mirror of
https://github.com/Vyntral/god-eye.git
synced 2026-02-12 16:52:45 +00:00
b1bf119c82
## AI & CVE Improvements - Fix AI report to display actual subdomain names instead of generic placeholders - Add 10-year CVE filter to reduce false positives from outdated vulnerabilities - Integrate CISA KEV (Known Exploited Vulnerabilities) database support - Improve AI analysis prompt for more accurate security findings ## New Security Modules - Add wildcard DNS detection with multi-phase validation (DNS + HTTP) - Add TLS certificate analyzer for certificate chain inspection - Add comprehensive rate limiting module for API requests - Add retry mechanism with exponential backoff - Add stealth mode for reduced detection during scans - Add progress tracking module for better UX ## Code Refactoring - Extract scanner output logic to dedicated module - Add base source interface for consistent passive source implementation - Reduce admin panel paths to common generic patterns only - Improve HTTP client with connection pooling - Add JSON output formatter ## Documentation Updates - Correct passive source count to 20 (was incorrectly stated as 34) - Fix AI model names: deepseek-r1:1.5b (fast) + qwen2.5-coder:7b (deep) - Update all markdown files for consistency - Relocate demo GIFs to assets/ directory - Add benchmark disclaimer for test variability ## Files Changed - 4 documentation files updated (README, AI_SETUP, BENCHMARK, EXAMPLES) - 11 new source files added - 12 existing files modified
273 lines
5.8 KiB
Go
273 lines
5.8 KiB
Go
package dns
|
|
|
|
import (
|
|
"context"
|
|
"encoding/json"
|
|
"fmt"
|
|
"net/http"
|
|
"strings"
|
|
"time"
|
|
|
|
"github.com/miekg/dns"
|
|
|
|
"god-eye/internal/config"
|
|
"god-eye/internal/retry"
|
|
)
|
|
|
|
// ResolveSubdomain resolves a subdomain to IP addresses with retry logic
|
|
func ResolveSubdomain(subdomain string, resolvers []string, timeout int) []string {
|
|
return ResolveSubdomainWithRetry(subdomain, resolvers, timeout, true)
|
|
}
|
|
|
|
// ResolveSubdomainWithRetry resolves with optional retry
|
|
func ResolveSubdomainWithRetry(subdomain string, resolvers []string, timeout int, useRetry bool) []string {
|
|
c := dns.Client{
|
|
Timeout: time.Duration(timeout) * time.Second,
|
|
}
|
|
|
|
m := dns.Msg{}
|
|
m.SetQuestion(dns.Fqdn(subdomain), dns.TypeA)
|
|
|
|
// Try each resolver
|
|
for _, resolver := range resolvers {
|
|
var ips []string
|
|
|
|
if useRetry {
|
|
// Use retry logic
|
|
ctx, cancel := context.WithTimeout(context.Background(), time.Duration(timeout*2)*time.Second)
|
|
result := retry.Do(ctx, retry.DNSConfig(), func() (interface{}, error) {
|
|
r, _, err := c.Exchange(&m, resolver)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
if r == nil {
|
|
return nil, fmt.Errorf("nil response")
|
|
}
|
|
|
|
var resolvedIPs []string
|
|
for _, ans := range r.Answer {
|
|
if a, ok := ans.(*dns.A); ok {
|
|
resolvedIPs = append(resolvedIPs, a.A.String())
|
|
}
|
|
}
|
|
|
|
if len(resolvedIPs) == 0 {
|
|
return nil, fmt.Errorf("no A records")
|
|
}
|
|
return resolvedIPs, nil
|
|
})
|
|
cancel()
|
|
|
|
if result.Error == nil && result.Value != nil {
|
|
ips = result.Value.([]string)
|
|
}
|
|
} else {
|
|
// Direct resolution without retry
|
|
r, _, err := c.Exchange(&m, resolver)
|
|
if err == nil && r != nil {
|
|
for _, ans := range r.Answer {
|
|
if a, ok := ans.(*dns.A); ok {
|
|
ips = append(ips, a.A.String())
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
if len(ips) > 0 {
|
|
return ips
|
|
}
|
|
}
|
|
|
|
return nil
|
|
}
|
|
|
|
func CheckWildcard(domain string, resolvers []string) []string {
|
|
// Test multiple random patterns for better wildcard detection
|
|
patterns := []string{
|
|
fmt.Sprintf("random%d.%s", time.Now().UnixNano(), domain),
|
|
fmt.Sprintf("xyz%d.%s", time.Now().UnixNano()%1000000, domain),
|
|
fmt.Sprintf("nonexistent-%s.%s", "abc123xyz", domain),
|
|
}
|
|
|
|
allIPs := make(map[string]int)
|
|
for _, pattern := range patterns {
|
|
ips := ResolveSubdomain(pattern, resolvers, 3)
|
|
for _, ip := range ips {
|
|
allIPs[ip]++
|
|
}
|
|
}
|
|
|
|
// If same IP(s) appear in multiple patterns, it's a wildcard
|
|
var wildcardIPs []string
|
|
for ip, count := range allIPs {
|
|
if count >= 2 {
|
|
wildcardIPs = append(wildcardIPs, ip)
|
|
}
|
|
}
|
|
|
|
return wildcardIPs
|
|
}
|
|
|
|
func ResolveCNAME(subdomain string, resolvers []string, timeout int) string {
|
|
c := dns.Client{
|
|
Timeout: time.Duration(timeout) * time.Second,
|
|
}
|
|
|
|
m := dns.Msg{}
|
|
m.SetQuestion(dns.Fqdn(subdomain), dns.TypeCNAME)
|
|
|
|
for _, resolver := range resolvers {
|
|
r, _, err := c.Exchange(&m, resolver)
|
|
if err != nil || r == nil {
|
|
continue
|
|
}
|
|
|
|
for _, ans := range r.Answer {
|
|
if cname, ok := ans.(*dns.CNAME); ok {
|
|
return strings.TrimSuffix(cname.Target, ".")
|
|
}
|
|
}
|
|
}
|
|
|
|
return ""
|
|
}
|
|
|
|
func ResolvePTR(ip string, resolvers []string, timeout int) string {
|
|
c := dns.Client{
|
|
Timeout: time.Duration(timeout) * time.Second,
|
|
}
|
|
|
|
// Convert IP to reverse DNS format
|
|
parts := strings.Split(ip, ".")
|
|
if len(parts) != 4 {
|
|
return ""
|
|
}
|
|
reverseIP := fmt.Sprintf("%s.%s.%s.%s.in-addr.arpa.", parts[3], parts[2], parts[1], parts[0])
|
|
|
|
m := dns.Msg{}
|
|
m.SetQuestion(reverseIP, dns.TypePTR)
|
|
|
|
for _, resolver := range resolvers {
|
|
r, _, err := c.Exchange(&m, resolver)
|
|
if err != nil || r == nil {
|
|
continue
|
|
}
|
|
|
|
for _, ans := range r.Answer {
|
|
if ptr, ok := ans.(*dns.PTR); ok {
|
|
return strings.TrimSuffix(ptr.Ptr, ".")
|
|
}
|
|
}
|
|
}
|
|
|
|
return ""
|
|
}
|
|
|
|
func ResolveMX(domain string, resolvers []string, timeout int) []string {
|
|
c := dns.Client{
|
|
Timeout: time.Duration(timeout) * time.Second,
|
|
}
|
|
|
|
m := dns.Msg{}
|
|
m.SetQuestion(dns.Fqdn(domain), dns.TypeMX)
|
|
|
|
for _, resolver := range resolvers {
|
|
r, _, err := c.Exchange(&m, resolver)
|
|
if err != nil || r == nil {
|
|
continue
|
|
}
|
|
|
|
var records []string
|
|
for _, ans := range r.Answer {
|
|
if mx, ok := ans.(*dns.MX); ok {
|
|
records = append(records, strings.TrimSuffix(mx.Mx, "."))
|
|
}
|
|
}
|
|
if len(records) > 0 {
|
|
return records
|
|
}
|
|
}
|
|
|
|
return nil
|
|
}
|
|
|
|
func ResolveTXT(domain string, resolvers []string, timeout int) []string {
|
|
c := dns.Client{
|
|
Timeout: time.Duration(timeout) * time.Second,
|
|
}
|
|
|
|
m := dns.Msg{}
|
|
m.SetQuestion(dns.Fqdn(domain), dns.TypeTXT)
|
|
|
|
for _, resolver := range resolvers {
|
|
r, _, err := c.Exchange(&m, resolver)
|
|
if err != nil || r == nil {
|
|
continue
|
|
}
|
|
|
|
var records []string
|
|
for _, ans := range r.Answer {
|
|
if txt, ok := ans.(*dns.TXT); ok {
|
|
for _, t := range txt.Txt {
|
|
// Limit length for display
|
|
if len(t) > 100 {
|
|
t = t[:97] + "..."
|
|
}
|
|
records = append(records, t)
|
|
}
|
|
}
|
|
}
|
|
if len(records) > 0 {
|
|
return records
|
|
}
|
|
}
|
|
|
|
return nil
|
|
}
|
|
|
|
func ResolveNS(domain string, resolvers []string, timeout int) []string {
|
|
c := dns.Client{
|
|
Timeout: time.Duration(timeout) * time.Second,
|
|
}
|
|
|
|
m := dns.Msg{}
|
|
m.SetQuestion(dns.Fqdn(domain), dns.TypeNS)
|
|
|
|
for _, resolver := range resolvers {
|
|
r, _, err := c.Exchange(&m, resolver)
|
|
if err != nil || r == nil {
|
|
continue
|
|
}
|
|
|
|
var records []string
|
|
for _, ans := range r.Answer {
|
|
if ns, ok := ans.(*dns.NS); ok {
|
|
records = append(records, strings.TrimSuffix(ns.Ns, "."))
|
|
}
|
|
}
|
|
if len(records) > 0 {
|
|
return records
|
|
}
|
|
}
|
|
|
|
return nil
|
|
}
|
|
|
|
func GetIPInfo(ip string) (*config.IPInfo, error) {
|
|
client := &http.Client{Timeout: 5 * time.Second}
|
|
url := fmt.Sprintf("http://ip-api.com/json/%s?fields=as,org,country,city", ip)
|
|
|
|
resp, err := client.Get(url)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
defer resp.Body.Close()
|
|
|
|
var info config.IPInfo
|
|
if err := json.NewDecoder(resp.Body).Decode(&info); err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
return &info, nil
|
|
}
|