Release v4.5.0 with a new markdown summary report

Author: j3ssie

Makefile

@@ -9,19 +9,23 @@ build:
 
 release:
 	go install
-	# this is only for local build
+	@echo "==> Clean up old builds"
 	rm -rf ./dist/* ~/myGit/premium-osmedeus-base/dist/* ~/org-osmedeus/osmedeus-base/dist/*
+	@echo "==> building binaries for for mac intel"
 	GOOS=darwin GOARCH=amd64 go build -ldflags="-s -w" -tags netgo -trimpath -buildmode=pie -o dist/osmedeus
-	zip -9 -j dist/osmedeus-macos.zip dist/osmedeus
-	rm -rf ./dist/osmedeus
-	# for linux build on mac
+	zip -9 -j dist/osmedeus-macos-amd64.zip dist/osmedeus && rm -rf ./dist/osmedeus
+	@echo "==> building binaries for for mac M1 chip"
+	CGO_ENABLED=1 GOOS=darwin GOARCH=arm64 go build -ldflags="-s -w" -tags netgo -trimpath -buildmode=pie -o dist/osmedeus
+	zip -9 -j dist/osmedeus-macos-arm64.zip dist/osmedeus&& rm -rf ./dist/osmedeus
+	@echo "==> building binaries for linux intel build on mac"
 	GOOS=linux GOARCH=amd64 go build -ldflags="-s -w" -tags netgo -trimpath -buildmode=pie -o dist/osmedeus
-	zip -j dist/osmedeus-linux.zip dist/osmedeus
-	rm -rf ./dist/osmedeus
+	zip -j dist/osmedeus-linux.zip dist/osmedeus&& rm -rf ./dist/osmedeus
 	cp dist/* ~/myGit/premium-osmedeus-base/dist/
 	cp dist/* ~/org-osmedeus/osmedeus-base/dist/
+	@echo "==> Generating metadata info"
 	$(TARGET) update --gen dist/public.json
-	mv dist/osmedeus-macos.zip dist/osmedeus-$(VERSION)-macos.zip
+	mv dist/osmedeus-macos-amd64.zip dist/osmedeus-$(VERSION)-macos-amd64.zip
+	mv dist/osmedeus-macos-arm64.zip dist/osmedeus-$(VERSION)-macos-arm64.zip
 	mv dist/osmedeus-linux.zip dist/osmedeus-$(VERSION)-linux.zip
 run:
 	$(GO) $(GOFLAGS) run *.go

README.md

@@ -10,7 +10,7 @@
   <a href="https://docs.osmedeus.org/donation/"><img src="https://img.shields.io/badge/Sponsors-0078D4?style=for-the-badge&logo=GitHub-Sponsors&logoColor=39ff14&labelColor=black&color=black"></a>
   <a href="https://twitter.com/OsmedeusEngine"><img src="https://img.shields.io/badge/%40OsmedeusEngine-0078D4?style=for-the-badge&logo=Twitter&logoColor=39ff14&labelColor=black&color=black"></a>
   <a href="https://discord.gg/gy4SWhpaPU"><img src="https://img.shields.io/badge/Discord%20Server-0078D4?style=for-the-badge&logo=Discord&logoColor=39ff14&labelColor=black&color=black"></a>
-  <a href="https://discord.gg/gy4SWhpaPU"><img src="https://img.shields.io/github/release/j3ssie/osmedeus?style=for-the-badge&labelColor=black&color=2fc414&logo=Github"></a>
+  <a href="https://github.com/j3ssie/osmedeus/releases"><img src="https://img.shields.io/github/release/j3ssie/osmedeus?style=for-the-badge&labelColor=black&color=2fc414&logo=Github"></a>
   </p>
 </p>
 

cmd/health.go

@@ -227,6 +227,7 @@ func listFlows() error {
 		row := []string{
 			parsedFlow.Name, parsedFlow.Desc,
 		}
+
 		content = append(content, row)
 	}
 	fmt.Printf("\nFound %v available workflows at: %s \n\n", color.HiGreenString("%v", len(content)), color.HiCyanString(options.Env.WorkFlowsFolder))

cmd/root.go

@@ -75,12 +75,15 @@ func init() {
 	RootCmd.PersistentFlags().BoolVar(&options.DisableValidateInput, "nv", false, "Disable Validate Input")
 	RootCmd.PersistentFlags().BoolVar(&options.Update.NoUpdate, "nu", false, "Disable Update options")
 	RootCmd.PersistentFlags().BoolVarP(&options.EnableFormatInput, "format-input", "J", false, "Enable special input format")
+	RootCmd.PersistentFlags().IntVar(&options.MDCodeBlockLimit, "block-size", 10000, "Size limit for code block tags to before it's automatic truncation")
 
