core

package

v0.0.0-...-bbb0290 Latest Latest Go to latest Published: May 9, 2026 License: MIT Imports: 8 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/25smoking/Argus

Links

Open Source Insights

Documentation ¶

Index ¶

func InitConfig(debug, offline bool, output string)
func PrintResults(logger *zap.SugaredLogger, results []Result)
func SaveResults(results []Result, format string) error
type Coverage
type EvidenceItem
type GraphSnapshot
type Plugin
type Result
- func SafeRun(plugin Plugin, ctx context.Context, cfg *ScanConfig) (results []Result, err error)
type RuleBundleInfo
type RuleSourceInfo
type ScanConfig
type ScanReport
type ScanSession
type SkippedModule
type Summary
- func Summarize(results []Result) Summary
type TimelineItem

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func InitConfig ¶

func InitConfig(debug, offline bool, output string)

func PrintResults ¶

func PrintResults(logger *zap.SugaredLogger, results []Result)

func SaveResults ¶

func SaveResults(results []Result, format string) error

SaveResults 导出结果

Types ¶

type Coverage ¶

type Coverage struct {
	Profile             string   `json:"profile"`
	LoadedPlugins       []string `json:"loaded_plugins"`
	SkippedPlugins      []string `json:"skipped_plugins"`
	RuleCoverage        string   `json:"rule_coverage"`
	NetworkDisabled     bool     `json:"network_disabled"`
	HighDisturbanceMode bool     `json:"high_disturbance_mode"`
}

type EvidenceItem ¶

type EvidenceItem struct {
	ID      string `json:"id"`
	Plugin  string `json:"plugin"`
	Summary string `json:"summary"`
}

type GraphSnapshot ¶

type GraphSnapshot struct {
	DotPath string `json:"dot_path"`
	Nodes   int    `json:"nodes"`
	Edges   int    `json:"edges"`
}

type Plugin ¶

type Plugin interface {
	Name() string
	Run(ctx context.Context, config *ScanConfig) ([]Result, error)
}

Plugin 是所有扫描模块必须实现的接口

type Result ¶

type Result struct {
	Plugin      string   `json:"plugin"`      // 插件名称
	Level       string   `json:"level"`       // "INFO", "low", "medium", "high", "critical"
	Description string   `json:"description"` // 描述
	Reference   string   `json:"reference"`   // 引用 (文件路径, 进程ID 等)
	Advice      string   `json:"advice"`      // 建议
	Score       int      `json:"score,omitempty"`
	Confidence  int      `json:"confidence,omitempty"`
	Evidence    []string `json:"evidence,omitempty"`
	RuleSource  string   `json:"rule_source,omitempty"`
	RuleName    string   `json:"rule_name,omitempty"`
	MITRE       []string `json:"mitre,omitempty"`
}

Result 代表扫描器的一个发现结果

func SafeRun ¶

func SafeRun(plugin Plugin, ctx context.Context, cfg *ScanConfig) (results []Result, err error)

SafeRun 安全执行插件，捕获 panic 并转换为错误

type RuleBundleInfo ¶

type RuleBundleInfo struct {
	RulesDir  string           `json:"rules_dir"`
	LockPath  string           `json:"lock_path"`
	Version   string           `json:"version"`
	UpdatedAt string           `json:"updated_at"`
	Status    string           `json:"status"`
	Sources   []RuleSourceInfo `json:"sources"`
	Files     int              `json:"files"`
}

type RuleSourceInfo ¶

type RuleSourceInfo struct {
	Name    string `json:"name"`
	URL     string `json:"url"`
	License string `json:"license"`
	Commit  string `json:"commit,omitempty"`
	Enabled bool   `json:"enabled"`
}

type ScanConfig ¶

type ScanConfig struct {
	Debug      bool
	Offline    bool
	NoNetwork  bool
	Output     string
	OutputDir  string
	ReportPath string
	CaseID     string
	Profile    string
	RulesDir   string
	JSONL      bool

	ExplicitModules map[string]bool
	SkippedModules  []SkippedModule
	Coverage        Coverage
	RuleBundle      *RuleBundleInfo
}

ScanConfig 保存扫描会话的全局配置

var GlobalConfig *ScanConfig

type ScanReport ¶

type ScanReport struct {
	ScanSession    ScanSession     `json:"scan_session"`
	RuleBundle     *RuleBundleInfo `json:"rule_bundle,omitempty"`
	Profile        string          `json:"profile"`
	Coverage       Coverage        `json:"coverage"`
	Summary        Summary         `json:"summary"`
	Findings       []Result        `json:"findings"`
	Evidence       []EvidenceItem  `json:"evidence"`
	Timeline       []TimelineItem  `json:"timeline"`
	SkippedModules []SkippedModule `json:"skipped_modules"`
	AttackGraph    *GraphSnapshot  `json:"attack_graph,omitempty"`
}

type ScanSession ¶

type ScanSession struct {
	CaseID            string `json:"case_id,omitempty"`
	Hostname          string `json:"hostname"`
	User              string `json:"user,omitempty"`
	OS                string `json:"os"`
	Arch              string `json:"arch"`
	StartedAt         string `json:"started_at"`
	EndedAt           string `json:"ended_at"`
	Duration          string `json:"duration"`
	Offline           bool   `json:"offline"`
	NoNetwork         bool   `json:"no_network"`
	NetworkPolicyText string `json:"network_policy_text,omitempty"`
}

type SkippedModule ¶

type SkippedModule struct {
	Name   string `json:"name"`
	Reason string `json:"reason"`
}

type Summary ¶

type Summary struct {
	Critical int `json:"critical"`
	High     int `json:"high"`
	Medium   int `json:"medium"`
	Low      int `json:"low"`
	Info     int `json:"info"`
	Pass     int `json:"pass"`
	Error    int `json:"error"`
	Total    int `json:"total"`
}

func Summarize ¶

func Summarize(results []Result) Summary

type TimelineItem ¶

type TimelineItem struct {
	Time    string `json:"time"`
	Plugin  string `json:"plugin"`
	Level   string `json:"level"`
	Summary string `json:"summary"`
}

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL