Documentation
¶
Overview ¶
Package detector provides typosquatting and threat detection algorithms.
Index ¶
- type CharacterSubstitution
- type CheckPackageResult
- type CommunityFlag
- type Engine
- type EnhancedDetectionConfig
- type EnhancedSupplyChainDetector
- type EnhancedSupplyChainResult
- type EnhancedTyposquattingDetector
- type HomoglyphDetector
- type KeyboardLayout
- type MalwareReport
- type Options
- type ReputationData
- type ReputationEngine
- type TyposquattingAnalysis
- type VulnerabilityInfo
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type CharacterSubstitution ¶
type CharacterSubstitution struct {
Original rune
Substitutes []rune
Type string // "visual", "phonetic", "keyboard"
Weight float64
}
CharacterSubstitution represents common character substitution patterns
type CheckPackageResult ¶
type CommunityFlag ¶
type CommunityFlag struct {
Type string `json:"type"`
Description string `json:"description"`
Reporter string `json:"reporter"`
ReportedAt time.Time `json:"reported_at"`
Verified bool `json:"verified"`
}
CommunityFlag represents community-reported issues
type Engine ¶
type Engine struct {
// contains filtered or unexported fields
}
func (*Engine) AnalyzeDependency ¶
func (*Engine) CheckPackage ¶
type EnhancedDetectionConfig ¶
type EnhancedDetectionConfig struct {
KeyboardProximityWeight float64
VisualSimilarityWeight float64
PhoneticSimilarityWeight float64
MinSimilarityThreshold float64
MaxEditDistance int
EnableKeyboardAnalysis bool
EnableVisualAnalysis bool
EnablePhoneticAnalysis bool
}
EnhancedDetectionConfig contains configuration for enhanced detection
type EnhancedSupplyChainDetector ¶ added in v1.0.1
type EnhancedSupplyChainDetector struct{}
func NewEnhancedSupplyChainDetector ¶ added in v1.0.1
func NewEnhancedSupplyChainDetector() *EnhancedSupplyChainDetector
func (*EnhancedSupplyChainDetector) DetectThreats ¶ added in v1.0.1
func (d *EnhancedSupplyChainDetector) DetectThreats(ctx context.Context, pkgs []types.Package) ([]EnhancedSupplyChainResult, error)
type EnhancedSupplyChainResult ¶ added in v1.0.1
type EnhancedTyposquattingDetector ¶
type EnhancedTyposquattingDetector struct {
// contains filtered or unexported fields
}
EnhancedTyposquattingDetector implements advanced typosquatting detection
func NewEnhancedTyposquattingDetector ¶
func NewEnhancedTyposquattingDetector() *EnhancedTyposquattingDetector
NewEnhancedTyposquattingDetector creates a new enhanced detector
func (*EnhancedTyposquattingDetector) DetectEnhanced ¶
func (etd *EnhancedTyposquattingDetector) DetectEnhanced(target types.Dependency, allPackages []string, threshold float64) []types.Threat
DetectEnhanced performs enhanced typosquatting detection
type HomoglyphDetector ¶
type HomoglyphDetector struct {
// contains filtered or unexported fields
}
HomoglyphDetector detects homoglyph-based typosquatting attacks
func NewHomoglyphDetector ¶
func NewHomoglyphDetector() *HomoglyphDetector
NewHomoglyphDetector creates a new homoglyph detector
func (*HomoglyphDetector) Detect ¶
func (hd *HomoglyphDetector) Detect(target types.Dependency, allPackages []string) []types.Threat
Detect finds potential homoglyph-based typosquatting
type KeyboardLayout ¶
type KeyboardLayout struct {
Name string
Layout map[rune][]rune // character -> adjacent characters
Rows []string // keyboard rows for row-based analysis
}
KeyboardLayout represents different keyboard layouts for proximity analysis
type MalwareReport ¶
type MalwareReport struct {
Source string `json:"source"`
Type string `json:"type"`
Description string `json:"description"`
Confidence float64 `json:"confidence"`
ReportedAt time.Time `json:"reported_at"`
}
MalwareReport represents a malware detection report
type ReputationData ¶
type ReputationData struct {
PackageName string `json:"package_name"`
Registry string `json:"registry"`
ReputationScore float64 `json:"reputation_score"`
TrustLevel string `json:"trust_level"`
DownloadCount int64 `json:"download_count"`
MaintainerCount int `json:"maintainer_count"`
LastUpdated time.Time `json:"last_updated"`
CreatedAt time.Time `json:"created_at"`
Vulnerabilities []VulnerabilityInfo `json:"vulnerabilities"`
MalwareReports []MalwareReport `json:"malware_reports"`
CommunityFlags []CommunityFlag `json:"community_flags"`
Metadata map[string]interface{} `json:"metadata"`
CachedAt time.Time `json:"cached_at"`
}
ReputationData holds reputation information for a package
type ReputationEngine ¶
type ReputationEngine struct {
// contains filtered or unexported fields
}
ReputationEngine analyzes package reputation using multiple data sources
func NewReputationEngine ¶
func NewReputationEngine(cfg *config.Config) *ReputationEngine
NewReputationEngine creates a new reputation engine
func (*ReputationEngine) Analyze ¶
func (re *ReputationEngine) Analyze(dep types.Dependency) []types.Threat
Analyze analyzes the reputation of a package (alias for AnalyzeReputation)
func (*ReputationEngine) AnalyzeReputation ¶
func (re *ReputationEngine) AnalyzeReputation(dep types.Dependency) []types.Threat
AnalyzeReputation analyzes the reputation of a package
func (*ReputationEngine) ClearCache ¶
func (re *ReputationEngine) ClearCache()
ClearCache clears the reputation cache
func (*ReputationEngine) GetCacheStats ¶
func (re *ReputationEngine) GetCacheStats() map[string]interface{}
GetCacheStats returns cache statistics
type TyposquattingAnalysis ¶
type TyposquattingAnalysis struct {
KeyboardErrors int
VisualSimilarity float64
PhoneticSimilarity float64
EditDistance int
Transpositions int
Insertions int
Deletions int
Substitutions int
PrimaryType string
}
TyposquattingAnalysis contains detailed analysis of typosquatting type
Source Files