SYMBOL INDEX (257 symbols across 60 files) FILE: cli/analyze.go function analyze (line 11) | func analyze() { FILE: cli/banner.go constant versions (line 3) | versions = "v1.0.11" FILE: cli/cobra.go function NoArgs (line 11) | func NoArgs(cmd *cobra.Command, args []string) error { FILE: cli/command.go function Execute (line 32) | func Execute() error { FILE: cli/scan.go function scan (line 16) | func scan() { FILE: cmd/vesta/main.go function main (line 10) | func main() { FILE: internal/analyzer/analyze.go method Analyze (line 17) | func (s *Scanner) Analyze(ctx context.Context) error { method Kanalyze (line 48) | func (ks *KScanner) Kanalyze(ctx context.Context) error { method checkDockerList (line 58) | func (s *Scanner) checkDockerList(config *types.ContainerJSON) error { method checkKubernetesList (line 118) | func (ks *KScanner) checkKubernetesList(ctx context.Context) error { function checkDockerVersion (line 285) | func checkDockerVersion(cli vulnlib.Client, serverVersion string) (bool,... function checkKernelVersion (line 319) | func checkKernelVersion(cli vulnlib.Client, kernelVersion osrelease.Kern... FILE: internal/analyzer/analyze_test.go function TestSortSeverity (line 8) | func TestSortSeverity(t *testing.T) { function TestWeakPassword (line 28) | func TestWeakPassword(t *testing.T) { function TestMalware (line 77) | func TestMalware(t *testing.T) { FILE: internal/analyzer/docker.go method checkDockerContext (line 22) | func (s *Scanner) checkDockerContext(ctx context.Context, images []*_ima... function checkSwarmLabels (line 105) | func checkSwarmLabels(labels map[string]string, name, configType string)... method checkSwarmSecrets (line 149) | func (s *Scanner) checkSwarmSecrets() error { method checkSwarmConfigs (line 181) | func (s *Scanner) checkSwarmConfigs() error { method checkDockerService (line 248) | func (s *Scanner) checkDockerService() error { method checkSwarm (line 323) | func (s *Scanner) checkSwarm() error { function checkPrivileged (line 350) | func checkPrivileged(config *types.ContainerJSON) (bool, []*threat) { function checkMount (line 405) | func checkMount(config *types.ContainerJSON) (bool, []*threat) { function checkEnvPassword (line 430) | func checkEnvPassword(config *types.ContainerJSON) (bool, []*threat) { function checkNetworkModel (line 522) | func checkNetworkModel(config *types.ContainerJSON, version string) (boo... function checkPid (line 561) | func checkPid(config *types.ContainerJSON) (bool, []*threat) { function checkImageUsed (line 583) | func checkImageUsed(config *types.ContainerJSON, vulnContainers []*conta... function checkDockerUnauthorized (line 613) | func checkDockerUnauthorized() (bool, []*threat) { function checkImages (line 663) | func checkImages(images []*_image.ImageInfo) (bool, []*threat) { FILE: internal/analyzer/docker_history.go function CheckHistories (line 14) | func CheckHistories(images []*_image.ImageInfo) (bool, []*threat) { function echoPass (line 186) | func echoPass(cmd string, env map[string]string) string { function getEnv (line 223) | func getEnv(images []imagev1.HistoryResponseItem) map[string]string { function checkEnv (line 243) | func checkEnv(env map[string]string) (bool, []*threat) { FILE: internal/analyzer/k8s_cni.go method checkCNI (line 31) | func (ks *KScanner) checkCNI() error { function checkEnvoy (line 78) | func checkEnvoy() (bool, []*threat) { method checkIstio (line 197) | func (ks *KScanner) checkIstio(vulnCli vulnlib.Client) (bool, []*threat) { method checkIstioHeader (line 263) | func (ks *KScanner) checkIstioHeader(podname, ns, cname string) (bool, [... method checkCilium (line 329) | func (ks *KScanner) checkCilium(vulnCli vulnlib.Client) (bool, []*threat) { method checkIngressNginx (line 394) | func (ks *KScanner) checkIngressNginx(vulnCli vulnlib.Client) (bool, []*... method