Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: add vulnerabilities table #1013

Merged
merged 1 commit into from
Jan 13, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
95 changes: 56 additions & 39 deletions docs/diagrams.md
Original file line number Diff line number Diff line change
Expand Up @@ -37,6 +37,7 @@ classDiagram
}
Artifact --* Alert
Artifact *-- CPE
Artifact *-- Vulnerability
Artifact *-- DnsRecord
Artifact *-- Port
Artifact *-- ReverseDnsName
Expand All @@ -48,28 +49,36 @@ classDiagram

class AutonomousSystem {
integer id
integer asn
integer number
datetime created_at
integer artifact_id
}
AutonomousSystem --* Artifact

class Port {
integer id
integer port
integer number
datetime created_at
integer artifact_id
}
Port --* Artifact

class CPE {
integer id
string cpe
string name
datetime created_at
integer artifact_id
}
CPE --* Artifact

class Vulnerability {
integer id
string name
datetime created_at
integer artifact_id
}
Vulnerability --* Artifact

class DnsRecord {
integer id
string resource
Expand Down Expand Up @@ -131,96 +140,103 @@ classDiagram
```mermaid
erDiagram
alerts {
datetime6 created_at
INTEGER id PK
datetime created_at
integer id PK
varchar rule_id FK
}

artifacts {
INTEGER alert_id FK
datetime6 created_at
integer alert_id FK
datetime created_at
varchar data
varchar data_type
INTEGER id PK
integer id PK
json metadata
varchar query
varchar source
}

autonomous_systems {
INTEGER artifact_id FK
INTEGER asn
datetime6 created_at
INTEGER id PK
integer artifact_id FK
integer number
datetime created_at
integer id PK
}

cpes {
INTEGER artifact_id FK
varchar cpe
datetime6 created_at
INTEGER id PK
integer artifact_id FK
varchar name
datetime created_at
integer id PK
}

vulnerabilities {
integer artifact_id FK
varchar name
datetime created_at
integer id PK
}

dns_records {
INTEGER artifact_id FK
datetime6 created_at
INTEGER id PK
integer artifact_id FK
datetime created_at
integer id PK
varchar resource
varchar value
}

geolocations {
INTEGER artifact_id FK
integer artifact_id FK
varchar country
varchar country_code
datetime6 created_at
INTEGER id PK
datetime created_at
integer id PK
}

ports {
INTEGER artifact_id FK
datetime6 created_at
INTEGER id PK
INTEGER port
integer artifact_id FK
datetime created_at
integer id PK
integer number
}

reverse_dns_names {
INTEGER artifact_id FK
datetime6 created_at
INTEGER id PK
integer artifact_id FK
datetime created_at
integer id PK
varchar name
}

rules {
datetime6 created_at
datetime created_at
json data
varchar description
varchar id PK
varchar title
datetime6 updated_at
datetime updated_at
}

taggings {
datetime6 created_at
INTEGER id PK
datetime created_at
integer id PK
varchar rule_id
INTEGER tag_id
integer tag_id
}

tags {
datetime6 created_at
INTEGER id PK
datetime created_at
integer id PK
varchar name
}

whois_records {
INTEGER artifact_id FK
integer artifact_id FK
json contacts
datetime6 created_at
datetime created_at
date created_on
varchar domain
date expires_on
INTEGER id PK
integer id PK
json registrar
date updated_on
}
Expand All @@ -229,6 +245,7 @@ erDiagram
artifacts }o--|| alerts : "alert_id"
autonomous_systems }o--|| artifacts : "artifact_id"
cpes }o--|| artifacts : "artifact_id"
vulnerabilities }o--|| artifacts : "artifact_id"
dns_records }o--|| artifacts : "artifact_id"
geolocations }o--|| artifacts : "artifact_id"
ports }o--|| artifacts : "artifact_id"
Expand Down
4 changes: 4 additions & 0 deletions docs/enrichers/google_public_dns.md
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,10 @@ This enricher uses Google Public DNS to enrich an URL and domain artifact.
enricher: google_public_dns
```
This enricher can add the following components:
- DNS records
## Supported Artifacts
- URL
Expand Down
5 changes: 5 additions & 0 deletions docs/enrichers/mmdb.md
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,11 @@ This enricher uses public MMDB API to enrich an IP artifact.
enricher: mmdb
```
This enricher can add the following components:
- Geolocation
- Autonomous System
## Supported Artifacts
- IP address
8 changes: 8 additions & 0 deletions docs/enrichers/shodan.md
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@ tags:
- Enrichment:Port
- Enrichment:CPE
- Enrichment:Reverse_DNS_Name
- Enrichment:Vulnerability
---

# Shodan (The InternetDB API)
Expand All @@ -17,6 +18,13 @@ This enricher uses Shodan InternetDB API to enrich an artifact.
enricher: shodan
```
This enricher can add the following components:
- Ports
- CPEs
- Reverse DNS names
- Vulnerabilities
## Supported Artifacts
- IP address
6 changes: 5 additions & 1 deletion docs/enrichers/whois.md
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
---
tags:
- Enrichment:Whois
- Enrichment:Whois_Record
---

