Files

salvacybersec 6ab411cda2 docs(12-02): complete FOFA, Netlas, BinaryEdge plan

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

2026-04-06 12:25:06 +03:00

3.7 KiB

Raw Blame History

phase, plan, subsystem, tags, requires, provides, affects, tech-stack, key-files, key-decisions, patterns-established, requirements-completed, duration, completed

phase

plan

subsystem

tags

requires

provides

affects

tech-stack

key-files

key-decisions

patterns-established

requirements-completed

duration

completed

12-osint_iot_cloud_storage

recon

fofa

netlas

binaryedge

iot

osint

httptest

phase	provides
09-osint-infrastructure	LimiterRegistry, shared Client retry/backoff HTTP

phase	provides
10-osint-code-hosting	ReconSource interface pattern, BuildQueries, keywordIndex helpers

FOFASource implementing recon.ReconSource for FOFA internet search

NetlasSource implementing recon.ReconSource for Netlas intelligence API

BinaryEdgeSource implementing recon.ReconSource for BinaryEdge data API

12-osint_iot_cloud_storage

cmd/recon

added

patterns

base64-encoded query params for FOFA

X-API-Key header auth for Netlas

X-Key header auth for BinaryEdge

created

modified

pkg/recon/sources/fofa.go

pkg/recon/sources/fofa_test.go

pkg/recon/sources/netlas.go

pkg/recon/sources/netlas_test.go

pkg/recon/sources/binaryedge.go

pkg/recon/sources/binaryedge_test.go

FOFA uses base64-encoded qbase64 param with email+key auth in query string

Netlas uses X-API-Key header; BinaryEdge uses X-Key header for auth

All three sources use bare keyword queries (default formatQuery path)

IoT scanner source pattern: struct with APIKey/BaseURL/Registry/Limiters + lazy client init

RECON-IOT-04

RECON-IOT-05

RECON-IOT-06

2min

2026-04-06

Phase 12 Plan 02: FOFA, Netlas, BinaryEdge Sources Summary

Three IoT/device scanner recon sources (FOFA, Netlas, BinaryEdge) with httptest-based unit tests covering sweep, auth, and cancellation

Performance

Duration: 2 min
Started: 2026-04-06T09:22:18Z
Completed: 2026-04-06T09:24:22Z
Tasks: 2
Files modified: 6

Accomplishments

FOFASource searches FOFA API with base64-encoded queries and email+key authentication
NetlasSource searches Netlas API with X-API-Key header authentication
BinaryEdgeSource searches BinaryEdge API with X-Key header authentication
All three sources follow established Phase 10 pattern with shared Client, LimiterRegistry, BuildQueries

Task Commits

Each task was committed atomically:

Task 1: Implement FOFASource, NetlasSource, BinaryEdgeSource - 270bbbf (feat)
Task 2: Unit tests for FOFA, Netlas, BinaryEdge sources - d6c35f4 (test)

Files Created/Modified

pkg/recon/sources/fofa.go - FOFASource with base64 query encoding and dual-credential auth
pkg/recon/sources/fofa_test.go - httptest tests for FOFA sweep, credentials, cancellation
pkg/recon/sources/netlas.go - NetlasSource with X-API-Key header auth
pkg/recon/sources/netlas_test.go - httptest tests for Netlas sweep, credentials, cancellation
pkg/recon/sources/binaryedge.go - BinaryEdgeSource with X-Key header auth
pkg/recon/sources/binaryedge_test.go - httptest tests for BinaryEdge sweep, credentials, cancellation

Decisions Made

FOFA uses base64-encoded qbase64 query parameter (matching FOFA API spec) with email+key in query string
Netlas uses X-API-Key header; BinaryEdge uses X-Key header (matching their respective API specs)
All three use bare keyword queries via default formatQuery path (no source-specific query formatting needed)

Deviations from Plan

None - plan executed exactly as written.

Issues Encountered

None

Known Stubs