CalvinBackup/god-eye
1
0
Fork 0
mirror of https://github.com/Vyntral/god-eye.git synced 2026-05-19 22:54:45 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
main
god-eye/internal/modules/asn/asn.go
T
Vyntral 3a4c230aa7 feat: v2.0 full rewrite — event-driven pipeline, AI + Nuclei + proxy 
Complete architectural overhaul. Replaces the v0.1 monolithic scanner
with an event-driven pipeline of auto-registered modules.

Foundation (internal/):
- eventbus: typed pub/sub, 20 event types, race-safe, drop counter
- module: registry with phase-based selection
- store: thread-safe host store with per-host locks + deep-copy reads
- pipeline: coordinator with phase barriers + panic recovery
- config: 5 scan profiles + 3 AI tiers + YAML loader + auto-discovery

Modules (26 auto-registered across 6 phases):
- Discovery: passive (26 sources), bruteforce, recursive, AXFR, GitHub
  dorks, CT streaming, permutation, reverse DNS, vhost, ASN, supply
  chain (npm + PyPI)
- Enrichment: HTTP probe + tech fingerprint + TLS appliance ID, ports
- Analysis: security checks, takeover (110+ sigs), cloud, JavaScript,
  GraphQL, JWT, headers (OWASP), HTTP smuggling, AI cascade, Nuclei
- Reporting: TXT/JSON/CSV writer + AI scan brief

AI layer (internal/ai/ + internal/modules/ai/):
- Three profiles: lean (16 GB), balanced (32 GB MoE), heavy (64 GB)
- Six event-driven handlers: CVE, JS file, HTTP response, secret
  filter, multi-agent vuln enrichment, anomaly + executive report
- Content-hash cache dedups Ollama calls across hosts
- Auto-pull of missing models via /api/pull with streaming progress
- End-of-scan AI SCAN BRIEF in terminal with top chains + next actions

Nuclei compat layer (internal/nucleitpl/):
- Executes ~13k community templates (HTTP subset)
- Auto-download of nuclei-templates ZIP to ~/.god-eye/nuclei-templates
- Scope filter rejects off-host templates (eliminates OSINT FPs)

Operations:
- Interactive wizard (internal/wizard/) — zero-flag launch
- LivePrinter (internal/tui/) — colorized event stream
- Diff engine + scheduler (internal/diff, internal/scheduler) for
  continuous ASM monitoring with webhook alerts
- Proxy support (internal/proxyconf/): http / https / socks5 / socks5h
  + basic auth

Fixes #1 — native SOCKS5 / Tor compatibility via --proxy flag.

185 unit tests across 15 packages, all race-detector clean.
2026-04-18 16:48:41 +02:00

79 lines
1.9 KiB
Go
Raw Permalink Blame History

// Package asn is a Fase 0.6 adapter around v1 network.ASNScanner. Expands
// discovery by enumerating IPs within the target's ASN/CIDR blocks.
package asn
import (
"time"
"god-eye/internal/eventbus"
"god-eye/internal/module"
"god-eye/internal/network"
"god-eye/internal/store"
)
// CtxPassthrough is used to thread module.Context.Ctx into network helpers.
const ModuleName = "discovery.asn"
type asnModule struct{}
func Register() { module.Register(&asnModule{}) }
func (*asnModule) Name() string { return ModuleName }
func (*asnModule) Phase() module.Phase { return module.PhaseResolution }
func (*asnModule) Consumes() []eventbus.EventType { return []eventbus.EventType{eventbus.EventDNSResolved} }
func (*asnModule) Produces() []eventbus.EventType { return nil }
func (*asnModule) DefaultEnabled() bool { return false } // opt-in
func (*asnModule) Run(mctx module.Context) error {
if !mctx.Config.Bool("asn_scan", false) {
return nil
}
timeout := mctx.Config.Int("timeout", 10)
hosts := mctx.Store.All(mctx.Ctx)
seenIP := make(map[string]struct{})
for _, h := range hosts {
for _, ip := range h.IPs {
seenIP[ip] = struct{}{}
}
}
scanner := network.NewASNScanner(timeout)
for ip := range seenIP {
if mctx.Ctx.Err() != nil {
break
}
info, err := scanner.GetASNInfo(mctx.Ctx, ip)
if err != nil || info == nil {
continue
}
_ = mctx.Store.Upsert(mctx.Ctx, ipToFirstHost(mctx, ip), func(h *store.Host) {
if h.ASN == "" {
h.ASN = info.ASN
}
if h.Org == "" {
h.Org = info.Name
}
if h.Country == "" {
h.Country = info.Country
}
})
}
return nil
}
// ipToFirstHost returns the first subdomain mapped to ip in the store.
func ipToFirstHost(mctx module.Context, ip string) string {
for _, h := range mctx.Store.All(mctx.Ctx) {
for _, rip := range h.IPs {
if rip == ip {
return h.Subdomain
}
}
}
return ""
}
var _ = time.Now
Reference in New Issue View Git Blame Copy Permalink