├── .gitignore ├── .goreleaser.yml ├── CHANGELOG.md ├── LICENSE ├── Makefile ├── README.md ├── config └── projectdiscovery.spc ├── docs ├── index.md └── tables │ ├── projectdiscovery_asnmap.md │ ├── projectdiscovery_cdncheck.md │ ├── projectdiscovery_chaos.md │ ├── projectdiscovery_cloudlist.md │ ├── projectdiscovery_dnsx.md │ ├── projectdiscovery_httpx.md │ ├── projectdiscovery_naabu.md │ ├── projectdiscovery_subfinder.md │ └── projectdiscovery_tlsx.md ├── go.mod ├── go.sum ├── main.go └── projectdiscovery ├── connection_config.go ├── plugin.go ├── table_projectdiscovery_asnmap.go ├── table_projectdiscovery_cdncheck.go ├── table_projectdiscovery_chaos.go ├── table_projectdiscovery_cloudlist.go ├── table_projectdiscovery_dnsx.go ├── table_projectdiscovery_httpx.go ├── table_projectdiscovery_naabu.go ├── table_projectdiscovery_subfinder.go └── table_projectdiscovery_tlsx.go /.gitignore: -------------------------------------------------------------------------------- 1 | # If you prefer the allow list template instead of the deny list, see community template: 2 | # https://github.com/github/gitignore/blob/main/community/Golang/Go.AllowList.gitignore 3 | # 4 | # Binaries for programs and plugins 5 | *.exe 6 | *.exe~ 7 | *.dll 8 | *.so 9 | *.dylib 10 | 11 | # Test binary, built with `go test -c` 12 | *.test 13 | 14 | # Output of the go coverage tool, specifically when used with LiteIDE 15 | *.out 16 | 17 | # Dependency directories (remove the comment below to include it) 18 | # vendor/ 19 | 20 | # Go workspace file 21 | go.work 22 | -------------------------------------------------------------------------------- /.goreleaser.yml: -------------------------------------------------------------------------------- 1 | # This is an example goreleaser.yaml file with some sane defaults. 2 | # Make sure to check the documentation at http://goreleaser.com 3 | before: 4 | hooks: 5 | - go mod tidy 6 | builds: 7 | - env: 8 | - CGO_ENABLED=0 9 | - GO111MODULE=on 10 | - GOPRIVATE=github.com/turbot 11 | goos: 12 | - linux 13 | - darwin 14 | 15 | goarch: 16 | - amd64 17 | - arm64 18 | 19 | id: "steampipe" 20 | binary: "{{ .ProjectName }}.plugin" 21 | 22 | archives: 23 | - format: gz 24 | name_template: "{{ .ProjectName }}_{{ .Os }}_{{ .Arch }}" 25 | files: 26 | - none* 27 | checksum: 28 | name_template: "{{ .ProjectName }}_{{ .Version }}_SHA256SUMS" 29 | algorithm: sha256 30 | changelog: 31 | sort: asc 32 | filters: 33 | exclude: 34 | - "^docs:" 35 | - "^test:" 36 | -------------------------------------------------------------------------------- /CHANGELOG.md: -------------------------------------------------------------------------------- 1 | ## v0.1.0 [2023-08-04] 2 | 3 | _What's new?_ 4 | 5 | - New tables added 6 | - [projectdiscovery_asnmap](https://hub.steampipe.io/plugins/sensepost/projectdiscovery/tables/projectdiscovery_asnmap) 7 | - [projectdiscovery_cdncheck](https://hub.steampipe.io/plugins/sensepost/projectdiscovery/tables/projectdiscovery_cdncheck) 8 | - [projectdiscovery_chaos](https://hub.steampipe.io/plugins/sensepost/projectdiscovery/tables/projectdiscovery_chaos) 9 | - [projectdiscovery_cloudlist](https://hub.steampipe.io/plugins/sensepost/projectdiscovery/tables/projectdiscovery_cloudlist) 10 | - [projectdiscovery_dnsx](https://hub.steampipe.io/plugins/sensepost/projectdiscovery/tables/projectdiscovery_dnsx) 11 | - [projectdiscovery_httpx](https://hub.steampipe.io/plugins/sensepost/projectdiscovery/tables/projectdiscovery_httpx) 12 | - [projectdiscovery_naabu](https://hub.steampipe.io/plugins/sensepost/projectdiscovery/tables/projectdiscovery_naabu) 13 | - [projectdiscovery_subfinder](https://hub.steampipe.io/plugins/sensepost/projectdiscovery/tables/projectdiscovery_subfinder) 14 | - [projectdiscovery_tlsx](https://hub.steampipe.io/plugins/sensepost/projectdiscovery/tables/projectdiscovery_tlsx) -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | Apache License 2 | Version 2.0, January 2004 3 | http://www.apache.org/licenses/ 4 | 5 | TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 6 | 7 | 1. Definitions. 8 | 9 | "License" shall mean the terms and conditions for use, reproduction, 10 | and distribution as defined by Sections 1 through 9 of this document. 11 | 12 | "Licensor" shall mean the copyright owner or entity authorized by 13 | the copyright owner that is granting the License. 14 | 15 | "Legal Entity" shall mean the union of the acting entity and all 16 | other entities that control, are controlled by, or are under common 17 | control with that entity. For the purposes of this definition, 18 | "control" means (i) the power, direct or indirect, to cause the 19 | direction or management of such entity, whether by contract or 20 | otherwise, or (ii) ownership of fifty percent (50%) or more of the 21 | outstanding shares, or (iii) beneficial ownership of such entity. 22 | 23 | "You" (or "Your") shall mean an individual or Legal Entity 24 | exercising permissions granted by this License. 25 | 26 | "Source" form shall mean the preferred form for making modifications, 27 | including but not limited to software source code, documentation 28 | source, and configuration files. 29 | 30 | "Object" form shall mean any form resulting from mechanical 31 | transformation or translation of a Source form, including but 32 | not limited to compiled object code, generated documentation, 33 | and conversions to other media types. 34 | 35 | "Work" shall mean the work of authorship, whether in Source or 36 | Object form, made available under the License, as indicated by a 37 | copyright notice that is included in or attached to the work 38 | (an example is provided in the Appendix below). 39 | 40 | "Derivative Works" shall mean any work, whether in Source or Object 41 | form, that is based on (or derived from) the Work and for which the 42 | editorial revisions, annotations, elaborations, or other modifications 43 | represent, as a whole, an original work of authorship. For the purposes 44 | of this License, Derivative Works shall not include works that remain 45 | separable from, or merely link (or bind by name) to the interfaces of, 46 | the Work and Derivative Works thereof. 47 | 48 | "Contribution" shall mean any work of authorship, including 49 | the original version of the Work and any modifications or additions 50 | to that Work or Derivative Works thereof, that is intentionally 51 | submitted to Licensor for inclusion in the Work by the copyright owner 52 | or by an individual or Legal Entity authorized to submit on behalf of 53 | the copyright owner. For the purposes of this definition, "submitted" 54 | means any form of electronic, verbal, or written communication sent 55 | to the Licensor or its representatives, including but not limited to 56 | communication on electronic mailing lists, source code control systems, 57 | and issue tracking systems that are managed by, or on behalf of, the 58 | Licensor for the purpose of discussing and improving the Work, but 59 | excluding communication that is conspicuously marked or otherwise 60 | designated in writing by the copyright owner as "Not a Contribution." 61 | 62 | "Contributor" shall mean Licensor and any individual or Legal Entity 63 | on behalf of whom a Contribution has been received by Licensor and 64 | subsequently incorporated within the Work. 65 | 66 | 2. Grant of Copyright License. Subject to the terms and conditions of 67 | this License, each Contributor hereby grants to You a perpetual, 68 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 69 | copyright license to reproduce, prepare Derivative Works of, 70 | publicly display, publicly perform, sublicense, and distribute the 71 | Work and such Derivative Works in Source or Object form. 72 | 73 | 3. Grant of Patent License. Subject to the terms and conditions of 74 | this License, each Contributor hereby grants to You a perpetual, 75 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 76 | (except as stated in this section) patent license to make, have made, 77 | use, offer to sell, sell, import, and otherwise transfer the Work, 78 | where such license applies only to those patent claims licensable 79 | by such Contributor that are necessarily infringed by their 80 | Contribution(s) alone or by combination of their Contribution(s) 81 | with the Work to which such Contribution(s) was submitted. If You 82 | institute patent litigation against any entity (including a 83 | cross-claim or counterclaim in a lawsuit) alleging that the Work 84 | or a Contribution incorporated within the Work constitutes direct 85 | or contributory patent infringement, then any patent licenses 86 | granted to You under this License for that Work shall terminate 87 | as of the date such litigation is filed. 88 | 89 | 4. Redistribution. You may reproduce and distribute copies of the 90 | Work or Derivative Works thereof in any medium, with or without 91 | modifications, and in Source or Object form, provided that You 92 | meet the following conditions: 93 | 94 | (a) You must give any other recipients of the Work or 95 | Derivative Works a copy of this License; and 96 | 97 | (b) You must cause any modified files to carry prominent notices 98 | stating that You changed the files; and 99 | 100 | (c) You must retain, in the Source form of any Derivative Works 101 | that You distribute, all copyright, patent, trademark, and 102 | attribution notices from the Source form of the Work, 103 | excluding those notices that do not pertain to any part of 104 | the Derivative Works; and 105 | 106 | (d) If the Work includes a "NOTICE" text file as part of its 107 | distribution, then any Derivative Works that You distribute must 108 | include a readable copy of the attribution notices contained 109 | within such NOTICE file, excluding those notices that do not 110 | pertain to any part of the Derivative Works, in at least one 111 | of the following places: within a NOTICE text file distributed 112 | as part of the Derivative Works; within the Source form or 113 | documentation, if provided along with the Derivative Works; or, 114 | within a display generated by the Derivative Works, if and 115 | wherever such third-party notices normally appear. The contents 116 | of the NOTICE file are for informational purposes only and 117 | do not modify the License. You may add Your own attribution 118 | notices within Derivative Works that You distribute, alongside 119 | or as an addendum to the NOTICE text from the Work, provided 120 | that such additional attribution notices cannot be construed 121 | as modifying the License. 