2020-01-15 14:40:47 +01:00
|
|
|
# Styx
|
|
|
|
## Install
|
|
|
|
|
|
|
|
```sh
|
|
|
|
go get -u gitlab.dcso.lolcat/LABS/styx
|
|
|
|
cd $GOPATH/src/gitlab.dcso.lolcat/LABS/styx
|
|
|
|
go build
|
|
|
|
./styx
|
|
|
|
```
|
2020-02-07 15:49:42 +01:00
|
|
|
|
|
|
|
## Datastructure
|
|
|
|
|
|
|
|
### Meta
|
|
|
|
|
|
|
|
Node ------ Node
|
|
|
|
^
|
|
|
|
|
|
|
|
|
Edge
|
|
|
|
|
|
|
|
```go
|
|
|
|
type Node struct {
|
|
|
|
ID string `json:"id"`
|
|
|
|
Type string `json:"type"`
|
|
|
|
Data string `json:"data"` // For plain Node, the data is the ID of another typed node or a unique value like a domain or a host name.
|
|
|
|
Created string `json:"created"`
|
|
|
|
Modified string `json:"modified"`
|
|
|
|
}
|
|
|
|
|
|
|
|
// Edge defines a relation between two nodes.
|
|
|
|
type Edge struct {
|
|
|
|
ID string `json:"id"`
|
|
|
|
NodeOneID string `json:"nodeOneID"`
|
|
|
|
NodeTwoID string `json:"nodeTwoID"`
|
|
|
|
Timestamp string `json:"timestamp"`
|
|
|
|
Source string `json:"source"`
|
|
|
|
}
|
|
|
|
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
|
|
### Certstream
|
|
|
|
|
|
|
|
Node ---- CertNode ---- CertStreamRaw
|
|
|
|
^ | ^
|
|
|
|
| | |
|
|
|
|
Edge-> | Edge
|
|
|
|
|
|
|
|
|
Node(s) (domain)
|
|
|
|
|
|
|
|
```go
|
|
|
|
|
|
|
|
// CertStreamRaw is a wrapper around the stream function to unmarshall the
|
|
|
|
// data receive in a Go structure.
|
|
|
|
type CertStreamRaw struct {
|
|
|
|
ID string `json:"id"`
|
|
|
|
Type string `json:"type"`
|
|
|
|
Data CertStreamStruct `json:"data"`
|
|
|
|
Created string `json:"created"`
|
|
|
|
Modified string `json:"modified"`
|
|
|
|
}
|
|
|
|
|
|
|
|
// CertNode represents our custom struct of data extraction from CertStream.
|
|
|
|
type CertNode struct {
|
|
|
|
ID string `json:"id"`
|
|
|
|
Fingerprint string `json:"fingerprint"`
|
|
|
|
NotBefore string `json:"notBefore"`
|
|
|
|
NotAfter string `json:"notAfter"`
|
|
|
|
CN string `json:"cn"`
|
|
|
|
SourceName string `json:"sourceName"`
|
|
|
|
SerialNumber string `json:"serialNumber"`
|
|
|
|
BasicConstraints string `json:"basicConstraints"`
|
|
|
|
RawUUID string `json:"rawUUID"`
|
|
|
|
Chain []CertNode `json:"chainedTo"`
|
|
|
|
}
|
|
|
|
|
|
|
|
```
|
|
|
|
|
|
|
|
### Pastebin
|
|
|
|
|
|
|
|
Node ---- PasteNode ---- FullPaste
|
|
|
|
^ ^
|
|
|
|
| |
|
|
|
|
Edge Edge
|
|
|
|
|
|
|
|
```go
|
|
|
|
// PasteNode is a node from PasteBin.
|
|
|
|
type PasteNode struct {
|
|
|
|
ID string `json:"id"`
|
|
|
|
Type string `json:"type"`
|
|
|
|
Data FullPaste `json:"data"`
|
|
|
|
Created string `json:"create"`
|
|
|
|
Modified string `json:"modified"`
|
|
|
|
}
|
|
|
|
|
|
|
|
// FullPaste wrapes meta and information from Pastebin.
|
|
|
|
type FullPaste struct {
|
|
|
|
Meta PasteMeta `json:"meta"`
|
|
|
|
Full string `json:"full"`
|
|
|
|
}
|
|
|
|
```
|
|
|
|
|
|
|
|
### Shodan
|
|
|
|
|
|
|
|
Node ---- ShodanNode ---- Node(s) (hostnames and domains)
|
|
|
|
^ ^
|
|
|
|
| |
|
|
|
|
Edge Edge
|
|
|
|
|
|
|
|
```go
|
|
|
|
type ShodanNode struct {
|
|
|
|
ID string `json:"id"`
|
|
|
|
Type string `json:"type"`
|
|
|
|
Data *shodan.HostData `json:"data"`
|
|
|
|
Created string `json:"created"`
|
|
|
|
Modified string `json:"modified"`
|
|
|
|
}
|
|
|
|
```
|
2020-02-07 17:39:33 +01:00
|
|
|
|
|
|
|
###
|