README
¶
为网络安全而生的领域编程语言
快速开始 • 官方文档 • 问题反馈 • 接口手册 • 贡献代码 • 加入社区 • 项目架构
CDSL-Yakang 简介
CDSL:Cybersecurity Domain Specific Language,全称网络安全领域编程语言。
Yaklang 团队综合“领域限定语言”的思想,构建了CDSL的概念,并以此为核心构建了Yak(又称Yaklang)语言来构建基础设施和语言生态。
Yak 是一门针对网络安全领域研发的易书写,易分发的高级计算机编程语言。Yak具备强类型、动态类型的经典类型特征,兼具编译字节码和解释执行的运行时特征。
Yak语言的运行时环境只依赖于YakVM,可以实现“一次编写,处处运行”的特性,只要有YakVM部署的环境,都可以快速执行Yak语言程序。
Yak语言起初只作为一个“嵌入式语言”在宿主程序中存在,后在电子科技大学网络空间安全学院学术指导下,由 Yaklang.io 研发团队进行长达两年的迭代与改造,实现了YakVM虚拟机让语言可以脱离“宿主语言”独立运行,并与2023年完全开源。 支持目前主流操作系统:macOS,Linux,Windows。
Yaklang 的优势
基于CDSL概念构建的网络安全领域编程语言Yak,具备了几乎DSL所有的优势,它被设计为针对安全能力研发领域的专用编程语言,实现了常见的大多数安全能力,可以让各种各样的安全能力彼此之间“互补,融合,进化”;提高安全从业人员的生产力。
CDSL在网络安全领域提供的能力具备很多优势:
-
简洁性:使用CDSL构建的安全产品更能实现业务和能力的分离,并且解决方案更加直观;
-
易用性:非专业的人员也可以使用CDSL构建安全产品,而避免安全产品工程化中的信息差;
-
灵活性:CDSL一般被设计为单独使用和嵌入式使用均可,用户可以根据自己的需求去编写DSL脚本以实现特定的策略和检测规则,这往往更能把用户的思路展示出来,而不必受到冗杂知识的制约;
除此之外,作为一门专门为网络安全研发设计的语言,Yak语言除了满足一些基础的语言本身需要具备的特性之外,还具有很多特殊功能,可以帮助用户快速构建网络安全应用:
-
中间人劫持库函数
-
复杂端口扫描和服务指纹识别
-
网络安全领域的加解密库
-
支持中国商用密码体系:支持SM2椭圆曲线公钥密码算法,SM4分组密码算法,SM3密码杂凑算法等
项目架构
快速开始
-
通过 Yakit 来使用 Yaklang
Yakit (https://github.com/yaklang/yakit) 是 Yaklang.io 团队官方出品的开源 Yaklang IDE,它可以帮助你快速上手 Yaklang 语言。
同时 Yakit 也能将绝大部分安全工程师需要的核心功能图形化。他是免费的,你可以通过 下载安装 Yakit,来开始使用 Yaklang。
关于Yakit的更多内容可移步:Yakit官网文档查看
-
通过命令行来安装使用
通过命令行来安装使用 Yaklang 请遵循:https://www.yaklang.com/ 或 https://www.yaklang.io/ 的指引,或直接执行
MacOS / Linux
bash <(curl -sS -L http://oss.yaklang.io/install-latest-yak.sh)
Windows
powershell (new-object System.Net.WebClient).DownloadFile('https://yaklang.oss-cn-beijing.aliyuncs.com/yak/latest/yak_windows_amd64.exe','yak_windows_amd64.exe') && yak_windows_amd64.exe install && del /f yak_windows_amd64.exe
社区
- 你可以在 Yaklang 或者Yakit 的 issues 中添加你想讨论的内容或者你想表达的东西,英文或中文均可,我们会尽快回复
- 国内用户可以添加运营 WeChat 加入群组
- 国际用户可以使用 Discord 加入社区
贡献你的代码
这是一个高级话题,在贡献你的代码之前,确保你对 Yaklang 整个项目结构有所了解。
在贡献代码时,如果你希望修改 Yaklang 或 YakVM 本身的核心语法部分,最好与研发团队取得联系。
如果您仅仅想要增加库的功能,或者修复一些库的 Bug,那么您可以直接提交 PR,当然 PR 中最好包含对应的单元测试,这很有助于提升我们的代码质量。
项目成员
Maintainer
v1ll4n: Yak Project Maintainer.
yaklang 核心开发者 / Active yaklang core developers
开源许可证
本仓库代码版本使用 AGPL 开源协议,这是一个严格的开源协议,且具有传染性,如果您使用了本仓库的代码,那么您的代码也必须开源。
- 强制开源网络服务:要求提供网络服务的源代码必须开源。保证开源理念在网络环境下的实践。
- 其他条款与 GPL 相同:开源免费、开源修改、衍生开源等。
本项目开源仓库仅应该作为个人开源和学习使用。
鸣谢
本项目经由电子科技大学张小松(网络空间安全学院)教授学术指导。
基础理论学科
- Alonzo Church, "A set of postulates for the foundation of logic", Annals of Mathematics, 33(2), 346-366, 1932.
- Dana Scott, Christopher Strachey, "Toward a mathematical semantics for computer languages", Proceedings of the Symposium on Computers and Automata, Microwave Research Institute Symposia Series Vol. 21, New York, 1971.
- Henk Barendregt, Wil Dekkers, Richard Statman, lambda Calculus with Types, Perspectives in Logic. Cambridge University Press, 2013.
- Braun, M., Buchwald, S., Hack, S., Leißa, R., Mallon, C., Zwinkau, A. (2013). Simple and Efficient Construction of Static Single Assignment Form. In: Jhala, R., De Bosschere, K. (eds) Compiler Construction. CC 2013. Lecture Notes in Computer Science, vol 7791. Springer, Berlin, Heidelberg.
工程技术
- Terence Parr, "The Definitive ANTLR 4 Reference", Pragmatic Bookshelf, 2013.
- Terence Parr, "Simplifying Complex Networks Using Temporal Pattern Mining: The Case of AT&T's Observed Data Network", Dissertation, 1995.
- Terence Parr, Russell Quong, "ANTLR: A Predicated-LL(k) Parser Generator", Journal of Software Practice and Experience, July 1995.
- Google Ins, "Protocol Buffers", https://developers.google.com/protocol-buffers, 2020.
- Google Ins, "gRPC", https://grpc.io/, 2020.
- Microsoft Ins, "Monaco Editor", https://microsoft.github.io/monaco-editor/, 2020.
Star History
Directories
¶
| Path | Synopsis |
|---|---|
|
common
|
|
|
consts
Code generated by go run common/yak/cmd/yak.go embed-fs-hash --override --all DO NOT EDIT.
|
Code generated by go run common/yak/cmd/yak.go embed-fs-hash --override --all DO NOT EDIT. |
|
crawlerx
Package crawlerx @Author bcy2007 2023/7/13 11:10
|
Package crawlerx @Author bcy2007 2023/7/13 11:10 |
|
crawlerx/cmd
Package cmd @Author bcy2007 2023/7/14 11:11
|
Package cmd @Author bcy2007 2023/7/14 11:11 |
|
crawlerx/preaction
Package crawlerx @Author bcy2007 2024/4/2 14:44
|
Package crawlerx @Author bcy2007 2024/4/2 14:44 |
|
crawlerx/tools
Package tools @Author bcy2007 2023/7/12 16:40
|
Package tools @Author bcy2007 2023/7/12 16:40 |
|
crawlerx/tools/config
Package config https://github.com/unknwon/goconfig
|
Package config https://github.com/unknwon/goconfig |
|
cuckoo
Package cuckoo ...
|
Package cuckoo ... |
|
geo
Package geoip2 provides an easy-to-use API for the MaxMind GeoIP2 and GeoLite2 databases; this package does not support GeoIP Legacy databases.
|
Package geoip2 provides an easy-to-use API for the MaxMind GeoIP2 and GeoLite2 databases; this package does not support GeoIP Legacy databases. |
|
gmsm/gmtls
add sm2 support
|
add sm2 support |
|
gmsm/gmtls/gmcredentials/echo
Package echo is a generated protocol buffer package.
