core

package
v0.0.0-...-5efcf84 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 1, 2022 License: MIT Imports: 45 Imported by: 1

Documentation

Overview

Package core represents the core functionality of all commands

Package core represents the core functionality of all commands

Code generated for package core by go-bindata DO NOT EDIT. (@generated) sources: static/fonts/open-iconic.eot static/fonts/open-iconic.otf static/fonts/open-iconic.svg static/fonts/open-iconic.ttf static/fonts/open-iconic.woff static/images/gopher_full.png static/images/gopher_head.png static/images/spinner.gif static/index.html static/javascripts/application.js static/javascripts/backbone.js static/javascripts/bootstrap.js static/javascripts/clipboard.js static/javascripts/hexdump.js static/javascripts/highlight.js static/javascripts/highlight_worker.js static/javascripts/jquery-3.3.1.js static/javascripts/popper.js static/javascripts/underscore.js static/stylesheets/application.css static/stylesheets/bootstrap.css static/stylesheets/highlight.css static/stylesheets/openiconic.css

Package core represents the core functionality of all commands

Package core represents the core functionality of all commands

Package core represents the core functionality of all commands

Package core contains base functionality to the project.

Package core represents the core functionality of all commands

Index

Constants

View Source 
const (
	TargetTypeUser         = "User"
	TargetTypeOrganization = "Organization"
)

Set easier names to refer to

View Source 
const (
	FATAL     = 5
	ERROR     = 4
	WARN      = 3
	IMPORTANT = 2
	INFO      = 1
	DEBUG     = 0
)

These are a consistent set of error codes instead of using random non-zero integers

View Source 
const (
	GithubBaseURI   = "https://raw.githubusercontent.com"
	MaximumFileSize = 153600
	GitLabBaseURL   = "https://gitlab.com"
	CspPolicy       = "default-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self'"
	ReferrerPolicy  = "no-referrer"
)

Set various internal values used by the web interface

View Source 
const (
	StatusInitializing = "initializing"
	StatusGathering    = "gathering"
	StatusAnalyzing    = "analyzing"
	StatusFinished     = "finished"
)

These are various environment variables and tool statuses used in auth and displaying messages

View Source 
const (
	PartExtension = "extension" // file extension
	PartFilename  = "filename"  // file name
	PartPath      = "path"      // the path to the file
	PartContent   = "content"   // the content of the file
)

These are the various items that we are attempting to match against using either regex's or simple pattern matches.

View Source 
const ASCIIBanner = "\n" +
	"____    __    ____ .______          ___       __  .___________. __    __\n" +
	"\\   \\  /  \\  /   / |   _  \\        /   \\     |  | |           ||  |  |  |\n" +
	" \\   \\/    \\/   /  |  |_)  |      /  ^  \\    |  | `---|  |----`|  |__|  |\n" +
	"  \\            /   |      /      /  /_\\  \\   |  |     |  |     |   __   |\n" +
	"   \\    /\\    /    |  |\\  \\----./  _____  \\  |  |     |  |     |  |  |  |\n" +
	"    \\__/  \\__/     | _| `._____/__/     \\__\\ |__|     |__|     |__|  |__|\n" +
	"\n"

ASCIIBanner is the project specific banner

View Source 
const (
	EmptyTreeCommitID = "4b825dc642cb6eb9a060e54bf8d69288fbee4904"
)

EmptyTreeCommit is a dummy commit id used as a placeholder and for testing

View Source 
const GitLabTanuki = "\n" +
	"      //               //     \n" +
	"     ////             ////    \n" +
	"    //////           //////   \n" +
	"   ((((((((/////////((((((((  \n" +
	"   ((((((((////////(((((((((  \n" +
	"  ((((((((((///////(((((((((( \n" +
	"     ((((((((/////((((((((    \n" +
	"         (((((///(((((        \n" +
	"            (((/(((           \n" +
	"               *              \n" +
	"        GitLab Red Team       \n" +
	"\n"

GitLabTanuki is the Gitlab specific banner

View Source 
const (
	Name = "wraith"
)

