Skip to content

dhbarman/vulnerability

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits
.idea
.idea
 
 
data
data
 
 
db-init
db-init
 
 
db
db
 
 
models
models
 
 
server
server
 
 
service
service
 
 
Dockerfile
Dockerfile
 
 
README.md
README.md
 
 
docker-compose.yaml
docker-compose.yaml
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 
main.go
main.go
 
 

Repository files navigation

Vulnerability Scan Service

A Golang-based service for processing and analyzing vulnerability scan results. This service provides APIs to get scan results from a repo, upload scan results, query vulnerabilities.

Features

  • Retrieves JSON format files from a repo
  • Processes vulnerability scan results in JSON format
  • Stores vulnerability data in PostgreSQL database
  • Queries vulnerabilities with filtering options
  • Prevent duplicate entries

Prerequisites

  • Docker and Docker Compose
  • Go 1.20 or higher (for local development)
  • PostgreSQL 13 or higher (for local development)

Project Structure

/vulnerability
  ├── main.go             # Application entrypoints
  |── db                  # Database operations
  |── db-init             # Initial sql file eexy
  |── models              # Data models 
  |── server              # HTTP handlers and routes 
  |── service             # Business logic
  ├── Dockerfile          # Docker build instructions
  ├── docker-compose.yml  # Docker compose configuration
  └── README.md           # This file

Quick Start

  1. Clone the repository:
git clone https://github.com/dhbarman/vulnerability.git
cd vulnerability
  1. Start the service using Docker Compose:
docker-compose up -d
  1. The service will be available at http://localhost:8080

API Endpoints

Get scan results from a repo and upload into database

POST /getfiles
Content-Type: application/json

Upload scan data from a scan result file into database

POST /populatedb
Content-Type: application/json

Query Vulnerabilities

GET /query?severity=CRITICAL&status=active&package=nginx

Health Check

GET /health

Development

  1. Install dependencies:
go mod download
  1. Set up the database:
psql -U postgres -f db-init/init.sql
  1. Run the service:
go run ./main.go

Environment Variables

  • DATABASE_URL: PostgreSQL connection string (default: "postgresql://scanneruser:scannerpass@localhost:5432/scannerdb?sslmode=disable")
  • PORT: Server port (default: 8080)
  • APP_ENV: Application environment (development/production)

Testing

Run the tests:

go test ./...

Docker Build

Build the Docker image:

docker build -t vuln-scanner .

Run the container:

docker run -p 8080:8080 vuln-scanner

Example Scan Result Format

{
  "scan_id": "scan_123456789",
  "timestamp": "2025-01-28T10:30:00Z",
  "scan_status": "completed",
  "resource_type": "container",
  "resource_name": "app-container:latest",
  "vulnerabilities": [
    {
      "id": "CVE-2024-1234",
      "severity": "HIGH",
      "cvss": 8.5,
      "status": "fixed",
      "package_name": "openssl",
      "current_version": "1.1.1t-r0",
      "fixed_version": "1.1.1u-r0",
      "description": "Buffer overflow vulnerability in OpenSSL",
      "published_date": "2024-01-15T00:00:00Z",
      "link": "https://nvd.nist.gov/vuln/detail/CVE-2024-1234",
      "risk_factors": [
        "Remote Code Execution",
        "High CVSS Score",
        "Public Exploit Available"
      ]
    }
  ]
}

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages