README
¶
Sleuth
Package sleuth is a set of tools for performing DNS enumeration, http probing, and other reconnaissance tasks. It is designed to be used as a library and contains wrappers around several Project Discovery for ease of use as a library.
Structure
The vast majority of projectdisocvery's tooling are CLI's and geared towards being run from the command line and using pipe magic to chain the tools together. Sleuth is attempting to wrap these tools into libraries with functional options parameters, client initialization (for scale-out / performance, etc.), and eventually cleaner report output and statistics.
Each subpackage was written with these general ideas in mind:
- create a wrapper struct for each client, Options struct for the options parameters, and Options type definitions and With functions
- create "new" functions for both the options and tool
- use "models" or mapping structs for data types that go in between what the upstream package is doing and what we want to do
- basic
testdirectory with amainfunc that imports the subpackage and demonstrates basic use - a
README.mdfile that describes the tool, how to use it, and any other relevant information
There are additionally some nice to have printer functions in some cases to have pretty console output (rather than the spew of json that will eventually go into a schema)
Next steps
The scope of the initial PR is to just lay out the package structure and basic functionality. The next steps are to add the following:
- add tests with ideally benchmarks
- evaluate moving this package out of this repo and into a dedicated one
- add riverqueue job launching leveraging the package
- functionality to add the results / reports of the subpackages into our schemas
Documentation
¶
Overview ¶
Package sleuth performs a number of reconnaissance activities against a set of domains and urls. It is designed to be used / consumed as a package and contains many generic wrappers and functional options which make it easier to use the combination of upstream opensource tools leveraged in the project such as projectdisocvery's httpx, naabu, nmap, and katana. The package is designed to be used in conjunction with other subpackages within the sleuth package, such as dnsx, sub, ports, and spider, to provide a comprehensive analysis of domains, subdomains, records, certificates, associated urls used in conjunction with the domain (discovered via probing techniques)
Source Files
Directories
¶
| Path | Synopsis |
|---|---|
|
Package certx is a package that provides functionality for certificate transparency log analysis.
|
Package certx is a package that provides functionality for certificate transparency log analysis. |
|
Package dnsx leverages the dnsx utility and other opensource dns projects to run dns queries for varies records including dmarc, dkim, and other technology oriented analysis related to domains
|
Package dnsx leverages the dnsx utility and other opensource dns projects to run dns queries for varies records including dmarc, dkim, and other technology oriented analysis related to domains |
|
test
command
|
|
|
Package ports utilities nmap + naabu for performing port scanning against provided domains which are generated via the other utilities within the sleuth package
|
Package ports utilities nmap + naabu for performing port scanning against provided domains which are generated via the other utilities within the sleuth package |
|
Package spider utilizes a combination of tooling including Katana to perform analysis on http server urls and feed them into the other subpacakges of sleuth for analysis
|
Package spider utilizes a combination of tooling including Katana to perform analysis on http server urls and feed them into the other subpacakges of sleuth for analysis |
|
test
command
|
|
|
config
Package config holds configuration for the static files used in sleuth
|
Package config holds configuration for the static files used in sleuth |
|
test
command
|
|
|
Package sub utilizes the subfinder utility as a package to perform subdomain enumeration on the provided domains and returns the result in the form of a report that can be used for further analysis
|
Package sub utilizes the subfinder utility as a package to perform subdomain enumeration on the provided domains and returns the result in the form of a report that can be used for further analysis |
|
test
command
|
|
|
Package tech is responsible for performing a technology discovery via wappalyzergo
|
Package tech is responsible for performing a technology discovery via wappalyzergo |
|
test
command
|