Documentation
¶
Index ¶
- Variables
- func DecodeResponse(resp *http.Response, target interface{}) error
- func DeleteReport(report_id string) error
- func GetDomainGraph(report_id string) ([]byte, error)
- func GetScreenshot(report_id string) ([]byte, error)
- func NewSearchParams(query string) *searchParams
- func SetDefaultKey(apikey string)
- func SetUserNotifyWebhook(webhook string) error
- func SetUserNotifyWebhookEnable(enabled bool) error
- type Alerts
- type AnalyzerAlert
- type AnalyzerSensor
- type CertInfo
- type Client
- func (c *Client) DeleteReport(report_id string) error
- func (c *Client) Do(req *http.Request) (*http.Response, error)
- func (c *Client) DoRequest(method string, path string, body io.Reader) (*http.Response, error)
- func (c *Client) GetDomainGraph(report_id string) ([]byte, error)
- func (c *Client) GetQueueStatus(queue_id string) (*QueuedJob, error)
- func (c *Client) GetReport(report_id string) (*Report, error)
- func (c *Client) GetScreenshot(report_id string) ([]byte, error)
- func (c *Client) GetUser() (*PublicUserInfo, error)
- func (c *Client) NewRequest(method string, path string, body io.Reader) (*http.Request, error)
- func (c *Client) ReputationCheck(query string) (*ReputationResult, error)
- func (c *Client) Search(queryParams *searchParams) (*SearchResponse, error)
- func (c *Client) SetUserNotifyWebhook(webhook string) error
- func (c *Client) SetUserNotifyWebhookEnable(enabled bool) error
- func (c *Client) Submit(submit SubmitJob) (*QueuedJob, error)
- func (c *Client) WithApiKey(key string) *Client
- type FileAnalyzer
- type FileObservation
- type FingerprintInfo
- type HttpContent
- type HttpCookie
- type HttpHeaderValue
- type HttpPostData
- type HttpPostDataParams
- type HttpRequest
- type HttpResponse
- type HttpSecurityInfo
- type HttpTimings
- type HttpTransaction
- type IDSAlert
- type IDSSensor
- type IP
- type IssuerInfo
- type JSCode
- type JSSourceCode
- type JavaScriptCode
- type Notify
- type PublicUserInfo
- type QueuedJob
- type Report
- type ReportOverview
- type ReportSummary
- type ReputationResult
- type SearchResponse
- type SubjectInfo
- type SubmitJob
- type URL
- type UrlqueryAlert
- type UrlqueryApiError
- type ValidityInfo
Constants ¶
This section is empty.
Variables ¶
View Source
var ( ErrNotFound = errors.New("not found") ErrForbidden = errors.New("forbidden") ErrTooManyRequests = errors.New("too many requests") ErrUnprocessableEntity = errors.New("unprocessable entity") ErrUnexpectedStatus = errors.New("unexpected status code") )
View Source
var (
DefaultClient = NewClient("")
)
Functions ¶
func DecodeResponse ¶
DecodeResponse decodes the HTTP response body.
func DeleteReport ¶
func GetDomainGraph ¶
func GetScreenshot ¶
func NewSearchParams ¶
func NewSearchParams(query string) *searchParams
func SetDefaultKey ¶
func SetDefaultKey(apikey string)
func SetUserNotifyWebhook ¶
Types ¶
type Alerts ¶
type Alerts struct { IDSAlerts []IDSAlert `json:"ids"` AnalyzerAlerts []AnalyzerAlert `json:"analyzer"` UrlqueryAlerts []UrlqueryAlert `json:"urlquery"` }
type AnalyzerAlert ¶
type AnalyzerAlert struct { SensorName string `json:"sensor_name"` SensorType string `json:"sensor_type"` Description string `json:"description"` ScanDate string `json:"scan_date"` Alert string `json:"alert"` Trigger string `json:"trigger"` Verdict string `json:"verdict"` Severity string `json:"severity"` Comment string `json:"comment"` ResourceLink *string `json:"link"` Meta *map[string]string `json:"meta"` }
type AnalyzerSensor ¶
type AnalyzerSensor struct { SensorName string `json:"sensor_name"` Type string `json:"type"` Description string `json:"description"` Link string `json:"link"` Alerts []AnalyzerAlert `json:"alerts"` }
type CertInfo ¶
type CertInfo struct { Subject SubjectInfo `json:"subject"` Issuer IssuerInfo `json:"issuer"` Validity ValidityInfo `json:"validity"` Fingerprint FingerprintInfo `json:"fingerprint"` }
type Client ¶
type Client struct {
// contains filtered or unexported fields
}
Client represents the REST API client.
