mirror of
https://github.com/lunchcat/sif.git
synced 2026-06-27 17:02:56 -07:00
Tigah
d0e986736d
modules/recon/influxdb-api-exposure.yaml flags an exposed InfluxDB instance through its unauthenticated /health endpoint, keyed on the influxdb name paired with the ready-for-queries health message, then extracts the version. modules/recon/arangodb-api-exposure.yaml flags an ArangoDB instance reachable anonymously through its /_api/version endpoint, keyed on the arango server name paired with the version field, then extracts the version. the 200 gate is what proves anonymous reach: an auth-enabled instance answers with a 401. modules/recon/neo4j-api-exposure.yaml flags an exposed Neo4j instance through its unauthenticated root discovery endpoint, keyed on the neo4j version paired with the neo4j edition, then extracts the version. internal/modules/http_database_exposure_test.go drives the three modules through ExecuteHTTPModule and asserts the leak alongside the near misses a strict review wants pinned: each service with one keying field missing, a non-arango response, an arango that requires auth, a generic health json, a plain 200 and a 404. verify: go test ./internal/modules, each matcher and extractor proven to bite (break -> red, restore -> green).