mirror of
https://github.com/Vyntral/god-eye.git
synced 2026-05-16 13:39:10 +02:00
Vyntral
3a4c230aa7
Complete architectural overhaul. Replaces the v0.1 monolithic scanner with an event-driven pipeline of auto-registered modules. Foundation (internal/): - eventbus: typed pub/sub, 20 event types, race-safe, drop counter - module: registry with phase-based selection - store: thread-safe host store with per-host locks + deep-copy reads - pipeline: coordinator with phase barriers + panic recovery - config: 5 scan profiles + 3 AI tiers + YAML loader + auto-discovery Modules (26 auto-registered across 6 phases): - Discovery: passive (26 sources), bruteforce, recursive, AXFR, GitHub dorks, CT streaming, permutation, reverse DNS, vhost, ASN, supply chain (npm + PyPI) - Enrichment: HTTP probe + tech fingerprint + TLS appliance ID, ports - Analysis: security checks, takeover (110+ sigs), cloud, JavaScript, GraphQL, JWT, headers (OWASP), HTTP smuggling, AI cascade, Nuclei - Reporting: TXT/JSON/CSV writer + AI scan brief AI layer (internal/ai/ + internal/modules/ai/): - Three profiles: lean (16 GB), balanced (32 GB MoE), heavy (64 GB) - Six event-driven handlers: CVE, JS file, HTTP response, secret filter, multi-agent vuln enrichment, anomaly + executive report - Content-hash cache dedups Ollama calls across hosts - Auto-pull of missing models via /api/pull with streaming progress - End-of-scan AI SCAN BRIEF in terminal with top chains + next actions Nuclei compat layer (internal/nucleitpl/): - Executes ~13k community templates (HTTP subset) - Auto-download of nuclei-templates ZIP to ~/.god-eye/nuclei-templates - Scope filter rejects off-host templates (eliminates OSINT FPs) Operations: - Interactive wizard (internal/wizard/) — zero-flag launch - LivePrinter (internal/tui/) — colorized event stream - Diff engine + scheduler (internal/diff, internal/scheduler) for continuous ASM monitoring with webhook alerts - Proxy support (internal/proxyconf/): http / https / socks5 / socks5h + basic auth Fixes #1 — native SOCKS5 / Tor compatibility via --proxy flag. 185 unit tests across 15 packages, all race-detector clean.
135 lines
3.1 KiB
Go
135 lines
3.1 KiB
Go
package proxyconf
|
|
|
|
import "testing"
|
|
|
|
func TestValidate(t *testing.T) {
|
|
cases := []struct {
|
|
in string
|
|
wantErr bool
|
|
}{
|
|
{"", false},
|
|
{"http://127.0.0.1:8080", false},
|
|
{"https://proxy.corp:3128", false},
|
|
{"socks5://127.0.0.1:9050", false},
|
|
{"socks5h://127.0.0.1:9050", false},
|
|
{"socks5h://user:pass@127.0.0.1:9050", false},
|
|
{"ftp://x:21", true},
|
|
{"socks4://x:1080", true},
|
|
{"not a url", true},
|
|
{"://nohost", true},
|
|
{"http://", true},
|
|
}
|
|
for _, c := range cases {
|
|
err := Validate(c.in)
|
|
if (err != nil) != c.wantErr {
|
|
t.Errorf("Validate(%q) err=%v wantErr=%v", c.in, err, c.wantErr)
|
|
}
|
|
}
|
|
}
|
|
|
|
func TestBuildDialer_EmptyReturnsDirect(t *testing.T) {
|
|
d, err := BuildDialer("", nil)
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
if d == nil {
|
|
t.Fatal("nil dialer")
|
|
}
|
|
}
|
|
|
|
func TestBuildDialer_SOCKS5Accepted(t *testing.T) {
|
|
d, err := BuildDialer("socks5://127.0.0.1:9050", nil)
|
|
if err != nil {
|
|
t.Fatalf("SOCKS5 should construct: %v", err)
|
|
}
|
|
if d == nil {
|
|
t.Fatal("nil dialer")
|
|
}
|
|
}
|
|
|
|
func TestBuildDialer_SOCKS5WithAuth(t *testing.T) {
|
|
d, err := BuildDialer("socks5h://user:pass@127.0.0.1:9050", nil)
|
|
if err != nil {
|
|
t.Fatalf("auth SOCKS5 should construct: %v", err)
|
|
}
|
|
if d == nil {
|
|
t.Fatal("nil dialer")
|
|
}
|
|
}
|
|
|
|
func TestBuildDialer_HTTPProxyPassthrough(t *testing.T) {
|
|
// HTTP proxy uses Transport.Proxy; dialer should be direct-equivalent.
|
|
d, err := BuildDialer("http://127.0.0.1:8080", nil)
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
if d == nil {
|
|
t.Fatal("nil dialer")
|
|
}
|
|
}
|
|
|
|
func TestBuildDialer_UnsupportedScheme(t *testing.T) {
|
|
_, err := BuildDialer("ftp://127.0.0.1", nil)
|
|
if err == nil {
|
|
t.Error("expected error for unsupported scheme")
|
|
}
|
|
}
|
|
|
|
func TestBuildProxyFunc_HTTPProxy(t *testing.T) {
|
|
fn, err := BuildProxyFunc("http://127.0.0.1:8080")
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
if fn == nil {
|
|
t.Fatal("http:// should yield non-nil ProxyFunc")
|
|
}
|
|
}
|
|
|
|
func TestBuildProxyFunc_SOCKSReturnsNil(t *testing.T) {
|
|
fn, err := BuildProxyFunc("socks5://127.0.0.1:9050")
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
if fn != nil {
|
|
t.Error("SOCKS5 should return nil ProxyFunc (handled by dialer)")
|
|
}
|
|
}
|
|
|
|
func TestBuildProxyFunc_EmptyReturnsNil(t *testing.T) {
|
|
fn, err := BuildProxyFunc("")
|
|
if err != nil || fn != nil {
|
|
t.Errorf("empty → (nil, nil), got (%v, %v)", fn, err)
|
|
}
|
|
}
|
|
|
|
func TestHumanize(t *testing.T) {
|
|
cases := map[string]string{
|
|
"": "direct (no proxy)",
|
|
"http://proxy.corp:3128": "http://proxy.corp:3128",
|
|
"socks5://127.0.0.1:9050": "socks5://127.0.0.1:9050",
|
|
"socks5h://user:secret@10.0.0.1:443": "socks5h://(auth)@10.0.0.1:443",
|
|
}
|
|
for in, want := range cases {
|
|
if got := Humanize(in); got != want {
|
|
t.Errorf("Humanize(%q) = %q, want %q", in, got, want)
|
|
}
|
|
}
|
|
}
|
|
|
|
func TestHumanize_LeaksNoCredentials(t *testing.T) {
|
|
const secret = "supersecret"
|
|
h := Humanize("socks5://user:" + secret + "@127.0.0.1:9050")
|
|
if contains(h, secret) {
|
|
t.Errorf("Humanize leaked credentials: %s", h)
|
|
}
|
|
}
|
|
|
|
func contains(s, sub string) bool {
|
|
for i := 0; i+len(sub) <= len(s); i++ {
|
|
if s[i:i+len(sub)] == sub {
|
|
return true
|
|
}
|
|
}
|
|
return false
|
|
}
|