parsers

package
v0.0.0-...-ea7b840 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 12, 2026 License: MIT Imports: 13 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func MergeSubdomainLists 

func MergeSubdomainLists(lists ...*artifacts.SubdomainList) *artifacts.SubdomainList

MergeSubdomainLists combines multiple SubdomainList artifacts, deduplicating subdomains

func ParseAmassOutput 

func ParseAmassOutput(toolName string, output []byte, baseDomain string, phase string) (*artifacts.SubdomainList, error)

ParseAmassOutput parses amass JSON output into SubdomainList artifact

func ParseHTTPXOutput 

func ParseHTTPXOutput(toolName string, output []byte, phase string) (*artifacts.WebFindings, error)

ParseHTTPXOutput parses httpx JSON output into WebFindings artifact httpx outputs one JSON object per line when using -json flag

func ParseHTTPXToServiceFingerprint 

func ParseHTTPXToServiceFingerprint(toolName string, output []byte, phase string) (*artifacts.ServiceFingerprint, error)

ParseHTTPXToServiceFingerprint converts httpx output to ServiceFingerprint This is an alternative artifact type focused on service identification

func ParseNmapXMLOutput 

func ParseNmapXMLOutput(toolName string, output []byte, phase string) (*artifacts.PortScanResult, error)

ParseNmapXMLOutput parses nmap XML output into PortScanResult artifact nmap outputs XML when using -oX flag

func ParseNucleiOutput 

func ParseNucleiOutput(toolName string, output []byte, phase string) (*artifacts.VulnerabilityList, error)

ParseNucleiOutput parses nuclei JSON output into VulnerabilityList artifact Nuclei outputs one JSON object per line when using -json flag

func ParseNucleiToWebFindings 

func ParseNucleiToWebFindings(toolName string, output []byte, phase string) (*artifacts.WebFindings, error)

ParseNucleiToWebFindings converts nuclei output to WebFindings format This is an alternative that combines findings with endpoint data

func ParseSubfinderOutput 

func ParseSubfinderOutput(toolName string, output []byte, baseDomain string, phase string) (*artifacts.SubdomainList, error)

ParseSubfinderOutput parses subfinder JSON output into SubdomainList artifact

Types

type HTTPXResult 

type HTTPXResult struct {
	URL           string   `json:"url"`
	StatusCode    int      `json:"status_code"`
	ContentLength int      `json:"content_length"`
	ContentType   string   `json:"content_type"`
	Title         string   `json:"title"`
	Host          string   `json:"host"`
	Port          string   `json:"port"`
	Scheme        string   `json:"scheme"`
	Webserver     string   `json:"webserver"`
	ResponseTime  string   `json:"response_time"`
	Tech          []string `json:"tech"`
	Method        string   `json:"method"`
	IP            string   `json:"ip"`
	CDN           string   `json:"cdn"`
	CDNName       string   `json:"cdn_name"`
	A             []string `json:"a"`
	CNAME         []string `json:"cname"`
	TLS           *struct {
		Host          string   `json:"host"`
		Port          string   `json:"port"`
		Version       string   `json:"version"`
		Cipher        string   `json:"cipher"`
		TLSConnection string   `json:"tls_connection"`
		SubjectDN     string   `json:"subject_dn"`
		IssuerDN      string   `json:"issuer_dn"`
		NotBefore     string   `json:"not_before"`
		NotAfter      string   `json:"not_after"`
		SubjectAN     []string `json:"subject_an"`
	} `json:"tls"`
	Headers map[string]string `json:"header"`
}

HTTPXResult represents a single line of httpx JSON output

type LLMParser 

type LLMParser struct {
	// contains filtered or unexported fields
}

LLMParser uses an LLM to parse raw tool output into structured artifacts This is Layer 2 compression - falls back when structural parsers aren't available

func NewLLMParser 

func NewLLMParser(provider providers.LLMProvider, model string) *LLMParser

NewLLMParser creates a new LLM-based parser

func (*LLMParser) ParseOutput 

func (p *LLMParser) ParseOutput(ctx context.Context, toolName, toolDescription string, rawOutput []byte, expectedArtifactType string, phase string) (blackboard.Artifact, error)

