Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/filewalkwithme/go-gmp
Go library to interact with the Greenbone Vulnerability Manager 11 using the GMP protocol (Greenbone Management Protocol, version 9.0)
https://github.com/filewalkwithme/go-gmp
automation gmp go golang greenbone-management-protocol gvm openvas security security-tools
Last synced: about 2 months ago
JSON representation
Go library to interact with the Greenbone Vulnerability Manager 11 using the GMP protocol (Greenbone Management Protocol, version 9.0)
- Host: GitHub
- URL: https://github.com/filewalkwithme/go-gmp
- Owner: filewalkwithme
- License: mit
- Created: 2020-07-24T16:40:49.000Z (about 4 years ago)
- Default Branch: master
- Last Pushed: 2020-07-28T14:21:43.000Z (about 4 years ago)
- Last Synced: 2024-06-19T04:21:34.590Z (3 months ago)
- Topics: automation, gmp, go, golang, greenbone-management-protocol, gvm, openvas, security, security-tools
- Language: Go
- Homepage:
- Size: 1.93 MB
- Stars: 8
- Watchers: 3
- Forks: 4
- Open Issues: 1
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
- awesome-golang-repositories - go-gmp
README
# GO-GMP
[](https://travis-ci.org/filewalkwithme/go-gmp)
Library to interact with the Greenbone Vulnerability Manager using the [gmp protocol](https://docs.greenbone.net/API/GMP/gmp-9.0.html) (Greenbone Management Protocol, `version 9.0`)
Here you willl find methods to create tasks, targets, scanners and retrieve results generated by the Openvas scanner.
* This library is compatible with the latest version of GVM: 11.0
# Reference
https://docs.greenbone.net/API/GMP/gmp-9.0.html
# Documentation
- https://godoc.org/github.com/filewalkwithme/go-gmp/pkg/9/gmp
- https://godoc.org/github.com/filewalkwithme/go-gmp/pkg/9/gmp/client
- https://godoc.org/github.com/filewalkwithme/go-gmp/pkg/9/gmp/connections
# Sample Usage
```
import (
"github.com/filewalkwithme/go-gmp/pkg/9/gmp"
"github.com/filewalkwithme/go-gmp/pkg/9/gmp/client"
"github.com/filewalkwithme/go-gmp/pkg/9/gmp/connections"
)
```
```
// Connect to GVMD
conn, err := connections.NewUnixConnection("/tmp/openvas-socks/gvmd.sock")
if err != nil {
panic(err)
}
defer conn.Close()
// Instantiate a new GMP Client
gmpClient := client.New(conn)
// Authenticate
auth := &gmp.AuthenticateCommand{}
auth.Credentials.Username = "openvas"
auth.Credentials.Password = "openvas"
_, err = gmpClient.Authenticate(auth)
if err != nil {
panic(err)
}
// Create a new task
newTask := &gmp.CreateTaskCommand{}
newTask.Name = "New Task"
newTask.Config = new(gmp.CreateTaskConfig)
newTask.Config.ID = "b9407b88-7b3c-47f3-a684-3605db80e5fd"
newTask.Target = new(gmp.CreateTaskTarget)
newTask.Target.ID = "a2a964f8-daa7-4e1c-ae3a-a72f06d49dbe"
newTask.Scanner = new(gmp.CreateTaskScanner)
newTask.Scanner.ID = "8abd321a-2eb1-4a7a-a368-fc118dc99a85"
newTaskResp, err := gmpClient.CreateTask(newTask)
if err != nil {
panic(err)
}
// Start the task
st := &gmp.StartTaskCommand{}
st.TaskID = newTaskResp.ID
_, err = gmpClient.StartTask(st)
if err != nil {
panic(err)
}
```
# Sample Application
First, you will need to start an Greenbone Security Assistant instance. For this example we will use [gvm-openvas-docker](https://github.com/filewalkwithme/gvm-openvas-docker.git), a ready to use GSA Docker image. We are going to expose the GVMD Unix Socket under `/tmp/openvas-socks/gvmd.sock`
```
git clone https://github.com/filewalkwithme/openvas-in-the-box.git
sudo docker build openvas-in-the-box -t openvas
sudo docker run -d --rm -ti -p 80:80 -p 443:443 -v /tmp/openvas-socks:/var/run --name openvas openvas
```
Wait some seconds until `/tmp/openvas-socks/gvmd.sock` gets created by the container.
```
sleep 60
ls /tmp/openvas-socks/gvmd.sock
```
Confirm that GSA is available at https://127.0.0.1
Next, we will execute the sample application avaible under the `examples` folder:
```
cd examples
go build -o go-gmp
./go-gmp
```
The sample application will generate an output like this:
```
Connecting to GVMD...
-> ok
Instantiate a new GMP Client
-> ok
Authenticating...
-> ok
Getting the Default scanner...
-> ok (scanner id: 08b69003-5fc2-4037-a479-93b440211c73)
Getting the configuration named "Full and fast"...
-> ok (config id: daba56c8-73ec-11df-a475-002264764cea)
Creating a new target...
-> ok (target id: 34e34484-2dfa-4f01-b9fe-2b90e4a38fba)
Creating a new task...
-> ok (task id: d82a368f-acfa-422e-a78a-63727861f5a9)
Start the task
Monitoring task progress...
Monitoring task progress: 1%
Monitoring task progress: 2%
Monitoring task progress: 6%
Monitoring task progress: 8%
Monitoring task progress: 14%
Monitoring task progress: 52%
Monitoring task progress: 80%
Monitoring task progress: 90%
Monitoring task progress: 98%
Monitoring task progress: 100%
Result[0]: CGI Scanning Consolidation (score: 0.0)
...
Result[7]: HTTP Security Headers Detection (score: 0.0)
...
Result[15]: Services (score: 0.0)
...
Result[20]: SSL/TLS: Diffie-Hellman Key Exchange Insufficient DH Group Strength Vulnerability (score: 4.0)
Result[37]: SSL/TLS: Report Vulnerable Cipher Suites for HTTPS (score: 5.0)
Result[38]: SSL/TLS: Report Weak Cipher Suites (score: 4.3)
Result[39]: Traceroute (score: 0.0)
Result[40]: Unknown OS and Service Banner Reporting (score: 0.0)
```
# Tests
```
go test ./... -coverprofile=coverage.out
? github.com/filewalkwithme/go-gmp/examples [no test files]
ok github.com/filewalkwithme/go-gmp/pkg/9/gmp 0.004s coverage: [no statements]
ok github.com/filewalkwithme/go-gmp/pkg/9/gmp/client 0.017s coverage: 100.0% of statements
ok github.com/filewalkwithme/go-gmp/pkg/9/gmp/connections 0.009s coverage: 100.0% of statements
ok github.com/filewalkwithme/go-gmp/pkg/9/gmp/connections/internal/implementation 0.003s coverage: 100.0% of statements
```
HTML Report:
```
go tool cover -html=coverage.out
```