diff --git a/hawk_scanner/commands/text.py b/hawk_scanner/commands/text.py new file mode 100644 index 0000000..8781c83 --- /dev/null +++ b/hawk_scanner/commands/text.py @@ -0,0 +1,47 @@ +from hawk_scanner.internals import system +from rich.console import Console + +console = Console() + +def check_data_patterns(value, patterns, profile_name): + value_str = str(value) + matches = system.match_strings(value_str) + results = [] + if matches: + for match in matches: + results.append({ + 'pattern_name': match['pattern_name'], + 'matches': match['matches'], + 'sample_text': match['sample_text'], + 'profile': profile_name, + 'data_source': 'text' + }) + return results + +def execute(args, programmatic=False): + results = [] + system.print_info(f"Running Checks for Simple text") + connections = system.get_connection() + patterns = system.get_fingerprint_file() + + if not programmatic: + if 'sources' in connections: + sources_config = connections['sources'] + text_config = sources_config.get('text') + + if text_config: + for key, config in text_config.items(): + text = config.get('text', None) + results += check_data_patterns(text, patterns, key) + else: + system.print_error("No text connection details found in connection.yml") + else: + system.print_error("No 'sources' section found in connection.yml") + else: + text = args.get('text', None) + results += check_data_patterns(text, patterns, 'text') + return results + +# Example usage +if __name__ == "__main__": + execute(None) diff --git a/hawk_scanner/main.py b/hawk_scanner/main.py index 720e2ef..029bcfc 100644 --- a/hawk_scanner/main.py +++ b/hawk_scanner/main.py @@ -21,7 +21,7 @@ def clear_screen(): console = Console() ## Now separate the results by data_source -data_sources = ['s3', 'mysql', 'redis', 'firebase', 'gcs', 'fs', 'postgresql', 'mongodb', 'slack', 'couchdb', 'gdrive', 'gdrive_workspace'] +data_sources = ['s3', 'mysql', 'redis', 'firebase', 'gcs', 'fs', 'postgresql', 'mongodb', 'slack', 'couchdb', 'gdrive', 'gdrive_workspace', 'text'] def load_command_module(command): try: @@ -71,13 +71,16 @@ def main(): grouped_results[data_source].append(result) if args.json: - with open(args.json, 'w') as file: - #file_path = file_path.replace('-runtime.pdf', '') - if 'gdrive_workspace' in grouped_results: - for result in grouped_results['gdrive_workspace']: - result['file_name'] = result['file_name'].replace('-runtime.pdf', '') - - file.write(json.dumps(grouped_results, indent=4)) + if args.json != '': + with open(args.json, 'w') as file: + #file_path = file_path.replace('-runtime.pdf', '') + if 'gdrive_workspace' in grouped_results: + for result in grouped_results['gdrive_workspace']: + result['file_name'] = result['file_name'].replace('-runtime.pdf', '') + + file.write(json.dumps(grouped_results, indent=4)) + else: + print(json.dumps(grouped_results, indent=4)) system.print_success(f"Results saved to {args.json}") sys.exit(0) panel = Panel(Text("Now, lets look at findings!", justify="center")) @@ -109,7 +112,6 @@ def main(): elif group == 'gdrive_workspace': table.add_column("File Name") table.add_column("User") - table.add_column("Pattern Name") table.add_column("Total Exposed") table.add_column("Exposed Values") @@ -455,6 +457,29 @@ def main(): exposed_values=records_mini ) + system.SlackNotify(AlertMsg) + elif group == 'text': + table.add_row( + str(i), + result['profile'], + result['pattern_name'], + str(len(result['matches'])), + records_mini, + result['sample_text'], + ) + AlertMsg = """ + *** PII Or Secret Found *** + Data Source: Text - {vulnerable_profile} + Pattern Name: {pattern_name} + Total Exposed: {total_exposed} + Exposed Values: {exposed_values} + """.format( + vulnerable_profile=result['profile'], + pattern_name=result['pattern_name'], + total_exposed=str(len(result['matches'])), + exposed_values=records_mini + ) + system.SlackNotify(AlertMsg) else: # Handle other cases or do nothing for unsupported groups diff --git a/setup.py b/setup.py index 6d04828..3e9c387 100644 --- a/setup.py +++ b/setup.py @@ -1,4 +1,4 @@ -VERSION = "0.3.7" +VERSION = "0.3.8" from setuptools import setup, find_packages