|
Package echo is a generated protocol buffer package. |
|
gmsm/pkcs12
Package go-pkcs12 implements some of PKCS#12.
|
Package go-pkcs12 implements some of PKCS#12. |
|
gmsm/x509
crypto/x509 add sm2 support
|
crypto/x509 add sm2 support |
|
jsonpath
Package jsonpath implements Stefan Goener's JSONPath http://goessner.net/articles/JsonPath/
|
Package jsonpath implements Stefan Goener's JSONPath http://goessner.net/articles/JsonPath/ |
|
lowtun/conn
Package conn implements WireGuard's network connections.
|
Package conn implements WireGuard's network connections. |
|
lowtun/netstack/gvisor/pkg/atomicbitops
Package atomicbitops provides extensions to the sync/atomic package.
|
Package atomicbitops provides extensions to the sync/atomic package. |
|
lowtun/netstack/gvisor/pkg/bits
Package bits includes all bit related types and operations.
|
Package bits includes all bit related types and operations. |
|
lowtun/netstack/gvisor/pkg/buffer
Package buffer provides the implementation of a non-contiguous buffer that is reference counted, pooled, and copy-on-write.
|
Package buffer provides the implementation of a non-contiguous buffer that is reference counted, pooled, and copy-on-write. |
|
lowtun/netstack/gvisor/pkg/context
Package context defines an internal context type.
|
Package context defines an internal context type. |
|
lowtun/netstack/gvisor/pkg/cpuid
Package cpuid provides basic functionality for creating and adjusting CPU feature sets.
|
Package cpuid provides basic functionality for creating and adjusting CPU feature sets. |
|
lowtun/netstack/gvisor/pkg/gohacks
Package gohacks contains utilities for subverting the Go compiler.
|
Package gohacks contains utilities for subverting the Go compiler. |
|
lowtun/netstack/gvisor/pkg/goid
Package goid provides the Get function.
|
Package goid provides the Get function. |
|
lowtun/netstack/gvisor/pkg/linewriter
Package linewriter provides an io.Writer which calls an emitter on each line.
|
Package linewriter provides an io.Writer which calls an emitter on each line. |
|
lowtun/netstack/gvisor/pkg/rand
Package rand implements a cryptographically secure pseudorandom number generator.
|
Package rand implements a cryptographically secure pseudorandom number generator. |
|
lowtun/netstack/gvisor/pkg/refs
Package refs defines an interface for reference counted objects.
|
Package refs defines an interface for reference counted objects. |
|
lowtun/netstack/gvisor/pkg/sleep
Package sleep allows goroutines to efficiently sleep on multiple sources of notifications (wakers).
|
Package sleep allows goroutines to efficiently sleep on multiple sources of notifications (wakers). |
|
lowtun/netstack/gvisor/pkg/state
Package state provides functionality related to saving and loading object graphs.
|
Package state provides functionality related to saving and loading object graphs. |
|
lowtun/netstack/gvisor/pkg/state/wire
Package wire contains a few basic types that can be composed to serialize graph information for the state package.
|
Package wire contains a few basic types that can be composed to serialize graph information for the state package. |
|
lowtun/netstack/gvisor/pkg/sync
Package sync provides synchronization primitives.
|
Package sync provides synchronization primitives. |
|
lowtun/netstack/gvisor/pkg/sync/locking
Package locking implements lock primitives with the correctness validator.
|
Package locking implements lock primitives with the correctness validator. |
|
lowtun/netstack/gvisor/pkg/tcpip
Package tcpip provides the interfaces and related types that users of the tcpip stack will use in order to create endpoints used to send and receive data over the network stack.
|
Package tcpip provides the interfaces and related types that users of the tcpip stack will use in order to create endpoints used to send and receive data over the network stack. |
|
lowtun/netstack/gvisor/pkg/tcpip/adapters/gonet
Package gonet provides a Go net package compatible wrapper for a tcpip stack.
|
Package gonet provides a Go net package compatible wrapper for a tcpip stack. |
|
lowtun/netstack/gvisor/pkg/tcpip/checksum
Package checksum provides the implementation of the encoding and decoding of network protocol headers.