 	// disable options
 	RootCmd.PersistentFlags().BoolVar(&options.NoNoti, "nn", false, "No notification")
 	RootCmd.PersistentFlags().BoolVar(&options.NoBanner, "nb", false, "No banner")
 	RootCmd.PersistentFlags().BoolVarP(&options.NoGit, "no-git", "N", false, "No git storage")
 	RootCmd.PersistentFlags().BoolVarP(&options.NoClean, "no-clean", "C", false, "No clean junk output")
+	RootCmd.PersistentFlags().BoolVar(&options.NoPreRun, "no-prerun", false, "Disable pre run scripts")
+	RootCmd.PersistentFlags().BoolVar(&options.NoPostRun, "no-postrun", false, "Disable post run scripts")
 	RootCmd.PersistentFlags().StringSliceVarP(&options.Exclude, "exclude", "x", []string{}, "Exclude module name (Multiple -x flags are accepted)")
 	RootCmd.PersistentFlags().BoolVarP(&options.CustomGit, "git", "g", false, "Use custom Git repo")
 

cmd/usage.go

@@ -117,6 +117,10 @@ func UtilsUsage() string {
 	h += "  osmedeus update --vuln\n"
 	h += "  osmedeus update --force --clean \n"
 
+	h += color.HiBlackString("  ## Workflow utilities\n")
+	h += "  osmedeus workflow list \n"
+	h += "  osmedeus workflow view -f general\n"
+
 	h += color.HiBlackString("  ## Other utilities\n")
 	h += "  osmedeus utils tmux ls \n"
 	h += "  osmedeus utils tmux logs -A -l 10 \n"
@@ -126,7 +130,6 @@ func UtilsUsage() string {
 	h += "  osmedeus utils ps --proc 'jaeles' \n"
 	h += "  osmedeus utils cron --cmd 'osmdeus scan -t example.com' --sch 60\n"
 	h += "  osmedeus utils cron --for --cmd 'osmedeus scan -t example.com'\n"
-	h += "  osmedeus utils workflow\n"
 	h += "  osmedeus config set --threads-hold=10\n"
 	return h
 }

cmd/utils.go

@@ -54,23 +54,13 @@ func init() {
 	cronCmd.Flags().BoolVar(&options.Cron.Forever, "for", false, "Keep running forever right after the command done")
 	cronCmd.Flags().StringVar(&options.Cron.Command, "cmd", "", "Command to run")
 
-	var workflowCmd = &cobra.Command{
-		Use:     "workflow",
-		Aliases: []string{"wf", "wl", "workflows", "wfs", "work", "works"},
-		Short:   "Listing all available workflows",
-		Long:    core.Banner(),
-		RunE:    runWorkflow,
-	}
-
 	// add command
 	utilsCmd.PersistentFlags().BoolVar(&options.JsonOutput, "json", false, "Output as JSON")
 	utilsCmd.AddCommand(cronCmd)
 	utilsCmd.AddCommand(tmuxCmd)
 	utilsCmd.AddCommand(psCmd)
-	utilsCmd.AddCommand(workflowCmd)
 	utilsCmd.SetHelpFunc(UtilsHelp)
 	RootCmd.AddCommand(utilsCmd)
-	RootCmd.AddCommand(workflowCmd)
 
 	utilsCmd.PreRun = func(cmd *cobra.Command, args []string) {
 		if options.FullHelp {
@@ -147,11 +137,3 @@ func runCron(_ *cobra.Command, _ []string) error {
 	core.RunCron(options.Cron.Command, options.Cron.Schedule)
 	return nil
 }
-
-func runWorkflow(_ *cobra.Command, _ []string) error {
-	listFlows()
-	fmt.Printf("\n------------------------------------------------------------\n")
-	listDefaultModules()
-	fmt.Printf("💡 For full help message, please run: %s or %s\n", color.GreenString("osmedeus --hh"), color.GreenString("osmedeus scan --hh"))
-	return nil
-}

