add: info host with the list of vuln

k1m0ch1 · Mar 21, 2022 · b6f743d · b6f743d
1 parent ef7f5ed
commit b6f743d
Show file tree

Hide file tree

Showing 4 changed files with 83 additions and 88 deletions.
diff --git a/.github/doc/Host-Identity-Format.md b/.github/doc/Host-Identity-Format.md
@@ -1,72 +1,45 @@
 Host Identity Format
 ```
-target:
- url: domain or apps 
- tech-stack: js, lalala
- open-port: 80/http, 81/ssh
- filtered-port: 
- host-ip: 
- recon:
- - tools: nmap
- report: file.html
- - tools: theHarvester
- report: file.txt
- vuln-scan:
- - tools: burp
- report: lala.html
+id: website.com
+info:
+ url: website.com
+ tech-stacks: ""
+ tag: ""
+ open-ports: ""
+ filtered-port: ""
+ host-ip: ""
+ country: ""
+ city: ""
+ organization: ""
+ others:
+ - source: ""
+ desc: ""
+ url: ""
+ desc: ""
+recons:
+- tools: ""
+ type: ""
+ report: ""
+ file-type: ""
+ desc: ""
+ images:
+ - path: ""
+ caption: ""
+vuln-scans:
+- tools: ""
+ type: ""
+ report: ""
+ file-type: ""
+ desc: ""
+ images:
+ - path: ""
+ caption: ""
+exploratory:
+- behaviour: ""
+ type: ""
+ desc: ""
+ images:
+ - path: ""
+ caption: ""
 
-recon-found:
- source-code-leak:
- - info: name of found
- desc: lalala
- report: file.html
- image: file.png
- GHDB:
- - info: n/a
- desc: lalala
- report: file.html
- image: file.png
- virus-total:
- - info:
- detection-result: file
- details-result: file
- desc: 
- the-harvester:
- - info:
- desc:
- result: file
- web-archive:
- - info:
- desc:
- image: 
- defacement:
- osint-discovery:
- directory-index:
- reverse-ip-check:
- project-management-tools:
- - info:
- desc:
-
-behaviour:
- unique-behaviour:
- - info:
- desc:
- - info:
- desc:
- third-party-hosted-content:
- - info:
- desc:
-
-http-responses:
- - result:
- desc:
-
-ssl-implemented:
- - result:
- http-redirect: (True/ False)
- desc:
-
-shodan-result:
- - info:
- result-ip:https://www.shodan.io/search?query=net:1.2.3.4,5.6.7.8,9.10.11.12
 ```
diff --git a/cmd/add.go b/cmd/add.go
@@ -13,8 +13,7 @@ import (
 
 var addCmd = &cobra.Command{
  Use: "add",
- Short: "Add mode you can create new host",
- Long: `Generate the new project include with dirs and config.yml`,
+ Short: "mode when you can generate new host template or vuln",
  Run: func(cmd *cobra.Command, args []string) {
  var cfg utils.UserConfig
  cfg.Load("config.yml")

diff --git a/cmd/info.go b/cmd/info.go
@@ -1,6 +1,7 @@
 package cmd
 
 import (
+ "os"
  "fmt"
 
  "github.com/k1m0ch1/axolotl/utils"
@@ -10,17 +11,39 @@ import (
 var infoCmd = &cobra.Command{
  Use: "info",
  Short: "Information about host or vuln",
- Long: `Generate the new project include with dirs and config.yml`,
  Run: func(cmd *cobra.Command, args []string) {
  var cfg utils.UserConfig
  cfg.Load("config.yml")
 
- if Domain != "" {
+ if Domain != "" && Vuln == "" {
  var domain utils.HostIdentity
  domain.Load(fmt.Sprintf("./%s/%s.yml", cfg.DirConfig.HostsIdentityDir, Domain))
 
- fmt.Printf("Info Result of the Domain `%s`\n\n", Domain)
- fmt.Println(domain.Info.TechStacks)
+ fmt.Printf("Info Result of the Domain `%s`\n", Domain)
+ fmt.Printf("\nDomain `%s` %s (%s)", domain.Info.URL, domain.Info.HostIP, domain.Info.OpenPorts)
+ fmt.Printf("\n%s\n", domain.Info.Desc)
+ fmt.Printf("\nTechnology : %s ", domain.Info.TechStacks)
+
+ fmt.Printf("\n\nCurrent Vulnerability : ")
+
+ path := fmt.Sprintf("./%s/%s/", cfg.DirConfig.VulnDir, domain.ID)
+
+ if _, err := os.Stat(path); os.IsNotExist(err) {
+ fmt.Println("0 Result Vulnerability")
+ }else{
+ // get many vuln-type found
+ VulnFile, err := utils.WalkMatch(path, "*.yml")
+ if err != nil {
+ fmt.Println(err)
+ }
+
+ for index, f := range VulnFile {
+ var v utils.Finding
+ v.Load(f)
+
+ fmt.Printf("\n%d. %s\n %s (%s)", index+1, v.ID, v.VulnInfo.RiskRatings.Severity, v.VulnInfo.VulnType)
+ }
+ }
  }
  },
 }
diff --git a/cmd/stats.go b/cmd/stats.go
@@ -57,7 +57,7 @@ var statsCmd = &cobra.Command{
  vulnTypeStat[currIndex].ListOfVuln = append(vulnTypeStat[currIndex].ListOfVuln, v.ID)
  } else {
  if v.ID == vulnTypeStat[currIndex].ListOfVuln[checkVuln] {
- fmt.Println(v.ID, "Already exist at", vulnTypeStat[currIndex].Type, "with data", vulnTypeStat[currIndex].ListOfVuln, "with index", checkVuln)
+ // fmt.Println(v.ID, "Already exist at", vulnTypeStat[currIndex].Type, "with data", vulnTypeStat[currIndex].ListOfVuln, "with index", checkVuln)
  } else {
  vulnTypeStat[currIndex].ListOfVuln = append(vulnTypeStat[currIndex].ListOfVuln, v.ID)
  }
@@ -93,24 +93,24 @@ var statsCmd = &cobra.Command{
  }
 
  fmt.Println("\n\nTop 10 Vulnerability Type Finding")
- currMin := 0
- currMax := 0
  maxSlice = len(vulnTypeStat)
  if len(vulnTypeStat) > 10 {
  maxSlice = 10
  }
- for index, value := range vulnTypeStat[0:maxSlice] {
- fmt.Printf("\n%s with %d vuln", value.Type, len(value.ListOfVuln))
- if len(value.ListOfVuln) < len(vulnTypeStat[currMin].ListOfVuln) {
- currMin = index
- }
 
-  if len(value.ListOfVuln) > len(vulnTypeStat[currMax].ListOfVuln) {
-  currMax = index
- }
+ var rankedVuln []kv
+ for _, v := range vulnTypeStat {
+ rankedVuln = append(rankedVuln, kv{v.Type, len(v.ListOfVuln)})
  }
- fmt.Printf("\n")
- fmt.Printf("\nThe most Vulnerability `%s` (%d vuln)", vulnTypeStat[currMax].Type, len(vulnTypeStat[currMax].ListOfVuln))
-
+
+ sort.Slice(rankedVuln, func(i, j int) bool {
+ return rankedVuln[i].Value > rankedVuln[j].Value
+ })
+
+ for index, value := range rankedVuln[0:maxSlice] {
+ fmt.Printf("\n%d. `%s` with %d vuln", index+1, value.Key, value.Value)
+ }
+
+ // fmt.Printf("\n") 
  },
 }