Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
View Source
var WeakList = []string{
"123456", "12345678", "123456789", "password", "secret", "admin", "root",
"changeme", "default", "actuator", "manager", "111111", "qwerty",
"1234567890", "system", "service", "auth", "token", "key",
}
这些是开发环境中极其常见的弱密码
Functions ¶
This section is empty.
Types ¶
type BindAddrChecker ¶
BindAddrChecker 检查监听地址是否过于宽泛
func (*BindAddrChecker) Name ¶
func (c *BindAddrChecker) Name() string
type ConfigChecker ¶
ConfigChecker 这是一个通用的配置检查器,传入一个闭包
func (*ConfigChecker) Name ¶
func (c *ConfigChecker) Name() string
type FilePermChecker ¶
FilePermChecker 检查关键文件权限 (如 0600)
func (*FilePermChecker) Name ¶
func (c *FilePermChecker) Name() string
type RootUserChecker ¶
type RootUserChecker struct {
Severity Severity
}
RootUserChecker 检查是否以 Root 身份运行
func (*RootUserChecker) Name ¶
func (c *RootUserChecker) Name() string
type SecretStrengthChecker ¶
type SecretStrengthChecker struct {
NameID string
Secret string
MinLength int
// MinEntropy 最小熵值(建议值:3.0 左右)
MinEntropy float64
}
SecretStrengthChecker 检查敏感字符串的强度
func (*SecretStrengthChecker) Check ¶
func (c *SecretStrengthChecker) Check(ctx context.Context) Result
func (*SecretStrengthChecker) Name ¶
func (c *SecretStrengthChecker) Name() string
type SwapChecker ¶
type SwapChecker struct {
Severity Severity
}
SwapChecker 检查系统是否开启了 Swap 对于 Go GC 来说,Swap 是性能杀手。生产环境建议关闭。
func (*SwapChecker) Name ¶
func (c *SwapChecker) Name() string
type SysctlChecker ¶
type SysctlChecker struct {
Key string // e.g., "net.core.somaxconn"
MinValue int64
Severity Severity
}
SysctlChecker 检查内核参数 (/proc/sys)
func (*SysctlChecker) Name ¶
func (c *SysctlChecker) Name() string
type UlimitChecker ¶
UlimitChecker 检查文件描述符限制 (FD Limit)
func (*UlimitChecker) Name ¶
func (c *UlimitChecker) Name() string
Source Files
Click to show internal directories.
Click to hide internal directories.