122 | 123 | You may add Your own copyright statement to Your modifications and 124 | may provide additional or different license terms and conditions 125 | for use, reproduction, or distribution of Your modifications, or 126 | for any such Derivative Works as a whole, provided Your use, 127 | reproduction, and distribution of the Work otherwise complies with 128 | the conditions stated in this License. 129 | 130 | 5. Submission of Contributions. Unless You explicitly state otherwise, 131 | any Contribution intentionally submitted for inclusion in the Work 132 | by You to the Licensor shall be under the terms and conditions of 133 | this License, without any additional terms or conditions. 134 | Notwithstanding the above, nothing herein shall supersede or modify 135 | the terms of any separate license agreement you may have executed 136 | with Licensor regarding such Contributions. 137 | 138 | 6. Trademarks. This License does not grant permission to use the trade 139 | names, trademarks, service marks, or product names of the Licensor, 140 | except as required for reasonable and customary use in describing the 141 | origin of the Work and reproducing the content of the NOTICE file. 142 | 143 | 7. Disclaimer of Warranty. Unless required by applicable law or 144 | agreed to in writing, Licensor provides the Work (and each 145 | Contributor provides its Contributions) on an "AS IS" BASIS, 146 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or 147 | implied, including, without limitation, any warranties or conditions 148 | of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A 149 | PARTICULAR PURPOSE. You are solely responsible for determining the 150 | appropriateness of using or redistributing the Work and assume any 151 | risks associated with Your exercise of permissions under this License. 152 | 153 | 8. Limitation of Liability. In no event and under no legal theory, 154 | whether in tort (including negligence), contract, or otherwise, 155 | unless required by applicable law (such as deliberate and grossly 156 | negligent acts) or agreed to in writing, shall any Contributor be 157 | liable to You for damages, including any direct, indirect, special, 158 | incidental, or consequential damages of any character arising as a 159 | result of this License or out of the use or inability to use the 160 | Work (including but not limited to damages for loss of goodwill, 161 | work stoppage, computer failure or malfunction, or any and all 162 | other commercial damages or losses), even if such Contributor 163 | has been advised of the possibility of such damages. 164 | 165 | 9. Accepting Warranty or Additional Liability. While redistributing 166 | the Work or Derivative Works thereof, You may choose to offer, 167 | and charge a fee for, acceptance of support, warranty, indemnity, 168 | or other liability obligations and/or rights consistent with this 169 | License. However, in accepting such obligations, You may act only 170 | on Your own behalf and on Your sole responsibility, not on behalf 171 | of any other Contributor, and only if You agree to indemnify, 172 | defend, and hold each Contributor harmless for any liability 173 | incurred by, or claims asserted against, such Contributor by reason 174 | of your accepting any such warranty or additional liability. 175 | 176 | END OF TERMS AND CONDITIONS 177 | 178 | APPENDIX: How to apply the Apache License to your work. 179 | 180 | To apply the Apache License to your work, attach the following 181 | boilerplate notice, with the fields enclosed by brackets "[]" 182 | replaced with your own identifying information. (Don't include 183 | the brackets!) The text should be enclosed in the appropriate 184 | comment syntax for the file format. We also recommend that a 185 | file or class name and description of purpose be included on the 186 | same "printed page" as the copyright notice for easier 187 | identification within third-party archives. 188 | 189 | Copyright [yyyy] [name of copyright owner] 190 | 191 | Licensed under the Apache License, Version 2.0 (the "License"); 192 | you may not use this file except in compliance with the License. 193 | You may obtain a copy of the License at 194 | 195 | http://www.apache.org/licenses/LICENSE-2.0 196 | 197 | Unless required by applicable law or agreed to in writing, software 198 | distributed under the License is distributed on an "AS IS" BASIS, 199 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 200 | See the License for the specific language governing permissions and 201 | limitations under the License. 202 | -------------------------------------------------------------------------------- /Makefile: -------------------------------------------------------------------------------- 1 | install: 2 | go build -o ~/.steampipe/plugins/hub.steampipe.io/plugins/sensepost/projectdiscovery@latest/steampipe-plugin-projectdiscovery.plugin *.go 3 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Projectdiscovery.io Plugin for Steampipe 2 | 3 | [![Twitter](https://img.shields.io/badge/twitter-%40leonjza-blue.svg)](https://twitter.com/leonjza) 4 | 5 | Use SQL to query Projectdiscovery.io tools for footprinting information. 6 | 7 | - **[Get started →](https://hub.steampipe.io/plugins/sensepost/projectdiscovery)** 8 | - Documentation: [Table definitions & examples](https://hub.steampipe.io/plugins/sensepost/projectdiscovery/tables) 9 | - Community: [Join #steampipe on Slack →](https://turbot.com/community/join) 10 | - Get involved: [Issues](https://github.com/sensepost/steampipe-plugin-projectdiscovery/issues) 11 | 12 | ## Quick start 13 | 14 | ### Install 15 | 16 | Download and install the latest ProjectDiscovery plugin: 17 | 18 | ```bash 19 | steampipe plugin install sensepost/projectdiscovery 20 | ``` 21 | 22 | Configure your account details in `~/.steampipe/config/projectdiscovery.spc`: 23 | 24 | ```hcl 25 | connection "projectdiscovery" { 26 | plugin = "sensepost/projectdiscovery" 27 | 28 | # Naabu 29 | 30 | # Top ports to scan for naabu. 31 | # Can be one of: full, 100, 1000 32 | naabu_top_ports = "100" 33 | 34 | # Chaos 35 | 36 | # Project chaos API key. Sign up for an API key at: https://chaos.projectdiscovery.io/ 37 | # chaos_api_key = "enpg9i8k4uxl0jtzoutym44cpm6rbxskr6fqoz11mxxpkiqtn4l7oju66rlqqz8j" 38 | 39 | # Cloudlist 40 | 41 | # Digital Ocean API key. Get an API key post authentication for a team by browsing to: 42 | # API (bottom left) -> Personal access tokens 43 | # A read-only key would suffice 44 | # cloudlist_do_token = "dop_v1_y0jzo0bp8wl7f3t0px74jea5hnxiicz1sl58z5mso6ep6a544v3mq1jp2qj4ed6a" 45 | } 46 | ``` 47 | 48 | Run steampipe: 49 | 50 | ```shell 51 | steampipe query 52 | ``` 53 | 54 | Run a query: 55 | 56 | ```sql 57 | with target as ( 58 | select domain from ( 59 | values ('tesla.com'), ('reddit.com') 60 | ) t(domain) 61 | ), chaos as ( 62 | select 63 | distinct concat(subdomain, '.', domain) as domain 64 | from 65 | projectdiscovery_chaos 66 | where 67 | domain in ( 68 | select domain from target 69 | ) 70 | ), subfinder as ( 71 | select 72 | distinct 73 | host as domain 74 | from 75 | projectdiscovery_subfinder 76 | where 77 | target in ( 78 | select domain from target 79 | ) 80 | ) 81 | select count(*) from ( 82 | select 83 | domain from chaos 84 | union select 85 | domain from subfinder 86 | where domain not like '%*%' 87 | ) domains; 88 | ``` 89 | 90 | ## Developing 91 | 92 | Prerequisites: 93 | 94 | - [Steampipe](https://steampipe.io/downloads) 95 | - [Golang](https://golang.org/doc/install) 96 | 97 | Clone: 98 | 99 | ```sh 100 | git clone https://github.com/sensepost/steampipe-plugin-projectdiscovery.git 101 | cd steampipe-plugin-projectdiscovery 102 | ``` 103 | 104 | Build, which automatically installs the new version to your `~/.steampipe/plugins` directory: 105 | 106 | ``` 107 | make install 108 | ``` 109 | 110 | Configure the plugin: 111 | 112 | ```bash 113 | cp config/* ~/.steampipe/config 114 | vi ~/.steampipe/config/projectdiscovery.spc 115 | ``` 116 | 117 | Try it! 118 | 119 | ```text 120 | steampipe query 121 | > .inspect projectdiscovery 122 | ``` 123 | 124 | Further reading: 125 | 126 | - [Writing plugins](https://steampipe.io/docs/develop/writing-plugins) 127 | - [Writing your first table](https://steampipe.io/docs/develop/writing-your-first-table) 128 | 129 | ## Contributing 130 | 131 | Please see the [contribution guidelines](https://github.com/turbot/steampipe/blob/main/CONTRIBUTING.md) and our [code of conduct](https://github.com/turbot/steampipe/blob/main/CODE_OF_CONDUCT.md). All contributions are subject to the [Apache 2.0 open source license](https://github.com/sensepost/steampipe-plugin-projectdiscovery/blob/master/LICENSE). 132 | 133 | `help wanted` issues: 134 | 135 | - [Steampipe](https://github.com/turbot/steampipe/labels/help%20wanted) 136 | - [ProjectDiscovery Plugin](https://github.com/turbot/steampipe-plugin-projectdiscovery/labels/help%20wanted) 137 | -------------------------------------------------------------------------------- /config/projectdiscovery.spc: -------------------------------------------------------------------------------- 1 | connection "projectdiscovery" { 2 | plugin = "sensepost/projectdiscovery" 3 | 4 | # Naabu 5 | 6 | # Top ports to scan for naabu. 7 | # Can be one of: full, 100, 1000 8 | naabu_top_ports = "100" 9 | 10 | # Chaos 11 | 12 | # Project chaos API key. Sign up for an API key at: https://chaos.projectdiscovery.io/ 13 | # chaos_api_key = "enpg9i8k4uxl0jtzoutym44cpm6rbxskr6fqoz11mxxpkiqtn4l7oju66rlqqz8j" 14 | 15 | # Cloudlist 16 | 17 | # Digital Ocean API key. Get an API key post authentication for a team by browsing to: 18 | # API (bottom left) -> Personal access tokens 19 | # A read-only key would suffice 20 | # cloudlist_do_token = "dop_v1_y0jzo0bp8wl7f3t0px74jea5hnxiicz1sl58z5mso6ep6a544v3mq1jp2qj4ed6a" 21 | } 22 | -------------------------------------------------------------------------------- /docs/index.md: -------------------------------------------------------------------------------- 1 | --- 2 | organization: Sensepost 3 | category: ["osint"] 4 | icon_url: "/images/plugins/sensepost/projectdiscovery.svg" 5 | brand_color: "#364EB0" 6 | display_name: "Project Discovery" 7 | short_name: "projectdiscovery" 8 | description: "Steampipe plugin for interacting with projectdiscovery.io toolsets." 9 | og_description: "Query ProjectDiscovery with SQL! Open source CLI. No DB required." 10 | og_image: "/images/plugins/sensepost/projectdiscovery-social-graphic.png" 11 | --- 12 | 13 | # Project Dicovery + Steampipe 14 | 15 | [Project Discovery](https://projectdiscovery.io/#/) is an open-source software company that builds tools to detect and remediate vulnerabilities across your modern tech stack. 16 | 17 | [Steampipe](https://steampipe.io) is an open source CLI to instantly query cloud APIs using SQL. 18 | 19 | For example, to get ASN related information: 20 | 21 | ```sql 22 | select 23 | asn, 24 | country, 25 | first_ip, 26 | last_ip 27 | from 28 | projectdiscovery_asnmap 29 | where 30 | target = 'google' limit 5; 31 | ``` 32 | 33 | ``` 34 | +-------+---------+--------------+----------------+ 35 | | asn | country | first_ip | last_ip | 36 | +-------+---------+--------------+----------------+ 37 | | 15169 | US | 34.0.128.0 | 34.0.225.255 | 38 | | 15169 | US | 34.160.0.0 | 34.160.255.255 | 39 | | 15169 | US | 35.219.128.0 | 35.219.191.255 | 40 | | 15169 | US | 35.230.232.0 | 35.230.239.255 | 41 | | 15169 | US | 72.14.192.0 | 72.14.255.255 | 42 | +-------+---------+--------------+----------------+ 43 | ``` 44 | 45 | ## Documentation 46 | 47 | - **[Table definitions & examples →](/plugins/sensepost/projectdiscovery/tables)** 48 | 49 | ## Quick start 50 | 51 | ### Install 52 | 53 | Download and install the latest Project Discovery plugin: 54 | 55 | ```sh 56 | steampipe plugin install sensepost/projectdiscovery 57 | ``` 58 | 59 | ### Configuration 60 | 61 | Installing the latest projectdiscovery plugin will create a config file (`~/.steampipe/config/projectdiscovery.spc`). Some services require credentials such as the [choas dataset](https://chaos.projectdiscovery.io/#/) for the chaos table and various cloud providers for the cloudlist table. 62 | 63 | ```hcl 64 | connection "projectdiscovery" { 65 | plugin = "sensepost/projectdiscovery" 66 | 67 | # Naabu 68 | 69 | # Top ports to scan for naabu. 70 | # Can be one of: full, 100, 1000 71 | naabu_top_ports = "100" 72 | 73 | # Chaos 74 | 75 | # Project chaos API key. Sign up for an API key at: https://chaos.projectdiscovery.io/ 76 | # chaos_api_key = "enpg9i8k4uxl0jtzoutym44cpm6rbxskr6fqoz11mxxpkiqtn4l7oju66rlqqz8j" 77 | 78 | # Cloudlist 79 | 80 | # Digital Ocean API key. Get an API key post authentication for a team by browsing to: 81 | # API (bottom left) -> Personal access tokens 82 | # A read-only key would suffice 83 | # cloudlist_do_token = "dop_v1_y0jzo0bp8wl7f3t0px74jea5hnxiicz1sl58z5mso6ep6a544v3mq1jp2qj4ed6a" 84 | } 85 | ``` 86 | 87 | - `chaos_api_key` - The API key to access the chaos dataset. 88 | - `cloudlist_do_token` - The Digital Ocean API key. 89 | 90 | ## Get involved 91 | 92 | - Open source: https://github.com/sensepost/steampipe-plugin-projectdiscovery 93 | - Community: [Join #steampipe on Slack →](https://turbot.com/community/join) 94 | 95 | -------------------------------------------------------------------------------- /docs/tables/projectdiscovery_asnmap.md: -------------------------------------------------------------------------------- 1 | # Table: projectdiscovery_asnmap 2 | 3 | [asnmap](https://github.com/projectdiscovery/asnmap) allows for quickly mapping organization network ranges using ASN information. 4 | 5 | ## Examples 6 | 7 | ### Get ASN's for an organisation by name 8 | 9 | ```sql 10 | select distinct 11 | asn 12 | from 13 | projectdiscovery_asnmap 14 | where 15 | target = 'google'; 16 | ``` 17 | 18 | ### Get first and last IP of an IP block 19 | 20 | ```sql 21 | select 22 | first_ip, 23 | last_ip 24 | from 25 | projectdiscovery_asnmap 26 | where 27 | target = '172.217.170.110'; 28 | ``` 29 | 30 | ### Get the organisation name that an ASN belongs to 31 | 32 | ```sql 33 | select distinct 34 | org 35 | from 36 | projectdiscovery_asnmap 37 | where 38 | target = '15169'; 39 | ``` 40 | -------------------------------------------------------------------------------- /docs/tables/projectdiscovery_cdncheck.md: -------------------------------------------------------------------------------- 1 | # Table: projectdiscovery_cdncheck 2 | 3 | [cdncheck](https://github.com/projectdiscovery/cdncheck) is a utility to detect various technology for a given IP address. 4 | 5 | ## Examples 6 | 7 | ### Get CDN, Cloud Provider and WAF information for an IP 8 | 9 | ```sql 10 | select 11 | cdn, 12 | cloud, 13 | waf 14 | from 15 | projectdiscovery_cdncheck 16 | where 17 | target = '172.217.170.14'; 18 | ``` 19 | 20 | ### Get CDN, Cloud Provider and WAF information for multiple IP's 21 | 22 | ```sql 23 | select 24 | first_ip, 25 | last_ip 26 | from 27 | projectdiscovery_asnmap 28 | where 29 | target in 30 | ( 31 | '104.16.132.229', 32 | '104.16.133.229' 33 | ); 34 | ``` 35 | 36 | ### Get CDN information for a domain (depends on the `net` plugin) 37 | 38 | ```sql 39 | select 40 | cdn, 41 | cloud, 42 | waf 43 | from 44 | projectdiscovery_cdncheck 45 | where 46 | target in 47 | ( 48 | select 49 | rtrim(ip::text, '/32') 50 | from 51 | net_dns_record 52 | where 53 | domain = 'google.com' 54 | and type = 'A' limit 1 55 | ); 56 | ``` 57 | -------------------------------------------------------------------------------- /docs/tables/projectdiscovery_chaos.md: -------------------------------------------------------------------------------- 1 | # Table: projectdiscovery_chaos 2 | 3 | [chaos-client](https://github.com/projectdiscovery/chaos-client) is a Go client to communicate with Chaos DB API. 4 | 5 | **Note:** This service requires a valid API key to access the Chaos dataset. Request a key [here](https://chaos.projectdiscovery.io/). 6 | 7 | ## Examples 8 | 9 | ### Get subdomains for a domain 10 | 11 | ```sql 12 | select 13 | subdomain 14 | from 15 | projectdiscovery_chaos 16 | where 17 | domain = 'google.com'; 18 | ``` 19 | 20 | ### Get FQDN's for a domain, excluding wildcards 21 | 22 | ```sql 23 | select distinct 24 | concat(subdomain, '.', domain) 25 | from 26 | projectdiscovery_chaos 27 | where 28 | domain = 'google.com' 29 | and subdomain not like '%*%'; 30 | ``` 31 | -------------------------------------------------------------------------------- /docs/tables/projectdiscovery_cloudlist.md: -------------------------------------------------------------------------------- 1 | # Table: projectdiscovery_cloudlist 2 | 3 | [Cloudlist](https://github.com/projectdiscovery/cloudlist) is a tool for listing Assets from multiple Cloud Providers. 4 | 5 | **Note:** You need valid API credentials for supported cloud providers. 6 | 7 | ## Examples 8 | 9 | ### Get public IPv4 adresses & DNS names for assets in your Digital Ocean account 10 | 11 | ```sql 12 | select 13 | public_ipv4, 14 | dns_name 15 | from 16 | projectdiscovery_cloudlist 17 | where 18 | provider = 'do' 19 | and public_ipv4 != ''; 20 | ``` 21 | 22 | ### Get private IPv4 adresses for assets in your Digital Ocean account 23 | 24 | ```sql 25 | select 26 | private_ipv4 27 | from 28 | projectdiscovery_cloudlist 29 | where 30 | provider = 'do' 31 | and public = false; 32 | ``` 33 | -------------------------------------------------------------------------------- /docs/tables/projectdiscovery_dnsx.md: -------------------------------------------------------------------------------- 1 | # Table: projectdiscovery_dnsx 2 | 3 | [dnsx](https://github.com/projectdiscovery/dnsx) is a fast and multi-purpose DNS toolkit allow to run multiple DNS queries of your choice with a list of user-supplied resolvers. 4 | 5 | ## Examples 6 | 7 | ### Lookup the A records for a domain 8 | 9 | ```sql 10 | select 11 | address 12 | from 13 | projectdiscovery_dnsx 14 | where 15 | target = 'google.com'; 16 | ``` 17 | -------------------------------------------------------------------------------- /docs/tables/projectdiscovery_httpx.md: -------------------------------------------------------------------------------- 1 | # Table: projectdiscovery_httpx 2 | 3 | [httpx](https://github.com/projectdiscovery/httpx) is a fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttp library. 4 | 5 | ## Examples 6 | 7 | ### Get HTTP status codes and web servers in used by two target URL's 8 | 9 | ```sql 10 | select 11 | status_code, 12 | web_server 13 | from 14 | projectdiscovery_httpx 15 | where 16 | target in 17 | ( 18 | 'https://www.google.com/', 19 | 'https://twitter.com/' 20 | ); 21 | ``` 22 | 23 | ### Get webserver technologes in used as per Wapalyzer 24 | 25 | ```sql 26 | select distinct 27 | jsonb_array_elements_text(technologies) 28 | from 29 | projectdiscovery_httpx 30 | where 31 | target in 32 | ( 33 | 'https://www.google.com/', 34 | 'https://twitter.com/', 35 | 'https://facebook.com' 36 | ); 37 | ``` 38 | 39 | ### Get a SHA1 hash of the response headers 40 | 41 | ```sql 42 | select 43 | hashes ->> 'header_sha1' 44 | from 45 | projectdiscovery_httpx 46 | where 47 | target = 'https://www.google.com/'; 48 | ``` 49 | 50 | ### Get HTTP requests to a set of targets as well as the IP's they resolve to 51 | 52 | ```sql 53 | with targets as 54 | ( 55 | select 56 | * 57 | from 58 | projectdiscovery_httpx 59 | where 60 | target in 61 | ( 62 | 'https://www.google.com/', 63 | 'https://twitter.com/', 64 | 'https://facebook.com' 65 | ) 66 | ) 67 | , 68 | ips as 69 | ( 70 | select 71 | * 72 | from 73 | projectdiscovery_httpx 74 | where 75 | target in 76 | ( 77 | select 78 | jsonb_array_elements_text(a) 79 | from 80 | targets 81 | ) 82 | ) 83 | select 84 | * 85 | from 86 | targets 87 | union 88 | select 89 | * 90 | from 91 | ips; 92 | ``` 93 | -------------------------------------------------------------------------------- /docs/tables/projectdiscovery_naabu.md: -------------------------------------------------------------------------------- 1 | # Table: projectdiscovery_nabuu 2 | 3 | [nabuu](https://github.com/projectdiscovery/nabuu) is a fast port scanner written in go with a focus on reliability and simplicity. 4 | 5 | ## Examples 6 | 7 | ### Perform a top 1000 open ports scan 8 | 9 | ```sql 10 | select 11 | port 12 | from 13 | projectdiscovery_naabu 14 | where 15 | target = 'scanme.sh'; 16 | ``` 17 | 18 | ### Perform a top 1000 open ports scan of a network range 19 | 20 | ```sql 21 | select 22 | host, 23 | port 24 | from 25 | projectdiscovery_naabu 26 | where 27 | target = '192.168.0.0/29'; 28 | ``` 29 | -------------------------------------------------------------------------------- /docs/tables/projectdiscovery_subfinder.md: -------------------------------------------------------------------------------- 1 | # Table: projectdiscovery_subfinder 2 | 3 | [subfinder](https://github.com/projectdiscovery/subfinder) is a dast passive subdomain enumeration tool. 4 | 5 | ## Examples 6 | 7 | ### Get subdomains for a domain 8 | 9 | ```sql 10 | select 11 | host 12 | from 13 | projectdiscovery_subfinder 14 | where 15 | target = 'google.com'; 16 | ``` 17 | 18 | ### Get the sources of information for subdomain info 19 | 20 | ```sql 21 | select distinct 22 | source 23 | from 24 | projectdiscovery_subfinder 25 | where 26 | target = 'google.com'; 27 | ``` 28 | 29 | ### Count subdomains 30 | 31 | ```sql 32 | select 33 | count(*) 34 | from 35 | projectdiscovery_subfinder 36 | where 37 | target = 'google.com'; 38 | ``` 39 | -------------------------------------------------------------------------------- /docs/tables/projectdiscovery_tlsx.md: -------------------------------------------------------------------------------- 1 | # Table: projectdiscovery_tlsx 2 | 3 | [tlsx](https://github.com/projectdiscovery/tlsx) is a fast and configurable TLS grabber focused on TLS based data collection. 4 | 5 | ## Examples 6 | 7 | ### Get a JARM hash for a remote host 8 | 9 | ```sql 10 | select 11 | jarm_hash 12 | from 13 | projectdiscovery_tlsx 14 | where 15 | target = 'google.com'; 16 | ``` 17 | 18 | ### Get Subject Alternate Names from a remote TLS certificate 19 | 20 | ```sql 21 | select 22 | jsonb_array_elements_text(certificate_response -> 'subject_an') 23 | from 24 | projectdiscovery_tlsx 25 | where 26 | target = 'google.com'; 27 | ``` 28 | 29 | ### Get serial numbers of certificates in a remote certificate chain 30 | 31 | ```sql 32 | select 33 | jsonb_path_query(chain, '$.serial') 34 | from 35 | projectdiscovery_tlsx 36 | where 37 | target = 'google.com'; 38 | ``` 39 | 40 | ### Check certificate expiryt for remote services 41 | 42 | ```sql 43 | select 44 | jsonb_pretty(certificate_response -> 'not_after')::timestamp 45 | from 46 | projectdiscovery_tlsx 47 | where 48 | target in 49 | ( 50 | 'google.com', 51 | 'twitter.com', 52 | 'facebook.com' 53 | ); 54 | ``` 55 | -------------------------------------------------------------------------------- /go.mod: -------------------------------------------------------------------------------- 1 | module github.com/sensepost/steampipe-plugin-projectdiscovery 2 | 3 | go 1.22.0 4 | 5 | toolchain go1.22.4 6 | 7 | require ( 8 | github.com/projectdiscovery/asnmap v1.1.1 9 | github.com/projectdiscovery/cdncheck v1.1.0 10 | github.com/projectdiscovery/chaos-client v0.5.2 11 | github.com/projectdiscovery/cloudlist v1.0.8 12 | github.com/projectdiscovery/dnsx v1.2.1 13 | github.com/projectdiscovery/goflags v0.1.60 14 | github.com/projectdiscovery/httpx v1.6.6 15 | github.com/projectdiscovery/naabu/v2 v2.3.1 16 | github.com/projectdiscovery/subfinder/v2 v2.6.6 17 | github.com/projectdiscovery/tlsx v1.1.6 18 | github.com/turbot/steampipe-plugin-sdk/v5 v5.10.1 19 | ) 20 | 21 | require ( 22 | aead.dev/minisign v0.3.0 // indirect 23 | cloud.google.com/go v0.115.0 // indirect 24 | cloud.google.com/go/auth v0.7.2 // indirect 25 | cloud.google.com/go/auth/oauth2adapt v0.2.3 // indirect 26 | cloud.google.com/go/compute/metadata v0.5.0 // indirect 27 | cloud.google.com/go/iam v1.1.11 // indirect 28 | cloud.google.com/go/storage v1.43.0 // indirect 29 | github.com/Azure/azure-sdk-for-go v68.0.0+incompatible // indirect 30 | github.com/Azure/go-autorest v14.2.0+incompatible // indirect 31 | github.com/Azure/go-autorest/autorest v0.11.29 // indirect 32 | github.com/Azure/go-autorest/autorest/adal v0.9.24 // indirect 33 | github.com/Azure/go-autorest/autorest/azure/auth v0.5.13 // indirect 34 | github.com/Azure/go-autorest/autorest/azure/cli v0.4.6 // indirect 35 | github.com/Azure/go-autorest/autorest/date v0.3.0 // indirect 36 | github.com/Azure/go-autorest/autorest/to v0.4.0 // indirect 37 | github.com/Azure/go-autorest/autorest/validation v0.3.1 // indirect 38 | github.com/Azure/go-autorest/logger v0.2.1 // indirect 39 | github.com/Azure/go-autorest/tracing v0.6.0 // indirect 40 | github.com/Knetic/govaluate v3.0.1-0.20171022003610-9aa49832a739+incompatible // indirect 41 | github.com/Masterminds/semver/v3 v3.2.1 // indirect 42 | github.com/Mzack9999/gcache v0.0.0-20230410081825-519e28eab057 // indirect 43 | github.com/Mzack9999/go-http-digest-auth-client v0.6.1-0.20220414142836-eb8883508809 // indirect 44 | github.com/PuerkitoBio/goquery v1.9.2 // indirect 45 | github.com/VividCortex/ewma v1.2.0 // indirect 46 | github.com/acarl005/stripansi v0.0.0-20180116102854-5a71ef0e047d // indirect 47 | github.com/agext/levenshtein v1.2.3 // indirect 48 | github.com/ajg/form v1.5.1 // indirect 49 | github.com/akrylysov/pogreb v0.10.2 // indirect 50 | github.com/alecthomas/chroma/v2 v2.14.0 // indirect 51 | github.com/aliyun/alibaba-cloud-sdk-go v1.62.795 // indirect 52 | github.com/allegro/bigcache/v3 v3.1.0 // indirect 53 | github.com/andybalholm/brotli v1.1.0 // indirect 54 | github.com/andybalholm/cascadia v1.3.2 // indirect 55 | github.com/apparentlymart/go-textseg/v15 v15.0.0 // indirect 56 | github.com/armon/go-metrics v0.4.1 // indirect 57 | github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 // indirect 58 | github.com/aws/aws-sdk-go v1.55.0 // indirect 59 | github.com/aymanbagabas/go-osc52/v2 v2.0.1 // indirect 60 | github.com/aymerick/douceur v0.2.0 // indirect 61 | github.com/beorn7/perks v1.0.1 // indirect 62 | github.com/bgentry/go-netrc v0.0.0-20140422174119-9fd32a8b3d3d // indirect 63 | github.com/bits-and-blooms/bitset v1.13.0 // indirect 64 | github.com/btubbs/datetime v0.1.1 // indirect 65 | github.com/cenkalti/backoff v2.2.1+incompatible // indirect 66 | github.com/cenkalti/backoff/v4 v4.3.0 // indirect 67 | github.com/cespare/xxhash/v2 v2.3.0 // indirect 68 | github.com/charmbracelet/glamour v0.7.0 // indirect 69 | github.com/cheggaaa/pb/v3 v3.1.5 // indirect 70 | github.com/cloudflare/cfssl v1.6.5 // indirect 71 | github.com/cloudflare/circl v1.3.9 // indirect 72 | github.com/cloudflare/cloudflare-go v0.100.0 // indirect 73 | github.com/cnf/structhash v0.0.0-20201127153200-e1b16c1ebc08 // indirect 74 | github.com/corona10/goimagehash v1.1.0 // indirect 75 | github.com/corpix/uarand v0.2.0 // indirect 76 | github.com/danwakefield/fnmatch v0.0.0-20160403171240-cbb64ac3d964 // indirect 77 | github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect 78 | github.com/dgraph-io/ristretto v0.1.1 // indirect 79 | github.com/digitalocean/godo v1.118.0 // indirect 80 | github.com/dimchansky/utfbom v1.1.1 // indirect 81 | github.com/dlclark/regexp2 v1.11.2 // indirect 82 | github.com/docker/go-units v0.5.0 // indirect 83 | github.com/dsnet/compress v0.0.2-0.20210315054119-f66993602bf5 // indirect 84 | github.com/dustin/go-humanize v1.0.1 // indirect 85 | github.com/eko/gocache/lib/v4 v4.1.6 // indirect 86 | github.com/eko/gocache/store/bigcache/v4 v4.2.2 // indirect 87 | github.com/eko/gocache/store/ristretto/v4 v4.2.2 // indirect 88 | github.com/emicklei/go-restful/v3 v3.12.1 // indirect 89 | github.com/fastly/go-fastly/v3 v3.12.0 // indirect 90 | github.com/fatih/color v1.17.0 // indirect 91 | github.com/felixge/httpsnoop v1.0.4 // indirect 92 | github.com/fsnotify/fsnotify v1.7.0 // indirect 93 | github.com/gaissmai/bart v0.11.4 // indirect 94 | github.com/gertd/go-pluralize v0.2.1 // indirect 95 | github.com/ghodss/yaml v1.0.0 // indirect 96 | github.com/go-faker/faker/v4 v4.4.2 // indirect 97 | github.com/go-logr/logr v1.4.2 // indirect 98 | github.com/go-logr/stdr v1.2.2 // indirect 99 | github.com/go-ole/go-ole v1.3.0 // indirect 100 | github.com/go-openapi/jsonpointer v0.21.0 // indirect 101 | github.com/go-openapi/jsonreference v0.21.0 // indirect 102 | github.com/go-openapi/swag v0.23.0 // indirect 103 | github.com/go-resty/resty/v2 v2.13.1 // indirect 104 | github.com/go-rod/rod v0.116.2 // indirect 105 | github.com/goccy/go-json v0.10.3 // indirect 106 | github.com/gogo/protobuf v1.3.2 // indirect 107 | github.com/golang-jwt/jwt/v4 v4.5.0 // indirect 108 | github.com/golang/glog v1.2.2 // indirect 109 | github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect 110 | github.com/golang/mock v1.6.0 // indirect 111 | github.com/golang/protobuf v1.5.4 // indirect 112 | github.com/golang/snappy v0.0.4 // indirect 113 | github.com/google/certificate-transparency-go v1.2.1 // indirect 114 | github.com/google/gnostic-models v0.6.8 // indirect 115 | github.com/google/go-cmp v0.6.0 // indirect 116 | github.com/google/go-github/v30 v30.1.0 // indirect 117 | github.com/google/go-querystring v1.1.0 // indirect 118 | github.com/google/gofuzz v1.2.0 // indirect 119 | github.com/google/gopacket v1.1.19 // indirect 120 | github.com/google/jsonapi v1.0.0 // indirect 121 | github.com/google/s2a-go v0.1.8 // indirect 122 | github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 // indirect 123 | github.com/google/uuid v1.6.0 // indirect 124 | github.com/googleapis/enterprise-certificate-proxy v0.3.2 // indirect 125 | github.com/googleapis/gax-go/v2 v2.13.0 // indirect 126 | github.com/gophercloud/gophercloud v1.13.0 // indirect 127 | github.com/gorilla/css v1.0.1 // indirect 128 | github.com/gorilla/websocket v1.5.3 // indirect 129 | github.com/grpc-ecosystem/grpc-gateway/v2 v2.20.0 // indirect 130 | github.com/hako/durafmt v0.0.0-20210608085754-5c1018a4e16b // indirect 131 | github.com/hashicorp/consul/api v1.29.2 // indirect 132 | github.com/hashicorp/cronexpr v1.1.2 // indirect 133 | github.com/hashicorp/errwrap v1.1.0 // indirect 134 | github.com/hashicorp/go-cleanhttp v0.5.2 // indirect 135 | github.com/hashicorp/go-getter v1.7.5 // indirect 136 | github.com/hashicorp/go-hclog v1.6.3 // indirect 137 | github.com/hashicorp/go-immutable-radix v1.3.1 // indirect 138 | github.com/hashicorp/go-multierror v1.1.1 // indirect 139 | github.com/hashicorp/go-plugin v1.6.1 // indirect 140 | github.com/hashicorp/go-retryablehttp v0.7.7 // indirect 141 | github.com/hashicorp/go-rootcerts v1.0.2 // indirect 142 | github.com/hashicorp/go-safetemp v1.0.0 // indirect 143 | github.com/hashicorp/go-version v1.7.0 // indirect 144 | github.com/hashicorp/golang-lru v1.0.2 // indirect 145 | github.com/hashicorp/hcl/v2 v2.21.0 // indirect 146 | github.com/hashicorp/nomad/api v0.0.0-20240722190319-7a2c70e3f6a8 // indirect 147 | github.com/hashicorp/serf v0.10.1 // indirect 148 | github.com/hashicorp/yamux v0.1.1 // indirect 149 | github.com/hbakhtiyor/strsim v0.0.0-20190107154042-4d2bbb273edf // indirect 150 | github.com/hdm/jarm-go v0.0.7 // indirect 151 | github.com/heroku/heroku-go/v5 v5.5.0 // indirect 152 | github.com/hetznercloud/hcloud-go v1.57.0 // indirect 153 | github.com/iancoleman/strcase v0.3.0 // indirect 154 | github.com/imdario/mergo v0.3.16 // indirect 155 | github.com/jaytaylor/html2text v0.0.0-20230321000545-74c2419ad056 // indirect 156 | github.com/jmespath/go-jmespath v0.4.0 // indirect 157 | github.com/josharian/intern v1.0.0 // indirect 158 | github.com/json-iterator/go v1.1.12 // indirect 159 | github.com/kataras/jwt v0.1.12 // indirect 160 | github.com/klauspost/compress v1.17.9 // indirect 161 | github.com/klauspost/pgzip v1.2.6 // indirect 162 | github.com/kljensen/snowball v0.9.0 // indirect 163 | github.com/lib/pq v1.10.9 // indirect 164 | github.com/linode/linodego v1.37.0 // indirect 165 | github.com/logrusorgru/aurora v2.0.3+incompatible // indirect 166 | github.com/lucasb-eyer/go-colorful v1.2.0 // indirect 167 | github.com/lufia/plan9stats v0.0.0-20240513124658-fba389f38bae // indirect 168 | github.com/mailru/easyjson v0.7.7 // indirect 169 | github.com/mattn/go-colorable v0.1.13 // indirect 170 | github.com/mattn/go-isatty v0.0.20 // indirect 171 | github.com/mattn/go-runewidth v0.0.16 // indirect 172 | github.com/mfonda/simhash v0.0.0-20151007195837-79f94a1100d6 // indirect 173 | github.com/mholt/archiver/v3 v3.5.1 // indirect 174 | github.com/microcosm-cc/bluemonday v1.0.27 // indirect 175 | github.com/miekg/dns v1.1.61 // indirect 176 | github.com/minio/selfupdate v0.6.1-0.20230907112617-f11e74f84ca7 // indirect 177 | github.com/mitchellh/go-homedir v1.1.0 // indirect 178 | github.com/mitchellh/go-testing-interface v1.14.1 // indirect 179 | github.com/mitchellh/go-wordwrap v1.0.1 // indirect 180 | github.com/mitchellh/mapstructure v1.5.0 // indirect 181 | github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect 182 | github.com/modern-go/reflect2 v1.0.2 // indirect 183 | github.com/muesli/reflow v0.3.0 // indirect 184 | github.com/muesli/termenv v0.15.2 // indirect 185 | github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect 186 | github.com/namecheap/go-namecheap-sdk/v2 v2.3.0 // indirect 187 | github.com/nfnt/resize v0.0.0-20180221191011-83c6a9932646 // indirect 188 | github.com/nwaples/rardecode v1.1.3 // indirect 189 | github.com/oklog/run v1.1.0 // indirect 190 | github.com/olekukonko/tablewriter v0.0.5 // indirect 191 | github.com/opentracing/opentracing-go v1.2.1-0.20220228012449-10b1cf09e00b // indirect 192 | github.com/pborman/uuid v1.2.1 // indirect 193 | github.com/pierrec/lz4/v4 v4.1.21 // indirect 194 | github.com/pkg/errors v0.9.1 // indirect 195 | github.com/power-devops/perfstat v0.0.0-20240221224432-82ca36839d55 // indirect 196 | github.com/projectdiscovery/blackrock v0.0.1 // indirect 197 | github.com/projectdiscovery/clistats v0.0.20 // indirect 198 | github.com/projectdiscovery/dsl v0.1.7 // indirect 199 | github.com/projectdiscovery/fastdialer v0.2.1 // indirect 200 | github.com/projectdiscovery/fdmax v0.0.4 // indirect 201 | github.com/projectdiscovery/freeport v0.0.5 // indirect 202 | github.com/projectdiscovery/goconfig v0.0.1 // indirect 203 | github.com/projectdiscovery/gologger v1.1.16 // indirect 204 | github.com/projectdiscovery/gostruct v0.0.2 // indirect 205 | github.com/projectdiscovery/hmap v0.0.51 // indirect 206 | github.com/projectdiscovery/ipranger v0.0.53 // indirect 207 | github.com/projectdiscovery/machineid v0.0.0-20240226150047-2e2c51e35983 // indirect 208 | github.com/projectdiscovery/mapcidr v1.1.34 // indirect 209 | github.com/projectdiscovery/networkpolicy v0.0.9 // indirect 210 | github.com/projectdiscovery/ratelimit v0.0.48 // indirect 211 | github.com/projectdiscovery/rawhttp v0.1.58 // indirect 212 | github.com/projectdiscovery/retryabledns v1.0.68 // indirect 213 | github.com/projectdiscovery/retryablehttp-go v1.0.70 // indirect 214 | github.com/projectdiscovery/uncover v1.0.9 // indirect 215 | github.com/projectdiscovery/useragent v0.0.61 // indirect 216 | github.com/projectdiscovery/utils v0.2.2 // indirect 217 | github.com/projectdiscovery/wappalyzergo v0.1.11 // indirect 218 | github.com/prometheus/client_golang v1.19.1 // indirect 219 | github.com/prometheus/client_model v0.6.1 // indirect 220 | github.com/prometheus/common v0.55.0 // indirect 221 | github.com/prometheus/procfs v0.15.1 // indirect 222 | github.com/refraction-networking/utls v1.6.7 // indirect 223 | github.com/remeh/sizedwaitgroup v1.0.0 // indirect 224 | github.com/rivo/uniseg v0.4.7 // indirect 225 | github.com/rs/xid v1.5.0 // indirect 226 | github.com/saintfish/chardet v0.0.0-20230101081208-5e3ef4b5456d // indirect 227 | github.com/sashabaranov/go-openai v1.27.0 // indirect 228 | github.com/scaleway/scaleway-sdk-go v1.0.0-beta.29 // indirect 229 | github.com/sethvargo/go-retry v0.2.4 // indirect 230 | github.com/shirou/gopsutil/v3 v3.24.5 // indirect 231 | github.com/shoenig/go-m1cpu v0.1.6 // indirect 232 | github.com/spaolacci/murmur3 v1.1.0 // indirect 233 | github.com/spf13/pflag v1.0.5 // indirect 234 | github.com/ssor/bom v0.0.0-20170718123548-6386211fdfcf // indirect 235 | github.com/stevenle/topsort v0.2.0 // indirect 236 | github.com/syndtr/goleveldb v1.0.0 // indirect 237 | github.com/tidwall/btree v1.7.0 // indirect 238 | github.com/tidwall/buntdb v1.3.1 // indirect 239 | github.com/tidwall/gjson v1.17.1 // indirect 240 | github.com/tidwall/grect v0.1.4 // indirect 241 | github.com/tidwall/match v1.1.1 // indirect 242 | github.com/tidwall/pretty v1.2.1 // indirect 243 | github.com/tidwall/rtred v0.1.2 // indirect 244 | github.com/tidwall/tinyqueue v0.1.1 // indirect 245 | github.com/tklauser/go-sysconf v0.3.14 // indirect 246 | github.com/tklauser/numcpus v0.8.0 // indirect 247 | github.com/tkrajina/go-reflector v0.5.6 // indirect 248 | github.com/tomnomnom/linkheader v0.0.0-20180905144013-02ca5825eb80 // indirect 249 | github.com/turbot/go-kit v0.10.0-rc.0 // indirect 250 | github.com/ulikunitz/xz v0.5.12 // indirect 251 | github.com/weppos/publicsuffix-go v0.40.0 // indirect 252 | github.com/xi2/xz v0.0.0-20171230120015-48954b6210f8 // indirect 253 | github.com/yl2chen/cidranger v1.0.2 // indirect 254 | github.com/ysmood/fetchup v0.2.4 // indirect 255 | github.com/ysmood/goob v0.4.0 // indirect 256 | github.com/ysmood/got v0.40.0 // indirect 257 | github.com/ysmood/gson v0.7.3 // indirect 258 | github.com/ysmood/leakless v0.9.0 // indirect 259 | github.com/yuin/goldmark v1.7.4 // indirect 260 | github.com/yuin/goldmark-emoji v1.0.3 // indirect 261 | github.com/yusufpapurcu/wmi v1.2.4 // indirect 262 | github.com/zcalusic/sysinfo v1.1.0 // indirect 263 | github.com/zclconf/go-cty v1.15.0 // indirect 264 | github.com/zmap/rc2 v0.0.0-20190804163417-abaa70531248 // indirect 265 | github.com/zmap/zcrypto v0.0.0-20240512203510-0fef58d9a9db // indirect 266 | go.etcd.io/bbolt v1.3.10 // indirect 267 | go.opencensus.io v0.24.0 // indirect 268 | go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.53.0 // indirect 269 | go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.53.0 // indirect 270 | go.opentelemetry.io/otel v1.28.0 // indirect 271 | go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc v1.28.0 // indirect 272 | go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.28.0 // indirect 273 | go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.28.0 // indirect 274 | go.opentelemetry.io/otel/metric v1.28.0 // indirect 275 | go.opentelemetry.io/otel/sdk v1.28.0 // indirect 276 | go.opentelemetry.io/otel/sdk/metric v1.28.0 // indirect 277 | go.opentelemetry.io/otel/trace v1.28.0 // indirect 278 | go.opentelemetry.io/proto/otlp v1.3.1 // indirect 279 | go.uber.org/multierr v1.11.0 // indirect 280 | golang.org/x/crypto v0.25.0 // indirect 281 | golang.org/x/exp v0.0.0-20240719175910-8a7402abbf56 // indirect 282 | golang.org/x/mod v0.19.0 // indirect 283 | golang.org/x/net v0.27.0 // indirect 284 | golang.org/x/oauth2 v0.21.0 // indirect 285 | golang.org/x/sync v0.7.0 // indirect 286 | golang.org/x/sys v0.22.0 // indirect 287 | golang.org/x/term v0.22.0 // indirect 288 | golang.org/x/text v0.16.0 // indirect 289 | golang.org/x/time v0.5.0 // indirect 290 | golang.org/x/tools v0.23.0 // indirect 291 | google.golang.org/api v0.189.0 // indirect 292 | google.golang.org/genproto v0.0.0-20240722135656-d784300faade // indirect 293 | google.golang.org/genproto/googleapis/api v0.0.0-20240722135656-d784300faade // indirect 294 | google.golang.org/genproto/googleapis/rpc v0.0.0-20240722135656-d784300faade // indirect 295 | google.golang.org/grpc v1.65.0 // indirect 296 | google.golang.org/protobuf v1.34.2 // indirect 297 | gopkg.in/djherbis/times.v1 v1.3.0 // indirect 298 | gopkg.in/inf.v0 v0.9.1 // indirect 299 | gopkg.in/ini.v1 v1.67.0 // indirect 300 | gopkg.in/yaml.v2 v2.4.0 // indirect 301 | gopkg.in/yaml.v3 v3.0.1 // indirect 302 | k8s.io/api v0.30.3 // indirect 303 | k8s.io/apimachinery v0.30.3 // indirect 304 | k8s.io/client-go v0.30.3 // indirect 305 | k8s.io/klog/v2 v2.130.1 // indirect 306 | k8s.io/kube-openapi v0.0.0-20240709000822-3c01b740850f // indirect 307 | k8s.io/utils v0.0.0-20240711033017-18e509b52bc8 // indirect 308 | sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect 309 | sigs.k8s.io/structured-merge-diff/v4 v4.4.1 // indirect 310 | sigs.k8s.io/yaml v1.4.0 // indirect 311 | ) 312 | -------------------------------------------------------------------------------- /main.go: -------------------------------------------------------------------------------- 1 | package main 2 | 3 | import ( 4 | "github.com/sensepost/steampipe-plugin-projectdiscovery/projectdiscovery" 5 | "github.com/turbot/steampipe-plugin-sdk/v5/plugin" 6 | ) 7 | 8 | func main() { 9 | plugin.Serve(&plugin.ServeOpts{PluginFunc: projectdiscovery.Plugin}) 10 | } 11 | -------------------------------------------------------------------------------- /projectdiscovery/connection_config.go: -------------------------------------------------------------------------------- 1 | package projectdiscovery 2 | 3 | import ( 4 | "github.com/turbot/steampipe-plugin-sdk/v5/plugin" 5 | "github.com/turbot/steampipe-plugin-sdk/v5/plugin/schema" 6 | ) 7 | 8 | type projectdiscoveryConfig struct { 9 | NaabuTopPorts *string `cty:"naabu_top_ports"` 10 | ChaosAPIKey *string `cty:"chaos_api_key"` 11 | CloudListDoToken *string `cty:"cloudlist_do_token"` 12 | } 13 | 14 | var ConfigSchema = map[string]*schema.Attribute{ 15 | "naabu_top_ports": {Type: schema.TypeString}, 16 | "chaos_api_key": {Type: schema.TypeString}, 17 | "cloudlist_do_token": {Type: schema.TypeString}, 18 | } 19 | 20 | func ConfigInstance() interface{} { 21 | return &projectdiscoveryConfig{} 22 | } 23 | 24 | // GetConfig will retrieve and cast connection config from query data 25 | func GetConfig(connection *plugin.Connection) projectdiscoveryConfig { 26 | if connection == nil || connection.Config == nil { 27 | return projectdiscoveryConfig{} 28 | } 29 | 30 | config, _ := connection.Config.(projectdiscoveryConfig) 31 | return config 32 | } 33 | -------------------------------------------------------------------------------- /projectdiscovery/plugin.go: -------------------------------------------------------------------------------- 1 | package projectdiscovery 2 | 3 | import ( 4 | "context" 5 | 6 | "github.com/turbot/steampipe-plugin-sdk/v5/plugin" 7 | "github.com/turbot/steampipe-plugin-sdk/v5/plugin/transform" 8 | ) 9 | 10 | func Plugin(ctx context.Context) *plugin.Plugin { 11 | p := &plugin.Plugin{ 12 | Name: "steampipe-plugin-projectdiscovery", 13 | DefaultTransform: transform.FromGo().NullIfZero(), 14 | ConnectionConfigSchema: &plugin.ConnectionConfigSchema{ 15 | NewInstance: ConfigInstance, 16 | Schema: ConfigSchema, 17 | }, 18 | // todo: uncover 19 | TableMap: map[string]*plugin.Table{ 20 | "projectdiscovery_asnmap": tableProjectdiscoveryAsnmap(), 21 | "projectdiscovery_cdncheck": tableProjectdiscoveryCdncheck(), 22 | "projectdiscovery_chaos": tableProjectdiscoveryChaos(), 23 | "projectdiscovery_cloudlist": tableProjectdiscoveryCloudlist(), 24 | "projectdiscovery_dnsx": tableProjectdiscoveryDnsx(), 25 | "projectdiscovery_httpx": tableProjectdiscoveryHttpx(), 26 | "projectdiscovery_naabu": tableProjectdiscoveryNaabu(), 27 | "projectdiscovery_subfinder": tableProjectdiscoverySubfinder(), 28 | "projectdiscovery_tlsx": tableProjectdiscoveryTlsx(), 29 | }, 30 | } 31 | return p 32 | } 33 | -------------------------------------------------------------------------------- /projectdiscovery/table_projectdiscovery_asnmap.go: -------------------------------------------------------------------------------- 1 | package projectdiscovery 2 | 3 | import ( 4 | "context" 5 | 6 | asnmap "github.com/projectdiscovery/asnmap/libs" 7 | 8 | "github.com/turbot/steampipe-plugin-sdk/v5/grpc/proto" 9 | "github.com/turbot/steampipe-plugin-sdk/v5/plugin" 10 | "github.com/turbot/steampipe-plugin-sdk/v5/plugin/transform" 11 | ) 12 | 13 | func tableProjectdiscoveryAsnmap() *plugin.Table { 14 | return &plugin.Table{ 15 | Name: "projectdiscovery_asnmap", 16 | Description: "Library for quickly mapping organization network ranges using ASN information. ", 17 | List: &plugin.ListConfig{ 18 | Hydrate: listAsnmap, 19 | KeyColumns: plugin.KeyColumnSlice{ 20 | {Name: "target", Require: plugin.Required}, 21 | }, 22 | }, 23 | Columns: []*plugin.Column{ 24 | {Name: "target", Type: proto.ColumnType_STRING, Transform: transform.FromQual("target"), Description: "The ASN, IP or Org name to lookup."}, 25 | {Name: "asn", Type: proto.ColumnType_INT, Transform: transform.FromField("ASN"), Description: "The ASN."}, 26 | {Name: "country", Type: proto.ColumnType_STRING, Transform: transform.FromField("Country"), Description: "The country."}, 27 | {Name: "org", Type: proto.ColumnType_STRING, Transform: transform.FromField("Org"), Description: "The organisation."}, 28 | {Name: "first_ip", Type: proto.ColumnType_INET, Transform: transform.FromField("FirstIp"), Description: "First IP for the ASN."}, 29 | {Name: "last_ip", Type: proto.ColumnType_INET, Transform: transform.FromField("LastIp"), Description: "First IP for the ASN."}, 30 | }, 31 | } 32 | } 33 | 34 | func listAsnmap(ctx context.Context, d *plugin.QueryData, _ *plugin.HydrateData) (interface{}, error) { 35 | 36 | logger := plugin.Logger(ctx) 37 | target := d.EqualsQualString("target") 38 | logger.Debug("target", target) 39 | 40 | client, err := asnmap.NewClient() 41 | if err != nil { 42 | logger.Error("projectdiscovery_asnmap.listAsnmap", "connection_error", err) 43 | return nil, err 44 | } 45 | 46 | results, err := client.GetData(target) 47 | if err != nil { 48 | logger.Error("projectdiscovery_asnmap.listAsnmap", "api_error", "asnmap failed to get data for domain", target, err) 49 | } 50 | logger.Debug("asnmap results", results) 51 | 52 | for _, asn := range results { 53 | d.StreamListItem(ctx, asn) 54 | } 55 | 56 | return nil, nil 57 | } 58 | -------------------------------------------------------------------------------- /projectdiscovery/table_projectdiscovery_cdncheck.go: -------------------------------------------------------------------------------- 1 | package projectdiscovery 2 | 3 | import ( 4 | "context" 5 | "fmt" 6 | "net" 7 | 8 | "github.com/projectdiscovery/cdncheck" 9 | 10 | "github.com/turbot/steampipe-plugin-sdk/v5/grpc/proto" 11 | "github.com/turbot/steampipe-plugin-sdk/v5/plugin" 12 | "github.com/turbot/steampipe-plugin-sdk/v5/plugin/transform" 13 | ) 14 | 15 | func tableProjectdiscoveryCdncheck() *plugin.Table { 16 | return &plugin.Table{ 17 | Name: "projectdiscovery_cdncheck", 18 | Description: "A utility to detect various technology for a given IP address. ", 19 | List: &plugin.ListConfig{ 20 | Hydrate: listCdnCheck, 21 | KeyColumns: plugin.KeyColumnSlice{ 22 | {Name: "target", Require: plugin.Required}, 23 | }, 24 | }, 25 | Columns: []*plugin.Column{ 26 | {Name: "target", Type: proto.ColumnType_STRING, Transform: transform.FromQual("target"), Description: "Target IP to lookup."}, 27 | {Name: "cdn", Type: proto.ColumnType_STRING, Transform: transform.FromField("Cdn"), Description: "CDN information."}, 28 | {Name: "cloud", Type: proto.ColumnType_STRING, Transform: transform.FromField("Cloud"), Description: "Cloud information."}, 29 | {Name: "waf", Type: proto.ColumnType_STRING, Transform: transform.FromField("Waf"), Description: "WAF information."}, 30 | }, 31 | } 32 | } 33 | 34 | type cdnCheckRow struct { 35 | Cdn string 36 | Cloud string 37 | Waf string 38 | } 39 | 40 | func listCdnCheck(ctx context.Context, d *plugin.QueryData, _ *plugin.HydrateData) (interface{}, error) { 41 | 42 | logger := plugin.Logger(ctx) 43 | 44 | target := d.EqualsQualString("target") 45 | logger.Debug("target host", target) 46 | 47 | c := cdnCheckRow{} 48 | 49 | client := cdncheck.New() 50 | ip := net.ParseIP(target) 51 | 52 | if ip == nil { 53 | return nil, fmt.Errorf("invalid ip: %s", target) 54 | } 55 | 56 | // checks if an IP is contained in the cdn denylist 57 | matched, val, err := client.CheckCDN(ip) 58 | if err != nil { 59 | return nil, fmt.Errorf("CheckCDN() failed: %s", err) 60 | } 61 | 62 | if matched { 63 | c.Cdn = val 64 | } 65 | 66 | // checks if an IP is contained in the cloud denylist 67 | matched, val, err = client.CheckCloud(ip) 68 | if err != nil { 69 | return nil, fmt.Errorf("CheckCloud() failed: %s", err) 70 | } 71 | 72 | if matched { 73 | c.Cloud = val 74 | } 75 | 76 | // checks if an IP is contained in the waf denylist 77 | matched, val, err = client.CheckWAF(ip) 78 | if err != nil { 79 | return nil, fmt.Errorf("CheckWAF() failed: %s", err) 80 | } 81 | 82 | if matched { 83 | c.Waf = val 84 | } 85 | 86 | d.StreamListItem(ctx, c) 87 | 88 | return nil, nil 89 | } 90 | -------------------------------------------------------------------------------- /projectdiscovery/table_projectdiscovery_chaos.go: -------------------------------------------------------------------------------- 1 | package projectdiscovery 2 | 3 | import ( 4 | "context" 5 | "errors" 6 | 7 | "github.com/projectdiscovery/chaos-client/pkg/chaos" 8 | 9 | "github.com/turbot/steampipe-plugin-sdk/v5/grpc/proto" 10 | "github.com/turbot/steampipe-plugin-sdk/v5/plugin" 11 | "github.com/turbot/steampipe-plugin-sdk/v5/plugin/transform" 12 | ) 13 | 14 | func tableProjectdiscoveryChaos() *plugin.Table { 15 | return &plugin.Table{ 16 | Name: "projectdiscovery_chaos", 17 | Description: "Choas is an Internet-wide assets data project. ", 18 | List: &plugin.ListConfig{ 19 | Hydrate: listChaos, 20 | KeyColumns: plugin.KeyColumnSlice{ 21 | {Name: "domain", Require: plugin.Required}, 22 | }, 23 | }, 24 | Columns: []*plugin.Column{ 25 | {Name: "domain", Type: proto.ColumnType_STRING, Transform: transform.FromQual("domain"), Description: "Domain under query."}, 26 | {Name: "subdomain", Type: proto.ColumnType_STRING, Description: "A subdomain."