Documentation
¶
Index ¶
- type APIConfig
- type AnomalyDetectionConfig
- type AnomalyModel
- type AttackPathsConfig
- type CacheConfig
- type ComplianceConfig
- type Config
- type CorrelationRule
- type DistributedConfig
- type EvasionConfig
- type GlobalConfig
- type IntelligenceConfig
- type Loader
- func (l *Loader) CreateDefaultConfigFile(path string) error
- func (l *Loader) GetConfigPaths() []string
- func (l *Loader) Load(configPath string) (*Config, error)
- func (l *Loader) LoadProfile(profilePath string) (*ProfileConfig, error)
- func (l *Loader) LoadScope(scopeFile string) (*ScopeConfig, error)
- func (l *Loader) MergeConfigs(configs ...*Config) *Config
- func (l *Loader) SaveConfig(config *Config, path string) error
- func (l *Loader) ValidateConfigFile(path string) error
- type PluginConfig
- type PluginIntelligenceConfig
- type ProfileConfig
- type ProfilePluginConfig
- type RateLimitConfig
- type ResourceLimitsConfig
- type RiskFactor
- type RiskScoringConfig
- type RuleCondition
- type SandboxPolicy
- type SandboxingConfig
- type ScopeConfig
- type SecretPattern
- type SecretSanitizationConfig
- type SecurityConfig
- type StreamingConfig
- type TargetConfig
- type TelemetryConfig
- type ToolConfig
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type APIConfig ¶
type APIConfig struct {
Enabled bool `yaml:"enabled"`
RESTPort int `yaml:"rest_port" validate:"min=1,max=65535"`
GraphQLPort int `yaml:"graphql_port" validate:"min=1,max=65535"`
GRPCPort int `yaml:"grpc_port" validate:"min=1,max=65535"`
AuthEnabled bool `yaml:"auth_enabled"`
RateLimitRPS int `yaml:"rate_limit_rps" validate:"min=1"`
}
APIConfig contains API server settings
type AnomalyDetectionConfig ¶
type AnomalyDetectionConfig struct {
Enabled bool `yaml:"enabled"`
Models []AnomalyModel `yaml:"models"`
}
AnomalyDetectionConfig contains anomaly detection settings
type AnomalyModel ¶
type AnomalyModel struct {
Type string `yaml:"type" validate:"oneof=response_time content_change behavioral"`
Threshold float64 `yaml:"threshold"`
Window string `yaml:"window"`
Sensitivity float64 `yaml:"sensitivity"`
BaselinePeriod string `yaml:"baseline_period"`
}
AnomalyModel defines anomaly detection models
type AttackPathsConfig ¶
type AttackPathsConfig struct {
MaxDepth int `yaml:"max_depth" validate:"min=1,max=20"`
MinLikelihood float64 `yaml:"min_likelihood" validate:"min=0,max=1"`
ConsiderMitigations bool `yaml:"consider_mitigations"`
}
AttackPathsConfig contains attack path analysis settings
type CacheConfig ¶
type CacheConfig struct {
Enabled bool `yaml:"enabled"`
L1SizeMB int `yaml:"l1_size_mb"`
L2Enabled bool `yaml:"l2_enabled"`
L2RedisURL string `yaml:"l2_redis_url"`
L3Enabled bool `yaml:"l3_enabled"`
L3S3Bucket string `yaml:"l3_s3_bucket"`
}
CacheConfig contains caching configuration
type ComplianceConfig ¶
type ComplianceConfig struct {
Mode string `yaml:"mode" validate:"oneof=standard gdpr hipaa pci"`
DataRetentionDays int `yaml:"data_retention_days" validate:"min=1"`
EncryptionAtRest bool `yaml:"encryption_at_rest"`
AuditLogging bool `yaml:"audit_logging"`
}
ComplianceConfig contains compliance settings
type Config ¶
type Config struct {
Global GlobalConfig `yaml:"global" validate:"required"`
Profiles map[string]ProfileConfig `yaml:"profiles"`
Plugins map[string]PluginConfig `yaml:"plugins"`
Tools map[string]ToolConfig `yaml:"tools"`
Intelligence IntelligenceConfig `yaml:"intelligence"`
Security SecurityConfig `yaml:"security"`
Environment map[string]string `yaml:"environment"`
Targets map[string]TargetConfig `yaml:"targets"`