func (*Client) DeleteReport ¶
func (*Client) GetQueueStatus ¶
func (*Client) GetUser ¶
func (c *Client) GetUser() (*PublicUserInfo, error)
func (*Client) NewRequest ¶
func (*Client) ReputationCheck ¶
func (c *Client) ReputationCheck(query string) (*ReputationResult, error)
func (*Client) Search ¶
func (c *Client) Search(queryParams *searchParams) (*SearchResponse, error)
func (*Client) SetUserNotifyWebhook ¶
func (*Client) SetUserNotifyWebhookEnable ¶
func (*Client) WithApiKey ¶
type FileAnalyzer ¶
type FileObservation ¶
type FileObservation struct { Md5 string `json:"md5"` Sha1 string `json:"sha1"` Sha256 string `json:"sha256"` Sha512 string `json:"sha512"` Magic string `json:"magic"` Size int `json:"size"` Url URL `json:"url"` Ip IP `json:"ip"` Alerts struct { AnalyzerAlerts []AnalyzerAlert `json:"analyzer"` } `json:"alerts"` }
type FingerprintInfo ¶
type HttpContent ¶
type HttpCookie ¶
type HttpCookie struct { Name string `json:"name"` Value string `json:"value"` Path string `json:"path"` Domain string `json:"domain"` Expires string `json:"expire"` HttpOnly bool `json:"http_only"` // HAR - TRUE if the cookie is HTTP only Secure bool `json:"secure"` // HAR - TRUE if the cookie was transmitted of ssl, otherwise false }
type HttpHeaderValue ¶
type HttpPostData ¶
type HttpPostData struct { MimeType string `json:"mime_type"` // Note that text and params fields are mutually exclusive. Params []HttpPostDataParams `json:"params"` Text string `json:"text"` }
type HttpPostDataParams ¶
type HttpRequest ¶
type HttpRequest struct { Raw string `json:"raw"` Headers []HttpHeaderValue `json:"headers"` Cookies []HttpHeaderValue `json:"cookies"` Method string `json:"method"` }
type HttpResponse ¶
type HttpResponse struct { Raw string `json:"raw"` Headers []HttpHeaderValue `json:"headers"` Cookies []HttpHeaderValue `json:"cookies"` StatusCode string `json:"status_code"` StatusText string `json:"status_text"` Content HttpContent `json:"data"` }
type HttpSecurityInfo ¶
type HttpTimings ¶
type HttpTimings struct { Blocked int `json:"blocked"` // Time spent in a queue waiting for a network connection. Use -1 if the timing does not apply to the current request. DNS int `json:"dns"` // DNS resolution time. The time required to resolve a host name. Use -1 if the timing does not apply to the current request. Connect int `json:"connect"` // Time required to create TCP connection. Use -1 if the timing does not apply to the current request. Send int `json:"send"` // Time required to send HTTP request to the server. Wait int `json:"wait"` // Waiting for a response from the server. Receive int `json:"receive"` // Time required to read entire response from the server (or cache). SSL int `json:"ssl"` // Time required for SSL/TLS negotiation. If this field is defined then the time is also included in the connect field (to ensure backward compatibility with HAR 1.1). Use -1 if the timing does not apply to the current request. }
type HttpTransaction ¶
type HttpTransaction struct { Url URL `json:"url"` Ip IP `json:"ip"` ResourceType string `json:"resource_type"` RequestedBy string `json:"requested_by"` Date string `json:"date"` // ISO8601 - YYYY-MM-DDThh:mm:ss.sTZD Timestamp int64 `json:"timestamp"` // unix epoch HttpVersion string `json:"http_version"` SecurityState string `json:"security_state"` // Can be "secure", "insecure", "broken" SecurityInfo *HttpSecurityInfo `json:"security_info"` Request HttpRequest `json:"request"` Response HttpResponse `json:"response"` TotalTimeUsed int `json:"time_used"` // Total time used by the reques/response in milliseconds Timings HttpTimings `json:"timings"` Alerts Alerts `json:"alerts"` }
type IssuerInfo ¶
type JSCode ¶
type JSCode struct { Md5 string `json:"md5"` Sha1 string `json:"sha1"` Sha256 string `json:"sha256"` Sha512 string `json:"sha512"` Size int `json:"size"` Data string `json:"data"` FirstSeen string `json:"first_seen"` LastSeen string `json:"last_seen"` TimesSeen int `json:"times_seen"` Alerts Alerts `json:"alerts"` }
