Documentation
¶
Index ¶
- func AddDefaultPort(input string, defaultPort int) string
- func ByteToMb(b uint64) string
- func DumpMemProfile(outputDir string, name string)
- func GetClientHello(name string) (ch *tls.ClientHelloPreset)
- func GetMD5(input []byte) []byte
- func GetNtpLocalTimeDiff() (d time.Duration)
- func GetSHA1(input []byte) []byte
- func GetSHA256(input []byte) []byte
- func IsClosedConnErr(err error) bool
- func IsStdInPresent() bool
- func LoadClientHellos(opts *Options)
- func LoadCustomCH(filename string) (*tls.ClientHelloPreset, error)
- func MaxInt64(a, b int64) int64
- func MinInt(a, b int) int
- func NewFalse() *bool
- func NewTrue() *bool
- func OpensslFormat(input string, header string, trailer string) string
- func ParseAlerts(alerts []tls.Alert) []string
- func PrintStacktrace(all bool)
- func RunCommandToLog(c *exec.Cmd, event *zerolog.Event)
- func ToCompactBinary(input *bool) string
- func ToJSONArray(input []string) string
- func ToJSONIntArray(input []int) string
- type CertCache
- type CertPool
- type LogWriter
- type Options
- type SessionUID
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func AddDefaultPort ¶
addDefaultPort adds a default port if none is present in IPv4 or IPv6 addresses
func DumpMemProfile ¶
func GetClientHello ¶
func GetClientHello(name string) (ch *tls.ClientHelloPreset)
func GetNtpLocalTimeDiff ¶
getNtpLocalTimeDiff returns the time difference between the system time and ntp.org
func IsClosedConnErr ¶
func IsStdInPresent ¶
func IsStdInPresent() bool
func LoadClientHellos ¶
func LoadClientHellos(opts *Options)
func LoadCustomCH ¶
func LoadCustomCH(filename string) (*tls.ClientHelloPreset, error)
func OpensslFormat ¶
opensslFormat adds the PEM beginning and end markers and inserts newlines at the right position
func ParseAlerts ¶
func PrintStacktrace ¶
func PrintStacktrace(all bool)
func ToCompactBinary ¶
func ToJSONArray ¶
func ToJSONIntArray ¶
Types ¶
type CertCache ¶
type CertCache struct {
// contains filtered or unexported fields
}
Contains two relations
Certificate -> ID Certificate -> Certificate is new
Later is used to write Certificates to a file only once. This class is a bit more complicated to save RAM and to enable concurrent use of the methods, e.g. CertRelationResult uses the ID of a certificate before CertResult actually writes it into a file
func NewCertCache ¶
func (*CertCache) GetID ¶
func (c *CertCache) GetID(cert *x509.Certificate) (certId SessionUID, certIsNew bool)
returns the ID for a cert and whether this cert was not marked as old by MarkOld yet
func (*CertCache) MarkOld ¶
func (c *CertCache) MarkOld(cert *x509.Certificate)
type CertPool ¶
type CertPool struct {
// contains filtered or unexported fields
}
CertPool is a set of certificates.
func NewCertPool ¶
func NewCertPool(certs []*x509.Certificate, withSystemStore bool) *CertPool
NewCertPool returns a new, empty CertPool.
func (*CertPool) FindPotentialParents ¶
func (s *CertPool) FindPotentialParents(cert *x509.Certificate) []int
findPotentialParents returns the indexes of certificates in s which might have signed cert. The caller must not modify the returned slice.
func (*CertPool) IsFromSystemStore ¶
type Options ¶
type Options struct {
Config string `short:"C" long:"config" description:"Config file with options" no-ini:"true" value-name:"CONFIG-FILE"`
Input string `` /* 135-byte string literal not displayed */
OutputDir string `` /* 140-byte string literal not displayed */
LogFile string `short:"l" long:"log-file" description:"Log to file LOG-FILE (JSON formatted) instead of stderr" value-name:"LOG-FILE"`
HashCache string `` /* 223-byte string literal not displayed */
Concurrency int `` /* 154-byte string literal not displayed */
QPS int `short:"q" long:"qps" description:"Number of queries per second" default:"100"`
Timeout int64 `short:"t" long:"timeout" description:"Timeout for each connection in milliseconds" default:"10000"`
SynTimeout int64 `long:"syn-timeout" description:"Timeout for the TCP connection setup in milliseconds." default:"0" default-mask:"timeout"`
SourceIP string `long:"source" description:"Source IP address if host has multiple addresses or interfaces" value-name:"SOURCE-IP" default:""`
Profile string `short:"p" long:"profile" description:"Output file for profiling"`
SkipErrors bool `long:"skip-errors" description:"Skip TCP errors like connection timeout and don't write them to output file"`
Verbose []bool `short:"v" long:"verbose" description:"Increase verbosity from warning to info or even debug"`
Version bool `short:"V" long:"version" description:"Show version information"`
HTTPHeaders string `` /* 142-byte string literal not displayed */
HTTPRequests []string `` /* 186-byte string literal not displayed */
SCSV bool `long:"scsv" description:"Send SCSV pseudo cipher suite"`
CustomClientHello string `long:"client-hello" description:"tls ClientHello Preset as binary gob file" value-name:"CustomClientHello"`
CustomClientHelloDir string `` /* 188-byte string literal not displayed */
SSH bool `long:"ssh" description:"Scan SSH instead of TLS"`
Scans []string `` /* 160-byte string literal not displayed */
MemProfile bool `long:"mem-profile" description:"Dump Mem Profile Files every 5 min to output directory"`
TLSExtendedExport bool `long:"tls-extended-output" description:"Save a more verbose output of the tls scan, including tls extensions and fingerprint"`
HTTPExtendedExport bool `long:"http-extended-output" description:"Save a verbose output for the http scan. This includes all HTTP headers."`
TLSSaveStapledOcspResponses bool `long:"tls-save-stapled-ocsp" description:"Save stapled ocsp-responses in a separate file"`
KeyLogFile bool `long:"keylog-file" description:"If set a keylog file will be written to the output"`
CreateCHCommand cmd.CreateCHCommand `command:"create-ch" description:"Create Client Hellos"`
CreateCHInputCommand cmd.CreateCHInputCommand `command:"create-ch-input" description:"Generate Cross Product between Client Hellos and input file"`
GenerateFingerprintsCommand cmd.GenerateFingerprintsCommand `command:"generate-fingerprints" description:"Generate the Active TLS Stack Fingerprints from a Goscanner output"`
DissecTLSMode string `long:"dissectls-mode" description:"Set the mode of the DeppTLSScan: 'recommended', 'go', 'all'" default:"all"`
DissecTLSMaxCHs int `long:"dissectls-max-chs" description:"Max Number of CHS for the DeppTLSScan" default:"100"`
DissecTLSQps float64 `long:"dissectls-qps" description:"QPS to to scan the same target" default:"10"`
DissecTLSLightweight bool `long:"dissectls-light" description:"Use fewer requests, might not find as much details about the servers"`
}
type SessionUID ¶
type SessionUID uint32
func GetSessionUID ¶
func GetSessionUID() SessionUID
func (SessionUID) ToString ¶
func (s SessionUID) ToString() string
Source Files
Click to show internal directories.
Click to hide internal directories.