Documentation ¶
Index ¶
- Constants
- Variables
- func CloseDB(db *sql.DB)
- func ConnectDB(conf *Config) (*sql.DB, error)
- func GetClosedVulnIDs() (*[]int64, error)
- func GetCves(vid int64) (*[]string, error)
- func GetEmpID(username string) (int64, error)
- func GetEmpIDtx(tx *sql.Tx, username string) (int64, error)
- func GetExploit(vid int64) (VarsNullString, VarsNullBool, error)
- func GetNoteAuthor(noteid int64) (int64, error)
- func GetOpenVulnIDs() (*[]int64, error)
- func GetReferences(vid int64) (*[]string, error)
- func GetSystemID(sysname string) (int64, error)
- func GetSystemIDtx(tx *sql.Tx, sysname string) (int64, error)
- func GetTickets(vid int64) (*[]string, error)
- func GetVulnID(vname string) (int64, error)
- func GetVulnIDtx(tx *sql.Tx, vulnname string) (int64, error)
- func InsertDates(tx *sql.Tx, vid int64, ini time.Time, pub, mit VarsNullTime) error
- func InsertEmployee(tx *sql.Tx, first, last, email, username string, level int) error
- func InsertExploit(tx *sql.Tx, vid int64, exploitable bool, exploit string) error
- func InsertImpact(tx *sql.Tx, vid int64, cvss, corpscore float32, cvsslink VarsNullString) error
- func InsertVulnerability(tx *sql.Tx, vname string, finder, initiator int64, ...) error
- func IsNameNotAvailableError(err error) bool
- func IsNilErr(e interface{}) bool
- func IsNoRowsError(err error) bool
- func IsVulnOpen(vid int64) (bool, error)
- func NameIsAvailable(obj, name string) (bool, error)
- func ReadConfig(config string) (err error)
- func SetCves(tx *sql.Tx, vuln *Vulnerability) error
- func SetExploit(tx *sql.Tx, vuln *Vulnerability) error
- func SetReferences(tx *sql.Tx, vuln *Vulnerability) error
- func SetTickets(tx *sql.Tx, vuln *Vulnerability) error
- type Affected
- type Config
- type Employee
- type Err
- func DeleteAffected(tx *sql.Tx, vid, sid int64) Err
- func DeleteCve(tx *sql.Tx, vid int64, cve string) Err
- func DeleteDates(tx *sql.Tx, vid int64) Err
- func DeleteExploit(tx *sql.Tx, vid int64) Err
- func DeleteImpact(tx *sql.Tx, vid int64) Err
- func DeleteNote(tx *sql.Tx, noteid int64) Err
- func DeleteRef(tx *sql.Tx, vid int64, ref string) Err
- func DeleteSystem(tx *sql.Tx, sid int64) Err
- func DeleteSystemFromAffected(tx *sql.Tx, sid int64) Err
- func DeleteTicket(tx *sql.Tx, vid int64, ticket string) Err
- func DeleteVulnerability(tx *sql.Tx, vid int64) Err
- func InsertAffected(tx *sql.Tx, vid, sid int64, mitigated bool) Err
- func InsertCve(tx *sql.Tx, vid int64, cve string) Err
- func InsertNote(tx *sql.Tx, vid, eid int64, note string) Err
- func InsertRef(tx *sql.Tx, vid int64, url string) Err
- func InsertSystem(tx *sql.Tx, sys *System) Err
- func InsertTicket(tx *sql.Tx, vid int64, ticket string) Err
- func NewErr(errT errType, parents ...string) Err
- func UpdateAffected(tx *sql.Tx, vid, sid int64, mit bool) Err
- func UpdateCorpScore(tx *sql.Tx, vid int64, cscore float32) Err
- func UpdateCve(tx *sql.Tx, vid int64, oldCve, newCve string) Err
- func UpdateCvss(tx *sql.Tx, vid int64, cvss float32) Err
- func UpdateCvssLink(tx *sql.Tx, vid int64, cvssLink VarsNullString) Err
- func UpdateEmpEmail(tx *sql.Tx, eid int64, email string) Err
- func UpdateEmpFname(tx *sql.Tx, eid int64, name string) Err