type JSSourceCode ¶
type JavaScriptCode ¶
type JavaScriptCode struct { Script []JSSourceCode `json:"script"` Eval []JSCode `json:"eval"` Write []JSCode `json:"write"` }
type PublicUserInfo ¶
type PublicUserInfo struct { ID string `json:"id"` Created string `json:"created"` Username string `json:"username"` Email string `json:"email"` Role string `json:"role"` Group string `json:"group"` Notify Notify `json:"notify"` ApiKey string `json:"apikey"` }
User
func GetUser ¶
func GetUser() (*PublicUserInfo, error)
type QueuedJob ¶
type QueuedJob struct { QueueID string `json:"queue_id"` ReportID string `json:"report_id"` Status string `json:"status"` Url URL `json:"url"` Ip IP `json:"ip"` UserAgent string `json:"useragent"` Referer string `json:"referer"` ExitNode string `json:"exit_node"` Owner string `json:"owner"` Access string `json:"access"` RunTime int `json:"run_time"` }
func GetQueueStatus ¶
type Report ¶
type Report struct { ReportOverview FileDetections []FileObservation `json:"files"` Sensors struct { NetworkSensors []IDSSensor `json:"ids"` AnalyzerSensors []AnalyzerSensor `json:"analyzer"` UrlQueryAlerts []UrlqueryAlert `json:"urlquery"` } `json:"sensors"` Javascript JavaScriptCode `json:"javascript"` HttpTransactions []HttpTransaction `json:"http"` }
RFC3339 - is the default time format with RFC3339Nano used sometimes (http transactions)
type ReportOverview ¶
type ReportOverview struct { ID string `json:"report_id"` Version int `json:"version"` Status string `json:"status"` Tags []string `json:"tags"` Date string `json:"date"` // RFC3339 - "2006-01-02T15:04:05Z07:00" Url URL `json:"url"` Ip IP `json:"ip"` Final struct { Url URL `json:"url"` Title string `json:"title"` } `json:"final"` Submit struct { Tags []string `json:"tags"` Meta map[string]string `json:"meta"` } `json:"submit"` // Settings the report was run with ReportSettings struct { UserAgent string `json:"useragent"` Referer string `json:"referer"` Cookies map[string]string `json:"cookies"` // Cookie[<domain>]<cookie string> Access string `json:"access"` ExitNode string `json:"exit_node"` } `json:"settings"` Stats struct { AlertCount struct { Ids int `json:"ids"` Urlquery int `json:"urlquery"` Analyzer int `json:"analyzer"` } `json:"alert_count"` } `json:"stats"` Summary []ReportSummary `json:"summary"` }
type ReportSummary ¶
type ReportSummary struct { Fqdn string `json:"fqdn"` Ip IP `json:"ip"` DomainRegistered string `json:"domain_registered"` DomainRank int `json:"domain_rank"` FirstSeen string `json:"first_seen"` LastSeen string `json:"last_seen"` AlertCount int `json:"alert_count"` RequestCount int `json:"request_count"` ReceivedData int `json:"received_data"` SentData int `json:"sent_data"` Comment string `json:"comment"` Tags []string `json:"tags"` }
type ReputationResult ¶
func ReputationCheck ¶
func ReputationCheck(query string) (*ReputationResult, error)
func (ReputationResult) String ¶
func (r ReputationResult) String() string
type SearchResponse ¶
type SearchResponse struct { Query string `json:"query"` TotalHits int `json:"total_hits"` TimeUsed string `json:"timeused"` Limit int `json:"limit"` Offset int `json:"offset"` Reports []ReportOverview `json:"reports"` }
func Search ¶
func Search(queryParams *searchParams) (*SearchResponse, error)
func (*SearchResponse) Bytes ¶
func (sr *SearchResponse) Bytes() []byte
func (*SearchResponse) String ¶
func (sr *SearchResponse) String() string
type SubjectInfo ¶
type SubmitJob ¶
type UrlqueryAlert ¶
type UrlqueryApiError ¶
UrlqueryApiError represents an error returned by the API.
func (*UrlqueryApiError) Error ¶
func (e *UrlqueryApiError) Error() string
type ValidityInfo ¶
Source Files
¶
Click to show internal directories.
Click to hide internal directories.