mirror of
https://github.com/Vyntral/god-eye.git
synced 2026-05-16 21:43:34 +02:00
Vyntral
3a4c230aa7
Complete architectural overhaul. Replaces the v0.1 monolithic scanner with an event-driven pipeline of auto-registered modules. Foundation (internal/): - eventbus: typed pub/sub, 20 event types, race-safe, drop counter - module: registry with phase-based selection - store: thread-safe host store with per-host locks + deep-copy reads - pipeline: coordinator with phase barriers + panic recovery - config: 5 scan profiles + 3 AI tiers + YAML loader + auto-discovery Modules (26 auto-registered across 6 phases): - Discovery: passive (26 sources), bruteforce, recursive, AXFR, GitHub dorks, CT streaming, permutation, reverse DNS, vhost, ASN, supply chain (npm + PyPI) - Enrichment: HTTP probe + tech fingerprint + TLS appliance ID, ports - Analysis: security checks, takeover (110+ sigs), cloud, JavaScript, GraphQL, JWT, headers (OWASP), HTTP smuggling, AI cascade, Nuclei - Reporting: TXT/JSON/CSV writer + AI scan brief AI layer (internal/ai/ + internal/modules/ai/): - Three profiles: lean (16 GB), balanced (32 GB MoE), heavy (64 GB) - Six event-driven handlers: CVE, JS file, HTTP response, secret filter, multi-agent vuln enrichment, anomaly + executive report - Content-hash cache dedups Ollama calls across hosts - Auto-pull of missing models via /api/pull with streaming progress - End-of-scan AI SCAN BRIEF in terminal with top chains + next actions Nuclei compat layer (internal/nucleitpl/): - Executes ~13k community templates (HTTP subset) - Auto-download of nuclei-templates ZIP to ~/.god-eye/nuclei-templates - Scope filter rejects off-host templates (eliminates OSINT FPs) Operations: - Interactive wizard (internal/wizard/) — zero-flag launch - LivePrinter (internal/tui/) — colorized event stream - Diff engine + scheduler (internal/diff, internal/scheduler) for continuous ASM monitoring with webhook alerts - Proxy support (internal/proxyconf/): http / https / socks5 / socks5h + basic auth Fixes #1 — native SOCKS5 / Tor compatibility via --proxy flag. 185 unit tests across 15 packages, all race-detector clean.
103 lines
2.7 KiB
Go
103 lines
2.7 KiB
Go
package config
|
|
|
|
import (
|
|
"encoding/json"
|
|
"testing"
|
|
)
|
|
|
|
func TestDefaultResolversNonEmpty(t *testing.T) {
|
|
if len(DefaultResolvers) == 0 {
|
|
t.Fatal("DefaultResolvers is empty")
|
|
}
|
|
for _, r := range DefaultResolvers {
|
|
if r == "" {
|
|
t.Errorf("empty resolver in DefaultResolvers")
|
|
}
|
|
}
|
|
}
|
|
|
|
func TestDefaultWordlistNonEmpty(t *testing.T) {
|
|
if len(DefaultWordlist) < 50 {
|
|
t.Errorf("DefaultWordlist too small: %d entries", len(DefaultWordlist))
|
|
}
|
|
seen := make(map[string]bool)
|
|
for _, w := range DefaultWordlist {
|
|
if w == "" {
|
|
t.Error("empty entry in DefaultWordlist")
|
|
}
|
|
// Note: v1 wordlist contains "smtp" and "staging" twice — that's a bug
|
|
// but not something we fix in baseline tests. Just verify no ALL duplicates.
|
|
seen[w] = true
|
|
}
|
|
if len(seen) < 50 {
|
|
t.Errorf("too many duplicates: %d unique out of %d", len(seen), len(DefaultWordlist))
|
|
}
|
|
}
|
|
|
|
func TestSubdomainResult_JSONRoundtrip(t *testing.T) {
|
|
orig := &SubdomainResult{
|
|
Subdomain: "api.example.com",
|
|
IPs: []string{"1.2.3.4"},
|
|
CNAME: "cname.example.com",
|
|
StatusCode: 200,
|
|
Title: "API",
|
|
Tech: []string{"nginx", "Go"},
|
|
CloudProvider: "AWS",
|
|
TLSFingerprint: &TLSFingerprint{
|
|
Vendor: "Fortinet",
|
|
Product: "FortiGate",
|
|
ApplianceType: "firewall",
|
|
},
|
|
}
|
|
|
|
data, err := json.Marshal(orig)
|
|
if err != nil {
|
|
t.Fatalf("marshal failed: %v", err)
|
|
}
|
|
|
|
var decoded SubdomainResult
|
|
if err := json.Unmarshal(data, &decoded); err != nil {
|
|
t.Fatalf("unmarshal failed: %v", err)
|
|
}
|
|
|
|
if decoded.Subdomain != orig.Subdomain {
|
|
t.Errorf("Subdomain mismatch: got %q want %q", decoded.Subdomain, orig.Subdomain)
|
|
}
|
|
if len(decoded.IPs) != 1 || decoded.IPs[0] != "1.2.3.4" {
|
|
t.Errorf("IPs mismatch: got %v", decoded.IPs)
|
|
}
|
|
if decoded.TLSFingerprint == nil {
|
|
t.Fatal("TLSFingerprint is nil after roundtrip")
|
|
}
|
|
if decoded.TLSFingerprint.Vendor != "Fortinet" {
|
|
t.Errorf("TLSFingerprint.Vendor = %q, want Fortinet", decoded.TLSFingerprint.Vendor)
|
|
}
|
|
}
|
|
|
|
func TestSubdomainResult_OmitemptyMinimal(t *testing.T) {
|
|
// Ensure zero-value struct produces a minimal JSON (only subdomain field would be present if set).
|
|
empty := &SubdomainResult{}
|
|
data, err := json.Marshal(empty)
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
// Only the required "subdomain" field (empty string) should appear — every other is omitempty.
|
|
expected := `{"subdomain":""}`
|
|
if string(data) != expected {
|
|
t.Errorf("empty struct JSON = %s, want %s", string(data), expected)
|
|
}
|
|
}
|
|
|
|
func TestConfigZeroValue(t *testing.T) {
|
|
var c Config
|
|
if c.Domain != "" {
|
|
t.Errorf("default Domain should be empty, got %q", c.Domain)
|
|
}
|
|
if c.EnableAI {
|
|
t.Error("EnableAI should default to false")
|
|
}
|
|
if c.Concurrency != 0 {
|
|
t.Error("Concurrency should default to 0 (overridden by CLI default)")
|
|
}
|
|
}
|