README
¶
Installation
go version Make sure a recent version of go is installed
cd go/ Change directory to this projects go folder.
make This will make and output the binary in your GOPATH
triage To use the Triage cli.
Usage
authenticate
-t: string; API Token
API token will be stored on disk.
submit
-f: file path
-u: url
Sample submitted
ID: {id}
Status: {status}
-- target info --
select-profile
-s: string; ID of a sample.
Interactive flow to select profile for submitted file
note: does not seem to work very cleanly
list, ls
-n: int; Numbers of samples to return.
-public: bool; Query public set
List of https://tria.ge/docs/cloud-api/samples/#get-samplessampleid
file
-s: string; Sample ID
-t: string; Task ID
-f: string; Filename
-o: string; Output file
Downloaded file
note: Not able to make it work
archive
-s: string; Sample ID
-f: string; Archive format
-o: string; Output file
Download Sample as an archive
delete, del
-s: string; Sample ID
Delete a Sample
report
-s: string; Sample ID
-static: boolean; Query statis report
-t: string; Task ID
Get the report of a single sample
https://tria.ge/docs/cloud-api/samples/#get-samplessampleid
create-profile
-name: string; Name of new profile
-tags: string; Comma seperated set of tags
-network: string; Use network, drop or unset
-timeout: string (4m0s); Timeout of profile
Profile created
ID: {id}
Name: {name}
delete-profile
-p: string; Name or ID of profile
Nothing returned, profile deleted
list-profiles
List of profiles
Documentation
¶
Index ¶
- type Client
- func (c *Client) CreateProfile(ctx context.Context, name string, tags []string, network string, ...) (*Profile, error)
- func (c *Client) DeleteProfile(ctx context.Context, id string) error
- func (c *Client) DeleteSample(ctx context.Context, sampleID string) error
- func (c *Client) Profiles(ctx context.Context) ([]Profile, error)
- func (c *Client) PublicSamples(ctx context.Context, max int) <-chan Sample
- func (c *Client) SampleArchiveTAR(ctx context.Context, sampleID string) (io.ReadCloser, error)
- func (c *Client) SampleArchiveZIP(ctx context.Context, sampleID string) (io.ReadCloser, error)
- func (c *Client) SampleByID(ctx context.Context, sampleID string) (*Sample, error)
- func (c *Client) SampleEvents(ctx context.Context) <-chan SampleEvent
- func (c *Client) SampleEventsByID(ctx context.Context, sampleID string) <-chan SampleEvent
- func (c *Client) SampleOverviewReport(ctx context.Context, sampleID string) (*types.OverviewReport, error)
- func (c *Client) SamplePath(ctx context.Context, sampleID, path string, resp interface{}) error
- func (c *Client) SampleSample(ctx context.Context, sampleID string) (io.ReadCloser, error)
- func (c *Client) SampleStaticReport(ctx context.Context, sampleID string) (*types.StaticReport, error)
- func (c *Client) SampleTaskFile(ctx context.Context, sampleID, taskID, filename string) (io.ReadCloser, error)
- func (c *Client) SampleTaskKernelReport(ctx context.Context, sampleID, taskID string) (<-chan json.RawMessage, error)
- func (c *Client) SampleTaskPCAP(ctx context.Context, sampleID, taskID string) (io.ReadCloser, error)
- func (c *Client) SampleTaskPCAPNG(ctx context.Context, sampleID, taskID string) (io.ReadCloser, error)
- func (c *Client) SampleTaskReport(ctx context.Context, sampleID, taskID string) (*types.TriageReport, error)
- func (c *Client) SampleURLScanScreenshot(ctx context.Context, sampleID string) (io.ReadCloser, error)
- func (c *Client) SamplesForUser(ctx context.Context, max int) <-chan Sample
- func (c *Client) Search(ctx context.Context, query string, max int) <-chan Sample
- func (c *Client) SetSampleProfile(ctx context.Context, sampleID string, profiles []ProfileSelection) error
- func (c *Client) SetSampleProfileAutomatically(ctx context.Context, sampleID string, pick []string) error
- func (c *Client) SubmitSampleFile(ctx context.Context, filename string, file io.Reader, interactive bool, ...) (*Sample, error)
- func (c *Client) SubmitSampleURL(ctx context.Context, url string, interactive bool, profiles []ProfileSelection) (*Sample, error)
- type Error
- type HttpClient
- type Profile
- type ProfileSelection
- type Sample
- type SampleEvent
- type SampleResp
- type SampleStatus
- type Task
- type TaskStatus
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Client ¶
type Client struct {
// contains filtered or unexported fields
}
A Client can be used to make requests to the Triage API.
func NewClient ¶
NewClient creates a new client with the specified access token.
You can find this token on your user account page on https://tria.ge if you have been granted API permissions.
No attempt to validate the token is made.
The client will make requests on behalf of the user that owns the token.
func NewClientWithRootURL ¶
NewClientWithRootURL creates a client with a non-standard API root.
func NewPrivateClient ¶
NewPrivateClient creates a new client with the specified access token to the private cloud environment.
func (*Client) CreateProfile ¶
func (*Client) DeleteProfile ¶
DeleteProfile deletes a profile by its ID or name.
func (*Client) DeleteSample ¶
func (*Client) PublicSamples ¶
func (*Client) SampleArchiveTAR ¶
func (*Client) SampleArchiveZIP ¶
func (*Client) SampleByID ¶
func (*Client) SampleEvents ¶
func (c *Client) SampleEvents(ctx context.Context) <-chan SampleEvent
func (*Client) SampleEventsByID ¶
func (c *Client) SampleEventsByID(ctx context.Context, sampleID string) <-chan SampleEvent
func (*Client) SampleOverviewReport ¶
func (*Client) SamplePath ¶ added in v1.0.1
func (*Client) SampleSample ¶
func (*Client) SampleStaticReport ¶
func (*Client) SampleTaskFile ¶
func (*Client) SampleTaskKernelReport ¶
func (*Client) SampleTaskPCAP ¶
func (*Client) SampleTaskPCAPNG ¶
func (*Client) SampleTaskReport ¶
func (*Client) SampleURLScanScreenshot ¶
func (*Client) SamplesForUser ¶
func (*Client) SetSampleProfile ¶
func (*Client) SetSampleProfileAutomatically ¶
func (*Client) SubmitSampleFile ¶
func (*Client) SubmitSampleURL ¶
type Error ¶
type Error struct {
Status int
Kind string `json:"error"`
Message string `json:"message,omitempty"`
}
Error represents APi errors in a generic form.
The Status and Kind fields can be used to programmaticaly determine the type of error to appropriately handle it. The Message field contains a human readable cause.
type ProfileSelection ¶
type Sample ¶
type Sample struct {
ID string `json:"id"`
Private bool `json:"private"`
Status SampleStatus `json:"status"`
Kind string `json:"kind"`
Filename string `json:"filename"`
URL string `json:"url"`
Tasks []Task `json:"tasks"`
SubmittedAt time.Time `json:"submitted"`
CompletedAt *time.Time `json:"completed"`
}
type SampleEvent ¶
type SampleResp ¶
type SampleStatus ¶
type SampleStatus string
const ( // A sample has been submitted and is queued for static analysis or the // static analys is in progress. SampleStatusPending SampleStatus = "pending" // The static analysis report is ready. The sample will remain in this // state until a profile is selected. SampleStatusStaticAnalysis SampleStatus = "static_analysis" // All parameters for sandbox analysis have been selected. The sample is // scheduled for running on the sandbox. SampleStatusSheduled SampleStatus = "scheduled" // The sample is being ran by the sandbox. SampleStatusRunning SampleStatus = "running" // The sandbox has finished running the sample and the resulting metrics // are being processed into reports. SampleStatusProcessing SampleStatus = "processing" // The sample has reports that can be retrieved. This state is terminal. SampleStatusReported SampleStatus = "reported" // Analysis of the sample has failed. Any other state may transition into // this state. This state is terminal. SampleStatusFailed SampleStatus = "failed" )
type Task ¶
type Task struct {
ID string `json:"id"`
Status TaskStatus `json:"status"`
}
type TaskStatus ¶
type TaskStatus string
const ( TaskStatusPending TaskStatus = "pending" TaskStatusScheduled TaskStatus = "scheduled" TaskStatusRunning TaskStatus = "running" TaskStatusProcessing TaskStatus = "processing" TaskStatusReported TaskStatus = "reported" TaskStatusFailed TaskStatus = "failed" )
Source Files
Directories