ScopeSentry插件系统开发指南<\/h1>

1. 插件系统概述<\/h2>

ScopeSentry的插件系统允许用户集成各种安全工具，实现"多引擎"的资产识别和信息收集功能。通过插件系统可以：<\/p>

集成指纹识别工具（如EHole）<\/li>
对收集到的数据进行二次处理<\/li>
丰富资产标签信息<\/li>

对特定参数进行专项测试<\/li> <\/ul>

2. 系统模块架构<\/h2>

插件系统将整个流程分为13个模块：<\/p>

TargetHandler<\/strong> - 目标处理<\/li>
SubdomainScan<\/strong> - 子域名扫描<\/li>
SubdomainSecurity<\/strong> - 子域名安全检查<\/li>
AssetMapping<\/strong> - 资产映射<\/li>
PortScanPreparation<\/strong> - 端口扫描准备<\/li>
PortScan<\/strong> - 端口扫描<\/li>
PortFingerprint<\/strong> - 端口指纹识别<\/li>
AssetHandle<\/strong> - 资产处理<\/li>
URLScan<\/strong> - URL扫描<\/li>
URLSecurity<\/strong> - URL安全检查<\/li>
WebCrawler<\/strong> - 网页爬虫<\/li>
DirScan<\/strong> - 目录扫描<\/li>

VulnerabilityScan<\/strong> - 漏洞扫描<\/li> <\/ol>
3. 插件开发基础<\/h2>
3.1 插件模板结构<\/h3>
插件模板可从GitHub获取：<\/p>
git clone https:\/\/github.com\/Autumn-27\/ScopeSentry-Plugin-Template.git <\/code><\/pre> 模板中提供了两个模块的demo：<\/p> AssetHandle模块示例<\/li> SubdomainScan模块示例<\/li> <\/ul> 3.2 插件文件结构<\/h3> 每个插件需要包含两个文件：<\/p> info.json<\/code> - 插件元信息<\/li> plugin.go<\/code> - 插件实现代码<\/li> <\/ol> info.json示例<\/h4> { <\/span><\/span> "help"<\/span>: "参数提示信息"<\/span>, <\/span><\/span> "parameter"<\/span>: "参数"<\/span>, <\/span><\/span> "name"<\/span>: "插件名称"<\/span>, <\/span><\/span> "module"<\/span>: "模块(需要准确)"<\/span>, <\/span><\/span> "version"<\/span>: "版本"<\/span>, <\/span><\/span> "introduction"<\/span>: "插件的简介"<\/span> <\/span><\/span>} <\/span><\/span><\/code><\/pre>plugin.go基本结构<\/h4> package<\/span> plugin<\/span> <\/span><\/span> <\/span><\/span>func<\/span> GetName<\/span>() string<\/span> { <\/span><\/span> return<\/span> ""<\/span> <\/span><\/span>} <\/span><\/span> <\/span><\/span>func<\/span> Install<\/span>() error<\/span> { <\/span><\/span> return<\/span> nil<\/span> <\/span><\/span>} <\/span><\/span> <\/span><\/span>func<\/span> Check<\/span>() error<\/span> { <\/span><\/span> return<\/span> nil<\/span> <\/span><\/span>} <\/span><\/span> <\/span><\/span>func<\/span> Uninstall<\/span>() error<\/span> { <\/span><\/span> return<\/span> nil<\/span> <\/span><\/span>} <\/span><\/span> <\/span><\/span>func<\/span> Execute<\/span>(input<\/span> interface<\/span>{}, op<\/span> options<\/span>.PluginOption<\/span>) (interface<\/span>{}, error<\/span>) { <\/span><\/span> return<\/span> nil<\/span>, nil<\/span> <\/span><\/span>} <\/span><\/span><\/code><\/pre>4. 插件开发详解<\/h2> 4.1 插件生命周期方法<\/h3> GetName()<\/strong> - 返回插件名称，必须与info.json中的name一致<\/li> Install()<\/strong> - 插件安装时执行，可用于下载依赖文件<\/li> Check()<\/strong> - 安装后执行，用于验证插件环境<\/li> Uninstall()<\/strong> - 插件卸载时执行<\/li> Execute()<\/strong> - 插件核心执行逻辑<\/li> <\/ol> 4.2 Execute方法详解<\/h3> Execute方法接收两个参数：<\/p> input interface{}<\/code> - 输入数据<\/li> op options.PluginOption<\/code> - 插件选项<\/li> <\/ol> PluginOption结构<\/h4> type<\/span> PluginOption<\/span> struct<\/span> { <\/span><\/span> Name<\/span> string<\/span> <\/span><\/span> Module<\/span> string<\/span> <\/span><\/span> Parameter<\/span> string<\/span> <\/span><\/span> PluginId<\/span> string<\/span> <\/span><\/span> ResultFunc<\/span> func<\/span>(interface<\/span>{}) <\/span><\/span> Custom<\/span> interface<\/span>{} <\/span><\/span> TaskId<\/span> string<\/span> <\/span><\/span> TaskName<\/span> string<\/span> <\/span><\/span> Log<\/span> func<\/span>(msg<\/span> string<\/span>, tp<\/span> ...