chris/styx
chris/styx
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity
49 commits 1 branch 0 tags 299 KiB
Regular Expression 58.4%
Go 41.6%
Go to file
Christopher Talib e38b05de66 Update README with more information on the nodes and edges connections
2020-02-07 15:49:42 +01:00
broker Saving edges and node from CertStream traffic. 2020-01-29 10:03:52 +01:00
models Refactoring saving single value into a helper, adding meta names to main nodes and edges 2020-02-07 15:27:14 +01:00
parser Setting up linking and and creating nodes already from the input source 2020-01-28 23:52:24 +01:00
utils Moving SaveDomains to parser package 2020-01-28 16:05:36 +01:00
.gitignore Adding .txt files to gitignore 2020-01-22 15:44:56 +01:00
connectors_test.go First work on test for connection to CertStream 2020-01-26 17:27:40 +01:00
go.mod First implementation of shodan connector, but error on API key on streaming 2020-02-05 14:46:52 +01:00
go.sum Shodan connector and saving up and running 2020-02-06 17:01:37 +01:00
main.go Refactoring saving single value into a helper, adding meta names to main nodes and edges 2020-02-07 15:27:14 +01:00
main_test.go First work on test for connection to CertStream 2020-01-26 17:27:40 +01:00
README.md Update README with more information on the nodes and edges connections 2020-02-07 15:49:42 +01:00

README.md

Styx

Install

go get -u gitlab.dcso.lolcat/LABS/styx
cd $GOPATH/src/gitlab.dcso.lolcat/LABS/styx
go build
./styx

Datastructure

Meta

Node ------ Node ^ | Edge

type Node struct {
	ID       string `json:"id"`
	Type     string `json:"type"`
	Data     string `json:"data"` // For plain Node, the data is the ID of another typed node or a unique value like a domain or a host name.
	Created  string `json:"created"`
	Modified string `json:"modified"`
}

// Edge defines a relation between two nodes.
type Edge struct {
	ID        string `json:"id"`
	NodeOneID string `json:"nodeOneID"`
	NodeTwoID string `json:"nodeTwoID"`
	Timestamp string `json:"timestamp"`
	Source    string `json:"source"`
}

Certstream

Node ---- CertNode ---- CertStreamRaw ^ | ^ | | | Edge-> | Edge | Node(s) (domain)


// CertStreamRaw is a wrapper around the stream function to unmarshall the
// data receive in a Go structure.
type CertStreamRaw struct {
	ID       string           `json:"id"`
	Type     string           `json:"type"`
	Data     CertStreamStruct `json:"data"`
	Created  string           `json:"created"`
	Modified string           `json:"modified"`
}

// CertNode represents our custom struct of data extraction from CertStream.
type CertNode struct {
	ID               string     `json:"id"`
	Fingerprint      string     `json:"fingerprint"`
	NotBefore        string     `json:"notBefore"`
	NotAfter         string     `json:"notAfter"`
	CN               string     `json:"cn"`
	SourceName       string     `json:"sourceName"`
	SerialNumber     string     `json:"serialNumber"`
	BasicConstraints string     `json:"basicConstraints"`
	RawUUID          string     `json:"rawUUID"`
	Chain            []CertNode `json:"chainedTo"`
}

Pastebin

Node ---- PasteNode ---- FullPaste ^ ^ | | Edge Edge

// PasteNode is a node from PasteBin.
type PasteNode struct {
	ID       string    `json:"id"`
	Type     string    `json:"type"`
	Data     FullPaste `json:"data"`
	Created  string    `json:"create"`
	Modified string    `json:"modified"`
}

// FullPaste wrapes meta and information from Pastebin.
type FullPaste struct {
	Meta PasteMeta `json:"meta"`
	Full string    `json:"full"`
}

Shodan

Node ---- ShodanNode ---- Node(s) (hostnames and domains) ^ ^ | | Edge Edge

type ShodanNode struct {
	ID       string           `json:"id"`
	Type     string           `json:"type"`
	Data     *shodan.HostData `json:"data"`
	Created  string           `json:"created"`
	Modified string           `json:"modified"`
}