checkKubelet (line 509) | func (ks *KScanner) checkKubelet() (bool, []*threat) { function checkKubeletUnauthorized (line 565) | func checkKubeletUnauthorized(ip string) (bool, []*threat) { function checkKubectlProxy (line 617) | func checkKubectlProxy() (bool, []*threat) { method checkEtcd (line 693) | func (ks *KScanner) checkEtcd() (bool, []*threat) { FILE: internal/analyzer/k8s_configuration.go method getNodeInfor (line 22) | func (ks *KScanner) getNodeInfor(ctx context.Context) error { method dockershimCheck (line 55) | func (ks *KScanner) dockershimCheck(ctx context.Context) error { method kernelCheck (line 98) | func (ks *KScanner) kernelCheck(ctx context.Context) error { method checkPersistentVolume (line 129) | func (ks *KScanner) checkPersistentVolume() error { type RBACVuln (line 176) | type RBACVuln struct method checkPod (line 183) | func (ks *KScanner) checkPod(ns string) error { method checkPodSecurityPolicy (line 224) | func (ks *KScanner) checkPodSecurityPolicy() error { method checkDaemonSet (line 321) | func (ks *KScanner) checkDaemonSet(ns string) error { method checkJobsOrCornJob (line 380) | func (ks *KScanner) checkJobsOrCornJob(ns string) error { method checkCerts (line 493) | func (ks *KScanner) checkCerts() error { function checkK8sVersion (line 526) | func checkK8sVersion(cli vulnlib.Client, k8sVersion string) (bool, []*th... FILE: internal/analyzer/k8s_dashboard.go method checkKuberDashboard (line 12) | func (ks *KScanner) checkKuberDashboard() error { method checkDashboardRBAC (line 49) | func (ks *KScanner) checkDashboardRBAC(th *threat) { FILE: internal/analyzer/k8s_pod.go method podAnalyze (line 16) | func (ks *KScanner) podAnalyze(podSpec v1.PodSpec, rv RBACVuln, ns, podN... function checkPodVolume (line 159) | func checkPodVolume(container v1.Volume) (bool, []*threat) { function checkPodPrivileged (line 186) | func checkPodPrivileged(container v1.Container) (bool, []*threat) { method checkSidecarEnv (line 264) | func (ks *KScanner) checkSidecarEnv(container v1.Container, ns string) (... function checkResourcesLimits (line 394) | func checkResourcesLimits(container v1.Container, volumes []v1.Volume) (... function checkPodAccountService (line 477) | func checkPodAccountService(container v1.Container, rv RBACVuln) (bool, ... function checkPodAnnotation (line 525) | func checkPodAnnotation(ans map[string]string) (bool, []*threat) { method checkPodCommand (line 571) | func (ks *KScanner) checkPodCommand(container v1.Container, ns string) (... method checkPodNodeSelector (line 656) | func (ks *KScanner) checkPodNodeSelector(podSpec v1.PodSpec) (bool, []*t... FILE: internal/analyzer/k8s_rbac.go method checkRoleBinding (line 15) | func (ks *KScanner) checkRoleBinding(ns string) error { method checkClusterBinding (line 168) | func (ks *KScanner) checkClusterBinding() error { function checkMatchingRole (line 317) | func checkMatchingRole(clr []rv1.ClusterRole, rol []rv1.Role, ruleName s... method checkConfigMap (line 383) | func (ks *KScanner) checkConfigMap(ns string) error { method checkSecret (line 473) | func (ks *KScanner) checkSecret(ns string) error { method checkSecretFromName (line 573) | func (ks *KScanner) checkSecretFromName(ns, key, seName, envName string)... method checkConfigFromName (line 598) | func (ks *KScanner) checkConfigFromName(ns, key, seName, envName string)... method findSecretOrConfigMapValue (line 623) | func (ks *KScanner) findSecretOrConfigMapValue(name, com, ns string) str... function findVulnEnvName (line 669) | func findVulnEnvName[T []byte | string](data map[string]T, key, envName,... function RBACVulnTypeJudge (line 727) | func RBACVulnTypeJudge(rules, resources []string) (string, string) { FILE: internal/analyzer/scanner.go type Scanner (line 9) | type Scanner struct type container (line 17) | type container struct type threat (line 28) | type threat struct type KScanner (line 38) | type KScanner struct type nodeInfo (line 48) | type nodeInfo struct FILE: internal/analyzer/utils.go type AnType (line 64) | type AnType struct function checkWeakPassword (line 70) | func checkWeakPassword(pass string) string { function compareVersion (line 135) | func compareVersion(currentVersion, maxVersion, minVersion string) bool { function checkPrefixMountPaths (line 197) | func checkPrefixMountPaths(path string) bool { function checkFullPaths (line 206) | func checkFullPaths(path string) bool { function checkMountPath (line 216) | func checkMountPath(path string) bool { function sortSeverity (line 221) | func sortSeverity(threats []*threat) { type MalReporter (line 227) | type MalReporter struct type MalLevel (line 233) | type MalLevel constant Unknown (line 237) | Unknown MalLevel = 0 constant Confusion (line 239) | Confusion MalLevel = 1 constant Executable (line 241) | Executable MalLevel = 2 function maliciousContentCheck (line 244) | func maliciousContentCheck(command string) MalReporter { function decodeBase64 (line 314) | func decodeBase64(content string) []byte { function standardDeviation (line 342) | func standardDeviation[T float64 | int](num []T) float64 { function isPath (line 355) | func isPath(content string) bool { method findEnvValue (line 368) | func (ks *KScanner) findEnvValue(container v1.Container, name, ns string... method getRBACVulnType (line 397) | func (ks *KScanner) getRBACVulnType(ns string) RBACVuln { method checkConfigVulnType (line 443) | func (ks *KScanner) checkConfigVulnType(ns, name, ty string, configReg *... method getPodFromLabels (line 469) | func (ks *KScanner) getPodFromLabels(ns string, matchLabels map[string]s... method addExtraPod (line 495) | func (ks *KScanner) addExtraPod(ns string, p v1.Pod, vList []*threat) { method prunePod (line 522) | func (ks *KScanner) prunePod(ns, podName string) (bool, error) { FILE: internal/encode.go function RandomString (line 8) | func RandomString() string { FILE: internal/extract.go function exists (line 15) | func exists(path string) bool { function mkFolder (line 28) | func mkFolder(foldername string) string { function Extract (line 39) | func Extract(ctx context.Context, tarPath string, tarIO []io.ReadCloser)... FILE: internal/inspect.go function Inspect (line 10) | func Inspect(ctx context.Context, tempPath string, tarReader *tar.Reader... FILE: internal/report/files.go function exists (line 19) | func exists(path string) bool { function getOutputFile (line 31) | func getOutputFile(ctx context.Context) (string, error) { function ScanToJson (line 62) | func ScanToJson(ctx context.Context, r vulnscan.Scanner) error { function AnalyzeDockerToJson (line 83) | func AnalyzeDockerToJson(ctx context.Context, r analyzer.Scanner) error { function AnalyzeKubernetesToJson (line 104) | func AnalyzeKubernetesToJson(ctx context.Context, r analyzer.KScanner) e... FILE: internal/report/output.go function ResolveAnalysisData (line 18) | func ResolveAnalysisData(ctx context.Context, r vulnscan.Scanner) error { function ResolveDockerData (line 87) | func ResolveDockerData(ctx context.Context, r analyzer.Scanner) error { function ResolveKuberData (line 141) | func ResolveKuberData(ctx context.Context, r analyzer.KScanner) error { function judgeSeverity (line 252) | func judgeSeverity(severity string) string { FILE: internal/scanner.go type Vuln (line 11) | type Vuln struct type Inpsectors (line 21) | type Inpsectors struct FILE: internal/utils.go function DoScan (line 26) | func DoScan(ctx context.Context, tarFile string, tarIO []io.ReadCloser) { function DoInspectInDocker (line 126) | func DoInspectInDocker(ctx context.Context) { function DoInspectInKubernetes (line 175) | func DoInspectInKubernetes(ctx context.Context) { FILE: internal/vulnscan/scanner.go type Scanner (line 8) | type Scanner struct type vulnComponent (line 16) | type vulnComponent struct FILE: internal/vulnscan/utils.go function sortSeverity (line 14) | func sortSeverity(vulnComponents []*vulnComponent) { function exists (line 20) | func exists(path string) bool { function listPythonSitePack (line 32) | func listPythonSitePack(sitePath string) []string { function listPythonPth (line 57) | func listPythonPth(sitePath string) []string { FILE: internal/vulnscan/vuln.go method Scan (line 23) | func (ps *Scanner) Scan(ctx context.Context, m *layer.Manifest, p *packa... function getInfo (line 106) | func getInfo(row *vulnlib.DBRow, version, packType string) *vulnComponent { function compareVersion (line 126) | func compareVersion(rows []*vulnlib.DBRow, cv, ty string, cp []string) (... function compareRpmVersion (line 223) | func compareRpmVersion(rows []*vulnlib.DBRow, cv, ty string, cp []string... method checkPythonModule (line 305) | func (ps *Scanner) checkPythonModule(ctx context.Context, pys []*package... method checkNpmModule (line 410) | func (ps *Scanner) checkNpmModule(ctx context.Context, nodes []*packages... method checkGoMod (line 462) | func (ps *Scanner) checkGoMod(ctx context.Context, gobins []*packages.GO... method checkJavaPacks (line 490) | func (ps *Scanner) checkJavaPacks(ctx context.Context, javas []*packages... method checkPHPPacks (line 518) | func (ps *Scanner) checkPHPPacks(ctx context.Context, phps []*packages.P... method checkRustPacks (line 546) | func (ps *Scanner) checkRustPacks(ctx context.Context, rusts []*packages... method checkPackageVersion (line 574) | func (ps *Scanner) checkPackageVersion(ctx context.Context, packs []*pac... method getOthers (line 624) | func (ps *Scanner) getOthers(ctx context.Context, others []*packages.Oth... method checkPassword (line 648) | func (ps *Scanner) checkPassword(ctx context.Context, m *layer.Manifest)... FILE: pkg/extractor.go function exists (line 14) | func exists(path string) bool { function Walk (line 27) | func Walk(tarReader *tar.Reader, path string) error { function AnalyzeTarLayer (line 72) | func AnalyzeTarLayer(tarReader *tar.Reader, tempPath string) (string, st... FILE: pkg/inspector/client.go type DockerApi (line 13) | type DockerApi struct FILE: pkg/inspector/container.go method GetContainerName (line 13) | func (da *DockerApi) GetContainerName(containerID string) ([]io.ReadClos... method GetAllContainers (line 64) | func (da *DockerApi) GetAllContainers() ([]*types.ContainerJSON, error) { method GetEngineVersion (line 85) | func (da *DockerApi) GetEngineVersion(ctx context.Context) (string, erro... method GetDockerServerVersion (line 104) | func (da *DockerApi) GetDockerServerVersion(ctx context.Context) (string... method FindDockerService (line 119) | func (da *DockerApi) FindDockerService(name string) bool { FILE: pkg/inspector/image.go method GetImageName (line 14) | func (da *DockerApi) GetImageName(imageID string) ([]io.ReadCloser, erro... type ImageInfo (line 49) | type ImageInfo struct method GetAllImage (line 54) | func (da *DockerApi) GetAllImage() ([]*ImageInfo, error) { FILE: pkg/inspector/utils.go function GetTarFromID (line 11) | func GetTarFromID(ctx context.Context, ID string) ([]io.ReadCloser, erro... FILE: pkg/layer/files.go method File (line 9) | func (m *Manifest) File(file string) (*bytes.Buffer, error) { FILE: pkg/layer/integrator.go function md5Stamp (line 21) | func md5Stamp() string { method GetLayers (line 27) | func (m *Manifest) GetLayers(ctx context.Context, tarReader *tar.Reader,... FILE: pkg/layer/layer.go type Layer (line 12) | type Layer struct method Integration (line 17) | func (l *Layer) Integration(dir, layerHash string) error { FILE: pkg/layer/manifest.go type Manifest (line 7) | type Manifest struct FILE: pkg/match/match_test.go