Project name and banner

Variables

View Source 
var DefaultValues = map[string]interface{}{
	"bind-address":                "127.0.0.1",
	"bind-port":                   9393,
	"commit-depth":                -1,
	"config-file":                 "$HOME/.wraith/config.yaml",
	"csv":                         false,
	"debug":                       false,
	"add-org-members":             false,
	"github-enterprise-url":       "",
	"github-api-token":            "",
	"github-enterprise-api-token": "",
	"gitlab-targets":              nil,
	"gitlab-api-token":            "",
	"ignore-extension":            nil,
	"ignore-path":                 nil,
	"in-mem-clone":                false,
	"json":                        false,
	"max-file-size":               10,
	"num-threads":                 -1,
	"local-paths":                 nil,
	"scan-forks":                  false,
	"scan-tests":                  false,
	"scan-type":                   "",
	"silent":                      false,
	"confidence-level":            3,
	"signature-file":              "$HOME/.wraith/signatures/default.yaml",
	"signature-path":              "$HOME/.wraith/signatures/",
	"scan-dir":                    nil,
	"scan-file":                   nil,
	"hide-secrets":                false,
	"github-url":                  "https://api.github.com",

	"rules-url":               "",
	"signatures-path":         "$HOME/.wraith/signatures/",
	"signatures-url":          "https://github.com/N0MoreSecr3ts/wraith-signatures",
	"signatures-version":      "",
	"test-signatures":         false,
	"github-enterprise-orgs":  nil,
	"github-enterprise-repos": nil,
	"github-orgs":             nil,
	"github-repos":            nil,
	"github-users":            nil,
	"web-server":              false,
}

DefaultValues is a map of all flag default values and other mutable variables

View Source 
var LogColors = map[int]*color.Color{
	FATAL:     color.New(color.FgRed).Add(color.Bold),
	ERROR:     color.New(color.FgRed),
	WARN:      color.New(color.FgYellow),
	IMPORTANT: color.New(color.Bold),
	DEBUG:     color.New(color.FgCyan).Add(color.Faint),
}

LogColors sets the color for each type of logging output

View Source 
var SafeFunctionSignatures []SafeFunctionSignature

SafeFunctionSignatures is a collection of safe function sigs

View Source 
var Signatures []Signature

Signatures holds a list of all signatures used during the session

View Source 
var UserAgent = fmt.Sprintf("%s v%s", Name, Version)

UserAgent set the browser user agent when required.

View Source 
var Version = version.AppVersion()

Version is the current version of gitlab

View Source 
var WraithConfig *viper.Viper

WraithConfig holds the configuration data the commands

Functions

func AnalyzeRepositories 

func AnalyzeRepositories(sess *Session)

AnalyzeRepositories will clone the repos, grab their history for analysis of files and content. 

Before the analysis is done we also check various conditions that can be thought of as filters and
are controlled by flags. If a directory, file, or the content pass through all of the filters then
it is scanned once per each signature which may lead to a specific secret matching multiple rules
and then generating multiple findings.

func AppendIfMissing 

func AppendIfMissing(slice []string, s string) []string

AppendIfMissing will check a slice for a value before appending it

func Asset 

func Asset(name string) ([]byte, error)

Asset loads and returns the asset for the given name. It returns an error if the asset could not be found or could not be loaded.

func AssetDir 

func AssetDir(name string) ([]string, error)

AssetDir returns the file names below a certain directory embedded in the file by go-bindata. For example if you run go-bindata on data/... and data contains the following hierarchy: 

data/
  foo.txt
  img/
    a.png
    b.png

then AssetDir("data") would return []string{"foo.txt", "img"} AssetDir("data/img") would return []string{"a.png", "b.png"} AssetDir("foo.txt") and AssetDir("notexist") would return an error AssetDir("") will return []string{"data"}.

func AssetInfo 

func AssetInfo(name string) (os.FileInfo, error)

AssetInfo loads and returns the asset info for the given name. It returns an error if the asset could not be found or could not be loaded.

func AssetNames 

func AssetNames() []string

AssetNames returns the names of the assets.

func CheckArgs 

func CheckArgs(sFile []string, sDir []string, sess *Session)

CheckArgs will ensure that both a directory and file are not defined at the same time

func CheckGithubAPIToken 

func CheckGithubAPIToken(t string, sess *Session) string

CheckGithubAPIToken will ensure we have a valid github api token

func CheckGitlabAPIToken 

func CheckGitlabAPIToken(t string, sess *Session) string

CheckGitlabAPIToken will ensure we have a valid github api token

func CleanURLSpaces 

func CleanURLSpaces(dirtyStrings ...string) []string

CleanURLSpaces will take a string and replace any spaces with dashes so that is may be used in a url.

