core

package
v0.0.0-...-850817a Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 20, 2023 License: MIT Imports: 46 Imported by: 0

Documentation

Overview

Package core represents the core functionality of all commands

Package core represents the core functionality of all commands

Code generated for package core by go-bindata DO NOT EDIT. (@generated) sources: static/fonts/open-iconic.eot static/fonts/open-iconic.otf static/fonts/open-iconic.svg static/fonts/open-iconic.ttf static/fonts/open-iconic.woff static/images/gopher_full.png static/images/gopher_head.png static/images/spinner.gif static/index.html static/javascripts/application.js static/javascripts/backbone.js static/javascripts/bootstrap.js static/javascripts/clipboard.js static/javascripts/hexdump.js static/javascripts/highlight.js static/javascripts/highlight_worker.js static/javascripts/jquery-3.3.1.js static/javascripts/popper.js static/javascripts/underscore.js static/stylesheets/application.css static/stylesheets/bootstrap.css static/stylesheets/highlight.css static/stylesheets/openiconic.css

Package core represents the core functionality of all commands

Package core represents the core functionality of all commands

Package core represents the core functionality of all commands

Package core contains base functionality to the project.

Package core represents the core functionality of all commands

Index

Constants

View Source
const (
	TargetTypeUser         = "User"
	TargetTypeOrganization = "Organization"
)

Set easier names to refer to

View Source
const (
	FATAL     = 5
	ERROR     = 4
	WARN      = 3
	IMPORTANT = 2
	INFO      = 1
	DEBUG     = 0
)

These are a consistent set of error codes instead of using random non-zero integers

View Source
const (
	GithubBaseURI   = "https://raw.githubusercontent.com"
	MaximumFileSize = 153600
	GitLabBaseURL   = "https://gitlab.com"
	CspPolicy       = "default-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self'"
	ReferrerPolicy  = "no-referrer"
)

Set various internal values used by the web interface

View Source
const (
	StatusInitializing = "initializing"
	StatusGathering    = "gathering"
	StatusAnalyzing    = "analyzing"
	StatusFinished     = "finished"
)

These are various environment variables and tool statuses used in auth and displaying messages

View Source
const (
	PartExtension = "extension" // file extension
	PartFilename  = "filename"  // file name
	PartPath      = "path"      // the path to the file
	PartContent   = "content"   // the content of the file
)

These are the various items that we are attempting to match against using either regex's or simple pattern matches.

View Source
const ASCIIBanner = "\n" +
	"____    __    ____ .______          ___       __  .___________. __    __\n" +
	"\\   \\  /  \\  /   / |   _  \\        /   \\     |  | |           ||  |  |  |\n" +
	" \\   \\/    \\/   /  |  |_)  |      /  ^  \\    |  | `---|  |----`|  |__|  |\n" +
	"  \\            /   |      /      /  /_\\  \\   |  |     |  |     |   __   |\n" +
	"   \\    /\\    /    |  |\\  \\----./  _____  \\  |  |     |  |     |  |  |  |\n" +
	"    \\__/  \\__/     | _| `._____/__/     \\__\\ |__|     |__|     |__|  |__|\n" +
	"\n"

ASCIIBanner is the project specific banner

View Source
const (
	EmptyTreeCommitID = "4b825dc642cb6eb9a060e54bf8d69288fbee4904"
)

EmptyTreeCommit is a dummy commit id used as a placeholder and for testing

View Source
const GitLabTanuki = "\n" +
	"      //               //     \n" +
	"     ////             ////    \n" +
	"    //////           //////   \n" +
	"   ((((((((/////////((((((((  \n" +
	"   ((((((((////////(((((((((  \n" +
	"  ((((((((((///////(((((((((( \n" +
	"     ((((((((/////((((((((    \n" +
	"         (((((///(((((        \n" +
	"            (((/(((           \n" +
	"               *              \n" +
	"        GitLab Red Team       \n" +
	"\n"

GitLabTanuki is the Gitlab specific banner

View Source
const (
	Name = "wraith"
)

