Documentation ¶
Index ¶
- Variables
- func ContainsIgnoreCase(s string, subStr string) bool
- func Execute(cmd string, args ...string) (string, error)
- func Extract(reg string, from string) []string
- func GetHomeDirAndUID() (string, int, int, error)
- func GetLogLocation() string
- func GetNetwork() (string, string, string, error)
- func GetProduct() (name, version string, err error)
- func GetRandomID(length int) (string, error)
- func NormalizeNewlines(d []byte) []byte
- func Pipe(c1, c2 *exec.Cmd)
- type BrowserExtensions
- type Device
- type DeviceBrowser
- type DeviceHygiene
- type DeviceInfo
- type DeviceLinux
- func (d DeviceLinux) EndpointSecurity() (string, string, bool, error)
- func (d DeviceLinux) GetCriticalAutoUpdateStatus() (bool, error)
- func (d DeviceLinux) GetInstalledPackages() ([]string, error)
- func (d DeviceLinux) GetLatestSecurityPatch() (string, error)
- func (d DeviceLinux) GetNetwork() (string, string, string, error)
- func (d DeviceLinux) GetOSNameVersion() (osName, osVersion, kernelVersion string, err error)
- func (DeviceLinux) GetPasswordLastUpdated() (string, error)
- func (d DeviceLinux) GetPendingUpdates() ([]string, error)
- func (d DeviceLinux) IdleDeviceScreenLockTime() (string, error)
- func (d DeviceLinux) IsAutoLoginEnabled() (bool, error)
- func (d DeviceLinux) IsDeviceEncrypted() (bool, error)
- func (d DeviceLinux) IsFireWallSet() (bool, error)
- func (d DeviceLinux) IsRemoteConnectionEnabled() (bool, error)
- func (d DeviceLinux) ScreenLockEnabled() (bool, error)
- type DeviceMac
- func (d DeviceMac) EndpointSecurity() (string, string, bool, error)
- func (d DeviceMac) GetCriticalAutoUpdateStatus() (bool, error)
- func (d DeviceMac) GetInstalledPackages() ([]string, error)
- func (d DeviceMac) GetLatestSecurityPatch() (string, error)
- func (d DeviceMac) GetNetwork() (string, string, string, error)
- func (d DeviceMac) GetOSNameVersion() (osName, osVersion, kernelVersion string, err error)
- func (d DeviceMac) GetPasswordLastUpdated() (string, error)
- func (d DeviceMac) GetPendingUpdates() ([]string, error)
- func (d DeviceMac) IdleDeviceScreenLockTime() (string, error)
- func (d DeviceMac) IsAutoLoginEnabled() (bool, error)
- func (d DeviceMac) IsDeviceEncrypted() (bool, error)
- func (d DeviceMac) IsFireWallSet() (bool, error)
- func (d DeviceMac) IsRemoteConnectionEnabled() (bool, error)
- func (d DeviceMac) ScreenLockEnabled() (bool, error)
- type DeviceOS
- type DeviceWindows
- func (d DeviceWindows) EndpointSecurity() (string, string, bool, error)
- func (d DeviceWindows) GetCriticalAutoUpdateStatus() (bool, error)
- func (d DeviceWindows) GetInstalledPackages() ([]string, error)
- func (d DeviceWindows) GetLatestSecurityPatch() (string, error)
- func (d DeviceWindows) GetNetwork() (string, string, string, error)
- func (d DeviceWindows) GetOSNameVersion() (string, string, string, error)
- func (d DeviceWindows) GetPasswordLastUpdated() (string, error)
- func (d DeviceWindows) GetPendingUpdates() ([]string, error)
- func (d DeviceWindows) IdleDeviceScreenLockTime() (string, error)
- func (d DeviceWindows) IsAutoLoginEnabled() (bool, error)
- func (d DeviceWindows) IsDeviceEncrypted() (bool, error)
- func (d DeviceWindows) IsFireWallSet() (bool, error)
- func (d DeviceWindows) IsRemoteConnectionEnabled() (bool, error)
- func (d DeviceWindows) ScreenLockEnabled() (bool, error)
- type EndpointSecurity
- type LoginSecurity
- type NetworkInfo
Constants ¶
This section is empty.
