ronin-rb / ronin-db-activerecord Goto Github PK
View Code? Open in Web Editor NEWActiveRecord backend for the Ronin Database
Home Page: https://ronin-rb.dev
License: GNU Lesser General Public License v3.0
ActiveRecord backend for the Ronin Database
Home Page: https://ronin-rb.dev
License: GNU Lesser General Public License v3.0
Change WebCredential
to be a join model between Credential
and URL
. This will allow associating the same credential pair (ex: user:password
or email:password
) with multiple URLs.
ronin-web should have models for logging full Rack::Requests into the Database.
Web::HeaderName
Web::Header
Web::PostParamName
Web::PostParam
Web::Request
Add a Note
model for associating arbitrary text nodes with IPAddress
es, HostName
s, URL
s, etc.
URL.import
is not de-duplicating URLs that are already in the database. This appears to be due to find_or_create_by()
not performing the find()
query if one of the attributes is an empty Array. The other reason is that SQL UNIQUE INDEX
s are not enforced on columns which allow NULL
values.
Since Ronin::DB::Service
only contains a unique name, it should include Model::Importable
and define .import
and .lookup
class methods similar to Ronin::DB::HostName
.
Add a URL.with_fragment
query method that simply matching the fragment
attribute.
Since certain model names contain acronyms, we must configure ActiveSupport::Inflector
to preserve them as acronyms instead of converting them to CamelCase when converting the model name into a human readable name:
IPAddress.model_name.human # => "Ip address"
IPAddress.model_name.human # => "IP address"
Add a method which queries all IPAddress
es that exist within the ASN's IP range.
Add a query
attribute to URL
for storing the raw un-parsed query string.
Add a model for storing and querying security advisory IDs in the database.
Change ServiceCredential
to be a join model between Credential
and OpenPort
. This will allow associating the same credential pair (ex: user:password
or email:password
) with multiple services.
It should be possible to see all of the ports which use that service.
Similar to IPAddress.between
, but accepts a Range
or any Range
-like object (defining #begin
and #end
methods).
Add a ASN.with_name
query method that simply matches the name
attribute.
Add a method for looking up the ASN
record for a given IPAddress
.
It should be possible to see all of the services which use that port.
It should be possible to access the IPAddress
es through open_ports
.
Add a ASN.with_country_code
query method that simply matches the country_code
attribute.
Add a method to determine if the database has pending migrations that need to be ran. This will allow any ronin-db
commands to warn the user that migrations are necessary.
Add rubocop to the repository.
rubocop.yml
file which closely matches Ronin's general code style.rubocop
task and add it to the CI.Generate an ERD diagram based on the models/schema to show the structure of the models/associations. The catch is that this is only a library of ActiveRecord models, so it might be tricky to use existing Rails ERD plugins. YMMV
Add a model for storing received DNS queries, such as from ronin-listener-dns.
source_ip
type
label
It should be possible to access the IPAddress
es through open_ports
.
URL.http
URI.https
URL.with_host_name
URL.with_port_number
URL.with_directory
URL.with_ext
URL.with_query_param
URL.with_query_param_name
URL.with_query_param_value
URL.find_url
Add a model which connects an Advisory
model to IPAddress
, HostName
, URL
, OpenPort
, etc.
Add the missing ServiceCredential#to_s
method which should also include the optional host:port
from open_port
.
Release bug fixes.
Change the OS.flavor
attribute to be an enum mapping of linux: 'Linux', bsd: 'BSD', ...
.
Add a flavor
property to OS so we can group OSes by Linux, BSD or Windows.
Re-add JRuby to the CI matrix now that JRuby 9.4 has been released, which adds Ruby 3.1 support.
Add a URL.with_path
query method that simply matching the path
attribute.
It should be possible to figure out when a service was first seen.
Document the ActiveRecord attributes using YARD @!attribute
macro tags.
https://www.rubydoc.info/gems/yard/file/docs/Tags.md#attribute
Re-order the db/migrate/
files such that any time a reference
is created the referenced table should be created before the migration. This will allow the migrations to run on a PostgreSQL database which requires the referenced table to exist before the reference
is created.
Remove the URL.last_scanned_at
attribute in favor of Model::LastScannedAt
.
Add a Cert
model for storing SSL/TLS certificate information. The model should store the serial
number, common_name
, and other subject
fields. In order to store the data in a normalized fashion, we will also need CertSubject
, CertIssuer
, and CertSubjectAltName
models as well. The Cert
module should also have an .import
class method which accepts an OpenSSL::X509::Certificate
object.
It must be possible to store and query ASN ranges. Must store the following columns:
first_ip
/ first_ip_uint
last_ip
/ last_ip_uint
prefix
country_code
name
Instead of running all of the migrations to provision a new database, load a schema dump file.
Example code for dumping and loading the schema: https://github.com/rails/rails/blob/4388275c48d4dda2d59fefc0cb89248b4b037a34/activerecord/lib/active_record/tasks/database_tasks.rb
Add a ASN.with_number
query method that simply matching the number
attribute.
Add a query method that queries all IPAddress
es that exist between a start and end IP address.
It should be possible to figure out when the port was first seen.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.