scan

package
v0.0.0-...-1a4da24 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jul 10, 2023 License: Apache-2.0 Imports: 17 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	//Labels is a map of all our labels, accessible by the rule unique code
	Labels map[int]LabelConfigs
	//CombinedRules is a global array where we load all our precompiled rules
	CombinedRules []Rule
	//FalsePositiveRules is a map of our false positive rules sorted by the rule unique code
	FalsePositiveRules map[int]FalsePositives
	//SolutionConfigs is a map of our solutions sorted by the rule unique code
	SolutionConfigs map[int]Solution
	//CompressPattern is a pattern used to identify compressed zip files
	CompressPattern = regexp.MustCompile(compressRegex)
	//ConvertPattern is a pattern used to identify files that need to be converted to plaintext to be scanned
	ConvertPattern = regexp.MustCompile(convertRegex)
)

Functions

func DeleteFiles 

func DeleteFiles(paths []string)

DeleteFiles removes files and folders in target path array

func Init 

func Init(cfg cfgreader.EarlybirdConfig)

Init loads in all the Earlybird rules into the CombinedRules global variable

func IsIgnoreAnnotation 

func IsIgnoreAnnotation(cfg *cfgReader.EarlybirdConfig, line string) bool

IsIgnoreAnnotation Checks for ignore annotation

func SearchFiles 

func SearchFiles(cfg *cfgReader.EarlybirdConfig, files []File, compressPaths []string, convertPaths []string, hits chan<- Hit)

SearchFiles will use the EarlybirdConfig, the provided file list, decompressed zip files and converted files temporary paths to send found secrets to the Hit channel

Types

type FalsePositive 

type FalsePositive struct {
	Codes           []int
	Pattern         string
	CompiledPattern *regexp.Regexp
	FileExtensions  []string
	UseFullLine     bool
}

FalsePositive is a rule to match false positives post process

type FalsePositives 

type FalsePositives struct {
	FalsePositives []FalsePositive `json:"rules"`
}

FalsePositives are the rules to match false positives post process

type File 

type File struct {
	Name  string
	Path  string
	Lines []Line
}

File to scan

type Hit 

type Hit struct {
	Code         int      `json:"code"`
	Filename     string   `json:"filename"`
	Caption      string   `json:"caption"`
	Category     string   `json:"category"`
	MatchValue   string   `json:"match_value"`
	LineValue    string   `json:"line_value"`
	Solution     string   `json:"solution"`
	Line         int      `json:"line"`
	Severity     string   `json:"severity"`
	SeverityID   int      `json:"severity_id"`
	Confidence   string   `json:"confidence"`
	ConfidenceID int      `json:"confidence_id"`
	Labels       []string `json:"labels"`
	CWE          []string `json:"cwe"`
	Time         string   `json:"time"`
}

Hit is a match in a file against a specific rule

type LabelConfig 

type LabelConfig struct {
	Label     string   `json:"label"`
	Keys      []string `json:"keys"`
	Multiline bool     `json:"multiline"`
	Category  string   `json:"category"`
	Codes     []int    `json:"codes"`
}

LabelConfig Rule for applying labels to hits based on context

type LabelConfigs 

type LabelConfigs struct {
	Labels []LabelConfig `json:"Labels"`
}

LabelConfigs Rules for applying labels to hits based on context

type Line 

type Line struct {
	LineNum                       int
	LineValue, FilePath, FileName string
}

Line in a file to scan

type Report 

type Report struct {
	Version       string   `json:"version"`
	Skipped       []string `json:"skipped"`
	Ignore        []string `json:"ignore"`
	Threshold     int      `json:"threshold"`
	Modules       []string `json:"modules"`
	Hits          []Hit    `json:"hits"`
	HitCount      int      `json:"hit_count"`
	FilesScanned  int      `json:"files_scanned"`
	RulesObserved int      `json:"rules_observed"`
	StartTime     string   `json:"start_time"`
	EndTime       string   `json:"end_time"`
	Duration      string   `json:"duration"`
}

Report is the Earlybird end output

type Rule 

type Rule struct {
	Code, Severity, Confidence, SolutionID            int
	Pattern, Caption, Category, Solution, Postprocess string
	CompiledPattern                                   *regexp.Regexp
	Searcharea                                        string
	CWE                                               []string
	Example                                           string
}

Rule Each module config is a set of rules

type Rules 

type Rules struct {
	Rules      []Rule `json:"rules"`
	Searcharea string `json:"Searcharea"`
}

Rules is the exported definition of the Rules structure for Earlybird

type Solution 

type Solution struct {
	ID   int    `json:"id"`
	Text string `json:"text"`
}

Solution display text for a solution

type Solutions 

type Solutions struct {
	Solutions []Solution `json:"solutions"`
}

Solutions to each rule / finding

type WorkJob 

type WorkJob struct {
	WorkLine  Line
	FileLines []Line
}

WorkJob As we add jobs to the pool, they need to contain the line being scanned and the file content (in Lines)

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.