *WaybackMachine) Name() string

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.