}
Config represents the main configuration structure
func NewDefaultConfig ¶
func NewDefaultConfig() *Config
NewDefaultConfig creates a default configuration
func (*Config) GetPluginConfig ¶
func (c *Config) GetPluginConfig(name string, target string) *PluginConfig
GetPluginConfig returns plugin configuration with overrides applied
func (*Config) GetProfile ¶
func (c *Config) GetProfile(name string) (*ProfileConfig, error)
GetProfile returns a profile by name, with inheritance resolved
type CorrelationRule ¶
type CorrelationRule struct {
Name string `yaml:"name"`
Description string `yaml:"description"`
Conditions []RuleCondition `yaml:"conditions"`
CorrelateWith []string `yaml:"correlate_with"`
RiskMultiplier float64 `yaml:"risk_multiplier"`
}
CorrelationRule defines correlation rules
type DistributedConfig ¶
type DistributedConfig struct {
Enabled bool `yaml:"enabled"`
Mode string `yaml:"mode" validate:"oneof=coordinator worker"`
CoordinatorURL string `yaml:"coordinator_url"`
NATSURL string `yaml:"nats_url"`
WorkerID string `yaml:"worker_id"`
}
DistributedConfig contains distributed scanning settings
type EvasionConfig ¶
type EvasionConfig struct {
RotateUserAgents bool `yaml:"rotate_user_agents"`
UseProxies bool `yaml:"use_proxies"`
RandomizeHeaders bool `yaml:"randomize_headers"`
DelayPattern string `yaml:"delay_pattern" validate:"oneof=constant random human burst"`
}
EvasionConfig contains evasion technique settings
type GlobalConfig ¶
type GlobalConfig struct {
Version string `yaml:"version"`
Workdir string `yaml:"workdir" validate:"required"`
Outdir string `yaml:"outdir" validate:"required"`
// Execution control
Concurrency int `yaml:"concurrency" validate:"min=1,max=100"`
PluginTimeout time.Duration `yaml:"plugin_timeout"`
GlobalTimeout time.Duration `yaml:"global_timeout"`
RetryAttempts int `yaml:"retry_attempts" validate:"min=0,max=10"`
RetryDelay time.Duration `yaml:"retry_delay"`
// Safety settings
ConfirmActiveScans bool `yaml:"confirm_active_scans"`
ScopeEnforcement bool `yaml:"scope_enforcement"`
ScopeFile string `yaml:"scope_file"`
DefaultScope []string `yaml:"default_scope"`
DenylistTargets []string `yaml:"denylist_targets"`
// Resource limits
MaxMemoryMB int `yaml:"max_memory_mb" validate:"min=256"`
MaxDiskMB int `yaml:"max_disk_mb" validate:"min=100"`
MaxProcesses int `yaml:"max_processes" validate:"min=1"`
// Performance
Cache CacheConfig `yaml:"cache"`
// Intelligence
Intelligence IntelligenceConfig `yaml:"intelligence"`
// Distributed mode
Distributed DistributedConfig `yaml:"distributed"`
// API settings
API APIConfig `yaml:"api"`
// Streaming
Streaming StreamingConfig `yaml:"streaming"`
// Output settings
LogLevel string `yaml:"log_level" validate:"oneof=debug info warn error fatal"`
LogFormat string `yaml:"log_format" validate:"oneof=json text"`
RedactSecrets bool `yaml:"redact_secrets"`
SaveRawOutput bool `yaml:"save_raw_output"`
CompressOutput bool `yaml:"compress_output"`
// Telemetry
Telemetry TelemetryConfig `yaml:"telemetry"`
}
GlobalConfig contains global settings
func (*GlobalConfig) Validate ¶
func (gc *GlobalConfig) Validate() error
Validate validates global configuration
type IntelligenceConfig ¶
type IntelligenceConfig struct {
CorrelationEnabled bool `yaml:"correlation_enabled"`
AnomalyDetection bool `yaml:"anomaly_detection"`
AttackPathAnalysis bool `yaml:"attack_path_analysis"`
RiskScoring bool `yaml:"risk_scoring"`
MLModelsPath string `yaml:"ml_models_path"`
CorrelationRules []CorrelationRule `yaml:"correlation_rules"`
