The highest tagged major version is
README
¶
l9format
l9format is a schema declaration targeted at interoperability between network recon tools used at LeakIX.
Golang
This repository includes the Golang headers used as library in our components.
Other languages
Check l9event.json can be used to derive classes for your favorite language ( python, php ect)
Documentation
¶
Index ¶
- Constants
- type Certificate
- type DatasetSummary
- type L9Event
- type L9HttpEvent
- type L9LeakEvent
- type L9SSLEvent
- type L9ServiceEvent
- type ServiceCredentials
- type ServicePluginBase
- func (plugin ServicePluginBase) DialContext(ctx context.Context, network string, addr string) (conn net.Conn, err error)
- func (plugin ServicePluginBase) GetHttpClient(ctx context.Context, ip string, port string) *http.Client
- func (plugin ServicePluginBase) GetL9NetworkConnection(event *L9Event) (conn net.Conn, err error)
- func (plugin ServicePluginBase) GetNetworkConnection(network string, addr string) (conn net.Conn, err error)
- type ServicePluginInterface
- type Software
- type SoftwareModule
Constants ¶
View Source
const SEVERITY_CRITICAL = "critical"
View Source
const SEVERITY_HIGH = "high"
View Source
const SEVERITY_INFO = "info"
View Source
const SEVERITY_LOW = "low"
View Source
const SEVERITY_MEDIUM = "medium"
View Source
const STAGE_EXFILTRATE = "exfiltrate"
View Source
const STAGE_EXPLORE = "explore"
View Source
const STAGE_OPEN = "open"
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Certificate ¶
type Certificate struct {
CommonName string `json:"cn"`
Domains []string `json:"domain"`
Fingerprint string `json:"fingerprint"`
KeyAlgo string `json:"key_algo"`
KeySize int `json:"key_size"`
IssuerName string `json:"issuer_name"`
NotBefore time.Time `json:"not_before"`
NotAfter time.Time `json:"not_after"`
Valid bool `json:"valid"`
}
type DatasetSummary ¶
type L9Event ¶
type L9Event struct {
EventType string `json:"event_type"`
EventSource string `json:"event_source"`
EventPipeline []string `json:"event_pipeline"`
Ip string `json:"ip"`
Host string `json:"host"`
Port string `json:"port"`
Transports []string `json:"transport"`
Protocol string `json:"protocol"`
Http L9HttpEvent `json:"http"`
Summary string `json:"summary"`
Time time.Time `json:"time"`
SSL L9SSLEvent `json:"ssl"`
Service L9ServiceEvent `json:"service"`
Leak L9LeakEvent `json:"leak"`
}
func (*L9Event) HasTransport ¶
func (*L9Event) MatchServicePlugin ¶
func (event *L9Event) MatchServicePlugin(plugin ServicePluginInterface) bool
func (*L9Event) RemoveTransport ¶
type L9HttpEvent ¶
type L9LeakEvent ¶
type L9LeakEvent struct {
Stage string `json:"stage"`
Type string `json:"type"`
Data string `json:"data"`
Severity string `json:"severity"`
Dataset DatasetSummary `json:"dataset"`
}
type L9SSLEvent ¶
type L9ServiceEvent ¶
type L9ServiceEvent struct {
Credentials ServiceCredentials `json:"credentials"`
Software Software `json:"software"`
}
type ServiceCredentials ¶
type ServicePluginBase ¶
type ServicePluginBase struct {
}
func (ServicePluginBase) DialContext ¶
func (ServicePluginBase) GetHttpClient ¶
func (ServicePluginBase) GetL9NetworkConnection ¶
func (plugin ServicePluginBase) GetL9NetworkConnection(event *L9Event) (conn net.Conn, err error)
func (ServicePluginBase) GetNetworkConnection ¶
type ServicePluginInterface ¶
type Software ¶
type Software struct {
Name string `json:"name"`
Version string `json:"version"`
OperatingSystem string `json:"os"`
Modules []SoftwareModule `json:"modules"`
Fingerprint string `json:"fingerprint"`
}
type SoftwareModule ¶
Source Files
Directories
Click to show internal directories.
Click to hide internal directories.