Project name and banner

Variables

View Source
var DefaultValues = map[string]interface{}{
	"bind-address":                "127.0.0.1",
	"bind-port":                   9393,
	"commit-depth":                -1,
	"config-file":                 "$HOME/.wraith/config.yaml",
	"csv":                         false,
	"debug":                       false,
	"add-org-members":             false,
	"github-enterprise-url":       "",
	"github-api-token":            "",
	"github-enterprise-api-token": "",
	"gitlab-targets":              nil,
	"gitlab-api-token":            "",
	"ignore-extension":            nil,
	"ignore-path":                 nil,
	"in-mem-clone":                false,
	"json":                        false,
	"max-file-size":               10,
	"num-threads":                 -1,
	"local-paths":                 nil,
	"scan-forks":                  false,
	"scan-tests":                  false,
	"scan-type":                   "",
	"silent":                      false,
	"confidence-level":            3,
	"signature-file":              "$HOME/.wraith/signatures/default.yaml",
	"signature-path":              "$HOME/.wraith/signatures/",
	"scan-dir":                    nil,
	"scan-file":                   nil,
	"hide-secrets":                false,
	"github-url":                  "https://api.github.com",

	"rules-url":               "",
	"signatures-path":         "$HOME/.wraith/signatures/",
	"signatures-url":          "https://github.com/N0MoreSecr3ts/wraith-signatures",
	"signatures-version":      "",
	"test-signatures":         false,
	"github-enterprise-orgs":  nil,
	"github-enterprise-repos": nil,
	"github-orgs":             nil,
	"github-repos":            nil,
	"github-users":            nil,
	"web-server":              false,
}

DefaultValues is a map of all flag default values and other mutable variables

LogColors sets the color for each type of logging output

View Source
var SafeFunctionSignatures []SafeFunctionSignature

SafeFunctionSignatures is a collection of safe function sigs

View Source
var Signatures []Signature

Signatures holds a list of all signatures used during the session

View Source
var UserAgent = fmt.Sprintf("%s v%s", Name, Version)

UserAgent set the browser user agent when required.

View Source
var Version = version.AppVersion()

Version is the current version of gitlab

View Source
var WraithConfig *viper.Viper

WraithConfig holds the configuration data the commands

Functions

func AnalyzeRepositories

func AnalyzeRepositories(sess *Session)

AnalyzeRepositories will clone the repos, grab their history for analysis of files and content.

Before the analysis is done we also check various conditions that can be thought of as filters and
are controlled by flags. If a directory, file, or the content pass through all of the filters then
it is scanned once per each signature which may lead to a specific secret matching multiple rules
and then generating multiple findings.

func AppendIfMissing

func AppendIfMissing(slice []string, s string) []string

AppendIfMissing will check a slice for a value before appending it

func Asset

func Asset(name string) ([]byte, error)

Asset loads and returns the asset for the given name. It returns an error if the asset could not be found or could not be loaded.

func AssetDir

func AssetDir(name string) ([]string, error)

AssetDir returns the file names below a certain directory embedded in the file by go-bindata. For example if you run go-bindata on data/... and data contains the following hierarchy:

data/
  foo.txt
  img/
    a.png
    b.png

then AssetDir("data") would return []string{"foo.txt", "img"} AssetDir("data/img") would return []string{"a.png", "b.png"} AssetDir("foo.txt") and AssetDir("notexist") would return an error AssetDir("") will return []string{"data"}.

func AssetInfo

func AssetInfo(name string) (os.FileInfo, error)

AssetInfo loads and returns the asset info for the given name. It returns an error if the asset could not be found or could not be loaded.

func AssetNames

func AssetNames() []string

AssetNames returns the names of the assets.

func CheckGithubAPIToken

func CheckGithubAPIToken(t string, sess *Session) string

CheckGithubAPIToken will ensure we have a valid github api token

func CheckGitlabAPIToken

func CheckGitlabAPIToken(t string, sess *Session) string

CheckGitlabAPIToken will ensure we have a valid github api token

func CleanURLSpaces

func CleanURLSpaces(dirtyStrings ...string) []string

CleanURLSpaces will take a string and replace any spaces with dashes so that is may be used in a url.

func DoFileScan

func DoFileScan(filename string, sess *Session)

DoFileScan with create a match object and then test for various criteria necessary in order to determine if it should be scanned. This includes if it should be skipped due to a default or user supplied extension, if it matches a test regex, or is in a protected directory or is itself protected. This will only run when doing scanLocalPath.

func FileExists

func FileExists(path string) bool

FileExists will check for the existence of a file and return a bool depending on if it exists in a given path or not.

func GatherGithubOrgRepositories

func GatherGithubOrgRepositories(sess *Session)

GatherGithubOrgRepositories will gather all the repositories for a given org.

func GatherGithubRepositoriesFromOwner

func GatherGithubRepositoriesFromOwner(sess *Session)

GatherGithubRepositoriesFromOwner is used gather all the repos associated with a github user

func GatherGitlabRepositories

func GatherGitlabRepositories(sess *Session)

GatherGitlabRepositories will gather all repositories associated with a given target during a scan session. This is done using threads, whose count is set via commandline flag. Care much be taken to avoid rate limiting associated with suspected DOS attacks.

func GatherLocalRepositories

func GatherLocalRepositories(sess *Session)

GatherLocalRepositories will grab all the local repos from the user input and generate a repository object, putting dummy or generated values in where necessary.

func GatherOrgs

func GatherOrgs(sess *Session)

GatherOrgs will use a client to generate a list of all orgs that the client can see. By default this will include orgs that contain both public and private repos

func GatherOrgsMembersRepositories

func GatherOrgsMembersRepositories(sess *Session)

GatherOrgsMembersRepositories will gather all orgs members repositories

func GatherTargets

func GatherTargets(sess *Session)

GatherTargets will enumerate git targets adding them to a running target list. This will set the targets based on the scan type set within the cmd package.

func GatherUsers

func GatherUsers(sess *Session)

GatherUsers will generate a list of users from github.com that can then be filtered down to a specific target range

func GetChangeAction

func GetChangeAction(change *object.Change) string

GetChangeAction returns a more condensed and user friendly action for further reference

func GetChangeContent

func GetChangeContent(change *object.Change) (result string, contentError error)

GetChangeContent will get the contents of a git change or patch.

func GetChangePath

func GetChangePath(change *object.Change) string

GetChangePath will set the action of the commit for further action

func GetChanges

func GetChanges(commit *object.Commit, repo *git.Repository) (object.Changes, error)

GetChanges will get the changes between to specific commits. It grabs the parent commit of the one being passed and uses that to fetch the tree for that commit. If no commit is found, it will create a fake on. It then takes that parent tree along with the tree for the commit passed in and does a diff

func GetRepositoryHistory

func GetRepositoryHistory(repository *git.Repository) ([]*object.Commit, error)

GetRepositoryHistory gets the commit history of a repository

func IsMaxFileSize

func IsMaxFileSize(filename string, sess *Session) (bool, string)

IsMaxFileSize will determine if the file size is under the max limit set by maxFileSize

func IsSafeText

func IsSafeText(sMatchString *string) bool

IsSafeText check against known "safe" (aka not a password) list

func MustAsset

func MustAsset(name string) []byte

MustAsset is like Asset but panics when Asset would return an error. It simplifies safe initialization of global variables.

func NewRouter

func NewRouter(s *Session) *gin.Engine

NewRouter will create an instance of the web frontend, setting the necessary parameters.

func PathExists

func PathExists(path string, sess *Session) bool

PathExists will check if a path exists or not and is used to validate user input

func Pluralize

func Pluralize(count int, singular string, plural string) string

Pluralize will take in a count and if the count is != 1 it will return the singular of the word.

func PrintDebug

func PrintDebug(sess *Session)

PrintDebug will print a debug header at the start of the session that displays specific setting

func PrintSessionStats

func PrintSessionStats(sess *Session)

PrintSessionStats will print the performance and sessions stats to stdout at the conclusion of a session scan

func RestoreAsset

func RestoreAsset(dir, name string) error

RestoreAsset restores an asset under the given directory

func RestoreAssets

func RestoreAssets(dir, name string) error

RestoreAssets restores an asset under the given directory recursively

func ScanDir

func ScanDir(path string, sess *Session)

ScanDir will scan a directory for all the files and then kick a file scan on each of them

func Search(ctx context.Context, root string, skippablePath []string, sess *Session) ([]string, error)

Search will walk the path or a given directory and append each viable path to an array

func SetConfig

func SetConfig()

SetConfig will set the defaults, and load a config file and environment variables if they are present

func SetHomeDir

func SetHomeDir(h string, sess *Session) string

SetHomeDir will set the correct homedir.

func SummaryOutput

func SummaryOutput(sess *Session)

SummaryOutput will spit out the results of the hunt along with performance data

func TruncateString

func TruncateString(str string, maxLength int) string

TruncateString will take an integer and cut a string at that length and append an ellipsis to it.

Types

type CloneConfiguration

type CloneConfiguration struct {
	InMemClone *bool
	URL        *string
	Username   *string
	Token      *string
	Branch     *string
	Depth      *int
}

CloneConfiguration holds the configurations for cloning a repo

type Finding

type Finding struct {
	Action          string
	Content         string
	CommitAuthor    string
	CommitHash      string
	CommitMessage   string
	CommitURL       string
	Description     string
	FilePath        string
	FileURL         string
	WraithVersion   string
	Hash            string
	LineNumber      string
	RepositoryName  string
	RepositoryOwner string
	RepositoryURL   string
	SignatureID     string

	SecretID string
	// contains filtered or unexported fields
}

Finding is a secret that has been discovered within a target by a discovery method

func (*Finding) Initialize

func (f *Finding) Initialize(sess *Session)

Initialize will set the urls and create an ID for inclusion within the finding

type GithubRepository

type GithubRepository struct {
	Owner         *string
	ID            *int64
	Name          *string
	FullName      *string
	CloneURL      *string
	URL           *string
	DefaultBranch *string
	Description   *string
	Homepage      *string
}

GithubRepository holds the necessary information for a repository, this data is specific to Github.

type IClient

type IClient interface {
	GetUserOrganization(login string) (*Owner, error)
	GetRepositoriesFromOwner(target Owner) ([]*Repository, error)
	GetOrganizationMembers(target Owner) ([]*Owner, error)
}

IClient interface is used with the api clients to hold the repo and org specific info.

type Logger

type Logger struct {
	sync.Mutex
	// contains filtered or unexported fields
}

Logger holds specific configuration data for the logging

func (*Logger) Debug

func (l *Logger) Debug(format string, args ...interface{})

Debug prints a debug level log message to stdout

func (*Logger) Error

func (l *Logger) Error(format string, args ...interface{})

Error prints an error level log message to stdout

func (*Logger) Fatal

func (l *Logger) Fatal(format string, args ...interface{})

Fatal prints a fatal level log message to stdout

func (*Logger) Important

func (l *Logger) Important(format string, args ...interface{})

Important prints an important level log message to stdout

func (*Logger) Info

func (l *Logger) Info(format string, args ...interface{})

Info prints an info level log message to stdout

func (*Logger) Log

func (l *Logger) Log(level int, format string, args ...interface{})

Log is a generic printer for sending data to stdout. It does not do traditional syslog logging

func (*Logger) SetDebug

func (l *Logger) SetDebug(d bool)

SetDebug will configure the logger to enable debug output to be set to stdout

func (*Logger) SetSilent

func (l *Logger) SetSilent(s bool)

SetSilent will configure the logger to not display any realtime output to stdout

func (*Logger) Warn

func (l *Logger) Warn(format string, args ...interface{})

Warn prints a warn level log message to stdout

type MatchFile

type MatchFile struct {
	Path      string
	Filename  string
	Extension string
}

MatchFile holds the various parts of a file that will be matched using either regex's or simple pattern matches.

type Owner

type Owner struct {
	Login     *string
	ID        *int64
	Type      *string
	Name      *string
	AvatarURL *string
	URL       *string
	Company   *string
	Blog      *string
	Location  *string
	Email     *string
	Bio       *string
}

Owner holds the info that we want for a repo owner

type PatternSignature

type PatternSignature struct {
	// contains filtered or unexported fields
}

PatternSignature holds the information about a pattern signature which is a regex used to match content within a file

func (PatternSignature) ConfidenceLevel

func (s PatternSignature) ConfidenceLevel() int

ConfidenceLevel sets the confidence level of the pattern

func (PatternSignature) Description

func (s PatternSignature) Description() string

Description sets the user comment of the signature

func (PatternSignature) Enable

func (s PatternSignature) Enable() int

Enable sets whether as signature is active or not

func (PatternSignature) ExtractMatch

func (s PatternSignature) ExtractMatch(file MatchFile, sess *Session, change *object.Change) (bool, map[string]int)

ExtractMatch will try and find a match within the content of the file.

func (PatternSignature) Part

func (s PatternSignature) Part() string

Part sets the part of the file/path that is matched [ filename content extension ]

func (PatternSignature) SignatureID

func (s PatternSignature) SignatureID() string

SignatureID sets the id used to identify the signature. This id is immutable and generated from a has of the signature and is changed with every update to a signature.

type Repository

type Repository struct {
	Owner         *string
	ID            *int64
	Name          *string
	FullName      *string
	CloneURL      *string
	URL           *string
	DefaultBranch *string
	Description   *string
	Homepage      *string
}

Repository holds the info we want for a repo itself

type SafeFunctionSignature

type SafeFunctionSignature struct {
	// contains filtered or unexported fields
}

SafeFunctionSignature holds the information about a safe function, that is used to detect and mitigate false positives

func (SafeFunctionSignature) ConfidenceLevel

func (s SafeFunctionSignature) ConfidenceLevel() int

ConfidenceLevel sets the confidence level of the pattern

func (SafeFunctionSignature) Description

func (s SafeFunctionSignature) Description() string

Description sets the user comment of the signature

func (SafeFunctionSignature) Enable

func (s SafeFunctionSignature) Enable() int

Enable sets whether as signature is active or not

func (SafeFunctionSignature) ExtractMatch

func (s SafeFunctionSignature) ExtractMatch(file MatchFile, sess *Session, change *object.Change) (bool, map[string]int)

ExtractMatch is a placeholder to ensure min code complexity and allow the reuse of the functions

func (SafeFunctionSignature) Part

func (s SafeFunctionSignature) Part() string

Part sets the part of the file/path that is matched [ filename content extension ]

func (SafeFunctionSignature) SignatureID

func (s SafeFunctionSignature) SignatureID() string

SignatureID sets the id used to identify the signature. This id is immutable and generated from a has of the signature and is changed with every update to a signature.

type Session

type Session struct {
	sync.Mutex

	BindAddress         string
	BindPort            int
	Client              IClient `json:"-"`
	CommitDepth         int
	ConfidenceLevel     int
	CSVOutput           bool
	Debug               bool
	ExpandOrgs          bool
	Findings            []*Finding
	GithubAccessToken   string
	GithubClient        *github.Client `json:"-"`
	GithubEnterpriseURL string
	GithubURL           string
	GitlabAccessToken   string
	GitlabTargets       []string
	GitlabURL           string
	GithubUsers         []*github.User
	HideSecrets         bool
	InMemClone          bool
	JSONOutput          bool
	LocalPaths          []string
	MaxFileSize         int64
	Organizations       []*github.Organization
	Out                 *Logger `json:"-"`
	Repositories        []*Repository
	Router              *gin.Engine `json:"-"`
	SignatureVersion    string
	ScanFork            bool
	ScanTests           bool
	ScanType            string
	Signatures          []*Signature
	SignatureFiles      []string
	Silent              bool
	SkippableExt        []string
	SkippablePath       []string
	Stats               *Stats
	Targets             []*Owner
	Threads             int
	UserDirtyNames      []string
	UserDirtyOrgs       []string
	UserDirtyRepos      []string
	UserLogins          []string
	UserOrgs            []string
	UserRepos           []string
	WebServer           bool
	WraithVersion       string
}

Session contains all the necessary values and parameters used during a scan

func NewSession

func NewSession(scanType string) *Session

NewSession is the entry point for starting a new scan session

func (*Session) AddFinding

func (s *Session) AddFinding(finding *Finding)

AddFinding will add a finding that has been discovered during a session to the list of findings for that session

func (*Session) AddRepository

func (s *Session) AddRepository(repository *Repository)

AddRepository will add a given repository to be scanned to a session. This counts as the total number of repos that have been gathered during a session.

func (*Session) AddTarget

func (s *Session) AddTarget(target *Owner)

AddTarget will add a new target to a session to be scanned during that session

func (*Session) Finish

func (s *Session) Finish()

Finish is called at the end of a scan session and used to generate discrete data points for a given scan session including setting the status of a scan to finished.

func (*Session) InitGitClient

func (s *Session) InitGitClient()