|
Package checksum provides the implementation of the encoding and decoding of network protocol headers. |
|
lowtun/netstack/gvisor/pkg/tcpip/hash/jenkins
Package jenkins implements Jenkins's one_at_a_time, non-cryptographic hash functions created by by Bob Jenkins.
|
Package jenkins implements Jenkins's one_at_a_time, non-cryptographic hash functions created by by Bob Jenkins. |
|
lowtun/netstack/gvisor/pkg/tcpip/header
Package header provides the implementation of the encoding and decoding of network protocol headers.
|
Package header provides the implementation of the encoding and decoding of network protocol headers. |
|
lowtun/netstack/gvisor/pkg/tcpip/header/parse
Package parse provides utilities to parse packets.
|
Package parse provides utilities to parse packets. |
|
lowtun/netstack/gvisor/pkg/tcpip/internal/tcp
Package tcp contains internal type definitions that are not expected to be used by anyone else outside pkg/tcpip.
|
Package tcp contains internal type definitions that are not expected to be used by anyone else outside pkg/tcpip. |
|
lowtun/netstack/gvisor/pkg/tcpip/link/channel
Package channel provides the implementation of channel-based data-link layer endpoints.
|
Package channel provides the implementation of channel-based data-link layer endpoints. |
|
lowtun/netstack/gvisor/pkg/tcpip/network/arp
Package arp implements the ARP network protocol.
|
Package arp implements the ARP network protocol. |
|
lowtun/netstack/gvisor/pkg/tcpip/network/hash
Package hash contains utility functions for hashing.
|
Package hash contains utility functions for hashing. |
|
lowtun/netstack/gvisor/pkg/tcpip/network/internal/fragmentation
Package fragmentation contains the implementation of IP fragmentation.
|
Package fragmentation contains the implementation of IP fragmentation. |
|
lowtun/netstack/gvisor/pkg/tcpip/network/internal/ip
Package ip holds IPv4/IPv6 common utilities.
|
Package ip holds IPv4/IPv6 common utilities. |
|
lowtun/netstack/gvisor/pkg/tcpip/network/internal/multicast
Package multicast contains utilities for supporting multicast routing.
|
Package multicast contains utilities for supporting multicast routing. |
|
lowtun/netstack/gvisor/pkg/tcpip/network/ipv4
Package ipv4 contains the implementation of the ipv4 network protocol.
|
Package ipv4 contains the implementation of the ipv4 network protocol. |
|
lowtun/netstack/gvisor/pkg/tcpip/network/ipv6
Package ipv6 contains the implementation of the ipv6 network protocol.
|
Package ipv6 contains the implementation of the ipv6 network protocol. |
|
lowtun/netstack/gvisor/pkg/tcpip/ports
Package ports provides PortManager that manages allocating, reserving and releasing ports.
|
Package ports provides PortManager that manages allocating, reserving and releasing ports. |
|
lowtun/netstack/gvisor/pkg/tcpip/seqnum
Package seqnum defines the types and methods for TCP sequence numbers such that they fit in 32-bit words and work properly when overflows occur.
|
Package seqnum defines the types and methods for TCP sequence numbers such that they fit in 32-bit words and work properly when overflows occur. |
|
lowtun/netstack/gvisor/pkg/tcpip/stack
Package stack provides the glue between networking protocols and the consumers of the networking stack.
|
Package stack provides the glue between networking protocols and the consumers of the networking stack. |
|
lowtun/netstack/gvisor/pkg/tcpip/transport
Package transport supports transport protocols.
|
Package transport supports transport protocols. |
|
lowtun/netstack/gvisor/pkg/tcpip/transport/icmp
Package icmp contains the implementation of the ICMP and IPv6-ICMP transport protocols for use in ping.
|
Package icmp contains the implementation of the ICMP and IPv6-ICMP transport protocols for use in ping. |
|
lowtun/netstack/gvisor/pkg/tcpip/transport/internal/network
Package network provides facilities to support tcpip.Endpoints that operate at the network layer or above.
|
Package network provides facilities to support tcpip.Endpoints that operate at the network layer or above. |
|
lowtun/netstack/gvisor/pkg/tcpip/transport/internal/noop
Package noop contains an endpoint that implements all tcpip.Endpoint functions as noops.
|
Package noop contains an endpoint that implements all tcpip.Endpoint functions as noops. |
|
lowtun/netstack/gvisor/pkg/tcpip/transport/packet
Package packet provides the implementation of packet sockets (see packet(7)).
|
Package packet provides the implementation of packet sockets (see packet(7)). |
|
lowtun/netstack/gvisor/pkg/tcpip/transport/raw
Package raw provides the implementation of raw sockets (see raw(7)).
|
Package raw provides the implementation of raw sockets (see raw(7)). |
|
lowtun/netstack/gvisor/pkg/tcpip/transport/tcp
Package tcp contains the implementation of the TCP transport protocol.
|
Package tcp contains the implementation of the TCP transport protocol. |
|
lowtun/netstack/gvisor/pkg/tcpip/transport/tcpconntrack
Package tcpconntrack implements a TCP connection tracking object.
|
Package tcpconntrack implements a TCP connection tracking object. |
|
lowtun/netstack/gvisor/pkg/tcpip/transport/udp
Package udp contains the implementation of the UDP transport protocol.
|
Package udp contains the implementation of the UDP transport protocol. |
|
lowtun/netstack/gvisor/pkg/waiter
Package waiter provides the implementation of a wait queue, where waiters can be enqueued to be notified when an event of interest happens.
|
Package waiter provides the implementation of a wait queue, where waiters can be enqueued to be notified when an event of interest happens. |
|
lowtun/rwcancel
Package rwcancel implements cancelable read/write operations on a file descriptor.
|
Package rwcancel implements cancelable read/write operations on a file descriptor. |
|
mcp/mcp-go/client
Package client provides MCP (Model Control Protocol) client implementations.
|
Package client provides MCP (Model Control Protocol) client implementations. |
|
mcp/mcp-go/mcp
Package mcp defines the core types and interfaces for the Model Control Protocol (MCP).
|
Package mcp defines the core types and interfaces for the Model Control Protocol (MCP). |
|
mcp/mcp-go/server
Package server provides MCP (Model Control Protocol) server implementations.
|
Package server provides MCP (Model Control Protocol) server implementations. |
|
mimetype
Package mimetype uses magic number signatures to detect the MIME type of a file.
|
Package mimetype uses magic number signatures to detect the MIME type of a file. |
|
mimetype/mimeutil/json
Package json provides a JSON value parser state machine.
|
Package json provides a JSON value parser state machine. |
|
mimetype/mimeutil/magic
Package magic holds the matching functions used to find MIME types.
|
Package magic holds the matching functions used to find MIME types. |
|
minimartian
Package martian provides an HTTP/1.1 proxy with an API for configurable request and response modifiers.
|
Package martian provides an HTTP/1.1 proxy with an API for configurable request and response modifiers. |
|
minimartian/fifo
Package fifo provides Group, which is a list of modifiers that are executed consecutively.
|
Package fifo provides Group, which is a list of modifiers that are executed consecutively. |
|
minimartian/h2
Package h2 contains basic HTTP/2 handling for Martian.
|
Package h2 contains basic HTTP/2 handling for Martian. |
|
minimartian/h2/grpc
Package grpc contains gRPC functionality for Martian proxy.
|
Package grpc contains gRPC functionality for Martian proxy. |
|
minimartian/mitm
Package mitm provides tooling for MITMing TLS connections.
|
Package mitm provides tooling for MITMing TLS connections. |
|
minimartian/proxyutil
Package proxyutil provides functionality for building proxies.
|
Package proxyutil provides functionality for building proxies. |
|
openapi/openapi2
Package openapi2 parses and writes OpenAPIv2 specification documents.
|
Package openapi2 parses and writes OpenAPIv2 specification documents. |
|
openapi/openapi3
Package openapi3 parses and writes OpenAPI 3 specification documents.