ParseOutput uses LLM to extract structured data from raw tool output

type NmapAddress 

type NmapAddress struct {
	Addr     string `xml:"addr,attr"`
	AddrType string `xml:"addrtype,attr"` // ipv4, ipv6, mac
}

type NmapFinished 

type NmapFinished struct {
	Time    string  `xml:"time,attr"`
	Elapsed float64 `xml:"elapsed,attr"`
}

type NmapHost 

type NmapHost struct {
	Status    NmapStatus    `xml:"status"`
	Addresses []NmapAddress `xml:"address"`
	Hostnames NmapHostnames `xml:"hostnames"`
	Ports     NmapPorts     `xml:"ports"`
	OS        NmapOS        `xml:"os"`
}

type NmapHostname 

type NmapHostname struct {
	Name string `xml:"name,attr"`
	Type string `xml:"type,attr"`
}

type NmapHostnames 

type NmapHostnames struct {
	Hostnames []NmapHostname `xml:"hostname"`
}

type NmapOS 

type NmapOS struct {
	OSMatches []NmapOSMatch `xml:"osmatch"`
	OSClasses []NmapOSClass `xml:"osclass"`
}

type NmapOSClass 

type NmapOSClass struct {
	Type     string `xml:"type,attr"`
	Vendor   string `xml:"vendor,attr"`
	OSFamily string `xml:"osfamily,attr"`
	OSGen    string `xml:"osgen,attr"`
	Accuracy int    `xml:"accuracy,attr"`
}

type NmapOSMatch 

type NmapOSMatch struct {
	Name     string `xml:"name,attr"`
	Accuracy int    `xml:"accuracy,attr"`
	Line     string `xml:"line,attr"`
}

type NmapPort 

type NmapPort struct {
	Protocol string        `xml:"protocol,attr"`
	PortID   int           `xml:"portid,attr"`
	State    NmapPortState `xml:"state"`
	Service  NmapService   `xml:"service"`
	Scripts  []NmapScript  `xml:"script"`
}

type NmapPortState 

type NmapPortState struct {
	State  string `xml:"state,attr"` // open, closed, filtered
	Reason string `xml:"reason,attr"`
}

type NmapPorts 

type NmapPorts struct {
	Ports []NmapPort `xml:"port"`
}

type NmapRun 

type NmapRun struct {
	XMLName  xml.Name     `xml:"nmaprun"`
	Hosts    []NmapHost   `xml:"host"`
	RunStats NmapRunStats `xml:"runstats"`
}

NmapRun represents the root element of nmap XML output

type NmapRunStats 

type NmapRunStats struct {
	Finished NmapFinished `xml:"finished"`
}

type NmapScript 

type NmapScript struct {
	ID     string `xml:"id,attr"`
	Output string `xml:"output,attr"`
}

type NmapService 

type NmapService struct {
	Name       string   `xml:"name,attr"`
	Product    string   `xml:"product,attr"`
	Version    string   `xml:"version,attr"`
	ExtraInfo  string   `xml:"extrainfo,attr"`
	Method     string   `xml:"method,attr"`
	Conf       string   `xml:"conf,attr"`
	CPE        []string `xml:"cpe"`
	Tunnel     string   `xml:"tunnel,attr"`
	OSType     string   `xml:"ostype,attr"`
	DeviceType string   `xml:"devicetype,attr"`
}

type NmapStatus 

type NmapStatus struct {
	State  string `xml:"state,attr"`
	Reason string `xml:"reason,attr"`
}

type NucleiResult 

type NucleiResult struct {
	TemplateID   string `json:"template-id"`
	TemplatePath string `json:"template-path"`
	Info         struct {
		Name           string            `json:"name"`
		Author         []string          `json:"author"`
		Tags           []string          `json:"tags"`
		Description    string            `json:"description"`
		Reference      []string          `json:"reference"`
		Severity       string            `json:"severity"`
		Metadata       map[string]string `json:"metadata"`
		Classification struct {
			CVE  []string `json:"cve-id"`
			CWE  []string `json:"cwe-id"`
			CVSS struct {
				Score  float64 `json:"cvss-score"`
				Vector string  `json:"cvss-metrics"`
			} `json:"cvss-metrics"`
		} `json:"classification"`
		Remediation string `json:"remediation"`
	} `json:"info"`
	Type             string   `json:"type"`
	Host             string   `json:"host"`
	MatchedAt        string   `json:"matched-at"`
	MatchedLine      string   `json:"matched-line"`
	ExtractedResults []string `json:"extracted-results"`
	IP               string   `json:"ip"`
	Timestamp        string   `json:"timestamp"`
	CurlCommand      string   `json:"curl-command"`
	MatcherStatus    bool     `json:"matcher-status"`
	MatcherName      string   `json:"matcher-name"`
}

NucleiResult represents a single nuclei finding in JSON format

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.