-
Notifications
You must be signed in to change notification settings - Fork 72
Database
Daniel Lawson edited this page Oct 16, 2018
·
5 revisions
Armory by default uses SQLite on the backend. It is using SQLAlchemy, so it should be able to use any supported SQL server. Only SQLite has been tested though.
The database is composed of several tables that store relevant information returned from tools and provide information to supply to tools. A basic breakdown of each table and its columns is provided here.
CREATE TABLE cve (
source_tool VARCHAR,
created_date DATETIME,
modified_date DATETIME,
meta VARCHAR,
in_scope BOOLEAN,
passive_scope BOOLEAN,
id INTEGER NOT NULL,
name VARCHAR,
temporal_score FLOAT,
description VARCHAR,
CONSTRAINT pk_cve PRIMARY KEY (id)
);
CREATE TABLE basedomain (
source_tool VARCHAR,
created_date DATETIME,
modified_date DATETIME,
meta VARCHAR,
in_scope BOOLEAN,
passive_scope BOOLEAN,
id INTEGER NOT NULL,
domain VARCHAR,
dns VARCHAR,
CONSTRAINT pk_basedomain PRIMARY KEY (id),
CONSTRAINT uq_basedomain_domain UNIQUE (domain)
);
CREATE TABLE cidr (
source_tool VARCHAR,
created_date DATETIME,
modified_date DATETIME,
meta VARCHAR,
in_scope BOOLEAN,
passive_scope BOOLEAN,
id INTEGER NOT NULL,
cidr VARCHAR,
org_name VARCHAR,
CONSTRAINT pk_cidr PRIMARY KEY (id),
CONSTRAINT uq_cidr_cidr UNIQUE (cidr)
);
CREATE TABLE scopecidr (
source_tool VARCHAR,
created_date DATETIME,
modified_date DATETIME,
meta VARCHAR,
in_scope BOOLEAN,
passive_scope BOOLEAN,
id INTEGER NOT NULL,
cidr VARCHAR,
org_name VARCHAR,
CONSTRAINT pk_scopecidr PRIMARY KEY (id),
CONSTRAINT uq_scopecidr_cidr UNIQUE (cidr)
);
CREATE TABLE domain (
source_tool VARCHAR,
created_date DATETIME,
modified_date DATETIME,
meta VARCHAR,
in_scope BOOLEAN,
passive_scope BOOLEAN,
id INTEGER NOT NULL,
domain VARCHAR,
base_domain_id INTEGER,
whois VARCHAR,
CONSTRAINT pk_domain PRIMARY KEY (id),
CONSTRAINT uq_domain_domain UNIQUE (domain),
CONSTRAINT fk_domain_base_domain_id_basedomain FOREIGN KEY(base_domain_id) REFERENCES basedomain (id)
);
CREATE TABLE user (
source_tool VARCHAR,
created_date DATETIME,
modified_date DATETIME,
meta VARCHAR,
in_scope BOOLEAN,
passive_scope BOOLEAN,
id INTEGER NOT NULL,
email VARCHAR,
first_name VARCHAR,
last_name VARCHAR,
user_name VARCHAR,
domain_id INTEGER,
job_title VARCHAR,
location VARCHAR,
CONSTRAINT pk_user PRIMARY KEY (id),
CONSTRAINT uq_user_email UNIQUE (email),
CONSTRAINT fk_user_domain_id_basedomain FOREIGN KEY(domain_id) REFERENCES basedomain (id)
);
CREATE TABLE ipaddress (
source_tool VARCHAR,
created_date DATETIME,
modified_date DATETIME,
meta VARCHAR,
in_scope BOOLEAN,
passive_scope BOOLEAN,
id INTEGER NOT NULL,
ip_address VARCHAR,
cidr_id INTEGER,
"OS" VARCHAR,
whois VARCHAR,
CONSTRAINT pk_ipaddress PRIMARY KEY (id),
CONSTRAINT uq_ipaddress_ip_address UNIQUE (ip_address),
CONSTRAINT fk_ipaddress_cidr_id_cidr FOREIGN KEY(cidr_id) REFERENCES cidr (id)
);
CREATE TABLE cred (
source_tool VARCHAR,
created_date DATETIME,
modified_date DATETIME,
meta VARCHAR,
in_scope BOOLEAN,
passive_scope BOOLEAN,
id INTEGER NOT NULL,
user_id INTEGER,
password VARCHAR,
passhash VARCHAR,
source VARCHAR,
CONSTRAINT pk_cred PRIMARY KEY (id),
CONSTRAINT fk_cred_user_id_user FOREIGN KEY(user_id) REFERENCES user (id)
);
CREATE TABLE vulnerability (
source_tool VARCHAR,
created_date DATETIME,
modified_date DATETIME,
meta VARCHAR,
in_scope BOOLEAN,
passive_scope BOOLEAN,
id INTEGER NOT NULL,
name VARCHAR,
description VARCHAR,
remediation VARCHAR,
ip_address INTEGER,
severity INTEGER,
exploitable BOOLEAN,
exploit_reference VARCHAR,
CONSTRAINT pk_vulnerability PRIMARY KEY (id),
CONSTRAINT fk_vulnerability_ip_address_ipaddress FOREIGN KEY(ip_address) REFERENCES ipaddress (id)
);
CREATE TABLE domain_ip_table (
domain_id INTEGER,
ip_id INTEGER,
CONSTRAINT fk_domain_ip_table_domain_id_domain FOREIGN KEY(domain_id) REFERENCES domain (id),
CONSTRAINT fk_domain_ip_table_ip_id_ipaddress FOREIGN KEY(ip_id) REFERENCES ipaddress (id)
);
CREATE TABLE port (
source_tool VARCHAR,
created_date DATETIME,
modified_date DATETIME,
meta VARCHAR,
in_scope BOOLEAN,
passive_scope BOOLEAN,
id INTEGER NOT NULL,
port_number INTEGER,
proto VARCHAR,
status VARCHAR,
service_name VARCHAR,
ip_address_id INTEGER,
cert VARCHAR,
info VARCHAR,
CONSTRAINT pk_port PRIMARY KEY (id),
CONSTRAINT fk_port_ip_address_id_ipaddress FOREIGN KEY(ip_address_id) REFERENCES ipaddress (id)
);
CREATE TABLE vulnerability_service_table (
port_id INTEGER,
vulnerability_id INTEGER,
CONSTRAINT fk_vulnerability_service_table_port_id_port FOREIGN KEY(port_id) REFERENCES port (id),
CONSTRAINT fk_vulnerability_service_table_vulnerability_id_vulnerability FOREIGN KEY(vulnerability_id) REFERENCES vulnerability (id)
);
CREATE TABLE url (
source_tool VARCHAR,
created_date DATETIME,
modified_date DATETIME,
meta VARCHAR,
in_scope BOOLEAN,
passive_scope BOOLEAN,
id INTEGER NOT NULL,
path VARCHAR,
method VARCHAR,
status_code INTEGER,
port_id INTEGER,
CONSTRAINT pk_url PRIMARY KEY (id),
CONSTRAINT fk_url_port_id_port FOREIGN KEY(port_id) REFERENCES port (id)
);
CREATE TABLE cve_vulnerability_table (
vulnerability_id INTEGER,
cve_id INTEGER,
CONSTRAINT fk_cve_vulnerability_table_vulnerability_id_vulnerability FOREIGN KEY(vulnerability_id) REFERENCES vulnerability (id),
CONSTRAINT fk_cve_vulnerability_table_cve_id_cve FOREIGN KEY(cve_id) REFERENCES cve (id)--