|
Package openapi3 parses and writes OpenAPI 3 specification documents. |
|
simulator
Package simulator @Author bcy2007 2023/8/17 16:17
|
Package simulator @Author bcy2007 2023/8/17 16:17 |
|
simulator/simple
Package simple @Author bcy2007 2024/11/11 15:16
|
Package simple @Author bcy2007 2024/11/11 15:16 |
|
twofa
Package dgoogauth implements the one-time password algorithms supported by Google Authenticator This package supports the HMAC-Based One-time Password (HOTP) algorithm specified in RFC 4226 and the Time-based One-time Password (TOTP) algorithm specified in RFC 6238.
|
Package dgoogauth implements the one-time password algorithms supported by Google Authenticator This package supports the HMAC-Based One-time Password (HOTP) algorithm specified in RFC 4226 and the Time-based One-time Password (TOTP) algorithm specified in RFC 6238. |
|
utils
Package bytefmt contains helper methods and constants for converting to and from a human-readable byte format.
|
Package bytefmt contains helper methods and constants for converting to and from a human-readable byte format. |
| rfb.go | |
|
utils/dateparse
Package dateparse parses date-strings without knowing the format in advance, using a fast lex based approach to eliminate shotgun attempts.
|
Package dateparse parses date-strings without knowing the format in advance, using a fast lex based approach to eliminate shotgun attempts. |
|
utils/fuzzy
Origin: https://github.com/lithammer/fuzzysearch Fuzzy searching allows for flexibly matching a string with partial input, useful for filtering data very quickly based on lightweight user input.
|
Origin: https://github.com/lithammer/fuzzysearch Fuzzy searching allows for flexibly matching a string with partial input, useful for filtering data very quickly based on lightweight user input. |
|
utils/htmlquery
Package htmlquery provides extract data from HTML documents using XPath expression.
|
Package htmlquery provides extract data from HTML documents using XPath expression. |
|
utils/jsonstream
Reference: https://github.com/simon-engledew/jsoniter
|
Reference: https://github.com/simon-engledew/jsoniter |
|
utils/lowhttp
Ref: https://github.com/gobwas/ws
|
Ref: https://github.com/gobwas/ws |
|
utils/multipart
rewrite multipart reader for compatibility with invalid boundary
|
rewrite multipart reader for compatibility with invalid boundary |
|
utils/netutil/netroute
Originally found in https://github.com/gopacket/gopacket/blob/master/routing/routing.go
|
Originally found in https://github.com/gopacket/gopacket/blob/master/routing/routing.go |
|
utils/pop3
Package pop3 is a simple POP3 e-mail client library.
|
Package pop3 is a simple POP3 e-mail client library. |
|
utils/pprofutils
Package pprofutils provides utilities for runtime profiling of Go applications.
|
Package pprofutils provides utilities for runtime profiling of Go applications. |
|
utils/process
Reference: https://github.com/MetaCubeX/mihomo
|
Reference: https://github.com/MetaCubeX/mihomo |
|
utils/redis
Reference: https://github.com/astaxie/goredis
|
Reference: https://github.com/astaxie/goredis |
|
utils/shlex
Package shlex implements a simple lexer which splits input in to tokens using shell-style rules for quoting and commenting.
|
Package shlex implements a simple lexer which splits input in to tokens using shell-style rules for quoting and commenting. |
|
utils/smb
Reference: https://github.com/stacktitan/smb
|
Reference: https://github.com/stacktitan/smb |
|
utils/spacengine/go-shodan
Package shodan is an interface for the Shodan API
|
Package shodan is an interface for the Shodan API |
|
utils/tlsutils/go-pkcs12
Package pkcs12 implements some of PKCS#12 (also known as P12 or PFX).
|
Package pkcs12 implements some of PKCS#12 (also known as P12 or PFX). |
|
utils/tlsutils/go-pkcs12/rc2
Package rc2 implements the RC2 cipher
|
Package rc2 implements the RC2 cipher |
|
utils/yakxml
Package xml implements a simple XML 1.0 parser that understands XML name spaces.
|
Package xml implements a simple XML 1.0 parser that understands XML name spaces. |
|
yak/cmd/yakcmds
Package yakcmds @Author bcy2007 2024/3/12 16:06
|
Package yakcmds @Author bcy2007 2024/3/12 16:06 |
Click to show internal directories.
Click to hide internal directories.