cmd/workflow.go

@@ -0,0 +1,200 @@
+package cmd
+
+import (
+	"fmt"
+	"os"
+	"strings"
+
+	"github.com/fatih/color"
+	"github.com/j3ssie/osmedeus/core"
+	"github.com/j3ssie/osmedeus/utils"
+	"github.com/olekukonko/tablewriter"
+	"github.com/spf13/cobra"
+)
+
+func init() {
+
+	var workflowCmd = &cobra.Command{
+		Use:     "workflow",
+		Aliases: []string{"wf", "wl", "workflows", "wfs", "work", "works"},
+		Short:   "Listing all available workflows",
+		Long:    core.Banner(),
+	}
+
+	var workflowListCmd = &cobra.Command{
+		Use:     "list",
+		Aliases: []string{"ls"},
+		Short:   "Listing all available workflows",
+		Long:    core.Banner(),
+		RunE:    runWorkflow,
+	}
+
+	var workflowViewCmd = &cobra.Command{
+		Use:     "view",
+		Aliases: []string{"viwe", "ve", "vi", "v"},
+		Short:   "View details of a workflow",
+		Long:    core.Banner(),
+		RunE:    runWorkflowView,
+	}
+	workflowViewCmd.Flags().Bool("all", false, "View all of the workflows")
+
+	workflowCmd.AddCommand(workflowViewCmd)
+	workflowCmd.AddCommand(workflowListCmd)
+	workflowCmd.SetHelpFunc(UtilsHelp)
+	RootCmd.AddCommand(workflowCmd)
+
+	workflowCmd.PreRun = func(cmd *cobra.Command, args []string) {
+		if options.FullHelp {
+			cmd.Help()
+			os.Exit(0)
+		}
+	}
+}
+
+func runWorkflow(cmd *cobra.Command, _ []string) error {
+	listFlows()
+	fmt.Printf("\n------------------------------------------------------------\n")
+	listDefaultModules()
+	fmt.Printf("💡 For full help message, please run: %s or %s\n", color.GreenString("osmedeus --hh"), color.GreenString("osmedeus scan --hh"))
+	return nil
+}
+
+func runWorkflowView(cmd *cobra.Command, _ []string) error {
+	allFlows := core.ListFlow(options)
+	viewAll, _ := cmd.Flags().GetBool("all")
+
+	if viewAll {
+		for _, flow := range allFlows {
+			err := viewWorkflow(flow)
+			if err != nil {
+				utils.ErrorF("Error viewing workflow: %v", err)
+			}
+			fmt.Printf("\n------------------------------------------------------------\n\n")
+		}
+	} else {
+		err := viewWorkflow(options.Scan.Flow)
+		if err != nil {
+			utils.ErrorF("Error viewing workflow: %v", err)
+		}
+	}
+
+	h := color.HiCyanString("\n📄 Sample Usage:\n")
+	h += color.HiGreenString(" osmedeus scan -f %v", color.HiMagentaString(options.Scan.Flow)) + color.HiGreenString(" -t ") + color.HiMagentaString("[target]") + "\n"
+	h += color.HiGreenString(" osmedeus scan -f %v", color.HiMagentaString(options.Scan.Flow)) + color.HiGreenString(" -t ") + color.HiMagentaString("[target]") + color.HiGreenString(" -p ") + color.HiMagentaString("'enableSomething=false'") + "\n\n"
+	fmt.Printf(h)
+
+	fmt.Printf("💡 To list all of the workflows available, please run: %s\n", color.GreenString("osmedeus workflow ls"))
+	fmt.Printf("💡 For full help message, please run: %s or %s\n", color.GreenString("osmedeus --hh"), color.GreenString("osmedeus scan --hh"))
+	return nil
+}
+
+func viewWorkflow(workflowName string) error {
+	fmt.Printf("📖 Viewing workflow detail: %v\n\n", color.GreenString(workflowName))
+	allFlows := core.ListFlow(options)
+	flows := core.SelectFlow(workflowName, options)
+	if len(flows) == 0 {
+		utils.ErrorF("Flow not found in any of existing workflow [%v]", color.HiYellowString(strings.Join(allFlows, ", ")))
+		return fmt.Errorf("Flow %s not found", workflowName)
+	}
+	selectedWorkflow := flows[0]
+
+	var content [][]string
+	parsedFlow, err := core.ParseFlow(selectedWorkflow)
+	if err != nil {
+		utils.ErrorF("Error parsing flow: %v", selectedWorkflow)
+		return err
+	}
+
+	var totalSteps, totalModules int
+	parameters := make(map[string]string)
+	for _, param := range parsedFlow.Params {
+		for k, v := range param {
+			parameters[k] = v
+		}
+	}
+
+	for _, routine := range parsedFlow.Routines {
+		// select module depend on the flow type
+		if routine.FlowFolder != "" {
+			parsedFlow.Type = routine.FlowFolder
+		} else {
+			parsedFlow.Type = parsedFlow.DefaultType
+		}
+
+		modules := core.SelectModules(routine.Modules, options)
+
+		// loop through all modules to get the parameters
+		for _, module := range modules {
+			parsedModule, err := core.ParseModules(module)
+			if err != nil || parsedModule.Name == "" {
+				continue
+			}
+			for _, param := range parsedModule.Params {
+				for k, v := range param {
+
+					_, exist := parameters[k]
+					if parsedFlow.ForceParams && exist {
+						utils.DebugF("Skip override param: %v --> %v", k, v)
+						continue
+					}
+					parameters[k] = v
+				}
+
+			}
+			totalSteps += len(parsedModule.Steps)
+			totalModules++
+		}
+	}
+
+	var toggleFlags, skippingFlags []string
+	for key, value := range parameters {
+		if value == "true" {
+			value = color.GreenString(value)
+		} else if value == "false" {
+			value = color.RedString(value)
+		} else {
+
+			value = color.CyanString(value)
+		}
+
+		if strings.HasPrefix(key, "enable") {
+			toggleFlags = append(toggleFlags, fmt.Sprintf("%v=%v", key, value))
+		}
+
+		if strings.HasPrefix(key, "skip") {
+			skippingFlags = append(skippingFlags, fmt.Sprintf("%v=%v", key, value))
+		}
+	}
+
+	workflowInfo := fmt.Sprintf("Name: %v", color.HiCyanString(parsedFlow.Name)) + ", " + fmt.Sprintf("Total Steps: %v", color.HiCyanString("%v", totalSteps)) + ", " + fmt.Sprintf("Total Modules: %v", color.HiCyanString("%v", totalModules))
+	content = append(content, []string{
+		"Workflow Information", workflowInfo,
+	})
+	content = append(content, []string{
+		"Description", parsedFlow.Desc,
+	})
+
+	content = append(content, []string{
+		"Toggleable parameter", strings.Join(toggleFlags, ", "),
+	})
+
+	content = append(content, []string{
+		"Skippable parameter", strings.Join(skippingFlags, ", "),
+	})
+
+	if parsedFlow.Usage != "" {
+		content = append(content, []string{
+			"Examples Commands", strings.TrimSpace(parsedFlow.Usage),
+		})
+	}
+
+	table := tablewriter.NewWriter(os.Stdout)
+	table.SetRowLine(true)
+	table.SetBorders(tablewriter.Border{Left: true, Top: true, Right: true, Bottom: true})
+	table.SetColWidth(120)
+	table.SetAutoWrapText(false)
+	table.AppendBulk(content)
+	table.Render()
+
+	return nil
+}

core/db.go

@@ -119,6 +119,9 @@ func (r *Runner) DBNewScan() {
 		InputName:  r.Input,
 		InputType:  r.InputType,
 
+		MarkDownSunmmary: path.Join(r.WorkspaceFolder, "summary.md"),
+		MarkDownReport:   path.Join(r.WorkspaceFolder, "summary.html"),
+
 		LogFile:    r.Opt.LogFile,
 		Target:     r.TargetObj,
 		ProcessID:  os.Getpid(),
@@ -178,6 +181,13 @@ func (r *Runner) DBDoneScan() {
 		utils.WriteToFile(r.DoneFile, runtimeData)
 		utils.WriteToFile(r.RuntimeFile, runtimeData)
 	}
+
+	if utils.FileExists(r.ScanObj.MarkDownReport) {
+		utils.InforF("Markdown summary has been generated at: %v", color.GreenString(r.ScanObj.MarkDownReport))
+	}
+	if utils.FileExists(r.ScanObj.MarkDownSunmmary) {
+		utils.InforF("HTML summary has been generated at: %v", color.GreenString(r.ScanObj.MarkDownSunmmary))
+	}
 }
 
 func (r *Runner) DBRuntimeUpdate() {

core/external.go

@@ -285,5 +285,14 @@ func (r *Runner) LoadGitScripts() string {
 
 	/* --- end Gitlab API --- */
 
+	// GenMarkdownReport("markdown.md", "output.html")
+	vm.Set(GenMarkdownReport, func(call otto.FunctionCall) otto.Value {
+		args := call.ArgumentList
+		markdownFile := args[0].String()
+		outputHTML := args[1].String()
+		r.GenMarkdownReport(markdownFile, outputHTML)
+		return otto.Value{}
+	})
+
 	return output
 }