report

package
v0.6.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 7, 2024 License: MIT Imports: 4 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	OWASP2023BOLACategory                            = "API1:2023 Broken Object Level Authorization"
	OWASP2023BrokenAuthCategory                      = "API2:2023 Broken Authentication"
	OWASP2023BOPLCategory                            = "API3:2023 Broken Object Property Level Authorization"
	OWASP2023UnrestrictedResourceConsumptionCategory = "API4:2023 Unrestricted Resource Consumption"
	OWASP2023BFLACategory                            = "API5:2023 Broken Function Level Authorization"
	OWASP2023UnrestrictedAccessBusinessCategory      = "API6:2023 Unrestricted Access to Sensitive Business Flows"
	OWASP2023SSRFCategory                            = "API7:2023 Server Side Request Forgery"
	OWASP2023SecurityMisconfigurationCategory        = "API8:2023 Security Misconfiguration"
	OWASP2023ImproperInventoryCategory               = "API9:2023 Improper Inventory Management"
	OWASP2023UnsafeConsumptionCategory               = "API10:2023 Unsafe Consumption of APIs"
)

Variables

This section is empty.

Functions

This section is empty.

Types

type Reporter 

type Reporter struct {
	Reports []*ScanReport `json:"reports"`
}

func NewReporter 

func NewReporter() *Reporter

func (*Reporter) AddReport 

func (rr *Reporter) AddReport(r *ScanReport)

func (*Reporter) GetReports 

func (rr *Reporter) GetReports() []*ScanReport

func (*Reporter) GetVulnerabilityReports 

func (rr *Reporter) GetVulnerabilityReports() []*VulnerabilityReport

func (*Reporter) HasHighRiskSeverityVulnerability 

func (rr *Reporter) HasHighRiskSeverityVulnerability() bool

func (*Reporter) HasVulnerability 

func (rr *Reporter) HasVulnerability() bool

type ScanReport 

type ScanReport struct {
	ID   string `json:"id"`
	Name string `json:"name"`

	Scans []*VulnerabilityScanAttempt `json:"scans"`
	Vulns []*VulnerabilityReport      `json:"vulnerabilities"`

	StartTime time.Time `json:"start_time"`
	EndTime   time.Time `json:"end_time"`
}

func NewScanReport 

func NewScanReport(id string, name string) *ScanReport

func (*ScanReport) AddScanAttempt 

func (sc *ScanReport) AddScanAttempt(a *VulnerabilityScanAttempt) *ScanReport

func (*ScanReport) AddVulnerabilityReport 

func (sc *ScanReport) AddVulnerabilityReport(vr *VulnerabilityReport) *ScanReport

func (*ScanReport) End 

func (sc *ScanReport) End() *ScanReport

func (*ScanReport) GetScanAttempts 

func (sc *ScanReport) GetScanAttempts() []*VulnerabilityScanAttempt

func (*ScanReport) GetVulnerabilityReports 

func (sc *ScanReport) GetVulnerabilityReports() []*VulnerabilityReport

func (*ScanReport) HasVulnerabilityReport 

func (sc *ScanReport) HasVulnerabilityReport() bool

func (*ScanReport) Start 

func (sc *ScanReport) Start() *ScanReport

type VulnerabilityReport 

type VulnerabilityReport struct {
	SeverityLevel float64 `json:"severity"` // TODO: Follow https://www.first.org/cvss/specification-document

	OWASP2023Category string `json:"owasp_2023_category"`

	ID   string `json:"id"`
	Name string `json:"name"`
	URL  string `json:"url"`

	Operation *request.Operation `json:"operation"`
}

func (*VulnerabilityReport) IsHighRiskSeverity 

func (vr *VulnerabilityReport) IsHighRiskSeverity() bool

func (*VulnerabilityReport) IsInfoRiskSeverity added in v0.4.2 

func (vr *VulnerabilityReport) IsInfoRiskSeverity() bool

func (*VulnerabilityReport) IsLowRiskSeverity 

func (vr *VulnerabilityReport) IsLowRiskSeverity() bool

func (*VulnerabilityReport) IsMediumRiskSeverity 

func (vr *VulnerabilityReport) IsMediumRiskSeverity() bool

func (*VulnerabilityReport) SeverityLevelString added in v0.3.1 

func (vr *VulnerabilityReport) SeverityLevelString() string

func (*VulnerabilityReport) String 

func (vr *VulnerabilityReport) String() string

func (*VulnerabilityReport) WithOperation added in v0.4.2 

func (vr *VulnerabilityReport) WithOperation(operation *request.Operation) *VulnerabilityReport

type VulnerabilityScanAttempt 

type VulnerabilityScanAttempt struct {
	Request  *http.Request  `json:"request"`
	Response *http.Response `json:"response"`

	Err error `json:"error"`
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.