AnomalyDetectionConf AnomalyDetectionConfig `yaml:"anomaly_detection"`
AttackPaths AttackPathsConfig `yaml:"attack_paths"`
RiskScoringConf RiskScoringConfig `yaml:"risk_scoring"`
}
IntelligenceConfig contains intelligence analysis settings
type Loader ¶
type Loader struct {
// contains filtered or unexported fields
}
Loader handles configuration loading from multiple sources
func (*Loader) CreateDefaultConfigFile ¶
CreateDefaultConfigFile creates a default configuration file
func (*Loader) GetConfigPaths ¶
GetConfigPaths returns the list of paths where config files are searched
func (*Loader) LoadProfile ¶
func (l *Loader) LoadProfile(profilePath string) (*ProfileConfig, error)
LoadProfile loads a specific profile configuration
func (*Loader) LoadScope ¶
func (l *Loader) LoadScope(scopeFile string) (*ScopeConfig, error)
LoadScope loads scope configuration from file
func (*Loader) MergeConfigs ¶
MergeConfigs merges multiple configurations
func (*Loader) SaveConfig ¶
SaveConfig saves the configuration to a file
func (*Loader) ValidateConfigFile ¶
ValidateConfigFile validates a configuration file without loading it
type PluginConfig ¶
type PluginConfig struct {
Enabled bool `yaml:"enabled"`
PrimaryTool string `yaml:"primary_tool"`
FallbackTools []string `yaml:"fallback_tools"`
ValidateFindings bool `yaml:"validate_findings"`
MaxFindings int `yaml:"max_findings"`
CacheTTL time.Duration `yaml:"cache_ttl"`
Intelligence PluginIntelligenceConfig `yaml:"intelligence"`
Sandboxed bool `yaml:"sandboxed"`
ResourceLimits ResourceLimitsConfig `yaml:"resource_limits"`
}
PluginConfig contains plugin-specific configuration
func (*PluginConfig) Validate ¶
func (pc *PluginConfig) Validate() error
Validate validates plugin configuration
type PluginIntelligenceConfig ¶
type PluginIntelligenceConfig struct {
CorrelateWith []string `yaml:"correlate_with"`
RiskWeight float64 `yaml:"risk_weight"`
ExtractPatterns bool `yaml:"extract_patterns"`
IdentifyAPIEndpoints bool `yaml:"identify_api_endpoints"`
MapAPIEndpoints bool `yaml:"map_api_endpoints"`
DetectFrameworks bool `yaml:"detect_frameworks"`
ExtractDependencies bool `yaml:"extract_dependencies"`
}
PluginIntelligenceConfig contains plugin-specific intelligence settings
type ProfileConfig ¶
type ProfileConfig struct {
Name string `yaml:"name"`
Description string `yaml:"description"`
InheritFrom string `yaml:"inherit_from,omitempty"`
RateLimit RateLimitConfig `yaml:"rate_limit"`
Plugins ProfilePluginConfig `yaml:"plugins"`
Evasion EvasionConfig `yaml:"evasion"`
ResourceLimits ResourceLimitsConfig `yaml:"resource_limits"`
Overrides map[string]interface{} `yaml:"overrides"`
}
ProfileConfig defines scanning profiles
func (*ProfileConfig) Validate ¶
func (pc *ProfileConfig) Validate() error
Validate validates profile configuration
type ProfilePluginConfig ¶
type ProfilePluginConfig struct {
PassiveOnly bool `yaml:"passive_only"`
EnableAll bool `yaml:"enable_all"`
Categories []string `yaml:"categories"`
Include []string `yaml:"include"`
Exclude []string `yaml:"exclude"`
ExcludeActive bool `yaml:"exclude_active"`
ParallelExecution bool `yaml:"parallel_execution"`
MaxWorkers int `yaml:"max_workers" validate:"min=1"`
}
ProfilePluginConfig contains plugin settings for profiles
type RateLimitConfig ¶
type RateLimitConfig struct {
RequestsPerSecond int `yaml:"requests_per_second" validate:"min=1"`
BurstSize int `yaml:"burst_size" validate:"min=1"`
Jitter string `yaml:"jitter"`
HumanMode bool `yaml:"human_mode"`
}
RateLimitConfig contains rate limiting configuration
