Skip to content

Commit

Permalink
Merge pull request #1013 from ninoseki/add-vulnerabilities
Browse files Browse the repository at this point in the history
feat: add vulnerabilities table
  • Loading branch information
ninoseki authored Jan 13, 2024
2 parents 1598ca8 + 54863f7 commit f90dc9d
Show file tree
Hide file tree
Showing 45 changed files with 380 additions and 118 deletions.
95 changes: 56 additions & 39 deletions docs/diagrams.md
Original file line number Diff line number Diff line change
Expand Up @@ -37,6 +37,7 @@ classDiagram
}
Artifact --* Alert
Artifact *-- CPE
Artifact *-- Vulnerability
Artifact *-- DnsRecord
Artifact *-- Port
Artifact *-- ReverseDnsName
Expand All @@ -48,28 +49,36 @@ classDiagram
class AutonomousSystem {
integer id
integer asn
integer number
datetime created_at
integer artifact_id
}
AutonomousSystem --* Artifact
class Port {
integer id
integer port
integer number
datetime created_at
integer artifact_id
}
Port --* Artifact
class CPE {
integer id
string cpe
string name
datetime created_at
integer artifact_id
}
CPE --* Artifact
class Vulnerability {
integer id
string name
datetime created_at
integer artifact_id
}
Vulnerability --* Artifact
class DnsRecord {
integer id
string resource
Expand Down Expand Up @@ -131,96 +140,103 @@ classDiagram
```mermaid
erDiagram
alerts {
datetime6 created_at
INTEGER id PK
datetime created_at
integer id PK
varchar rule_id FK
}
artifacts {
INTEGER alert_id FK
datetime6 created_at
integer alert_id FK
datetime created_at
varchar data
varchar data_type
INTEGER id PK
integer id PK
json metadata
varchar query
varchar source
}
autonomous_systems {
INTEGER artifact_id FK
INTEGER asn
datetime6 created_at
INTEGER id PK
integer artifact_id FK
integer number
datetime created_at
integer id PK
}
cpes {
INTEGER artifact_id FK
varchar cpe
datetime6 created_at
INTEGER id PK
integer artifact_id FK
varchar name
datetime created_at
integer id PK
}
vulnerabilities {
integer artifact_id FK
varchar name
datetime created_at
integer id PK
}
dns_records {
INTEGER artifact_id FK
datetime6 created_at
INTEGER id PK
integer artifact_id FK
datetime created_at
integer id PK
varchar resource
varchar value
}
geolocations {
INTEGER artifact_id FK
integer artifact_id FK
varchar country
varchar country_code
datetime6 created_at
INTEGER id PK
datetime created_at
integer id PK
}
ports {
INTEGER artifact_id FK
datetime6 created_at
INTEGER id PK
INTEGER port
integer artifact_id FK
datetime created_at
integer id PK
integer number
}
reverse_dns_names {
INTEGER artifact_id FK
datetime6 created_at
INTEGER id PK
integer artifact_id FK
datetime created_at
integer id PK
varchar name
}
rules {
datetime6 created_at
datetime created_at
json data
varchar description
varchar id PK
varchar title
datetime6 updated_at
datetime updated_at
}
taggings {
datetime6 created_at
INTEGER id PK
datetime created_at
integer id PK
varchar rule_id
INTEGER tag_id
integer tag_id
}
tags {
datetime6 created_at
INTEGER id PK
datetime created_at
integer id PK
varchar name
}
whois_records {
INTEGER artifact_id FK
integer artifact_id FK
json contacts
datetime6 created_at
datetime created_at
date created_on
varchar domain
date expires_on
INTEGER id PK
integer id PK
json registrar
date updated_on
}
Expand All @@ -229,6 +245,7 @@ erDiagram
artifacts }o--|| alerts : "alert_id"
autonomous_systems }o--|| artifacts : "artifact_id"
cpes }o--|| artifacts : "artifact_id"
vulnerabilities }o--|| artifacts : "artifact_id"
dns_records }o--|| artifacts : "artifact_id"
geolocations }o--|| artifacts : "artifact_id"
ports }o--|| artifacts : "artifact_id"
Expand Down
4 changes: 4 additions & 0 deletions docs/enrichers/google_public_dns.md
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,10 @@ This enricher uses Google Public DNS to enrich an URL and domain artifact.
enricher: google_public_dns
```
This enricher can add the following components:
- DNS records
## Supported Artifacts
- URL
Expand Down
5 changes: 5 additions & 0 deletions docs/enrichers/mmdb.md
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,11 @@ This enricher uses public MMDB API to enrich an IP artifact.
enricher: mmdb
```
This enricher can add the following components:
- Geolocation
- Autonomous System
## Supported Artifacts
- IP address
8 changes: 8 additions & 0 deletions docs/enrichers/shodan.md
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@ tags:
- Enrichment:Port
- Enrichment:CPE
- Enrichment:Reverse_DNS_Name
- Enrichment:Vulnerability
---

# Shodan (The InternetDB API)
Expand All @@ -17,6 +18,13 @@ This enricher uses Shodan InternetDB API to enrich an artifact.
enricher: shodan
```
This enricher can add the following components:
- Ports
- CPEs
- Reverse DNS names
- Vulnerabilities
## Supported Artifacts
- IP address
6 changes: 5 additions & 1 deletion docs/enrichers/whois.md
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
---
tags:
- Enrichment:Whois
- Enrichment:Whois_Record
---