func DoFileScan 

func DoFileScan(filename string, sess *Session)

DoFileScan with create a match object and then test for various criteria necessary in order to determine if it should be scanned. This includes if it should be skipped due to a default or user supplied extension, if it matches a test regex, or is in a protected directory or is itself protected. This will only run when doing scanLocalPath.

func FileExists 

func FileExists(path string) bool

FileExists will check for the existence of a file and return a bool depending on if it exists in a given path or not.

func GatherGithubOrgRepositories 

func GatherGithubOrgRepositories(sess *Session)

GatherGithubOrgRepositories will gather all the repositories for a given org.

func GatherGithubRepositoriesFromOwner 

func GatherGithubRepositoriesFromOwner(sess *Session)

GatherGithubRepositoriesFromOwner is used gather all the repos associated with a github user

func GatherGitlabRepositories 

func GatherGitlabRepositories(sess *Session)

GatherGitlabRepositories will gather all repositories associated with a given target during a scan session. This is done using threads, whose count is set via commandline flag. Care much be taken to avoid rate limiting associated with suspected DOS attacks.

func GatherLocalRepositories 

func GatherLocalRepositories(sess *Session)

GatherLocalRepositories will grab all the local repos from the user input and generate a repository object, putting dummy or generated values in where necessary.

func GatherOrgs 

func GatherOrgs(sess *Session)

GatherOrgs will use a client to generate a list of all orgs that the client can see. By default this will include orgs that contain both public and private repos

func GatherOrgsMembersRepositories 

func GatherOrgsMembersRepositories(sess *Session)

GatherOrgsMembersRepositories will gather all orgs members repositories

func GatherTargets 

func GatherTargets(sess *Session)

GatherTargets will enumerate git targets adding them to a running target list. This will set the targets based on the scan type set within the cmd package.

func GatherUsers 

func GatherUsers(sess *Session)

GatherUsers will generate a list of users from github.com that can then be filtered down to a specific target range

func GetChangeAction 

func GetChangeAction(change *object.Change) string

GetChangeAction returns a more condensed and user friendly action for further reference

func GetChangeContent 

func GetChangeContent(change *object.Change) (result string, contentError error)

GetChangeContent will get the contents of a git change or patch.

func GetChangePath 

func GetChangePath(change *object.Change) string

GetChangePath will set the action of the commit for further action

func GetChanges 

func GetChanges(commit *object.Commit, repo *git.Repository) (object.Changes, error)

GetChanges will get the changes between to specific commits. It grabs the parent commit of the one being passed and uses that to fetch the tree for that commit. If no commit is found, it will create a fake on. It then takes that parent tree along with the tree for the commit passed in and does a diff

func GetRepositoryHistory 

func GetRepositoryHistory(repository *git.Repository) ([]*object.Commit, error)

GetRepositoryHistory gets the commit history of a repository

func IsMaxFileSize 

func IsMaxFileSize(filename string, sess *Session) (bool, string)

IsMaxFileSize will determine if the file size is under the max limit set by maxFileSize

func IsSafeText 

func IsSafeText(sMatchString *string) bool

IsSafeText check against known "safe" (aka not a password) list

func MustAsset 

func MustAsset(name string) []byte

MustAsset is like Asset but panics when Asset would return an error. It simplifies safe initialization of global variables.

func NewRouter 

func NewRouter(s *Session) *gin.Engine

NewRouter will create an instance of the web frontend, setting the necessary parameters.

func PathExists 

func PathExists(path string, sess *Session) bool

PathExists will check if a path exists or not and is used to validate user input

func Pluralize 

func Pluralize(count int, singular string, plural string) string

Pluralize will take in a count and if the count is != 1 it will return the singular of the word.

func PrintDebug 

func PrintDebug(sess *Session)

PrintDebug will print a debug header at the start of the session that displays specific setting

func PrintSessionStats 

func PrintSessionStats(sess *Session)

PrintSessionStats will print the performance and sessions stats to stdout at the conclusion of a session scan

func RestoreAsset 

func RestoreAsset(dir, name string) error

RestoreAsset restores an asset under the given directory

func RestoreAssets 

func RestoreAssets(dir, name string) error

RestoreAssets restores an asset under the given directory recursively

func ScanDir 

func ScanDir(path string, sess *Session)

ScanDir will scan a directory for all the files and then kick a file scan on each of them 

func Search(ctx context.Context, root string, skippablePath []string, sess *Session) ([]string, error)

Search will walk the path or a given directory and append each viable path to an array

func SetConfig 

func SetConfig()

SetConfig will set the defaults, and load a config file and environment variables if they are present

func SetHomeDir 

func SetHomeDir(h string, sess *Session) string

SetHomeDir will set the correct homedir.

func SummaryOutput 

func SummaryOutput(sess *Session)

SummaryOutput will spit out the results of the hunt along with performance data

func TruncateString 

func TruncateString(str string, maxLength int) string

TruncateString will take an integer and cut a string at that length and append an ellipsis to it.

Types

type CloneConfiguration 

type CloneConfiguration struct {
	InMemClone *bool
	URL        *string
	Username   *string
	Token      *string
	Branch     *string
	Depth      *int
}

CloneConfiguration holds the configurations for cloning a repo

type Finding 

type Finding struct {
	Action          string
	Content         string
	CommitAuthor    string
	CommitHash      string
	CommitMessage   string
	CommitURL       string
	Description     string
	FilePath        string
	FileURL         string
	WraithVersion   string
	Hash            string
	LineNumber      string
	RepositoryName  string
	RepositoryOwner string
	RepositoryURL   string
	SignatureID     string

	SecretID string
	// contains filtered or unexported fields
}

Finding is a secret that has been discovered within a target by a discovery method

func (*Finding) Initialize 

func (f *Finding) Initialize(sess *Session)

Initialize will set the urls and create an ID for inclusion within the finding

type GithubRepository 

type GithubRepository struct {
	Owner         *string
	ID            *int64
	Name          *string
	FullName      *string
	CloneURL      *string
	URL           *string
	DefaultBranch *string
	Description   *string
	Homepage      *string
}

GithubRepository holds the necessary information for a repository, this data is specific to Github.

type IClient 

type IClient interface {
	GetUserOrganization(login string) (*Owner, error)
	GetRepositoriesFromOwner(target Owner) ([]*Repository, error)
	GetOrganizationMembers(target Owner) ([]*Owner, error)
}

IClient interface is used with the api clients to hold the repo and org specific info.

type Logger 

type Logger struct {
	sync.Mutex
	// contains filtered or unexported fields
}

Logger holds specific configuration data for the logging

func (*Logger) Debug 

func (l *Logger) Debug(format string, args ...interface{})

Debug prints a debug level log message to stdout

func (*Logger) Error 

func (l *Logger) Error(format string, args ...interface{})

Error prints an error level log message to stdout

func (*Logger) Fatal 

func (l *Logger) Fatal(format string, args ...interface{})

Fatal prints a fatal level log message to stdout

func (*Logger) Important 

func (l *Logger) Important(format string, args ...interface{})

Important prints an important level log message to stdout

func (*Logger) Info 

func (l *Logger) Info(format string, args ...interface{})

Info prints an info level log message to stdout

func (*Logger) Log 

func (l *Logger) Log(level int, format string, args ...interface{})

Log is a generic printer for sending data to stdout. It does not do traditional syslog logging

func (*Logger) SetDebug 

func (l *Logger) SetDebug(d bool)

SetDebug will configure the logger to enable debug output to be set to stdout

func (*Logger) SetSilent 

func (l *Logger) SetSilent(s bool)

SetSilent will configure the logger to not display any realtime output to stdout

func (*Logger) Warn 

func (l *Logger) Warn(format string, args ...interface{})

Warn prints a warn level log message to stdout

type MatchFile 

type MatchFile struct {
	Path      string
	Filename  string
	Extension string
}

MatchFile holds the various parts of a file that will be matched using either regex's or simple pattern matches.

type Owner 

type Owner struct {
	Login     *string
	ID        *int64
	Type      *string
	Name      *string
	AvatarURL *string
	URL       *string
	Company   *string
	Blog      *string
	Location  *string
	Email     *string
	Bio       *string
}

Owner holds the info that we want for a repo owner

type PatternSignature 

type PatternSignature struct {
	// contains filtered or unexported fields
}

PatternSignature holds the information about a pattern signature which is a regex used to match content within a file

func (PatternSignature) ConfidenceLevel 

func (s PatternSignature) ConfidenceLevel() int

ConfidenceLevel sets the confidence level of the pattern

func (PatternSignature) Description 

func (s PatternSignature) Description() string

Description sets the user comment of the signature

func (PatternSignature) Enable 

func (s PatternSignature) Enable() int

Enable sets whether as signature is active or not

func (PatternSignature) ExtractMatch 

func (s PatternSignature) ExtractMatch(file MatchFile, sess *Session, change *object.Change) (bool, map[string]int)

ExtractMatch will try and find a match within the content of the file.

func (PatternSignature) Part 

func (s PatternSignature) Part() string

Part sets the part of the file/path that is matched [ filename content extension ]

func (PatternSignature) SignatureID 

func (s PatternSignature) SignatureID() string

SignatureID sets the id used to identify the signature. This id is immutable and generated from a has of the signature and is changed with every update to a signature.

type Repository 

type Repository struct {
	Owner         *string
	ID            *int64
	Name          *string
	FullName      *string
	CloneURL      *string
	URL           *string
	DefaultBranch *string
	Description   *string
	Homepage      *string
}

Repository holds the info we want for a repo itself

type SafeFunctionSignature 

type SafeFunctionSignature struct {
	// contains filtered or unexported fields
}

SafeFunctionSignature holds the information about a safe function, that is used to detect and mitigate false positives

func (SafeFunctionSignature) ConfidenceLevel 

func (s SafeFunctionSignature) ConfidenceLevel() int

ConfidenceLevel sets the confidence level of the pattern

func (SafeFunctionSignature) Description 

func (s SafeFunctionSignature) Description() string

Description sets the user comment of the signature

func (SafeFunctionSignature) Enable 

func (s SafeFunctionSignature) Enable() int

Enable sets whether as signature is active or not

func (SafeFunctionSignature) ExtractMatch 

func (s SafeFunctionSignature) ExtractMatch(file MatchFile, sess *Session, change *object.Change) (bool, map[string]int)

ExtractMatch is a placeholder to ensure min code complexity and allow the reuse of the functions

func (SafeFunctionSignature) Part 

func (s SafeFunctionSignature) Part() string

Part sets the part of the file/path that is matched [ filename content extension ]

func (SafeFunctionSignature) SignatureID 

func (s SafeFunctionSignature) SignatureID() string

SignatureID sets the id used to identify the signature. This id is immutable and generated from a has of the signature and is changed with every update to a signature.

type Session 

type Session struct {
	sync.Mutex

	BindAddress         string
	BindPort            int
	Client              IClient `json:"-"`
	CommitDepth         int
	ConfidenceLevel     int
	CSVOutput           bool
	Debug               bool
	ExpandOrgs          bool
	Findings            []*Finding
	GithubAccessToken   string
	GithubClient        *github.Client `json:"-"`
	GithubEnterpriseURL string
	GithubURL           string
	GitlabAccessToken   string
	GitlabTargets       []string
	GitlabURL           string
	GithubUsers         []*github.User
	HideSecrets         bool
	InMemClone          bool
	JSONOutput          bool
	LocalPaths          []string
	MaxFileSize         int64
	Organizations       []*github.Organization
	Out                 *Logger `json:"-"`
	Repositories        []*Repository
	Router              *gin.Engine `json:"-"`
	SignatureVersion    string
	ScanFork            bool
	ScanTests           bool
	ScanType            string
	Signatures          []*Signature
	Silent              bool
	SkippableExt        []string
	SkippablePath       []string
	Stats               *Stats
	Targets             []*Owner
	Threads             int
	UserDirtyNames      []string
	UserDirtyOrgs       []string
	UserDirtyRepos      []string
	UserLogins          []string
	UserOrgs            []string
	UserRepos           []string
	WebServer           bool
	WraithVersion       string
}

Session contains all the necessary values and parameters used during a scan

func NewSession 

func NewSession(scanType string) *Session

NewSession is the entry point for starting a new scan session

func (*Session) AddFinding 

func (s *Session) AddFinding(finding *Finding)

AddFinding will add a finding that has been discovered during a session to the list of findings for that session

func (*Session) AddRepository 

func (s *Session) AddRepository(repository *Repository)

AddRepository will add a given repository to be scanned to a session. This counts as the total number of repos that have been gathered during a session.

func (*Session) AddTarget 

func (s *Session) AddTarget(target *Owner)

AddTarget will add a new target to a session to be scanned during that session

func (*Session) Finish 

func (s *Session) Finish()