<\/span>string<\/span>) <\/span><\/span> Ctx<\/span> context<\/span>.Context<\/span> <\/span><\/span>} <\/span><\/span><\/code><\/pre>4.3 参数处理<\/h3> 参数可以使用{}<\/code>引用字典和端口：<\/p> {dict.subdomain.default}<\/code> - 引用字典<\/li> {port.top1000}<\/code> - 引用端口组<\/li> <\/ul> 参数解析示例：<\/p> args<\/span>, err<\/span> :=<\/span> utils<\/span>.Tools<\/span>.ParseArgs<\/span>(parameter<\/span>, "cdncheck"<\/span>, "screenshot"<\/span>) <\/span><\/span>if<\/span> err<\/span> !=<\/span> nil<\/span> { <\/span><\/span> \/\/ 错误处理 <\/span><\/span><\/span><\/span>} else<\/span> { <\/span><\/span> for<\/span> key<\/span>, value<\/span> :=<\/span> range<\/span> args<\/span> { <\/span><\/span> if<\/span> value<\/span> !=<\/span> ""<\/span> { <\/span><\/span> switch<\/span> key<\/span> { <\/span><\/span> case<\/span> "cdncheck"<\/span>: <\/span><\/span> cdncheck<\/span> = value<\/span> <\/span><\/span> case<\/span> "screenshot"<\/span>: <\/span><\/span> if<\/span> value<\/span> ==<\/span> "true"<\/span> { <\/span><\/span> screenshot<\/span> = true<\/span> <\/span><\/span> } <\/span><\/span> default<\/span>: <\/span><\/span> continue<\/span> <\/span><\/span> } <\/span><\/span> } <\/span><\/span> } <\/span><\/span>} <\/span><\/span><\/code><\/pre>4.4 模块输入输出<\/h3> AssetHandle、PortScanPreparation、PortFingerprint<\/strong>模块：input为引用，直接修改input即可<\/li> 其他模块：通过op.ResultFunc<\/code>回调函数返回结果<\/li> <\/ul> 5. 内置工具包<\/h2> 插件可以调用的内置包：<\/p> github.com\/Autumn-27\/ScopeSentry-Scan\/pkg\/logger<\/code> - 日志<\/li> github.com\/Autumn-27\/ScopeSentry-Scan\/pkg\/utils<\/code> - 工具包(DNS、Request等)<\/li> github.com\/Autumn-27\/ScopeSentry-Scan\/internal\/bigcache<\/code> - 缓存<\/li> github.com\/Autumn-27\/ScopeSentry-Scan\/internal\/mongodb<\/code> - MongoDB连接<\/li> github.com\/Autumn-27\/ScopeSentry-Scan\/internal\/redis<\/code> - Redis连接<\/li> github.com\/Autumn-27\/ScopeSentry-Scan\/internal\/pool<\/code> - 协程池管理<\/li> <\/ol> 6. EHole插件实现示例<\/h2> 6.1 核心代码结构<\/h3> package<\/span> plugin<\/span> <\/span><\/span> <\/span><\/span>import<\/span> ( <\/span><\/span> "encoding\/json"<\/span> <\/span><\/span> "fmt"<\/span> <\/span><\/span> "github.com\/Autumn-27\/ScopeSentry-Scan\/internal\/global"<\/span> <\/span><\/span> "github.com\/Autumn-27\/ScopeSentry-Scan\/internal\/options"<\/span> <\/span><\/span> "github.com\/Autumn-27\/ScopeSentry-Scan\/internal\/types"<\/span> <\/span><\/span> "github.com\/Autumn-27\/ScopeSentry-Scan\/pkg\/utils"<\/span> <\/span><\/span> "os"<\/span> <\/span><\/span> "path\/filepath"<\/span> <\/span><\/span> "regexp"<\/span> <\/span><\/span> "strconv"<\/span> <\/span><\/span> "strings"<\/span> <\/span><\/span> "sync"<\/span> <\/span><\/span>) <\/span><\/span> <\/span><\/span>\/\/ 