- func UpdateEmpLevel(tx *sql.Tx, eid int64, level int) Err
- func UpdateEmpLname(tx *sql.Tx, eid int64, name string) Err
- func UpdateEmpUname(tx *sql.Tx, eid int64, uname string) Err
- func UpdateExploit(tx *sql.Tx, vid int64, exploit string) Err
- func UpdateExploitable(tx *sql.Tx, vid int64, exploitable bool) Err
- func UpdateFinder(tx *sql.Tx, vid, finder int64) Err
- func UpdateInitDate(tx *sql.Tx, vid int64, initDate time.Time) Err
- func UpdateInitiator(tx *sql.Tx, vid, initiator int64) Err
- func UpdateMitDate(tx *sql.Tx, vid int64, mitDate VarsNullTime) Err
- func UpdateMitigation(tx *sql.Tx, vid int64, mit string) Err
- func UpdateNote(tx *sql.Tx, nid int64, note string) Err
- func UpdatePubDate(tx *sql.Tx, vid int64, pubDate VarsNullTime) Err
- func UpdateRefers(tx *sql.Tx, vid int64, oldURL, newURL string) Err
- func UpdateSummary(tx *sql.Tx, vid int64, summary string) Err
- func UpdateSysDesc(tx *sql.Tx, sid int64, desc string) Err
- func UpdateSysLoc(tx *sql.Tx, sid int64, loc string) Err
- func UpdateSysName(tx *sql.Tx, sid int64, name string) Err
- func UpdateSysOS(tx *sql.Tx, sid int64, os string) Err
- func UpdateSysState(tx *sql.Tx, sid int64, state string) Err
- func UpdateSysType(tx *sql.Tx, sid int64, stype string) Err
- func UpdateTest(tx *sql.Tx, vid int64, test string) Err
- func UpdateTicket(tx *sql.Tx, vid int64, oldTicket, newTicket string) Err
- func UpdateVulnName(tx *sql.Tx, vid int64, vname string) Err
- type Errs
- type Note
- type System
- type VarsNullBool
- type VarsNullString
- type VarsNullTime
- type VulnDates
- type Vulnerability
Constants ¶
const (
NameNotAvailable errType
)
Variables ¶
var ( //ErrNoRowsInserted is used when there were not any rows inserted into the table ErrNoRowsInserted = errors.New("No rows were inserted") //ErrNoRowsUpdated is used when there were not any rows updated in the table ErrNoRowsUpdated = errors.New("No rows were updated") //ErrNameNotAvailable is used when the provided vulnnerability name is not available ErrNameNotAvailable = errors.New("The provided vulnerability name is not available") //ErrUknownType is used for the default case of the type switch ErrUnknownType = errors.New("The interface type is not supported") //ErrGenericVars is used when the error is too generic ErrGenericVars = errors.New("Something went wrong") )
Functions ¶
func ConnectDB ¶
ConnectDB establishes a connection to the Postgresql database and returns a pointer to the database handler, as well as any errors encountered.
func GetClosedVulnIDs ¶
GetClosedVulnIDs returns a pointer to a slice of vulnerability IDs that have a mitigated date.
func GetEmpIDtx ¶
GetEmpIDtx returns the empid associated with the employee.
func GetExploit ¶
func GetExploit(vid int64) (VarsNullString, VarsNullBool, error)
GetExploit returns the row from the exploits table for the given vulnid.
func GetNoteAuthor ¶
GetNoteAuthor returns the empid of the author of the note.
func GetOpenVulnIDs ¶
GetOpenVulnIDs returns a pointer to a slice of vulnerability IDs that do not have a mitigated date.
func GetReferences ¶
GetReferences returns a pointer to a slice of urls associated with the vulnid.
func GetSystemID ¶
GetSystemID returns the sysid associated with the sysname.