Variables ¶
Functions ¶
func ContainsIgnoreCase ¶
func GetLogLocation ¶
func GetLogLocation() string
func GetProduct ¶
func GetRandomID ¶
func NormalizeNewlines ¶
Types ¶
type BrowserExtensions ¶
type BrowserExtensions struct { // device id is id of device which maps to deviceID of userdevices DeviceID string `json:"deviceID"` // userID maps to userID from users UserID string `json:"userID"` // ExtensionID is unique identifier of extension that is provided by extensions to browser vendors. ExtensionID string `json:"id"` Name string `json:"name"` Description string `json:"description"` Version string `json:"version"` MayDisable bool `json:"mayDisable"` Enabled bool `json:"enabled"` InstallType string `json:"installType"` Type string `json:"type"` Permissions []string `json:"permissions"` HostPermissions []string `json:"hostPermissions"` IsVulnerable bool `json:"isVulnerable"` VulnReason string `json:"vulnReason"` LastChecked int64 `json:"lastChecked"` }
type Device ¶
type Device interface { IsAutoLoginEnabled() (bool, error) IsFireWallSet() (bool, error) IsDeviceEncrypted() (bool, error) GetInstalledPackages() ([]string, error) //GetDeviceName() (string, error) GetOSNameVersion() (osName, osVersion, kernelVersion string, err error) GetPasswordLastUpdated() (string, error) GetCriticalAutoUpdateStatus() (bool, error) GetPendingUpdates() ([]string, error) IsRemoteConnectionEnabled() (bool, error) ScreenLockEnabled() (bool, error) GetNetwork() (string, string, string, error) GetLatestSecurityPatch() (string, error) IdleDeviceScreenLockTime() (string, error) EndpointSecurity() (string, string, bool, error) }
type DeviceBrowser ¶
type DeviceBrowser struct { ID string `json:"ID"` Name string `json:"name"` Version string `json:"version"` Build string `json:"build"` IsBot bool `json:"isBot"` UserAgent string `json:"userAgent"` Extensions []BrowserExtensions `json:"extensions"` }
DeviceBrowser hygiene should be always updated along with workstation.
type DeviceHygiene ¶
type DeviceHygiene struct { DeviceInfo DeviceInfo `json:"deviceInfo"` DeviceOS DeviceOS `json:"deviceOS"` LoginSecurity LoginSecurity `json:"loginSecurity"` NetworkInfo NetworkInfo `json:"networkInfo"` EndpointSecurity EndpointSecurity `json:"endpointSecurity"` LastCheckedTime int64 `json:"lastCheckedTime"` }
DeviceHygiene
func GetDeviceHygiene ¶
func GetDeviceHygiene(osType string) DeviceHygiene
GetDeviceHygiene returns os relevant device hygiene
type DeviceInfo ¶
type DeviceInfo struct { DeviceName string `json:"deviceName"` DeviceVersion string `json:"deviceVersion"` MachineID string `json:"machineID"` Brand string `json:"brand"` // iOS: "Apple" // Android: "xiaomi" Manufacturer string `json:"manufacturer"` // iOS: "Apple" // Android: "Google" DeviceModel string `json:"deviceModel"` // iOS: "iPhone7,2" // }
DeviceInfo
type DeviceLinux ¶
type DeviceLinux struct { }
func (DeviceLinux) EndpointSecurity ¶
func (d DeviceLinux) EndpointSecurity() (string, string, bool, error)
func (DeviceLinux) GetCriticalAutoUpdateStatus ¶
func (d DeviceLinux) GetCriticalAutoUpdateStatus() (bool, error)
func (DeviceLinux) GetInstalledPackages ¶
func (d DeviceLinux) GetInstalledPackages() ([]string, error)
func (DeviceLinux) GetLatestSecurityPatch ¶
func (d DeviceLinux) GetLatestSecurityPatch() (string, error)
func (DeviceLinux) GetNetwork ¶
func (d DeviceLinux) GetNetwork() (string, string, string, error)
func (DeviceLinux) GetOSNameVersion ¶
func (d DeviceLinux) GetOSNameVersion() (osName, osVersion, kernelVersion string, err error)
func (DeviceLinux) GetPasswordLastUpdated ¶
func (DeviceLinux) GetPasswordLastUpdated() (string, error)
func (DeviceLinux) GetPendingUpdates ¶
func (d DeviceLinux) GetPendingUpdates() ([]string, error)
func (DeviceLinux) IdleDeviceScreenLockTime ¶
func (d DeviceLinux) IdleDeviceScreenLockTime() (string, error)
func (DeviceLinux) IsAutoLoginEnabled ¶
func (d DeviceLinux) IsAutoLoginEnabled() (bool, error)
IsAutoLoginEnabled checks if auto logon is enabled
TODO check in centos and other linux distros
func (DeviceLinux) IsDeviceEncrypted ¶
func (d DeviceLinux) IsDeviceEncrypted() (bool, error)
func (DeviceLinux) IsFireWallSet ¶
func (d DeviceLinux) IsFireWallSet() (bool, error)
func (DeviceLinux) IsRemoteConnectionEnabled ¶
func (d DeviceLinux) IsRemoteConnectionEnabled() (bool, error)
func (DeviceLinux) ScreenLockEnabled ¶
func (d DeviceLinux) ScreenLockEnabled() (bool, error)
type DeviceMac ¶
type DeviceMac struct { }
func (DeviceMac) EndpointSecurity ¶
func (DeviceMac) GetCriticalAutoUpdateStatus ¶
func (DeviceMac) GetInstalledPackages ¶
func (DeviceMac) GetLatestSecurityPatch ¶
func (DeviceMac) GetOSNameVersion ¶
func (DeviceMac) GetPasswordLastUpdated ¶
func (DeviceMac) GetPendingUpdates ¶
func (DeviceMac) IdleDeviceScreenLockTime ¶
func (DeviceMac) IsAutoLoginEnabled ¶
func (DeviceMac) IsDeviceEncrypted ¶
func (DeviceMac) IsFireWallSet ¶
func (DeviceMac) IsRemoteConnectionEnabled ¶
func (DeviceMac) ScreenLockEnabled ¶
type DeviceOS ¶
type DeviceOS struct { OSName string `json:"osName"` //(OS Name) iOS: "iOS" on newer iOS devices "iPhone OS" on older devices, including older iPad's. // Android: "Android" OSVersion string `json:"osVersion"` //(OS version) iOS: "11.0" // Android: "7.1.1" KernelType string `json:"kernelType"` KernelVersion string `json:"kernelVersion"` ReadableVersion string `json:"readableVersion"` LatestSecurityPatch string `json:"latestSecurityPatch"` //// "2018-07-05" AutoUpdate bool `json:"autoUpdate"` PendingUpdates []string `json:"pendingUpdates"` JailBroken bool `json:"jailBroken"` DebugModeEnabled bool `json:"debugModeEnabled"` // only for mobile device IsEmulator bool `json:"isEmulator"` // only for mobile device }
DeviceOS
type DeviceWindows ¶
type DeviceWindows struct { }
func (DeviceWindows) EndpointSecurity ¶
func (d DeviceWindows) EndpointSecurity() (string, string, bool, error)
func (DeviceWindows) GetCriticalAutoUpdateStatus ¶
func (d DeviceWindows) GetCriticalAutoUpdateStatus() (bool, error)
func (DeviceWindows) GetInstalledPackages ¶
func (d DeviceWindows) GetInstalledPackages() ([]string, error)
func (DeviceWindows) GetLatestSecurityPatch ¶
func (d DeviceWindows) GetLatestSecurityPatch() (string, error)
func (DeviceWindows) GetNetwork ¶
func (d DeviceWindows) GetNetwork() (string, string, string, error)
func (DeviceWindows) GetOSNameVersion ¶
func (d DeviceWindows) GetOSNameVersion() (string, string, string, error)
func (DeviceWindows) GetPasswordLastUpdated ¶
func (d DeviceWindows) GetPasswordLastUpdated() (string, error)
func (DeviceWindows) GetPendingUpdates ¶
func (d DeviceWindows) GetPendingUpdates() ([]string, error)
func (DeviceWindows) IdleDeviceScreenLockTime ¶
func (d DeviceWindows) IdleDeviceScreenLockTime() (string, error)
func (DeviceWindows) IsAutoLoginEnabled ¶
func (d DeviceWindows) IsAutoLoginEnabled() (bool, error)
func (DeviceWindows) IsDeviceEncrypted ¶
func (d DeviceWindows) IsDeviceEncrypted() (bool, error)
func (DeviceWindows) IsFireWallSet ¶
func (d DeviceWindows) IsFireWallSet() (bool, error)
func (DeviceWindows) IsRemoteConnectionEnabled ¶
func (d DeviceWindows) IsRemoteConnectionEnabled() (bool, error)
func (DeviceWindows) ScreenLockEnabled ¶
func (d DeviceWindows) ScreenLockEnabled() (bool, error)
type EndpointSecurity ¶
type EndpointSecurity struct { EpsConfigured bool `json:"epsConfigured"` // endpoint security enabled EpsVendorName string `json:"epsVendorName"` // endpoint security vendor name. eg. win defender, avira EpsVersion string `json:"epsVersion"` // version of endpoint security sute EpsMeta string `json:"epsMeta"` FirewallEnabled bool `json:"firewallEnabled"` FirewallPolicy string `json:"firewallPolicy"` // FirewallPolicy stores firewall config policy found on user device DeviceEncryptionEnabled bool `json:"deviceEncryptionEnabled"` DeviceEncryptionMeta string `json:"deviceEncryptionMeta"` // DeviceEncryptionMeta stores metadata related to disk encryption (only if enabled) }
AntiVirus collects data of installed antivirus or antimalware or any endpoint protection agent available in user device. eg window defender, crowdstrike, kaspersky.
type LoginSecurity ¶
type LoginSecurity struct { // checks if device requires login before console. AutologinEnabled bool `json:"autologinEnabled" ` // value can be password/pin/pattern/faceID/fingerprint LoginMethod string `json:"loginMethod"` PasswordLastUpdated string `json:"passwordLastUpdated"` TfaConfigured bool `json:"tfaConfigured"` // IdleDeviceScreenLockTime stores if device screen lock time. value can be "never","5 minute idle", IdleDeviceScreenLockTime string `json:"idleDeviceScreenLockTime"` IdleDeviceScreenLock bool `json:"idleDeviceScreenLock"` RemoteLoginEnabled bool `json:"remoteLoginEnabled"` }
LoginSecurity is device hygiene related to login
type NetworkInfo ¶
type NetworkInfo struct { Hostname string `json:"hostname"` DomainControlled bool `json:"domainControl"` DomainName string `json:"domainName"` InterfaceName string `json:"interfaceName"` // Name of outgoing net interface. eg. eth0, wlaan11 IPAddress string `json:"ipAddress"` MacAddress string `json:"macAddress"` WirelessNetwork bool `json:"wirelessNetwork"` OpenWifiConn bool `json:"openWifiConn"` NetworkName string `json:"networkName"` // Name of connected network. eg. OfficeWIFI, marketingLAN NetworkSecurity string `json:"networkSecurity"` // detail about current active connection. Eg. if using wifi, then is it open wifi? or wpa2psk wifi? }
NetworkInfo collects network information of currently active connection during time of access
Click to show internal directories.
Click to hide internal directories.