指纹结构体 <\/span><\/span><\/span><\/span>type<\/span> Fingerprints<\/span> struct<\/span> { <\/span><\/span> Fingerprint<\/span> []Fingerprint<\/span> <\/span><\/span>} <\/span><\/span> <\/span><\/span>type<\/span> Fingerprint<\/span> struct<\/span> { <\/span><\/span> Cms<\/span> string<\/span> <\/span><\/span> Method<\/span> string<\/span> <\/span><\/span> Location<\/span> string<\/span> <\/span><\/span> Keyword<\/span> []string<\/span> <\/span><\/span>} <\/span><\/span> <\/span><\/span>\/\/ Execute方法实现 <\/span><\/span><\/span><\/span>func<\/span> Execute<\/span>(input<\/span> interface<\/span>{}, op<\/span> options<\/span>.PluginOption<\/span>) (interface<\/span>{}, error<\/span>) { <\/span><\/span> data<\/span>, ok<\/span> :=<\/span> input<\/span>.(*<\/span>types<\/span>.AssetHttp<\/span>) <\/span><\/span> if<\/span> !ok<\/span> { <\/span><\/span> return<\/span> nil<\/span>, nil<\/span> <\/span><\/span> } <\/span><\/span> <\/span><\/span> \/\/ 参数处理 <\/span><\/span><\/span><\/span> parameter<\/span> :=<\/span> op<\/span>.Parameter<\/span> <\/span><\/span> var<\/span> filgerFile<\/span> string<\/span> <\/span><\/span> thread<\/span> :=<\/span> 20<\/span> <\/span><\/span> <\/span><\/span> \/\/ 指纹文件加载 <\/span><\/span><\/span><\/span> fingerFilePath<\/span> :=<\/span> filepath<\/span>.Join<\/span>(global<\/span>.DictPath<\/span>, filgerFile<\/span>) <\/span><\/span> content<\/span>, err<\/span> :=<\/span> os<\/span>.ReadFile<\/span>(fingerFilePath<\/span>) <\/span><\/span> <\/span><\/span> \/\/ 指纹匹配逻辑 <\/span><\/span><\/span><\/span> var<\/span> fingers<\/span> Fingerprints<\/span> <\/span><\/span> err<\/span> = json<\/span>.Unmarshal<\/span>(content<\/span>, &<\/span>fingers<\/span>) <\/span><\/span> <\/span><\/span> \/\/ 并发处理 <\/span><\/span><\/span><\/span> semaphore<\/span> :=<\/span> make(chan<\/span> struct<\/span>{}, thread<\/span>) <\/span><\/span> var<\/span> wg<\/span> sync<\/span>.WaitGroup<\/span> <\/span><\/span> uniqueCms<\/span> :=<\/span> sync<\/span>.Map<\/span>{} <\/span><\/span> <\/span><\/span> \/\/ 指纹匹配核心逻辑 <\/span><\/span><\/span><\/span> for<\/span> _<\/span>, finp<\/span> :=<\/span> range<\/span> fingers<\/span>.Fingerprint<\/span> { <\/span><\/span> \/\/ 并发控制 <\/span><\/span><\/span><\/span> semaphore<\/span> <-<\/span> struct<\/span>{}{} <\/span><\/span> wg<\/span>.Add<\/span>(1<\/span>) <\/span><\/span> <\/span><\/span> go<\/span> func<\/span>(finger<\/span> Fingerprint<\/span>) { <\/span><\/span> defer<\/span> func<\/span>() { <\/span><\/span> <-<\/span>semaphore<\/span> <\/span><\/span> wg<\/span>.Done<\/span>() <\/span><\/span> }() <\/span><\/span> <\/span><\/span> \/\/ 不同位置和方法的匹配逻辑 <\/span><\/span><\/span><\/span> if<\/span> finger<\/span>.Location<\/span> ==<\/span> "body"<\/span> { <\/span><\/span> if<\/span> finger<\/span>.Method<\/span> ==<\/span> "keyword"<\/span> { <\/span><\/span> if<\/span> iskeyword<\/span>(data<\/span>.ResponseBody<\/span>, finger<\/span>.Keyword<\/span>) { <\/span><\/span> uniqueCms<\/span>.Store<\/span>(finger<\/span>.Cms<\/span>, true<\/span>) <\/span><\/span> } <\/span><\/span> } <\/span><\/span> \/\/ 其他匹配方法... <\/span><\/span><\/span><\/span> } <\/span><\/span> \/\/ 其他位置匹配... <\/span><\/span><\/span><\/span> }(finp<\/span>) <\/span><\/span> } <\/span><\/span> <\/span><\/span> wg<\/span>.Wait<\/span>() <\/span><\/span> <\/span><\/span> \/\/ 结果处理 <\/span><\/span><\/span><\/span> var<\/span> result<\/span> []string<\/span> <\/span><\/span> existingMap<\/span> :=<\/span> make(map<\/span>[string<\/span>]bool<\/span>) <\/span><\/span> <\/span><\/span> \/\/ 合并原有技术栈 <\/span><\/span><\/span><\/span> for<\/span> _<\/span>, v<\/span> :=<\/span> range<\/span> data<\/span>.Technologies<\/span> { <\/span><\/span> lowerV<\/span> :=<\/span> strings<\/span>.ToLower<\/span>(v<\/span>) <\/span><\/span> if<\/span> _<\/span>, exists<\/span> :=<\/span> existingMap<\/span>[lowerV<\/span>]; !exists<\/span> { <\/span><\/span> result<\/span> = append(result<\/span>, v<\/span>) <\/span><\/span> existingMap<\/span>[lowerV<\/span>] = true<\/span> <\/span><\/span> } <\/span><\/span> } <\/span><\/span> <\/span><\/span> \/\/ 添加新识别的CMS <\/span><\/span><\/span><\/span> uniqueCms<\/span>.Range<\/span>(func<\/span>(key<\/span>, value<\/span> interface<\/span>{}) bool<\/span> { <\/span><\/span> cms<\/span> :=<\/span> key<\/span>.(string<\/span>) <\/span><\/span> lowerCms<\/span> :=<\/span> strings<\/span>.ToLower<\/span>(cms<\/span>) <\/span><\/span> if<\/span> _<\/span>, exists<\/span> :=<\/span> existingMap<\/span>[lowerCms<\/span>]; !exists<\/span> { <\/span><\/span> result<\/span> = append(result<\/span>, cms<\/span>) <\/span><\/span> existingMap<\/span>[lowerCms<\/span>] = true<\/span> <\/span><\/span> } <\/span><\/span> return<\/span> true<\/span> <\/span><\/span> }) <\/span><\/span> <\/span><\/span> data<\/span>.Technologies<\/span> = result<\/span> <\/span><\/span> return<\/span> nil<\/span>, nil<\/span> <\/span><\/span>} <\/span><\/span><\/code><\/pre>6.2 关键匹配函数<\/h3> \/\/ 关键词匹配 <\/span><\/span><\/span><\/span>func<\/span> iskeyword<\/span>(str<\/span> string<\/span>, keyword<\/span> []string<\/span>) bool<\/span> { <\/span><\/span> x<\/span> :=<\/span> true<\/span> <\/span><\/span> for<\/span> _<\/span>, k<\/span> :=<\/span> range<\/span> keyword<\/span> { <\/span><\/span> if<\/span> strings<\/span>.Contains<\/span>(str<\/span>, k<\/span>) { <\/span><\/span> x<\/span> = x<\/span> &&<\/span> true<\/span> <\/span><\/span> } else<\/span> { <\/span><\/span> x<\/span> = x<\/span> &&<\/span> false<\/span> <\/span><\/span> } <\/span><\/span> } <\/span><\/span> return<\/span> x<\/span> <\/span><\/span>} <\/span><\/span> <\/span><\/span>\/\/ 