func GetSystemIDtx ¶
GetSystemIDtx returns the sysid associated with the sysname.
func GetTickets ¶
GetTickets returns a pointer to a slice of tickets associated with the vulnid.
func GetVulnIDtx ¶
GetVulnIDtx returns the vulnid associated with the vname.
func InsertDates ¶
InsertDates inserts the dates published, initiated, and mitigated.
func InsertEmployee ¶
InsertEmployee inserts the employee's first name, last name, and email.
func InsertExploit ¶
InsertExploit inserts a row into the exploits table for vulnid
func InsertImpact ¶
InsertImpact inserts the CVSS score, Corpscore, and CVSSlink.
func InsertVulnerability ¶
func InsertVulnerability(tx *sql.Tx, vname string, finder, initiator int64, summary, test, mitigation string) error
InsertVulnerability will insert a new row into the vuln table.
func IsNameNotAvailableError ¶
IsNameNotAvailableError returns true if the error is caused by name not being available
func IsNilErr ¶
func IsNilErr(e interface{}) bool
IsNilErr type asserts the provided error (error, Err, Errs) and returns true if the error is nil, false otherwise.
func IsNoRowsError ¶
IsNoRowsError returns true if the error is caused by no rows being effected
func IsVulnOpen ¶
IsVulnOpen returns true if the Vulnerability associated with the passed ID is still open, false otherwise.
func NameIsAvailable ¶
NameIsAvailable returns true if the vulnerability name is available, false otherwise.
func ReadConfig ¶
ReadConfig reads the configurations (specified in JSON format) into the Conf variable (type Config).
func SetCves ¶
func SetCves(tx *sql.Tx, vuln *Vulnerability) error
SetCves inserts entries into the cves table for all cves in the slice.
func SetExploit ¶
func SetExploit(tx *sql.Tx, vuln *Vulnerability) error
SetExploit inserts an entry into the exploits table if the exploit string isn't zero valued.
func SetReferences ¶
func SetReferences(tx *sql.Tx, vuln *Vulnerability) error
SetReferences inserts entries into the ref table for all URLs in the slice.
func SetTickets ¶
func SetTickets(tx *sql.Tx, vuln *Vulnerability) error
SetTickets inserts entries into the tickets table for all ticket ID's in the slice.
Types ¶
type Affected ¶
Affected holds a system and whether is has been patched/mitigated for the vulnerability. The vulnerability object will hold a slice of these.
func GetAffected ¶
GetAffected returns a slice of pointers to Affected objects.
type Config ¶
Config holds the configuration options for VARS.
var Conf Config
Conf will hold the VARS configuration.
type Employee ¶
type Employee struct { ID int64 FirstName string LastName string Email string UserName string Level int }
Employee holds information about an employee
func GetEmployee ¶
GetEmployee returns an Employee object with the given empid.
func GetEmployees ¶
GetEmployees returns a slice of pointers to Employee objects.
type Err ¶
type Err struct {
// contains filtered or unexported fields
}
Err is an error that occured inside the vars package
func DeleteAffected ¶
DeleteAffected deletes the row in the affected table with the given vulnid and sysid.
func DeleteDates ¶
DeleteDates deletes the row in the dates table with the given vulnid.
func DeleteExploit ¶
DeleteExploit deletes the row in the exploits table with the given vulnid.
func DeleteImpact ¶
DeleteImpact deletes the row in the impact table with the given vulnid.
func DeleteNote ¶
DeleteNote deletes the row in the notes table with the given noteid.
func DeleteSystem ¶
DeleteSystem deletes the row in the systems table with the given sysid.
func DeleteSystemFromAffected ¶
DeleteSystemFromAffected deletes the rows in the affected table with the given sysid.
func DeleteTicket ¶
DeleteTicket deletes the row in the tickets table with the given vulnid and ticket.
func DeleteVulnerability ¶
DeleteVulnerability deletes the row in the vuln table with the given vulnid.
func InsertAffected ¶
InsertAffected will insert a new row into the affected table with key (vid, sid).
func InsertNote ¶
InsertNote inserts the vulnid, empid, date added, and note.
func InsertSystem ¶
InsertSystem will add a new system to the database.
func InsertTicket ¶
InsertTicket will insert a new row into the ticket table with key (vid, ticket).
func UpdateAffected ¶
UpdateAffected will update the mitigated status for (vid, sid).
func UpdateCorpScore ¶
UpdateCorpScore will update the corporate score for the given vulnerability ID.
func UpdateCvss ¶
UpdateCvss will update the CVSS score for the given vulnerability ID.
func UpdateCvssLink ¶
func UpdateCvssLink(tx *sql.Tx, vid int64, cvssLink VarsNullString) Err
UpdateCvssLink will update the link to the CVSS score for the given vulnerability ID.
func UpdateEmpEmail ¶
UpdateEmpEmail will update the email of the employee with the given ID.
func UpdateEmpFname ¶
UpdateEmpFname will update the first name of the employee with the given ID.
func UpdateEmpLevel ¶
UpdateEmpLevel will update the level of the employee with the given ID.
func UpdateEmpLname ¶
UpdateEmpLname will update the last name of the employee with the given ID.
func UpdateEmpUname ¶
UpdateEmpUname will update the username of the employee with the given ID.
func UpdateExploit ¶
UpdateExploit will update the exploit and the exploitable column for the given vulnerability ID. To set the exploitable column to false and have a NULL value for the exploits column, pass in an empty string to exploit.
func UpdateExploitable ¶
UpdateExploitable will update the exploitable boolean for vulnid.
func UpdateFinder ¶
UpdateFinder will update the finder for the given vulnerability ID.
func UpdateInitDate ¶
UpdateInitDate will update the date that the vulnerability assessment was initiated for the given vulnerability ID.
func UpdateInitiator ¶
UpdateInitiator will update the initiator for the given vulnerability ID.
func UpdateMitDate ¶
func UpdateMitDate(tx *sql.Tx, vid int64, mitDate VarsNullTime) Err
UpdateMitDate will update the date that the vulnerability assessment was mitigated for the given vulnerability ID. To set the mitigation date to NULL, pass in an empty string for mitDate.
func UpdateMitigation ¶
UpdateMitigation will update the mitigation associated with the vulnerability ID.
func UpdateNote ¶
UpdateNote will update the note and added date for the given noteid.
func UpdatePubDate ¶
func UpdatePubDate(tx *sql.Tx, vid int64, pubDate VarsNullTime) Err
UpdatePubDate will update the date that the vulnerability was published for the given vulnerability ID. To set the published date to NULL, pass in an empty string for pubDate.
func UpdateRefers ¶
UpdateRefers will update the url associated with the (vid, oldURL) row to newURL.
func UpdateSummary ¶
UpdateSummary will update the summary associated with the vulnerability ID.
func UpdateSysDesc ¶
UpdateSysDesc will update the description associated with the sysid.
func UpdateSysLoc ¶
UpdateSysLoc will update the location associated with the sysid.
func UpdateSysName ¶
UpdateSysName will update the name associated with the sysid.
func UpdateSysOS ¶
UpdateSysOS will update the OS associated with the sysid.
func UpdateSysState ¶
UpdateSysState will update the state associated with the sysid.
func UpdateSysType ¶
UpdateSysType will update the type associated with the sysid.
func UpdateTest ¶
UpdateTest will update the test associated with the vulnerability ID.
func UpdateTicket ¶
UpdateTicket will update the ticket associated with the (vid, oldTicket) row to newTicket.
func UpdateVulnName ¶
UpdateVulnName will update the vulnerability's name.
func (Err) IsNameNotAvailableError ¶
IsNameNotAvailableError returns true if the error is caused by name not being available
func (Err) IsNoRowsError ¶
IsNoRowsError returns true if the error is caused by no rows being effected
type Errs ¶
type Errs []Err
Errs is a list of our errors making it easier to pass as a single paramenter and easier consumption
type System ¶
type System struct { ID int64 Name string Type string // Server, router, switch, etc OpSys string Location string // Corporate, hosted, etc Description string State string // Active or inactive }
System holds information about systems in the environment.