}, 27 | }, 28 | } 29 | } 30 | 31 | type chaosRow struct { 32 | Subdomain string `json:"subomain"` 33 | } 34 | 35 | func listChaos(ctx context.Context, d *plugin.QueryData, _ *plugin.HydrateData) (interface{}, error) { 36 | 37 | domain := d.EqualsQualString("domain") 38 | 39 | config := GetConfig(d.Connection) 40 | if *config.ChaosAPIKey == "" { 41 | plugin.Logger(ctx).Error("projectdiscovery_chaos.listChaos", "connection_error") 42 | return nil, errors.New("this table requires a configured chaos api key") 43 | } 44 | 45 | chaosClient := chaos.New(*config.ChaosAPIKey) 46 | 47 | for entry := range chaosClient.GetSubdomains(&chaos.SubdomainsRequest{Domain: domain}) { 48 | if entry.Error != nil { 49 | plugin.Logger(ctx).Error("projectdiscovery_chaos.listChaos", "api_eror", entry.Error) 50 | return nil, entry.Error 51 | } 52 | 53 | d.StreamListItem(ctx, chaosRow{Subdomain: entry.Subdomain}) 54 | } 55 | 56 | return nil, nil 57 | } 58 | -------------------------------------------------------------------------------- /projectdiscovery/table_projectdiscovery_cloudlist.go: -------------------------------------------------------------------------------- 1 | package projectdiscovery 2 | 3 | import ( 4 | "context" 5 | "fmt" 6 | 7 | "github.com/projectdiscovery/cloudlist/pkg/inventory" 8 | "github.com/projectdiscovery/cloudlist/pkg/schema" 9 | 10 | "github.com/turbot/steampipe-plugin-sdk/v5/grpc/proto" 11 | "github.com/turbot/steampipe-plugin-sdk/v5/plugin" 12 | "github.com/turbot/steampipe-plugin-sdk/v5/plugin/transform" 13 | ) 14 | 15 | func tableProjectdiscoveryCloudlist() *plugin.Table { 16 | return &plugin.Table{ 17 | Name: "projectdiscovery_cloudlist", 18 | Description: "Cloudlist is a tool for listing Assets from multiple Cloud Providers. ", 19 | List: &plugin.ListConfig{ 20 | Hydrate: listCloudlistScan, 21 | KeyColumns: plugin.KeyColumnSlice{ 22 | {Name: "provider", Require: plugin.Required}, 23 | }, 24 | }, 25 | Columns: []*plugin.Column{ 26 | {Name: "provider", Type: proto.ColumnType_STRING, Transform: transform.FromQual("provider"), Description: "Target provider under query."}, 27 | {Name: "id", Type: proto.ColumnType_STRING, Transform: transform.FromField("Id"), Description: "The id name of the resource provider."}, 28 | {Name: "public", Type: proto.ColumnType_BOOL, Description: "True if the resource is public."}, 29 | {Name: "public_ipv4", Type: proto.ColumnType_STRING, Transform: transform.FromField("PublicIpv4"), Description: "The public ipv4 address of the resource."}, 30 | {Name: "private_ipv4", Type: proto.ColumnType_STRING, Transform: transform.FromField("PrivateIpv4"), Description: "The private ipv4 address of the resource."}, 31 | {Name: "dns_name", Type: proto.ColumnType_STRING, Transform: transform.FromField("DnsName"), Description: "The DNS name of the resource."}, 32 | }, 33 | } 34 | } 35 | 36 | type cloudListScanRow struct { 37 | Public bool 38 | Provider string 39 | Id string 40 | PublicIpv4 string 41 | PrivateIpv4 string 42 | DnsName string 43 | } 44 | 45 | func listCloudlistScan(ctx context.Context, d *plugin.QueryData, _ *plugin.HydrateData) (interface{}, error) { 46 | 47 | logger := plugin.Logger(ctx) 48 | 49 | provider := d.EqualsQualString("provider") 50 | logger.Debug("cloudlist provider", provider) 51 | 52 | opts, err := cloudListGetProviderConfig(d.Connection, provider) 53 | if err != nil { 54 | logger.Error("projectdiscovery_cloudlist.listCloudlistScan", "connection_error", err) 55 | return nil, err 56 | } 57 | 58 | inventory, err := inventory.New(opts) 59 | if err != nil { 60 | logger.Error("projectdiscovery_cloudlist.listCloudlistScan", "inventory_provider_error", err) 61 | return nil, err 62 | } 63 | 64 | for _, provider := range inventory.Providers { 65 | resources, err := provider.Resources(context.Background()) 66 | if err != nil { 67 | logger.Error("projectdiscovery_cloudlist.listCloudlistScan", "api_error", err) 68 | return nil, err 69 | } 70 | for _, resource := range resources.Items { 71 | logger.Debug("found cloudlist resource", resource) 72 | d.StreamListItem(ctx, cloudListScanRow{ 73 | Public: resource.Public, 74 | Provider: resource.Provider, 75 | Id: resource.ID, 76 | PublicIpv4: resource.PublicIPv4, 77 | PrivateIpv4: resource.PrivateIpv4, 78 | DnsName: resource.DNSName, 79 | }) 80 | } 81 | } 82 | 83 | return nil, nil 84 | } 85 | 86 | // cloudListGetProviderConfig grabs the configuration for a provider from the steampipe config 87 | func cloudListGetProviderConfig(conn *plugin.Connection, provider string) (schema.Options, error) { 88 | config := GetConfig(conn) 89 | 90 | // todo: implement more providers. 91 | // the most work would be to map config -> schema.OptioonBlock's 92 | 93 | switch provider { 94 | case "do": 95 | if config.CloudListDoToken == nil || *config.CloudListDoToken == "" { 96 | return nil, fmt.Errorf("digital ocean token not configured") 97 | } 98 | return schema.Options{ 99 | schema.OptionBlock{ 100 | "provider": "do", 101 | "digitalocean_token": *config.CloudListDoToken, 102 | }, 103 | }, nil 104 | case "gcp": 105 | case "scw": 106 | case "azure": 107 | case "cloudflare": 108 | case "heroku": 109 | case "linode": 110 | case "fastly": 111 | case "alibaba": 112 | case "namecheap": 113 | case "terraform": 114 | case "consul": 115 | case "nomad": 116 | case "hetzner": 117 | case "openstack": 118 | case "kubernetes": 119 | case "aws": 120 | default: 121 | return nil, fmt.Errorf("invalid provider name, or provider not implemented yet: %s", provider) 122 | } 123 | 124 | return nil, nil 125 | } 126 | -------------------------------------------------------------------------------- /projectdiscovery/table_projectdiscovery_dnsx.go: -------------------------------------------------------------------------------- 1 | package projectdiscovery 2 | 3 | import ( 4 | "context" 5 | 6 | "github.com/projectdiscovery/dnsx/libs/dnsx" 7 | 8 | "github.com/turbot/steampipe-plugin-sdk/v5/grpc/proto" 9 | "github.com/turbot/steampipe-plugin-sdk/v5/plugin" 10 | "github.com/turbot/steampipe-plugin-sdk/v5/plugin/transform" 11 | ) 12 | 13 | func tableProjectdiscoveryDnsx() *plugin.Table { 14 | return &plugin.Table{ 15 | Name: "projectdiscovery_dnsx", 16 | Description: "dnsx is a fast and multi-purpose DNS toolkit. ", 17 | List: &plugin.ListConfig{ 18 | Hydrate: listDnsxScan, 19 | KeyColumns: plugin.KeyColumnSlice{ 20 | {Name: "target", Require: plugin.Required}, 21 | }, 22 | }, 23 | Columns: []*plugin.Column{ 24 | {Name: "target", Type: proto.ColumnType_STRING, Transform: transform.FromQual("target"), Description: "Target to lookup."}, 25 | {Name: "address", Type: proto.ColumnType_STRING, Description: "DNS A record response."}, 26 | }, 27 | } 28 | } 29 | 30 | type dnsxRow struct { 31 | Address string `json:"ip"` 32 | } 33 | 34 | func listDnsxScan(ctx context.Context, d *plugin.QueryData, _ *plugin.HydrateData) (interface{}, error) { 35 | 36 | logger := plugin.Logger(ctx) 37 | 38 | target := d.EqualsQualString("target") 39 | logger.Debug("target host", target) 40 | 41 | // Create DNS Resolver with default options 42 | dnsClient, err := dnsx.New(dnsx.DefaultOptions) 43 | if err != nil { 44 | logger.Error("projectdiscovery_dnsx.listDnsxScan", "connection_error", err) 45 | return nil, err 46 | } 47 | 48 | // DNS A question and returns corresponding IPs 49 | result, err := dnsClient.Lookup(target) 50 | if err != nil { 51 | logger.Warn("dnsx failed to lookup target", target, err) 52 | return nil, nil 53 | } 54 | 55 | for _, msg := range result { 56 | d.StreamListItem(ctx, dnsxRow{Address: msg}) 57 | } 58 | 59 | return nil, nil 60 | } 61 | -------------------------------------------------------------------------------- /projectdiscovery/table_projectdiscovery_httpx.go: -------------------------------------------------------------------------------- 1 | package projectdiscovery 2 | 3 | import ( 4 | "context" 5 | 6 | "github.com/projectdiscovery/goflags" 7 | "github.com/projectdiscovery/httpx/runner" 8 | 9 | "github.com/turbot/steampipe-plugin-sdk/v5/grpc/proto" 10 | "github.com/turbot/steampipe-plugin-sdk/v5/plugin" 11 | "github.com/turbot/steampipe-plugin-sdk/v5/plugin/transform" 12 | ) 13 | 14 | func tableProjectdiscoveryHttpx() *plugin.Table { 15 | return &plugin.Table{ 16 | Name: "projectdiscovery_httpx", 17 | Description: "httpx is a fast and multi-purpose HTTP toolkit. ", 18 | List: &plugin.ListConfig{ 19 | Hydrate: listHttpxScan, 20 | KeyColumns: plugin.KeyColumnSlice{ 21 | {Name: "target", Require: plugin.Required}, 22 | }, 23 | }, 24 | Columns: []*plugin.Column{ 25 | {Name: "target", Type: proto.ColumnType_STRING, Transform: transform.FromQual("target"), Description: "The target."}, 26 | {Name: "url", Type: proto.ColumnType_STRING, Description: "Target URL."}, 27 | {Name: "method", Type: proto.ColumnType_STRING, Description: "HTTP method."}, 28 | {Name: "host", Type: proto.ColumnType_IPADDR, Description: "Target host ip."}, 29 | {Name: "path", Type: proto.ColumnType_STRING, Description: "Target path."}, 30 | {Name: "port", Type: proto.ColumnType_INT, Description: "Target port."}, 31 | {Name: "title", Type: proto.ColumnType_STRING, Description: "HTML title tag value."}, 32 | {Name: "status_code", Type: proto.ColumnType_INT, Description: "HTTP response status code."}, 33 | {Name: "content_length", Type: proto.ColumnType_INT, Description: "HTTP response content length."}, 34 | {Name: "web_server", Type: proto.ColumnType_STRING, Description: "Remote webserver according to the Server header."}, 35 | {Name: "technologies", Type: proto.ColumnType_JSON, Description: "HTTP technologies in use."}, 36 | {Name: "response_time", Type: proto.ColumnType_STRING, Description: "HTTP response time."}, 37 | {Name: "a", Type: proto.ColumnType_JSON, Description: "Target A record(s)."}, 38 | {Name: "cname", Type: proto.ColumnType_STRING, Description: "Target CNAME record(s)."}, 39 | {Name: "hashes", Type: proto.ColumnType_JSON, Description: "HTTP response status code."}, 40 | {Name: "websocket", Type: proto.ColumnType_BOOL, Description: "True if the remote endpoint want to upgrade to a websocket."}, 41 | {Name: "failed", Type: proto.ColumnType_BOOL, Description: "True if the probe failed."}, 42 | }, 43 | } 44 | } 45 | 46 | func listHttpxScan(ctx context.Context, d *plugin.QueryData, _ *plugin.HydrateData) (interface{}, error) { 47 | 48 | logger := plugin.Logger(ctx) 49 | 50 | host := d.EqualsQualString("target") 51 | logger.Debug("target host", host) 52 | 53 | options := runner.Options{ 54 | Methods: "GET", 55 | InputTargetHost: goflags.StringSlice{host}, 56 | ExtractTitle: true, 57 | Hashes: "sha1", 58 | TechDetect: true, 59 | } 60 | 61 | options.OnResult = func(r runner.Result) { 62 | logger.Debug("httpx result", r) 63 | if r.Err != nil { 64 | return 65 | } 66 | 67 | d.StreamListItem(ctx, r) 68 | } 69 | 70 | if err := options.ValidateOptions(); err != nil { 71 | return nil, err 72 | } 73 | 74 | httpxRunner, err := runner.New(&options) 75 | if err != nil { 76 | return nil, err 77 | } 78 | defer httpxRunner.Close() 79 | 80 | httpxRunner.RunEnumeration() 81 | 82 | return nil, nil 83 | } 84 | -------------------------------------------------------------------------------- /projectdiscovery/table_projectdiscovery_naabu.go: -------------------------------------------------------------------------------- 1 | package projectdiscovery 2 | 3 | import ( 4 | "context" 5 | 6 | "github.com/projectdiscovery/goflags" 7 | "github.com/projectdiscovery/naabu/v2/pkg/result" 8 | "github.com/projectdiscovery/naabu/v2/pkg/runner" 9 | 10 | "github.com/turbot/steampipe-plugin-sdk/v5/grpc/proto" 11 | "github.com/turbot/steampipe-plugin-sdk/v5/plugin" 12 | "github.com/turbot/steampipe-plugin-sdk/v5/plugin/transform" 13 | ) 14 | 15 | func tableProjectdiscoveryNaabu() *plugin.Table { 16 | return &plugin.Table{ 17 | Name: "projectdiscovery_naabu", 18 | Description: "Naabu is a fast port scanner written in Go. ", 19 | List: &plugin.ListConfig{ 20 | Hydrate: listNaabuScan, 21 | KeyColumns: plugin.KeyColumnSlice{ 22 | {Name: "target", Require: plugin.Required}, 23 | }, 24 | }, 25 | Columns: []*plugin.Column{ 26 | {Name: "target", Type: proto.ColumnType_STRING, Transform: transform.FromQual("target"), Description: "Original target that was scanned."}, 27 | {Name: "host", Type: proto.ColumnType_STRING, Description: "Resolved hostname of the target."}, 28 | {Name: "ip", Type: proto.ColumnType_IPADDR, Transform: transform.FromField("Ip"), Description: "Resolved IP address of the target."}, 29 | {Name: "port", Type: proto.ColumnType_INT, Description: "A port that is open."}, 30 | }, 31 | } 32 | } 33 | 34 | type naabuRow struct { 35 | Host string `json:"host"` 36 | Ip string `json:"ip"` 37 | Port int `json:"port"` 38 | } 39 | 40 | func listNaabuScan(ctx context.Context, d *plugin.QueryData, _ *plugin.HydrateData) (interface{}, error) { 41 | 42 | logger := plugin.Logger(ctx) 43 | 44 | host := d.EqualsQualString("target") 45 | logger.Debug("target host", host) 46 | 47 | // configure naabu 48 | naabuOptions := runner.Options{ 49 | Host: goflags.StringSlice{host}, 50 | ScanType: "c", // just assume we'll never run as root, so always connect-scan it 51 | } 52 | 53 | // configure ports 54 | config := GetConfig(d.Connection) 55 | naabuOptions.TopPorts = *config.NaabuTopPorts 56 | logger.Debug("top ports", *config.NaabuTopPorts) 57 | 58 | // configure the callback to stream results 59 | naabuOptions.OnResult = func(hr *result.HostResult) { 60 | for _, port := range hr.Ports { 61 | logger.Debug("naabu result", port) 62 | d.StreamListItem(ctx, naabuRow{Host: hr.Host, Ip: hr.IP, Port: port.Port}) 63 | } 64 | } 65 | 66 | // prepare and run the scan with our options 67 | naabuRunner, err := runner.NewRunner(&naabuOptions) 68 | if err != nil { 69 | logger.Error("projectdiscovery_naabu.listNaabuScan", "new_runner_api_error", err) 70 | return nil, err 71 | } 72 | defer naabuRunner.Close() 73 | naabuRunner.RunEnumeration(ctx) 74 | 75 | return nil, nil 76 | } 77 | 78 | // TODO: implement a getList to filter on a set of ports instead once I can figure that out 79 | -------------------------------------------------------------------------------- /projectdiscovery/table_projectdiscovery_subfinder.go: -------------------------------------------------------------------------------- 1 | package projectdiscovery 2 | 3 | import ( 4 | "context" 5 | 6 | "github.com/projectdiscovery/subfinder/v2/pkg/resolve" 7 | "github.com/projectdiscovery/subfinder/v2/pkg/runner" 8 | 9 | "github.com/turbot/steampipe-plugin-sdk/v5/grpc/proto" 10 | "github.com/turbot/steampipe-plugin-sdk/v5/plugin" 11 | "github.com/turbot/steampipe-plugin-sdk/v5/plugin/transform" 12 | ) 13 | 14 | func tableProjectdiscoverySubfinder() *plugin.Table { 15 | return &plugin.Table{ 16 | Name: "projectdiscovery_subfinder", 17 | Description: "Fast passive subdomain enumeration tool. ", 18 | List: &plugin.ListConfig{ 19 | Hydrate: listSubfinderScan, 20 | KeyColumns: plugin.KeyColumnSlice{ 21 | {Name: "target", Require: plugin.Required}, 22 | }, 23 | }, 24 | Columns: []*plugin.Column{ 25 | {Name: "target", Type: proto.ColumnType_STRING, Transform: transform.FromQual("target"), Description: "The target domain."}, 26 | {Name: "host", Type: proto.ColumnType_STRING, Description: "Host of the discovered domain."}, 27 | {Name: "source", Type: proto.ColumnType_STRING, Description: "The data source."}, 28 | }, 29 | } 30 | } 31 | 32 | type subfinderRow struct { 33 | Domain string 34 | Host string 35 | Source string 36 | } 37 | 38 | func listSubfinderScan(ctx context.Context, d *plugin.QueryData, _ *plugin.HydrateData) (interface{}, error) { 39 | 40 | logger := plugin.Logger(ctx) 41 | target := d.EqualsQualString("target") 42 | logger.Debug("target host", target) 43 | 44 | opts := &runner.Options{ 45 | // All: true, 46 | Threads: 10, 47 | Timeout: 30, 48 | MaxEnumerationTime: 5, 49 | RemoveWildcard: true, 50 | // todo: figure how to make this file requirement something we can feed in from 51 | // this plugins configuration 52 | // ProviderConfig: "your_provider_config.yaml", 53 | } 54 | 55 | opts.ResultCallback = func(result *resolve.HostEntry) { 56 | logger.Debug("got subfinder result", result) 57 | d.StreamListItem(ctx, subfinderRow{ 58 | Domain: result.Domain, 59 | Host: result.Host, 60 | Source: result.Source, 61 | }) 62 | } 63 | 64 | subfinder, err := runner.NewRunner(opts) 65 | if err != nil { 66 | logger.Error("projectdiscovery_subfinder.listSubfinderScan", "new_runner_api_error", err) 67 | return nil, err 68 | } 69 | 70 | if err = subfinder.EnumerateSingleDomainWithCtx(ctx, target, nil); err != nil { 71 | // just log the error 72 | logger.Warn("subfinder enumeration had an error", err) 73 | } 74 | 75 | return nil, nil 76 | } 77 | -------------------------------------------------------------------------------- /projectdiscovery/table_projectdiscovery_tlsx.go: -------------------------------------------------------------------------------- 1 | package projectdiscovery 2 | 3 | import ( 4 | "context" 5 | 6 | "github.com/projectdiscovery/tlsx/pkg/tlsx" 7 | "github.com/projectdiscovery/tlsx/pkg/tlsx/clients" 8 | 9 | "github.com/turbot/steampipe-plugin-sdk/v5/grpc/proto" 10 | "github.com/turbot/steampipe-plugin-sdk/v5/plugin" 11 | "github.com/turbot/steampipe-plugin-sdk/v5/plugin/transform" 12 | ) 13 | 14 | func tableProjectdiscoveryTlsx() *plugin.Table { 15 | return &plugin.Table{ 16 | Name: "projectdiscovery_tlsx", 17 | Description: "Fast and configurable TLS grabber. ", 18 | List: &plugin.ListConfig{ 19 | Hydrate: listTlsxScan, 20 | KeyColumns: plugin.KeyColumnSlice{ 21 | {Name: "target", Require: plugin.Required}, 22 | {Name: `port`, Require: plugin.Optional}, 23 | }, 24 | }, 25 | Columns: []*plugin.Column{ 26 | {Name: "target", Type: proto.ColumnType_STRING, Transform: transform.FromQual("target"), Description: "Original target that was scanned."}, 27 | {Name: "timestamp", Type: proto.ColumnType_TIMESTAMP, Description: "Time when the target was probed."}, 28 | {Name: "ip", Type: proto.ColumnType_IPADDR, Description: "The IP the request was made to."}, 29 | {Name: "port", Type: proto.ColumnType_STRING, Description: "The port the request was made to."}, 30 | {Name: "client", Type: proto.ColumnType_STRING, Transform: transform.FromField("TLSConnection"), Description: "The TLS client used."}, 31 | {Name: "success", Type: proto.ColumnType_BOOL, Transform: transform.FromField("ProbeStatus"), Description: "False if the probe failed."}, 32 | {Name: "error", Type: proto.ColumnType_STRING, Description: "The error that occured, if any."}, 33 | {Name: "version", Type: proto.ColumnType_STRING, Description: "The TLS version the server responded with."}, 34 | {Name: "cipher", Type: proto.ColumnType_STRING, Description: "The cipher used for the probe."}, 35 | {Name: "certificate_response", Type: proto.ColumnType_JSON, Description: "The leaf certificate presented by the server."}, 36 | {Name: "chain", Type: proto.ColumnType_JSON, Description: "The chain of certificates."}, 37 | {Name: "jarm_hash", Type: proto.ColumnType_STRING, Description: "The calculated jarm hash."}, 38 | {Name: "sni", Type: proto.ColumnType_STRING, Transform: transform.FromField("ServerName"), Description: "Server Name Indicator."}, 39 | }, 40 | } 41 | } 42 | 43 | func listTlsxScan(ctx context.Context, d *plugin.QueryData, _ *plugin.HydrateData) (interface{}, error) { 44 | 45 | logger := plugin.Logger(ctx) 46 | host := d.EqualsQualString("target") 47 | logger.Debug("target host", host) 48 | 49 | opts := &clients.Options{ 50 | TLSVersion: true, 51 | TLSChain: true, 52 | Retries: 3, 53 | ReversePtrSNI: true, 54 | Jarm: true, 55 | } 56 | 57 | // todo: handle port as an int. 58 | // special care should be taken here as tlsx expects a string :( 59 | port := d.EqualsQualString("port") 60 | if port == "" { 61 | port = "443" 62 | } 63 | 64 | service, err := tlsx.New(opts) 65 | if err != nil { 66 | return nil, err 67 | } 68 | 69 | // connect to any host either with hostname or ip 70 | // service.Connect(hostname, ip , port string) 71 | resp, err := service.Connect(host, "", port) 72 | if err != nil { 73 | logger.Warn("failed to connect to host and port", host, port, err) 74 | // dont bubble up the error. sometimes there simply isnt tls on the other side. 75 | return nil, nil 76 | } 77 | 78 | d.StreamListItem(ctx, resp) 79 | 80 | return nil, nil 81 | } 82 | --------------------------------------------------------------------------------