detector

package
v0.25.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 22, 2024 License: GPL-3.0 Imports: 56 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func ConvertToModelsExploit added in v0.18.1 

func ConvertToModelsExploit(es []exploitmodels.Exploit) (exploits []models.Exploit)

ConvertToModelsExploit converts exploit model to vuls model

func ConvertToModelsMsf 

func ConvertToModelsMsf(ms []metasploitmodels.Metasploit) (modules []models.Metasploit)

ConvertToModelsMsf converts metasploit model to vuls model

func Detect 

func Detect(rs []models.ScanResult, dir string) ([]models.ScanResult, error)

Detect vulns and fill CVE detailed information

func DetectCpeURIsCves 

func DetectCpeURIsCves(r *models.ScanResult, cpes []Cpe, cnf config.GoCveDictConf, logOpts logging.LogOpts) error

DetectCpeURIsCves detects CVEs of given CPE-URIs

func DetectGitHubCves 

func DetectGitHubCves(r *models.ScanResult, githubConfs map[string]config.GitHubConf) error

DetectGitHubCves fetches CVEs from GitHub Security Alerts

func DetectGitHubDependencyGraph added in v0.22.1 

func DetectGitHubDependencyGraph(r *models.ScanResult, owner, repo, token string) (err error)

DetectGitHubDependencyGraph access to owner/repo on GitHub and fetch dependency graph of the repository via GitHub API v4 GraphQL and then set to the given ScanResult. https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph

func DetectGitHubSecurityAlerts 

func DetectGitHubSecurityAlerts(r *models.ScanResult, owner, repo, token string, ignoreDismissed bool) (nCVEs int, err error)

DetectGitHubSecurityAlerts access to owner/repo on GitHub and fetch security alerts of the repository via GitHub API v4 GraphQL and then set to the given ScanResult. https://help.github.com/articles/about-security-alerts-for-vulnerable-dependencies/

func DetectLibsCves 

func DetectLibsCves(r *models.ScanResult, trivyOpts config.TrivyOpts, logOpts logging.LogOpts, noProgress bool) (err error)

DetectLibsCves fills LibraryScanner information

func DetectPkgCves 

func DetectPkgCves(r *models.ScanResult, ovalCnf config.GovalDictConf, gostCnf config.GostConf, logOpts logging.LogOpts) error

DetectPkgCves detects OS pkg cves pass 2 configs

func DetectWordPressCves 

func DetectWordPressCves(r *models.ScanResult, wpCnf config.WpScanConf) error

DetectWordPressCves detects CVEs of WordPress

func FillCvesWithNvdJvnFortinet added in v0.24.0 

func FillCvesWithNvdJvnFortinet(r *models.ScanResult, cnf config.GoCveDictConf, logOpts logging.LogOpts) (err error)

FillCvesWithNvdJvnFortinet fills CVE detail with NVD, JVN, Fortinet

func FillCweDict 

func FillCweDict(r *models.ScanResult)

FillCweDict fills CWE

func FillWithCTI added in v0.19.8 

func FillWithCTI(r *models.ScanResult, cnf config.CtiConf, logOpts logging.LogOpts) error

FillWithCTI :

func FillWithExploit 

func FillWithExploit(r *models.ScanResult, cnf config.ExploitConf, logOpts logging.LogOpts) (nExploitCve int, err error)

FillWithExploit fills exploit information that has in Exploit

func FillWithKEVuln added in v0.19.0 

func FillWithKEVuln(r *models.ScanResult, cnf config.KEVulnConf, logOpts logging.LogOpts) error

FillWithKEVuln :

func FillWithMetasploit 

func FillWithMetasploit(r *models.ScanResult, cnf config.MetasploitConf, logOpts logging.LogOpts) (nMetasploitCve int, err error)

FillWithMetasploit fills metasploit module information that has in module

func ListValidJSONDirs 

func ListValidJSONDirs(resultsDir string) (dirs []string, err error)

ListValidJSONDirs returns valid json directory as array Returned array is sorted so that recent directories are at the head

