2. Changed method of hidden stacking of event, to send self as an argument, by inheriting from "Hunter" class. where the publish acts as a proxy to the handler.
3. Added new way of categorizing events, while added an option to subscribe to a father event. if en event gets publish, if its father event is hooked, the hook will be triggered
4. Added a reporter in log/ which listens to parent events, meanwhile Vulnerability and OpenService were added. all logging will be made from reporter from now on
2. Started adding kubelet scanning.
3. Changed events architecture. All events are inheriting from "Event" class. when instantiating and defining a new event class, attributes other than what is important for that perticular event are not needed. the event handler will be stacking the events, so that each event will have all the attributes of its successors.
This proccess is invisible to the developer, but needs to be acknowledged.
*note: from now on, all executors needs to set self.event to given arg on init*
Example (pseudo):
@subscribe(NewHostEvent)
def PortScan(event):
publish(OpenPortEvent(port="8080"))
@subscribe(OpenPortEvent)
def print(event):
print(event.host)
publish(NewHostEvent(host="0.0.0.0"))
>> output: 0.0.0.0
the print function recieves an open port event. even though when publishing the OpenPortEvent we did not specify a host, the print function can access the "host" attribute, as the OpenPortEvent successor was NewHostEvent. if "host" was not defined on the succesors, it is "None"
Added dynamic imports for all modules inside: 'events/', 'discovery/', 'hunting/' (you can now add new files with new implementations, and not worry about imports.)
Changed port timeout to be 1.5 seconds, more reliable results.
Changed default log level to INFO
Added new subscription method for events, using a "subscribe" decorator.
Added an optional predicate function to events, for optional filtering on triggered time. used mainly for OpenPortEvent.
Added proper logging and argparse
Added cleanup of threads when exiting/finishing
The idea is discovering sub paths of resources in the api and sending them for hunting.
Added Dashboard detection from Proxy.
Also improved architecture of discovery/hunting from a "secure" perspective