# Whois
Expand All @@ -11,6 +11,10 @@ This enricher uses “whois” command to enrich an artifact.
enricher: whois
```
This enricher can add the following components:
- Whois record
## Supported Artifacts
- URL
Expand Down
12 changes: 6 additions & 6 deletions docs/usage.md
Original file line number Diff line number Diff line change
Expand Up @@ -173,12 +173,12 @@ Search query supports `AND`, `OR`, `:`, `=`, `!=`, `<`, `<=`, `>`, `>=`, `NOT` a

Searchable fields are:

| Type | Searchable fields |
| ---------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| `alert` | `id`, `tag`, `created_at`, `rule.id`, `rule.title`, `rule.description`, `artifact.data`, `artifact.data_type`, `artifact.source` and `artifact.query` |
| `artifact` | `id`, `data`, `data_type`, `source`, `query`, `tag`, `rule.id`, `rule.title`, `rule.description`, `tag`,`created_at`, `asn`, `country_code`, `dns_record.value`, `dns_record.resource`, `reverse_dns_name`, `cpe` and `port` |
| `rule` | `id`, `title`, `description`, `tag`, `created_at` and `updated_at` |
| `tag` | `id` and `name` |
| Type | Searchable fields |
| ---------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |
| `alert` | `id`, `tag`, `created_at`, `rule.id`, `rule.title`, `rule.description`, `artifact.data`, `artifact.data_type`, `artifact.source` and `artifact.query` |
| `artifact` | `id`, `data`, `data_type`, `source`, `query`, `tag`, `rule.id`, `rule.title`, `rule.description`, `tag`,`created_at`, `asn`, `country_code`, `dns_record.value`, `dns_record.resource`, `reverse_dns_name`, `cpe`, `vuln` and `port` |
| `rule` | `id`, `title`, `description`, `tag`, `created_at` and `updated_at` |
| `tag` | `id` and `name` |

**Examples**

Expand Down
2 changes: 1 addition & 1 deletion frontend/src/components/artifact/AS.vue
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
<template>
<div class="tags are-medium">
<span class="tag">
{{ autonomousSystem.asn }}
{{ autonomousSystem.number }}
</span>
</div>
</template>
Expand Down
8 changes: 7 additions & 1 deletion frontend/src/components/artifact/ArtifactDetail.vue
Original file line number Diff line number Diff line change
Expand Up @@ -83,6 +83,10 @@
<h4 class="is-size-4 mb-2">CPEs</h4>
<CPEs :cpes="artifact.cpes"></CPEs>
</div>
<div class="block" v-if="artifact.vulnerabilities">
<h4 class="is-size-4 mb-2">Vulnerabilities</h4>
<Vulnerabilities :vulnerabilities="artifact.vulnerabilities"></Vulnerabilities>
</div>
<div class="block" v-if="artifact.ports">
<h4 class="is-size-4 mb-2">Ports</h4>
<Ports :ports="artifact.ports"></Ports>
Expand Down Expand Up @@ -111,6 +115,7 @@ import DnsRecords from "@/components/artifact/DnsRecords.vue"
import Ports from "@/components/artifact/Ports.vue"
import ReverseDnsNames from "@/components/artifact/ReverseDnsNames.vue"
import Tags from "@/components/artifact/Tags.vue"
import Vulnerabilities from "@/components/artifact/Vulnerabilities.vue"
import WhoisRecord from "@/components/artifact/WhoisRecord.vue"
import ErrorMessage from "@/components/ErrorMessage.vue"
import Links from "@/components/link/Links.vue"
Expand All @@ -137,7 +142,8 @@ export default defineComponent({
CPEs,
Ports,
ErrorMessage,
Message
Message,
Vulnerabilities
},
emits: ["refresh", "delete"],
setup(props, context) {
Expand Down
4 changes: 2 additions & 2 deletions frontend/src/components/artifact/ArtifactsWrapper.vue
Original file line number Diff line number Diff line change
Expand Up @@ -34,8 +34,8 @@
<code>query</code>, <code>tag</code>, <code>rule.id</code>, <code>rule.title</code>,
<code>rule.description</code>, <code>tag</code>,<code>created_at</code>, <code>asn</code>,
<code>country_code</code>, <code>dns_record.value</code>,
<code>dns_record.resource</code>, <code>reverse_dns_name</code>, <code>cpe</code> and
<code>port</code>.
<code>dns_record.resource</code>, <code>reverse_dns_name</code>, <code>cpe</code>,
<code>vuln</code> and <code>port</code>.
</li>
</ul>
</div>
Expand Down
4 changes: 2 additions & 2 deletions frontend/src/components/artifact/CPEs.vue
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
<template>
<div class="tags are-medium">
<span class="tag" v-for="cpe in cpes" :key="cpe.cpe">
{{ cpe.cpe }}
<span class="tag" v-for="cpe in cpes" :key="cpe.name">
{{ cpe.name }}
</span>
</div>
</template>
Expand Down
4 changes: 2 additions & 2 deletions frontend/src/components/artifact/Ports.vue
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
<template>
<div class="tags are-medium">
<span class="tag" v-for="port in ports" :key="port.port">
{{ port.port }}
<span class="tag" v-for="port in ports" :key="port.number">
{{ port.number }}
</span>
</div>
</template>
Expand Down
23 changes: 23 additions & 0 deletions frontend/src/components/artifact/Vulnerabilities.vue
Original file line number Diff line number Diff line change
@@ -0,0 +1,23 @@
<template>
<div class="tags are-medium">
<span class="tag" v-for="vuln in vulnerabilities" :key="vuln.name">
{{ vuln.name }}
</span>
</div>
</template>

<script lang="ts">
import { defineComponent, type PropType } from "vue"
import type { Vulnerability } from "@/types"
export default defineComponent({
name: "VulnerabilitiesItem",
props: {
vulnerabilities: {
type: Array as PropType<Vulnerability[]>,
required: true
}
}
})
</script>
Loading

0 comments on commit f90dc9d

Please sign in to comment.