# Whois
Expand All @@ -11,6 +11,10 @@ This enricher uses “whois” command to enrich an artifact.
enricher: whois
```

This enricher can add the following components:

- Whois record

## Supported Artifacts

- URL
Expand Down
12 changes: 6 additions & 6 deletions docs/usage.md
Original file line number Diff line number Diff line change
Expand Up @@ -173,12 +173,12 @@ Search query supports `AND`, `OR`, `:`, `=`, `!=`, `<`, `<=`, `>`, `>=`, `NOT` a

Searchable fields are:

| Type | Searchable fields |
| ---------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| `alert` | `id`, `tag`, `created_at`, `rule.id`, `rule.title`, `rule.description`, `artifact.data`, `artifact.data_type`, `artifact.source` and `artifact.query` |
| `artifact` | `id`, `data`, `data_type`, `source`, `query`, `tag`, `rule.id`, `rule.title`, `rule.description`, `tag`,`created_at`, `asn`, `country_code`, `dns_record.value`, `dns_record.resource`, `reverse_dns_name`, `cpe` and `port` |
| `rule` | `id`, `title`, `description`, `tag`, `created_at` and `updated_at` |
| `tag` | `id` and `name` |
| Type | Searchable fields |
| ---------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |
| `alert` | `id`, `tag`, `created_at`, `rule.id`, `rule.title`, `rule.description`, `artifact.data`, `artifact.data_type`, `artifact.source` and `artifact.query` |
| `artifact` | `id`, `data`, `data_type`, `source`, `query`, `tag`, `rule.id`, `rule.title`, `rule.description`, `tag`,`created_at`, `asn`, `country_code`, `dns_record.value`, `dns_record.resource`, `reverse_dns_name`, `cpe`, `vuln` and `port` |
| `rule` | `id`, `title`, `description`, `tag`, `created_at` and `updated_at` |
| `tag` | `id` and `name` |

**Examples**

Expand Down
2 changes: 1 addition & 1 deletion frontend/src/components/artifact/AS.vue
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
<template>
<div class="tags are-medium">
<span class="tag">
{{ autonomousSystem.asn }}
{{ autonomousSystem.number }}
</span>
</div>
</template>
Expand Down
8 changes: 7 additions & 1 deletion frontend/src/components/artifact/ArtifactDetail.vue
Original file line number Diff line number Diff line change
Expand Up @@ -83,6 +83,10 @@
<h4 class="is-size-4 mb-2">CPEs</h4>
<CPEs :cpes="artifact.cpes"></CPEs>
</div>
<div class="block" v-if="artifact.vulnerabilities">
<h4 class="is-size-4 mb-2">Vulnerabilities</h4>
<Vulnerabilities :vulnerabilities="artifact.vulnerabilities"></Vulnerabilities>
</div>
<div class="block" v-if="artifact.ports">
<h4 class="is-size-4 mb-2">Ports</h4>
<Ports :ports="artifact.ports"></Ports>
Expand Down Expand Up @@ -111,6 +115,7 @@ import DnsRecords from "@/components/artifact/DnsRecords.vue"
import Ports from "@/components/artifact/Ports.vue"
import ReverseDnsNames from "@/components/artifact/ReverseDnsNames.vue"
import Tags from "@/components/artifact/Tags.vue"
import Vulnerabilities from "@/components/artifact/Vulnerabilities.vue"
import WhoisRecord from "@/components/artifact/WhoisRecord.vue"
import ErrorMessage from "@/components/ErrorMessage.vue"
import Links from "@/components/link/Links.vue"
Expand All @@ -137,7 +142,8 @@ export default defineComponent({
CPEs,
Ports,
ErrorMessage,
Message
Message,
Vulnerabilities
},
emits: ["refresh", "delete"],
setup(props, context) {
Expand Down
4 changes: 2 additions & 2 deletions frontend/src/components/artifact/ArtifactsWrapper.vue
Original file line number Diff line number Diff line change
Expand Up @@ -34,8 +34,8 @@
<code>query</code>, <code>tag</code>, <code>rule.id</code>, <code>rule.title</code>,
<code>rule.description</code>, <code>tag</code>,<code>created_at</code>, <code>asn</code>,
<code>country_code</code>, <code>dns_record.value</code>,
<code>dns_record.resource</code>, <code>reverse_dns_name</code>, <code>cpe</code> and
<code>port</code>.
<code>dns_record.resource</code>, <code>reverse_dns_name</code>, <code>cpe</code>,
<code>vuln</code> and <code>port</code>.
</li>
</ul>
</div>
Expand Down
4 changes: 2 additions & 2 deletions frontend/src/components/artifact/CPEs.vue
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
<template>
<div class="tags are-medium">
<span class="tag" v-for="cpe in cpes" :key="cpe.cpe">
{{ cpe.cpe }}
<span class="tag" v-for="cpe in cpes" :key="cpe.name">
{{ cpe.name }}
</span>
</div>
</template>
Expand Down
4 changes: 2 additions & 2 deletions frontend/src/components/artifact/Ports.vue
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
<template>
<div class="tags are-medium">
<span class="tag" v-for="port in ports" :key="port.port">
{{ port.port }}
<span class="tag" v-for="port in ports" :key="port.number">
{{ port.number }}
</span>
</div>
</template>
Expand Down
23 changes: 23 additions & 0 deletions frontend/src/components/artifact/Vulnerabilities.vue
Original file line number Diff line number Diff line change
@@ -0,0 +1,23 @@
<template>
<div class="tags are-medium">
<span class="tag" v-for="vuln in vulnerabilities" :key="vuln.name">
{{ vuln.name }}
</span>
</div>
</template>

<script lang="ts">
import { defineComponent, type PropType } from "vue"

import type { Vulnerability } from "@/types"

export default defineComponent({
name: "VulnerabilitiesItem",
props: {
vulnerabilities: {
type: Array as PropType<Vulnerability[]>,
required: true
}
}
})
</script>
Loading