正则匹配 <\/span><\/span><\/span><\/span>func<\/span> isregular<\/span>(str<\/span> string<\/span>, keyword<\/span> []string<\/span>) bool<\/span> { <\/span><\/span> x<\/span> :=<\/span> true<\/span> <\/span><\/span> for<\/span> _<\/span>, k<\/span> :=<\/span> range<\/span> keyword<\/span> { <\/span><\/span> re<\/span> :=<\/span> regexp<\/span>.MustCompile<\/span>(k<\/span>) <\/span><\/span> if<\/span> re<\/span>.Match<\/span>([]byte(str<\/span>)) { <\/span><\/span> x<\/span> = x<\/span> &&<\/span> true<\/span> <\/span><\/span> } else<\/span> { <\/span><\/span> x<\/span> = x<\/span> &&<\/span> false<\/span> <\/span><\/span> } <\/span><\/span> } <\/span><\/span> return<\/span> x<\/span> <\/span><\/span>} <\/span><\/span><\/code><\/pre>7. 插件调试方法<\/h2> 7.1 模拟环境测试<\/h3> func<\/span> TestEHole<\/span>(plgPath<\/span> string<\/span>) { <\/span><\/span> plgId<\/span> :=<\/span> utils<\/span>.Tools<\/span>.GenerateRandomString<\/span>(8<\/span>) <\/span><\/span> plgModule<\/span> :=<\/span> "AssetHandle"<\/span> <\/span><\/span> plgPath<\/span> = filepath<\/span>.Join<\/span>(plgPath<\/span>, "AssetHandle"<\/span>, "ehole"<\/span>, "plugin.go"<\/span>) <\/span><\/span> <\/span><\/span> plugin<\/span>, err<\/span> :=<\/span> plugins<\/span>.LoadCustomPlugin<\/span>(plgPath<\/span>, plgModule<\/span>, plgId<\/span>) <\/span><\/span> <\/span><\/span> \/\/ 设置插件参数 <\/span><\/span><\/span><\/span> plugin<\/span>.SetParameter<\/span>("-finger dwa -thread 20"<\/span>) <\/span><\/span> plugin<\/span>.SetTaskId<\/span>("1111"<\/span>) <\/span><\/span> plugin<\/span>.SetTaskName<\/span>("demo"<\/span>) <\/span><\/span> <\/span><\/span> \/\/ 执行插件 <\/span><\/span><\/span><\/span> _<\/span>, err<\/span> = plugin<\/span>.Execute<\/span>(&<\/span>AssetHttpData<\/span>) <\/span><\/span>} <\/span><\/span><\/code><\/pre>7.2 直接调试模式<\/h3> import<\/span> ( <\/span><\/span> plugin<\/span> "github.com\/Autumn-27\/ScopeSentry-Scan\/plugin\/AssetHandle\/ehole"<\/span> <\/span><\/span>) <\/span><\/span> <\/span><\/span>func<\/span> TestEHoleDebug<\/span>() { <\/span><\/span> op<\/span> :=<\/span> options<\/span>.PluginOption<\/span>{ <\/span><\/span> Name<\/span>: "EHole"<\/span>, <\/span><\/span> Module<\/span>: "AssetHandle"<\/span>, <\/span><\/span> Parameter<\/span>: "-finger dwa -thread 20"<\/span>, <\/span><\/span> PluginId<\/span>: "11111"<\/span>, <\/span><\/span> Ctx<\/span>: contextmanager<\/span>.GlobalContextManagers<\/span>.GetContext<\/span>("111111"<\/span>), <\/span><\/span> } <\/span><\/span> plugin<\/span>.Execute<\/span>(&<\/span>AssetHttpData<\/span>, op<\/span>) <\/span><\/span>} <\/span><\/span><\/code><\/pre>8. 最佳实践<\/h2> 合理设置并发数<\/strong>：通过thread参数控制并发量<\/li> 结果去重<\/strong>：使用sync.Map确保并发安全<\/li> 错误处理<\/strong>：完善错误日志记录<\/li> 参数验证<\/strong>：对输入参数进行严格验证<\/li> 资源释放<\/strong>：确保所有资源在插件结束时正确释放<\/li> <\/ol> 通过遵循这些指南，开发者可以高效地为ScopeSentry开发各种功能插件，扩展其资产识别和信息收集能力。<\/p>