Types

type Cpe added in v0.15.14 

type Cpe struct {
	CpeURI string
	UseJVN bool
}

Cpe :

type DependencyGraph added in v0.22.1 

type DependencyGraph struct {
	Data struct {
		Repository struct {
			URL                      string `json:"url"`
			DependencyGraphManifests struct {
				PageInfo struct {
					EndCursor   string `json:"endCursor"`
					HasNextPage bool   `json:"hasNextPage"`
				} `json:"pageInfo"`
				Edges []struct {
					Node struct {
						BlobPath   string `json:"blobPath"`
						Filename   string `json:"filename"`
						Repository struct {
							URL string `json:"url"`
						}
						Parseable         bool `json:"parseable"`
						ExceedsMaxSize    bool `json:"exceedsMaxSize"`
						DependenciesCount int  `json:"dependenciesCount"`
						Dependencies      struct {
							PageInfo struct {
								EndCursor   string `json:"endCursor"`
								HasNextPage bool   `json:"hasNextPage"`
							} `json:"pageInfo"`
							Edges []struct {
								Node struct {
									PackageName    string `json:"packageName"`
									PackageManager string `json:"packageManager"`
									Repository     struct {
										URL string `json:"url"`
									}
									Requirements    string `json:"requirements"`
									HasDependencies bool   `json:"hasDependencies"`
								} `json:"node"`
							} `json:"edges"`
						} `json:"dependencies"`
					} `json:"node"`
				} `json:"edges"`
			} `json:"dependencyGraphManifests"`
		} `json:"repository"`
	} `json:"data"`
	Errors []struct {
		Type      string        `json:"type,omitempty"`
		Path      []interface{} `json:"path,omitempty"`
		Locations []struct {
			Line   int `json:"line"`
			Column int `json:"column"`
		} `json:"locations,omitempty"`
		Message string `json:"message"`
	} `json:"errors,omitempty"`
}

DependencyGraph is a GitHub API response

type SecurityAlerts 

type SecurityAlerts struct {
	Data struct {
		Repository struct {
			URL                 string `json:"url"`
			VulnerabilityAlerts struct {
				PageInfo struct {
					EndCursor   string `json:"endCursor"`
					HasNextPage bool   `json:"hasNextPage"`
					StartCursor string `json:"startCursor"`
				} `json:"pageInfo"`
				Edges []struct {
					Node struct {
						ID                    string    `json:"id"`
						DismissReason         string    `json:"dismissReason"`
						DismissedAt           time.Time `json:"dismissedAt"`
						SecurityVulnerability struct {
							Package struct {
								Name      string `json:"name"`
								Ecosystem string `json:"ecosystem"`
							} `json:"package"`
							Severity               string `json:"severity"`
							VulnerableVersionRange string `json:"vulnerableVersionRange"`
							FirstPatchedVersion    struct {
								Identifier string `json:"identifier"`
							} `json:"firstPatchedVersion"`
						} `json:"securityVulnerability"`
						VulnerableManifestFilename string `json:"vulnerableManifestFilename"`
						VulnerableManifestPath     string `json:"vulnerableManifestPath"`
						VulnerableRequirements     string `json:"vulnerableRequirements"`
						SecurityAdvisory           struct {
							Description string    `json:"description"`
							GhsaID      string    `json:"ghsaId"`
							Permalink   string    `json:"permalink"`
							PublishedAt time.Time `json:"publishedAt"`
							Summary     string    `json:"summary"`
							UpdatedAt   time.Time `json:"updatedAt"`
							WithdrawnAt time.Time `json:"withdrawnAt"`
							Origin      string    `json:"origin"`
							Severity    string    `json:"severity"`
							References  []struct {
								URL string `json:"url"`
							} `json:"references"`
							Identifiers []struct {
								Type  string `json:"type"`
								Value string `json:"value"`
							} `json:"identifiers"`
						} `json:"securityAdvisory"`
					} `json:"node"`
				} `json:"edges"`
			} `json:"vulnerabilityAlerts"`
		} `json:"repository"`
	} `json:"data"`
}

SecurityAlerts has detected CVE-IDs, PackageNames, Refs

Source Files

View all Source files

Directories

Path Synopsis
Package javadb implements functions that wrap trivy-java-db module.
 Package javadb implements functions that wrap trivy-java-db module.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.