type ResourceLimitsConfig ¶
type ResourceLimitsConfig struct {
MaxMemoryMB int `yaml:"max_memory_mb"`
MaxCPUCores int `yaml:"max_cpu_cores"`
MaxCPUPercent float64 `yaml:"max_cpu_percent"`
}
ResourceLimitsConfig contains resource limits
type RiskFactor ¶
type RiskFactor struct {
Name string `yaml:"name"`
Weight float64 `yaml:"weight" validate:"min=0,max=1"`
}
RiskFactor defines risk scoring factors
type RiskScoringConfig ¶
type RiskScoringConfig struct {
Algorithm string `yaml:"algorithm" validate:"oneof=weighted_average bayesian ml"`
Factors []RiskFactor `yaml:"factors"`
}
RiskScoringConfig contains risk scoring settings
type RuleCondition ¶
type RuleCondition struct {
Plugin string `yaml:"plugin"`
Field string `yaml:"field"`
Value interface{} `yaml:"value"`
}
RuleCondition defines conditions for correlation rules
type SandboxPolicy ¶
type SandboxPolicy struct {
AllowNetwork []string `yaml:"allow_network"`
DenySyscalls []string `yaml:"deny_syscalls"`
MaxMemoryMB int `yaml:"max_memory_mb"`
MaxCPUPercent float64 `yaml:"max_cpu_percent"`
AllowAll bool `yaml:"allow_all"`
}
SandboxPolicy defines sandbox restrictions
type SandboxingConfig ¶
type SandboxingConfig struct {
Enabled bool `yaml:"enabled"`
DefaultPolicy string `yaml:"default_policy" validate:"oneof=restricted moderate unrestricted"`
Policies map[string]SandboxPolicy `yaml:"policies"`
}
SandboxingConfig contains sandboxing settings
type ScopeConfig ¶
ScopeConfig defines target scope
type SecretPattern ¶
type SecretPattern struct {
Name string `yaml:"name"`
Regex string `yaml:"regex"`
Action string `yaml:"action" validate:"oneof=redact remove alert"`
}
SecretPattern defines patterns for secret detection
type SecretSanitizationConfig ¶
type SecretSanitizationConfig struct {
Patterns []SecretPattern `yaml:"patterns"`
}
SecretSanitizationConfig contains secret sanitization patterns
type SecurityConfig ¶
type SecurityConfig struct {
Sandboxing SandboxingConfig `yaml:"sandboxing"`
SecretSanitization SecretSanitizationConfig `yaml:"secret_sanitization"`
Compliance ComplianceConfig `yaml:"compliance"`
}
SecurityConfig contains security policy settings
type StreamingConfig ¶
type StreamingConfig struct {
Enabled bool `yaml:"enabled"`
WebSocketPort int `yaml:"websocket_port" validate:"min=1,max=65535"`
SSEEnabled bool `yaml:"sse_enabled"`
BufferSize int `yaml:"buffer_size" validate:"min=100"`
}
StreamingConfig contains streaming settings
type TargetConfig ¶
type TargetConfig struct {
Profile string `yaml:"profile"`
Plugins map[string]PluginConfig `yaml:"plugins"`
Scope ScopeConfig `yaml:"scope"`
RateLimit RateLimitConfig `yaml:"rate_limit"`
}
TargetConfig contains target-specific overrides
type TelemetryConfig ¶
type TelemetryConfig struct {
MetricsEnabled bool `yaml:"metrics_enabled"`
MetricsPort int `yaml:"metrics_port" validate:"min=1,max=65535"`
TracingEnabled bool `yaml:"tracing_enabled"`
TracingEndpoint string `yaml:"tracing_endpoint"`
}
TelemetryConfig contains telemetry settings
type ToolConfig ¶
type ToolConfig struct {
Path string `yaml:"path"`
Enabled bool `yaml:"enabled"`
Timeout time.Duration `yaml:"timeout"`
Args []string `yaml:"args"`
JSONSupport bool `yaml:"json_support"`
JSONFlags []string `yaml:"json_flags"`
VersionCheck bool `yaml:"version_check"`
InstallCommand string `yaml:"install_command"`
RateLimit string `yaml:"rate_limit"`
RequiresConfirmation bool `yaml:"requires_confirmation"`
}
ToolConfig contains tool-specific settings
Source Files
Click to show internal directories.
Click to hide internal directories.