Finish is called at the end of a scan session and used to generate discrete data points for a given scan session including setting the status of a scan to finished.

func (*Session) InitGitClient 

func (s *Session) InitGitClient()

InitGitClient will create a new github client of the type given by the input string. Currently Enterprise and github.com are supported

func (*Session) InitLogger 

func (s *Session) InitLogger()

InitLogger will initialize the logger for the session

func (*Session) InitRouter 

func (s *Session) InitRouter()

InitRouter will configure and start the webserver for graphical output and status messages

func (*Session) InitStats 

func (s *Session) InitStats()

InitStats will set the initial values for a session

func (*Session) InitThreads 

func (s *Session) InitThreads()

InitThreads will set the correct number of threads based on the commandline flags

func (*Session) Initialize 

func (s *Session) Initialize(scanType string)

Initialize will set the initial values and options used during a scan session

func (*Session) SaveToFile 

func (s *Session) SaveToFile(location string) error

SaveToFile will save a json representation of the session output to a file

func (*Session) ValidateUserInput 

func (s *Session) ValidateUserInput()

ValidateUserInput will check for special characters in the strings and make sure we have at least one usr/repo/org to scan

type Signature 

type Signature interface {
	Description() string
	Enable() int
	ExtractMatch(file MatchFile, sess *Session, change *object.Change) (bool, map[string]int)
	ConfidenceLevel() int
	Part() string
	SignatureID() string // TODO change id -> ID
}

Signature is an expression that we are looking for in a file

func LoadSignatures 

func LoadSignatures(filePath string, mLevel int, sess *Session) []Signature

LoadSignatures will load all known signatures for the various match types into the session

type SignatureConfig 

type SignatureConfig struct {
	Meta                   SignaturesMetaData `yaml:"Meta"`
	PatternSignatures      []SignatureDef     `yaml:"PatternSignatures"`
	SimpleSignatures       []SignatureDef     `yaml:"SimpleSignatures"`
	SafeFunctionSignatures []SignatureDef     `yaml:"SafeFunctionSignatures"`
}

SignatureConfig holds the base file structure for the signatures file

type SignatureDef 

type SignatureDef struct {
	Comment         string  `yaml:"comment"`
	Description     string  `yaml:"description"`
	Enable          int     `yaml:"enable"`
	Entropy         float64 `yaml:"entropy"`
	Match           string  `yaml:"match"`
	ConfidenceLevel int     `yaml:"confidence-level"`
	Part            string  `yaml:"part"`
	SignatureID     string  `yaml:"signatureid"`
}

SignatureDef maps to a signature within the yaml file

type SignaturesMetaData 

type SignaturesMetaData struct {
	Date    string
	Time    int
	Version string
}

SignaturesMetaData is used by updateSignatures to determine if/how to update the signatures

type SimpleSignature 

type SimpleSignature struct {
	// contains filtered or unexported fields
}

SimpleSignature holds the information about a simple signature which is used to match a path or filename

func (SimpleSignature) ConfidenceLevel 

func (s SimpleSignature) ConfidenceLevel() int

ConfidenceLevel sets the confidence level of the pattern

func (SimpleSignature) Description 

func (s SimpleSignature) Description() string

Description sets the user comment of the signature

func (SimpleSignature) Enable 

func (s SimpleSignature) Enable() int

Enable sets whether as signature is active or not

func (SimpleSignature) ExtractMatch 

func (s SimpleSignature) ExtractMatch(file MatchFile, sess *Session, change *object.Change) (bool, map[string]int)

ExtractMatch will attempt to match a path or file name of the given file

func (SimpleSignature) Part 

func (s SimpleSignature) Part() string

Part sets the part of the file/path that is matched [ filename content extension ]

func (SimpleSignature) SignatureID 

func (s SimpleSignature) SignatureID() string

SignatureID sets the id used to identify the signature. This id is immutable and generated from a has of the signature and is changed with every update to a signature.

type Stats 

type Stats struct {
	sync.Mutex

	StartedAt           time.Time // The time we started the scan
	FinishedAt          time.Time // The time we finished the scan
	Status              string    // The running status of a scan for the web interface
	Progress            float64   // The running progress for the bar on the web interface
	RepositoriesTotal   int       // The toatal number of repos discovered
	RepositoriesScanned int       // The total number of repos scanned (not excluded, errors, empty)
	RepositoriesCloned  int       // The total number of repos cloned (excludes errors and excluded, includes empty)
	Organizations       int       // The number of github orgs
	CommitsScanned      int       // The number of commits scanned in a repo
	CommitsDirty        int       // The number of commits in a repo found to have secrets
	FilesScanned        int       // The number of files actually scanned
	FilesIgnored        int       // The number of files ignored (tests, extensions, paths)
	FilesTotal          int       // The total number of files that were processed
	FilesDirty          int
	FindingsTotal       int // The total number of findings. There can be more than one finding per file and more than one finding of the same type in a file
	Users               int // Github users
	Targets             int // The number of dirs, people, orgs, etc on the command line or config file (what do you want wraith to enumerate on)
	Repositories        int // This will point to RepositoriesScanned
	CommitsTotal        int // This will point to commits scanned
	Findings            int // This will point to findings total
	Files               int // This will point to FilesScanned
	Commits             int // This will point to CommitsScanned
}

Stats hold various runtime statistics used for perf data as well generating various reports

func (*Stats) IncrementCommitsDirty 

func (s *Stats) IncrementCommitsDirty()

IncrementCommitsDirty will bump the number of commits that have been found to be dirty, as in they contain one of more findings

func (*Stats) IncrementCommitsScanned 

func (s *Stats) IncrementCommitsScanned()

IncrementCommitsScanned will bump the number of commits that have been scanned. This is scan wide and not on a per repo/org basis

func (*Stats) IncrementCommitsTotal 

func (s *Stats) IncrementCommitsTotal()

IncrementCommitsTotal will add one to the running count of commits during the target discovery phase of a session

func (*Stats) IncrementFiles 

func (s *Stats) IncrementFiles()

IncrementFiles will add one to the running count of files during the target discovery phase of a session

func (*Stats) IncrementFilesDirty 

func (s *Stats) IncrementFilesDirty()

IncrementFilesDirty will bump the count of files that have been discovered. This does not reflect if the file was scanned/skipped. It is simply a count of files that were found.

func (*Stats) IncrementFilesIgnored 

func (s *Stats) IncrementFilesIgnored()

IncrementFilesIgnored will bump the number of files that have been ignored for various reasons.

func (*Stats) IncrementFilesScanned 

func (s *Stats) IncrementFilesScanned()

IncrementFilesScanned will bump the count of files that have been scanned successfully.

func (*Stats) IncrementFilesTotal 

func (s *Stats) IncrementFilesTotal()

IncrementFilesTotal will bump the count of files that have been discovered. This does not reflect if the file was scanned/skipped. It is simply a count of files that were found.

func (*Stats) IncrementFindings 

func (s *Stats) IncrementFindings()

IncrementFindings will add one to the running count of findings during the target discovery phase of a session

func (*Stats) IncrementFindingsTotal 

func (s *Stats) IncrementFindingsTotal()

IncrementFindingsTotal will bump the total number of findings that have been matched. This does exclude any other documented criteria.

func (*Stats) IncrementOrgs 

func (s *Stats) IncrementOrgs()

IncrementOrgs will bump the number of orgs that have been gathered. This is scan wide and not on a per repo/org basis

func (*Stats) IncrementRepositories 

func (s *Stats) IncrementRepositories()

IncrementRepositories will add one to the running repository count during the target discovery phase of a session

func (*Stats) IncrementRepositoriesCloned 

func (s *Stats) IncrementRepositoriesCloned()

IncrementRepositoriesCloned will bump the number of repositories that have been cloned with errors but may be empty

func (*Stats) IncrementRepositoriesScanned 

func (s *Stats) IncrementRepositoriesScanned()

IncrementRepositoriesScanned will bump the total number of repositories that have been scanned and are not empty

func (*Stats) IncrementRepositoriesTotal 

func (s *Stats) IncrementRepositoriesTotal()

IncrementRepositoriesTotal will bump the total number of repositories that have been discovered. This will include empty ones as well as those that had errors

func (*Stats) IncrementTargets 

func (s *Stats) IncrementTargets()

IncrementTargets will add one to the running target count during the target discovery phase of a session

func (*Stats) IncrementUsers 

func (s *Stats) IncrementUsers()

IncrementUsers will bump the total number of users that have been enumerated

func (*Stats) UpdateProgress 

func (s *Stats) UpdateProgress(current int, total int)

UpdateProgress will update the progress percentage

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.