InitGitClient will create a new github client of the type given by the input string. Currently Enterprise and github.com are supported

func (*Session) InitLogger

func (s *Session) InitLogger()

InitLogger will initialize the logger for the session

func (*Session) InitRouter

func (s *Session) InitRouter()

InitRouter will configure and start the webserver for graphical output and status messages

func (*Session) InitStats

func (s *Session) InitStats()

InitStats will set the initial values for a session

func (*Session) InitThreads

func (s *Session) InitThreads()

InitThreads will set the correct number of threads based on the commandline flags

func (*Session) Initialize

func (s *Session) Initialize(scanType string)

Initialize will set the initial values and options used during a scan session

func (*Session) SaveToFile

func (s *Session) SaveToFile(location string) error

SaveToFile will save a json representation of the session output to a file

func (*Session) ValidateUserInput

func (s *Session) ValidateUserInput()

ValidateUserInput will check for special characters in the strings and make sure we have at least one usr/repo/org to scan

type Signature

type Signature interface {
	Description() string
	Enable() int
	ExtractMatch(file MatchFile, sess *Session, change *object.Change) (bool, map[string]int)
	ConfidenceLevel() int
	Part() string
	SignatureID() string // TODO change id -> ID
}

Signature is an expression that we are looking for in a file

func LoadSignatures

func LoadSignatures(filePath string, mLevel int, sess *Session) []Signature

LoadSignatures will load all known signatures for the various match types into the session

type SignatureConfig

type SignatureConfig struct {
	Meta                   SignaturesMetaData `yaml:"Meta"`
	PatternSignatures      []SignatureDef     `yaml:"PatternSignatures"`
	SimpleSignatures       []SignatureDef     `yaml:"SimpleSignatures"`
	SafeFunctionSignatures []SignatureDef     `yaml:"SafeFunctionSignatures"`
}

SignatureConfig holds the base file structure for the signatures file

type SignatureDef

type SignatureDef struct {
	Comment         string  `yaml:"comment"`
	Description     string  `yaml:"description"`
	Enable          int     `yaml:"enable"`
	Entropy         float64 `yaml:"entropy"`
	Match           string  `yaml:"match"`
	ConfidenceLevel int     `yaml:"confidence-level"`
	Part            string  `yaml:"part"`
	SignatureID     string  `yaml:"signatureid"`
}

SignatureDef maps to a signature within the yaml file

type SignaturesMetaData

type SignaturesMetaData struct {
	Date    string
	Time    int
	Version string
}

SignaturesMetaData is used by updateSignatures to determine if/how to update the signatures

type SimpleSignature

type SimpleSignature struct {
	// contains filtered or unexported fields
}

SimpleSignature holds the information about a simple signature which is used to match a path or filename

func (SimpleSignature) ConfidenceLevel

func (s SimpleSignature) ConfidenceLevel() int

ConfidenceLevel sets the confidence level of the pattern

func (SimpleSignature) Description

func (s SimpleSignature) Description() string

Description sets the user comment of the signature

func (SimpleSignature) Enable

func (s SimpleSignature) Enable() int

Enable sets whether as signature is active or not

func (SimpleSignature) ExtractMatch

func (s SimpleSignature) ExtractMatch(file MatchFile, sess *Session, change *object.Change) (bool, map[string]int)

ExtractMatch will attempt to match a path or file name of the given file

func (SimpleSignature) Part

func (s SimpleSignature) Part() string

Part sets the part of the file/path that is matched [ filename content extension ]

func (SimpleSignature) SignatureID

func (s SimpleSignature) SignatureID() string

SignatureID sets the id used to identify the signature. This id is immutable and generated from a has of the signature and is changed with every update to a signature.