func GetSystems ¶
GetSystems returns a pointer to a slice of System types representing all systems.
func GetSystemsByState ¶
GetSystemsByState returns a pointer to a slice of System types representing the systems that are currently 'state'.
type VarsNullBool ¶
VarsNullBool holds a sql.NullBool. Needed for marshaling/unmarshaling.
func (VarsNullBool) MarshalJSON ¶
func (v VarsNullBool) MarshalJSON() ([]byte, error)
MarshalJSON will marshal the string if it is valid.
func (*VarsNullBool) UnmarshalJSON ¶
func (v *VarsNullBool) UnmarshalJSON(data []byte) error
UnmarshalJSON will unmarshal the string if it is valid and set valid to true, otherwise valid is set to false.
type VarsNullString ¶
type VarsNullString struct {
sql.NullString
}
VarsNullString holds a sql.NullString. Needed for marshaling/unmarshaling.
func GetImpact ¶
func GetImpact(vid int64) (float32, VarsNullString, float32, error)
GetImpact returns the row from the impact table for the given vulnid.
func ToVarsNullString ¶
func ToVarsNullString(s string) VarsNullString
ToVarsNullString creates a VarsNullString from a string.
func (VarsNullString) MarshalJSON ¶
func (v VarsNullString) MarshalJSON() ([]byte, error)
MarshalJSON will marshal the string if it is valid.
func (*VarsNullString) UnmarshalJSON ¶
func (v *VarsNullString) UnmarshalJSON(data []byte) error
UnmarshalJSON will unmarshal the string if it is valid and set valid to true, otherwise valid is set to false.
type VarsNullTime ¶
VarsNullTime holds a pq.NullTime. Needed for marshaling/unmarshaling.
func (VarsNullTime) MarshalJSON ¶
func (v VarsNullTime) MarshalJSON() ([]byte, error)
MarshalJSON will marshal the time if it is valid.
func (*VarsNullTime) UnmarshalJSON ¶
func (v *VarsNullTime) UnmarshalJSON(data []byte) error
UnmarshalJSON will unmarshal the time if it is valid and set valid to true, otherwise valid is set to false.
type VulnDates ¶
type VulnDates struct { Published VarsNullTime // Date the vulnerability was made public Initiated time.Time // Date the vulnerability assessment was started Mitigated VarsNullTime // Date the vulnerability was mitigated on all systems }
VulnDates holds the different dates relating to the vulnerability.
func GetVulnDates ¶
GetVulnDates returns a VulnDates object with the dates row associated with the vulnid.
type Vulnerability ¶
type Vulnerability struct { ID int64 Name string Cves []string Cvss float32 // CVSS score CorpScore float32 // Calculated corporate score CvssLink VarsNullString // Link to CVSS scoresheet Finder int64 // Employee that found the vulnerability Initiator int64 // Employee that started the vulnerability assessment Summary string Test string // Test to see if system has this vulnerability Mitigation string Dates VulnDates // The dates associated with the vulnerability Tickets []string // Tickets relating to the vulnerability References []string // Reference URLs Exploit VarsNullString // Exploit for the vulnerability Exploitable VarsNullBool // Are there currently exploits for the vulnerability AffSystems []*Affected // Affected systems and whether they have been mitigated }
Vulnerability holds information about a discovered vulnerability and the vulnerability assessment.
func GetVulnerabilities ¶
func GetVulnerabilities() ([]*Vulnerability, error)
GetVulnerabilities returns a slice of pointers to Vulnerability objects. These objects will ONLY have the content from the vuln table in them. The id can then be passed into the other GetXYZ functions to retrieve the other parts of the vulnerability.
func GetVulnerability ¶
func GetVulnerability(vid int64) (*Vulnerability, error)
GetVulnerability returns a Vulnerability object for the given vulnid.