Completed store results in a database project (#32)

Co-authored-by: Ryan Good <usafaryangood@gmail.com> * added initial skeleton; restructured project directories * removed workers directive from luigi; changed input to tko-subs * changed masscan command to use config.tool_paths * linted __init__ files and updated docstring for get_scans * added per-file-ignores for linting * recon-pipeline linted * PoC working for amass results -> db; rudimentary db mgmt commands also * more linting * added database management commands to the shell * db_location passes through to all tasks; masscan results added to db * removed unused imports from masscan.py * added ParseNmapOutput class to handle parsing for database storage * cleaned up repeat code * searchsploit results stored in db * lint/format * gobuster scans now stored in database * fixed test_recon tests to use db_location * fixed web tests * tkosub entries recorded in db * subjack scan results stored in database * webanalyze results stored in db * refactored older commits to use newer helper functions * refactored older commits to use newer helper functions * aquatone results stored in database refactored a few scans to use dbmanager helper functions refactored db structure wrt headers/screenshots added 80/443 to web_ports in config.py * fixed a few queries and re-added webanalyze to FullScan * view targets/endpoints done * overhauled nmap parsing * print all nmap_results good, next to focus on filtering * complex nmap filters complete * nmap printing done * updated pipfile * view web-technologies complete * view searchsploit results complete * removed filesystem code from amass * targetlist moved to db only * targets,amass,masscan all cutover to full database; added view ports * nmap fully db compliant * aquatone and webtargets db compliant * gobuster uses db now * webanalyze db compliant * all scans except corscanner are db compliant * recon tests passing * web tests passing * linted files * added tests for helpers.py and parsers.py * refactored some redundant code * added tests to pre-commit * updated amass tests and pre-commit version * updated recon.targets tests * updated nmap tests * updated masscan tests * updated config tests * updated web targets tests * added gobuster tests * added aquatone tests * added subdomain takeover and webanalyze tests; updated test data * removed homegrown sqlite target in favor of the sqla implementation * added tests for recon-pipeline.py * fixed cluge function to set __package__ globally * updated amass tests * updated targets tests * updated nmap tests * updated masscan tests * updated aquatone tests * updated nmap tests to account for no searchsploit * updated nmap tests to account for no searchsploit * updated masscan tests * updated subjack/tkosub tests * updated web targets tests * updated webanalyze tests * added corscanner tests * linted DBManager a bit * fixed weird cyclic import issue that only happened during docs build; housekeeping * added models tests, removed test_install dir * updated docs a bit; sidenav is wonky * fixed readthedocs requirements.txt * fixed issue where view results werent populated directly after scan * added new tests to pipeline; working on docs * updated a few overlooked view command items * updated tests to reflect changes to shell * incremental push of docs update * documentation done * updated exploitdb install * updated exploitdb install * updated seclists install * parseamass updates db in the event of no amass output * removed corscanner * added pipenv shell to install instructions per @GreaterGoodest * added pipenv shell to install instructions per @GreaterGoodest * added check for chromium-browser during aquatone install; closes #26 * added check for old recon-tools dir; updated Path.resolve calls to Path.expanduser.resolve; fixed very specific import bug due to filesystem location * added CONTIBUTING.md; updated pre-commit hooks/README * added .gitattributes for linguist reporting * updated tests * fixed a few weird bugs found during test * updated README * updated asciinema links in README * updated README with view command video * updated other location for url scheme /status * add ability to specify single target using --target (#31) * updated a few items in docs and moved tool-dict to tools-dir * fixed issue where removing tempfile without --verbose caused scan to fail
2025-12-21 00:04:24 +01:00 · 2020-04-17 10:29:16 -05:00
parent ff801dfc6b
commit 6eb3bd8cb0
4682 changed files with 133470 additions and 7368 deletions
--- a/pipeline/models/target_model.py
+++ b/pipeline/models/target_model.py
@@ -0,0 +1,42 @@
+from sqlalchemy.orm import relationship
+from sqlalchemy import Column, Integer, String, Boolean
+
+from .base_model import Base
+from .port_model import port_association_table
+from .technology_model import technology_association_table
+
+
+class Target(Base):
+    """ Database model that describes a target; This is the model that functions as the "top" model.
+
+    Relationships:
+        ``ip_addresses``: one to many -> :class:`pipeline.models.ip_address_model.IPAddress`
+
+        ``open_ports``: many to many -> :class:`pipeline.models.port_model.Port`
+
+        ``nmap_results``: one to many -> :class:`pipeline.models.nmap_model.NmapResult`
+
+        ``searchsploit_results``: one to many -> :class:`pipeline.models.searchsploit_model.SearchsploitResult`
+
+        ``endpoints``: one to many -> :class:`pipeline.models.endpoint_model.Endpoint`
+
+        ``technologies``: many to many -> :class:`pipeline.models.technology_model.Technology`
+
+        ``screenshots``: one to many -> :class:`pipeline.models.screenshot_model.Screenshot`
+
+    """
+
+    __tablename__ = "target"
+
+    id = Column(Integer, primary_key=True)
+    hostname = Column(String, unique=True)
+    is_web = Column(Boolean, default=False)
+    vuln_to_sub_takeover = Column(Boolean, default=False)
+
+    endpoints = relationship("Endpoint", back_populates="target")
+    ip_addresses = relationship("IPAddress", back_populates="target")
+    screenshots = relationship("Screenshot", back_populates="target")
+    nmap_results = relationship("NmapResult", back_populates="target")
+    searchsploit_results = relationship("SearchsploitResult", back_populates="target")
+    open_ports = relationship("Port", secondary=port_association_table, back_populates="targets")
+    technologies = relationship("Technology", secondary=technology_association_table, back_populates="targets")