function TestPythonMatch (line 8) | func TestPythonMatch(t *testing.T) { function TestPythonNormalPackages (line 70) | func TestPythonNormalPackages(t *testing.T) { function TestNodeMatch (line 105) | func TestNodeMatch(t *testing.T) { function TestNpmNormalPackages (line 143) | func TestNpmNormalPackages(t *testing.T) { FILE: pkg/match/node_packs.go function NpmMatch (line 12) | func NpmMatch(pack string) Suspicion { FILE: pkg/match/python_packs.go function PyMatch (line 39) | func PyMatch(pack string) Suspicion { function malwareCheck (line 66) | func malwareCheck(pack string) string { function PyMalwareScan (line 77) | func PyMalwareScan(filename string) Suspicion { function pyCheckLink (line 123) | func pyCheckLink(d []string) string { function pyCheckCommand (line 143) | func pyCheckCommand(d []string, data string) string { FILE: pkg/match/utils.go type Suspicion (line 9) | type Suspicion struct type Operation (line 14) | type Operation constant Unknown (line 18) | Unknown Operation = 0 constant Confusion (line 20) | Confusion Operation = 1 constant Malware (line 22) | Malware Operation = 2 function compare (line 25) | func compare(pack1, pack2 string) float64 { function confusionCheck (line 43) | func confusionCheck(pack string, datas []string) string { FILE: pkg/osrelease/analyzer.go function KernelParse (line 23) | func KernelParse(kernel string) KernelVersion { function GetKernelVersion (line 44) | func GetKernelVersion(ctx context.Context) (KernelVersion, error) { function DetectOs (line 140) | func DetectOs(ctx context.Context, m layer.Manifest) (*OsVersion, error) { function parse (line 166) | func parse(config, path string) (map[string]string, error) { function getOs (line 204) | func getOs(config, path string) (*OsVersion, error) { FILE: pkg/osrelease/osversion.go type OsVersion (line 5) | type OsVersion struct type KernelVersion (line 12) | type KernelVersion struct FILE: pkg/packages/apt.go method getAptPacks (line 9) | func (s *Packages) getAptPacks(ctx context.Context, dpkg string) error { FILE: pkg/packages/arch.go method getArchPacks (line 9) | func (s *Packages) getArchPacks(ctx context.Context, pacman string) error { FILE: pkg/packages/general.go method Traverse (line 16) | func (s *Packages) Traverse(ctx context.Context) error { function getHTMLType (line 240) | func getHTMLType(path string) string { function checkLiblzma (line 288) | func checkLiblzma(path string) bool { FILE: pkg/packages/get_package.go method GetApp (line 13) | func (s *Packages) GetApp(ctx context.Context) error { FILE: pkg/packages/go.go type MOD (line 9) | type MOD struct type GOBIN (line 15) | type GOBIN struct function getGOPacks (line 21) | func getGOPacks(rt io.ReaderAt) (*GOBIN, error) { FILE: pkg/packages/java.go type JAVA (line 13) | type JAVA struct type Jar (line 19) | type Jar struct function getJavaPacks (line 40) | func getJavaPacks(rt io.ReaderAt, size int64) (*JAVA, error) { function parseProperties (line 78) | func parseProperties(file *zip.File) (*Jar, error) { function parseManifest (line 107) | func parseManifest(file *zip.File) string { function parseLib (line 128) | func parseLib(jarName string) (*Jar, error) { FILE: pkg/packages/node.go type NPM (line 14) | type NPM struct type Node (line 19) | type Node struct method getNodeModulePacks (line 24) | func (s *Packages) getNodeModulePacks(nodePath string) error { function getNodeModules (line 50) | func getNodeModules(path string, dir []fs.FileInfo) ([]*NPM, error) { FILE: pkg/packages/package.go type Packages (line 8) | type Packages struct type Package (line 24) | type Package struct type Other (line 31) | type Other struct FILE: pkg/packages/parse_test.go function TestParseGo (line 10) | func TestParseGo(t *testing.T) { function TestParseJava (line 55) | func TestParseJava(t *testing.T) { function TestParsePHP (line 111) | func TestParsePHP(t *testing.T) { FILE: pkg/packages/php.go type PHP (line 16) | type PHP struct type PHPPack (line 22) | type PHPPack struct function getPHPPacks (line 31) | func getPHPPacks(r io.Reader) (*PHP, error) { function parsePHPName (line 64) | func parsePHPName(r io.Reader) string { function getWordpressInfo (line 76) | func getWordpressInfo(dir string) (*PHP, error) { function parseWordpressPluginVersion (line 142) | func parseWordpressPluginVersion(dir, pluginName string) string { FILE: pkg/packages/python.go type PIP (line 19) | type PIP struct type Python (line 24) | type Python struct method getSitePacks (line 34) | func (s *Packages) getSitePacks(ctx context.Context) error { function getPIPModules (line 66) | func getPIPModules(path string) ([]*PIP, error) { function getPyproject (line 83) | func getPyproject(filename string) (*Python, error) { function getLocalPythonPacks (line 121) | func getLocalPythonPacks(path string) ([]*PIP, error) { function parse (line 141) | func parse(pathname string) *PIP { function exists (line 151) | func exists(path string) bool { FILE: pkg/packages/rpm.go method getRpmPacks (line 10) | func (s *Packages) getRpmPacks(ctx context.Context) error { FILE: pkg/packages/rust.go type Rust (line 9) | type Rust struct type Cargo (line 15) | type Cargo struct function getRustPacks (line 20) | func getRustPacks(rt io.ReaderAt) (*Rust, error) { FILE: pkg/vulnlib/client.go type Client (line 8) | type Client struct type DBRow (line 15) | type DBRow struct type cpes (line 30) | type cpes struct type vuln (line 37) | type vuln struct FILE: pkg/vulnlib/cvss.go constant cvssUrl (line 22) | cvssUrl = "https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-%d.json.gz" constant firstYear (line 24) | firstYear = 2010 method GetCvss (line 27) | func (c *Client) GetCvss(ctx context.Context) error { function store (line 87) | func store(r io.Reader, filename string) error { method cvssToDB (line 100) | func (c *Client) cvssToDB() error { function readCVSS (line 131) | func readCVSS(filename string, handle func(filename string) error) error { method cvssParse (line 168) | func (c *Client) cvssParse(data string) error { function cpeParse (line 240) | func cpeParse(cpe []interface{}) []*cpes { function findName (line 337) | func findName(cpeList []*cpes, name string) int { FILE: pkg/vulnlib/db.go method Init (line 17) | func (cli *Client) Init() error { method update (line 78) | func (cli *Client) update(v *vuln) error { method QueryVulnByName (line 103) | func (cli *Client) QueryVulnByName(name string) ([]*DBRow, error) { method QueryVulnByCVEID (line 137) | func (cli *Client) QueryVulnByCVEID(cveid string) ([]*DBRow, error) { FILE: pkg/vulnlib/getvuln.go function Fetch (line 18) | func Fetch(ctx context.Context) error { function getHomeDir (line 100) | func getHomeDir() (string, error) { function exists (line 116) | func exists(path string) bool { function mkFolder (line 128) | func mkFolder(path string) error { function checkExpired (line 138) | func checkExpired(path string) bool { function writeLog (line 184) | func writeLog(path string) error { FILE: pkg/vulnlib/oscs.go constant OSCSUrl (line 20) | OSCSUrl = "https://www.oscs1024.com/oscs/v1/intelligence/list" constant OSCSVulnUrl (line 21) | OSCSVulnUrl = "https://www.oscs1024.com/oscs/v1/vdb/info" constant pageSize (line 23) | pageSize = 50 method GetOSCS (line 26) | func (c *Client) GetOSCS(ctx context.Context) error { function oscsRequest (line 82) | func oscsRequest(cli *http.Client, page int) ([]byte, error) { method oscsVulnParse (line 116) | func (c *Client) oscsVulnParse(mps string) ([]byte, error) { method oscsParse (line 148) | func (c *Client) oscsParse(data interface{}) error { method oscsToDB (line 173) | func (c *Client) oscsToDB(com map[string]interface{}) error {