Skip to content

Commit

Permalink
Merge pull request #2 from accuknox/accuknox_head_changes
Browse files Browse the repository at this point in the history 
Accuknox head changes
  • Loading branch information
@arnav13081994
arnav13081994 authored Jun 21, 2024
2 parents 39e01d8 + d56f3aa commit 1964225
Show file tree
Hide file tree
Showing 1,915 changed files with 64,642 additions and 3,177 deletions.
5 changes: 3 additions & 2 deletions Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,8 @@ COPY . /var/scan/cloudsploit/
# Install cloudsploit/scan into the container using npm from NPM
RUN cd /var/scan \
&& npm init --yes \
&& npm install ${PACKAGENAME}
&& npm install ${PACKAGENAME} \
&& npm link /var/scan/cloudsploit

# Setup the container's path so that you can run cloudsploit directly
# in case someone wants to customize it when running the container.
Expand All @@ -24,5 +25,5 @@ ENV PATH "$PATH:/var/scan/node_modules/.bin"
# command line arguments to the run command to control how this executes.
# Thus, you can use the parameters that you would normally give to index.js
# when running in a container.
ENTRYPOINT ["cloudsploit-scan"]
ENTRYPOINT ["cloudsploitscan"]
CMD []
47 changes: 47 additions & 0 deletions collectors/alibaba/ack/describeClusterDetail.js
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,47 @@
var ROAClient = require('@alicloud/pop-core').ROAClient;

var apiVersion = '2015-12-15';
var httpMethod = 'GET';
var uriPathClusterDetail = '/clusters/';
var body = '{}';
var headers = {
'Content-Type': 'application/json'
};
var requestOption = {timeout: 30000};

module.exports = function(AlibabaConfig, collection, region, callback) {
let localConfig = { ...AlibabaConfig };
localConfig['endpoint'] = `https://cs.${region}.aliyuncs.com`;
localConfig['apiVersion'] = apiVersion;
var client = new ROAClient(localConfig);

var clusters = collection.ack.describeClustersV1[region].data;
var totalClusters = clusters.length;
var completedRequests = 0;
var allRequestsCompleted = function() {
callback();
};

var executeSingleClusterDetail = function(cluster) {
var clusterId = cluster.cluster_id;
var uriPath = `${uriPathClusterDetail}${clusterId}`;
client.request(httpMethod, uriPath, {}, body, headers, requestOption).then((res) => {
collection.ack.describeClusterDetail[region][clusterId] = {};
collection.ack.describeClusterDetail[region][clusterId].data = res;
completedRequests++;
if (completedRequests === totalClusters) {
allRequestsCompleted();
}
}, (err) => {
collection.ack.describeClusterDetail[region][clusterId] = { err: err };
completedRequests++;
if (completedRequests === totalClusters) {
allRequestsCompleted();
}
});
};

for (var i = 0; i < totalClusters; i++) {
executeSingleClusterDetail(clusters[i]);
}
};
2 changes: 1 addition & 1 deletion collectors/alibaba/ack/describeClustersV1.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ var body = '{}';
var headers = {
'Content-Type': 'application/json'
};
var requestOption = {};
var requestOption = {timeout: 30000};
var pageNumber = 1;

module.exports = function(AlibabaConfig, collection, region, callback) {
Expand Down
12 changes: 11 additions & 1 deletion collectors/alibaba/collector.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -159,6 +159,9 @@ var calls = {
},
DescribeVersionConfig: {
apiVersion: '2018-12-03'
},
DescribeVulConfig: {
apiVersion: '2018-12-03'
}
}
};
Expand Down Expand Up @@ -312,7 +315,14 @@ var postcalls = [
filterValue: ['ApiId', 'GroupId'],
apiVersion: '2016-07-14'
}
}
},
ACK: {
describeClusterDetail: {
reliesOnService: 'ack',
reliesOnCall: 'describeClustersV1',
override: true
}
},
}
];

Expand Down
38 changes: 38 additions & 0 deletions collectors/aws/cloudwatch/getEc2MetricStatistics.js
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,38 @@
var AWS = require('aws-sdk');
var async = require('async');
var helpers = require('../../../helpers/aws');

module.exports = function(AWSConfig, collection, retries, callback) {
var cloudwatch = new AWS.CloudWatch(AWSConfig);

async.eachLimit(collection.ec2.describeInstances[AWSConfig.region].data, 10, function(reservation, cb) {
reservation.Instances.forEach(instance => {
collection.cloudwatch.getEc2MetricStatistics[AWSConfig.region][instance.InstanceId] = {};
var endTime = new Date();
var startTime = new Date();
startTime.setDate(startTime.getDate() - 1);
var params = {
'MetricName': 'CPUUtilization',
'Namespace': 'AWS/EC2',
'StartTime': startTime.toISOString(),
'EndTime': endTime.toISOString(),
'Period': 3600,
'Statistics': ['Average'],
'Dimensions': [
{
Name: 'InstanceId',
Value: instance.InstanceId
}
]
};

helpers.makeCustomCollectorCall(cloudwatch, 'getMetricStatistics', params,retries, null, null, null, function(err, data) {
if (err) collection.cloudwatch.getEc2MetricStatistics[AWSConfig.region][instance.InstanceId].err = err;
if (data) collection.cloudwatch.getEc2MetricStatistics[AWSConfig.region][instance.InstanceId].data = data;
});
});
cb();
}, function() {
callback();
});
};
39 changes: 39 additions & 0 deletions collectors/aws/cloudwatch/getRdsMetricStatistics.js
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,39 @@
var AWS = require('aws-sdk');
var async = require('async');
var helpers = require(__dirname + '/../../../helpers/aws');

module.exports = function(AWSConfig, collection, retries, callback) {
var cloudwatch = new AWS.CloudWatch(AWSConfig);

async.eachLimit(collection.rds.describeDBInstances[AWSConfig.region].data, 10, function(instance, cb){
collection.cloudwatch.getRdsMetricStatistics[AWSConfig.region][instance.DBInstanceIdentifier] = {};
var endTime = new Date();
var startTime = new Date();
startTime.setDate(startTime.getDate() - 7);
var params = {
'MetricName': 'CPUUtilization',
'Namespace':'AWS/RDS',
'StartTime': startTime.toISOString(),
'EndTime': endTime.toISOString(),
'Period': 86400,
'Statistics': ['Average'],
'Dimensions' : [
{
Name: 'DBInstanceIdentifier',
Value: instance.DBInstanceIdentifier
}
]
};

helpers.makeCustomCollectorCall(cloudwatch, 'getMetricStatistics', params, retries, null, null, null, function(err, data) {
if (err) {
collection.cloudwatch.getRdsMetricStatistics[AWSConfig.region][instance.DBInstanceIdentifier].err = err;
}
collection.cloudwatch.getRdsMetricStatistics[AWSConfig.region][instance.DBInstanceIdentifier].data = data;
cb();
});

}, function(){
callback();
});
};
39 changes: 39 additions & 0 deletions collectors/aws/cloudwatch/getRdsReadIOPSMetricStatistics.js
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,39 @@
var AWS = require('aws-sdk');
var async = require('async');
var helpers = require(__dirname + '/../../../helpers/aws');

module.exports = function(AWSConfig, collection, retries, callback) {
var cloudwatch = new AWS.CloudWatch(AWSConfig);

async.eachLimit(collection.rds.describeDBInstances[AWSConfig.region].data, 10, function(instance, cb){
collection.cloudwatch.getRdsReadIOPSMetricStatistics[AWSConfig.region][instance.DBInstanceIdentifier] = {};
var endTime = new Date();
var startTime = new Date();
startTime.setDate(startTime.getDate() - 7);
var params = {
'MetricName': 'ReadIOPS',
'Namespace':'AWS/RDS',
'StartTime': startTime.toISOString(),
'EndTime': endTime.toISOString(),
'Period': 86400,
'Statistics': ['Sum'],
'Dimensions' : [
{
Name: 'DBInstanceIdentifier',
Value: instance.DBInstanceIdentifier
}
]
};

helpers.makeCustomCollectorCall(cloudwatch, 'getMetricStatistics', params, retries, null, null, null, function(err, data) {
if (err) {
collection.cloudwatch.getRdsReadIOPSMetricStatistics[AWSConfig.region][instance.DBInstanceIdentifier].err = err;
}
collection.cloudwatch.getRdsReadIOPSMetricStatistics[AWSConfig.region][instance.DBInstanceIdentifier].data = data;
cb();
});

}, function(){
callback();
});
};
39 changes: 39 additions & 0 deletions collectors/aws/cloudwatch/getRdsWriteIOPSMetricStatistics.js
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,39 @@
var AWS = require('aws-sdk');
var async = require('async');
var helpers = require(__dirname + '/../../../helpers/aws');

module.exports = function(AWSConfig, collection, retries, callback) {
var cloudwatch = new AWS.CloudWatch(AWSConfig);

async.eachLimit(collection.rds.describeDBInstances[AWSConfig.region].data, 10, function(instance, cb){
collection.cloudwatch.getRdsWriteIOPSMetricStatistics[AWSConfig.region][instance.DBInstanceIdentifier] = {};
var endTime = new Date();
var startTime = new Date();
startTime.setDate(startTime.getDate() - 7);
var params = {
'MetricName': 'WriteIOPS',
'Namespace':'AWS/RDS',
'StartTime': startTime.toISOString(),
'EndTime': endTime.toISOString(),
'Period': 86400,
'Statistics': ['Sum'],
'Dimensions' : [
{
Name: 'DBInstanceIdentifier',
Value: instance.DBInstanceIdentifier
}
]
};

helpers.makeCustomCollectorCall(cloudwatch, 'getMetricStatistics', params, retries, null, null, null, function(err, data) {
if (err) {
collection.cloudwatch.getRdsWriteIOPSMetricStatistics[AWSConfig.region][instance.DBInstanceIdentifier].err = err;
}
collection.cloudwatch.getRdsWriteIOPSMetricStatistics[AWSConfig.region][instance.DBInstanceIdentifier].data = data;
cb();
});

}, function(){
callback();
});
};
39 changes: 39 additions & 0 deletions collectors/aws/cloudwatch/getredshiftMetricStatistics.js
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,39 @@
var AWS = require('aws-sdk');
var async = require('async');
var helpers = require(__dirname + '/../../../helpers/aws');

module.exports = function(AWSConfig, collection, retries, callback) {
var cloudwatch = new AWS.CloudWatch(AWSConfig);

async.eachLimit(collection.redshift.describeClusters[AWSConfig.region].data, 10, function(cluster, cb){
collection.cloudwatch.getredshiftMetricStatistics[AWSConfig.region][cluster.ClusterIdentifier] = {};
var endTime = new Date();
var startTime = new Date();
startTime.setDate(startTime.getDate() - 7);
var params = {
'MetricName': 'CPUUtilization',
'Namespace':'AWS/Redshift',
'StartTime': startTime.toISOString(),
'EndTime': endTime.toISOString(),
'Period': 3600,
'Statistics': ['Average'],
'Dimensions' : [
{
Name: 'ClusterIdentifier',
Value: cluster.ClusterIdentifier
}
]
};

helpers.makeCustomCollectorCall(cloudwatch, 'getMetricStatistics', params, retries, null, null, null, function(err, data) {
if (err) {
collection.cloudwatch.getredshiftMetricStatistics[AWSConfig.region][cluster.ClusterIdentifier].err = err;
}
collection.cloudwatch.getredshiftMetricStatistics[AWSConfig.region][cluster.ClusterIdentifier].data = data;
cb();
});

}, function(){
callback();
});
};
35 changes: 30 additions & 5 deletions collectors/aws/ec2/describeSnapshots.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@ var helpers = require(__dirname + '/../../../helpers/aws');
module.exports = function(AWSConfig, collection, retries, callback) {
var ec2 = new AWS.EC2(AWSConfig);
var sts = new AWS.STS(AWSConfig);
var paginating = false;

helpers.makeCustomCollectorCall(sts, 'getCallerIdentity', {}, retries, null, null, null, function(stsErr, stsData) {
if (stsErr || !stsData.Account) {
Expand All @@ -16,6 +17,7 @@ module.exports = function(AWSConfig, collection, retries, callback) {
}

var params = {
MaxResults: 1000,
Filters: [
{
Name: 'owner-id',
Expand All @@ -32,13 +34,36 @@ module.exports = function(AWSConfig, collection, retries, callback) {
]
};

helpers.makeCustomCollectorCall(ec2, 'describeSnapshots', params, retries, null, null, null, function(err, data) {
var paginateCb = function(err, data) {
if (err) {
collection.ec2.describeSnapshots[AWSConfig.region].err = err;
} else {
collection.ec2.describeSnapshots[AWSConfig.region].data = data.Snapshots;
} else if (data) {
if (paginating && data.Snapshots && data.Snapshots.length &&
collection.ec2.describeSnapshots[AWSConfig.region].data &&
collection.ec2.describeSnapshots[AWSConfig.region].data.length) {
collection.ec2.describeSnapshots[AWSConfig.region].data = collection.ec2.describeSnapshots[AWSConfig.region].data.concat(data.Snapshots);
} else if (!paginating) {
collection.ec2.describeSnapshots[AWSConfig.region].data = data.Snapshots;
}
if (data.NextToken &&
collection.ec2.describeSnapshots[AWSConfig.region].data &&
collection.ec2.describeSnapshots[AWSConfig.region].data.length) {
paginating = true;
return execute(data.NextToken);
}
}

callback();
});
};
function execute(nextToken) { // eslint-disable-line no-inner-declarations
var localParams = JSON.parse(JSON.stringify(params || {}));
if (nextToken) localParams['NextToken'] = nextToken;
if (nextToken) {
helpers.makeCustomCollectorCall(ec2, 'describeSnapshots', localParams, retries, null, null, null, paginateCb);
} else {
helpers.makeCustomCollectorCall(ec2, 'describeSnapshots', params, retries, null, null, null, paginateCb);
}
}
execute();
});
};
};
24 changes: 24 additions & 0 deletions collectors/aws/elasticache/describeCacheSubnetGroups.js
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,24 @@
var AWS = require('aws-sdk');
var async = require('async');
var helpers = require(__dirname + '/../../../helpers/aws');

module.exports = function(AWSConfig, collection, retries, callback) {
var elasticache = new AWS.ElastiCache(AWSConfig);

async.eachLimit(collection.elasticache.describeCacheClusters[AWSConfig.region].data, 15, function(cluster, cb){
collection.elasticache.describeCacheSubnetGroups[AWSConfig.region][cluster.CacheSubnetGroupName] = {};
var params = {
CacheSubnetGroupName: cluster.CacheSubnetGroupName
};

helpers.makeCustomCollectorCall(elasticache, 'describeCacheSubnetGroups', params, retries, null, null, null, function(err, data) {
if (err) {
collection.elasticache.describeCacheSubnetGroups[AWSConfig.region][cluster.CacheSubnetGroupName].err = err;
}
collection.elasticache.describeCacheSubnetGroups[AWSConfig.region][cluster.CacheSubnetGroupName].data = data;
cb();
});
}, function(){
callback();
});
};
Loading

0 comments on commit 1964225

Please sign in to comment.