type Stats

type Stats struct {
	sync.Mutex

	StartedAt           time.Time // The time we started the scan
	FinishedAt          time.Time // The time we finished the scan
	Status              string    // The running status of a scan for the web interface
	Progress            float64   // The running progress for the bar on the web interface
	RepositoriesTotal   int       // The toatal number of repos discovered
	RepositoriesScanned int       // The total number of repos scanned (not excluded, errors, empty)
	RepositoriesCloned  int       // The total number of repos cloned (excludes errors and excluded, includes empty)
	Organizations       int       // The number of github orgs
	CommitsScanned      int       // The number of commits scanned in a repo
	CommitsDirty        int       // The number of commits in a repo found to have secrets
	FilesScanned        int       // The number of files actually scanned
	FilesIgnored        int       // The number of files ignored (tests, extensions, paths)
	FilesTotal          int       // The total number of files that were processed
	FilesDirty          int
	FindingsTotal       int // The total number of findings. There can be more than one finding per file and more than one finding of the same type in a file
	Users               int // Github users
	Targets             int // The number of dirs, people, orgs, etc on the command line or config file (what do you want wraith to enumerate on)
	Repositories        int // This will point to RepositoriesScanned
	CommitsTotal        int // This will point to commits scanned
	Findings            int // This will point to findings total
	Files               int // This will point to FilesScanned
	Commits             int // This will point to CommitsScanned
}

Stats hold various runtime statistics used for perf data as well generating various reports

func (*Stats) IncrementCommitsDirty

func (s *Stats) IncrementCommitsDirty()

IncrementCommitsDirty will bump the number of commits that have been found to be dirty, as in they contain one of more findings

func (*Stats) IncrementCommitsScanned

func (s *Stats) IncrementCommitsScanned()

IncrementCommitsScanned will bump the number of commits that have been scanned. This is scan wide and not on a per repo/org basis

func (*Stats) IncrementCommitsTotal

func (s *Stats) IncrementCommitsTotal()

IncrementCommitsTotal will add one to the running count of commits during the target discovery phase of a session

func (*Stats) IncrementFiles

func (s *Stats) IncrementFiles()

IncrementFiles will add one to the running count of files during the target discovery phase of a session

func (*Stats) IncrementFilesDirty

func (s *Stats) IncrementFilesDirty()

IncrementFilesDirty will bump the count of files that have been discovered. This does not reflect if the file was scanned/skipped. It is simply a count of files that were found.

func (*Stats) IncrementFilesIgnored

func (s *Stats) IncrementFilesIgnored()

IncrementFilesIgnored will bump the number of files that have been ignored for various reasons.

func (*Stats) IncrementFilesScanned

func (s *Stats) IncrementFilesScanned()

IncrementFilesScanned will bump the count of files that have been scanned successfully.

func (*Stats) IncrementFilesTotal

func (s *Stats) IncrementFilesTotal()

IncrementFilesTotal will bump the count of files that have been discovered. This does not reflect if the file was scanned/skipped. It is simply a count of files that were found.

func (*Stats) IncrementFindings

func (s *Stats) IncrementFindings()

IncrementFindings will add one to the running count of findings during the target discovery phase of a session

func (*Stats) IncrementFindingsTotal

func (s *Stats) IncrementFindingsTotal()

IncrementFindingsTotal will bump the total number of findings that have been matched. This does exclude any other documented criteria.

func (*Stats) IncrementOrgs

func (s *Stats) IncrementOrgs()

IncrementOrgs will bump the number of orgs that have been gathered. This is scan wide and not on a per repo/org basis

func (*Stats) IncrementRepositories

func (s *Stats) IncrementRepositories()

IncrementRepositories will add one to the running repository count during the target discovery phase of a session

func (*Stats) IncrementRepositoriesCloned

func (s *Stats) IncrementRepositoriesCloned()

IncrementRepositoriesCloned will bump the number of repositories that have been cloned with errors but may be empty

func (*Stats) IncrementRepositoriesScanned

func (s *Stats) IncrementRepositoriesScanned()

IncrementRepositoriesScanned will bump the total number of repositories that have been scanned and are not empty

func (*Stats) IncrementRepositoriesTotal

func (s *Stats) IncrementRepositoriesTotal()

IncrementRepositoriesTotal will bump the total number of repositories that have been discovered. This will include empty ones as well as those that had errors

func (*Stats) IncrementTargets

func (s *Stats) IncrementTargets()

IncrementTargets will add one to the running target count during the target discovery phase of a session

func (*Stats) IncrementUsers

func (s *Stats) IncrementUsers()

IncrementUsers will bump the total number of users that have been enumerated

func (*Stats) UpdateProgress

func (s *Stats) UpdateProgress(current int, total int)

UpdateProgress will update the progress percentage

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL