API reference

Engine

class DriftmuxEngine(config)

Bases: object

Parameters:

config (ScanConfig)

scan_host(host)

Parameters:

host (str)

Return type:

HostScanResult

scan_hosts(hosts)

Parameters:

hosts (Iterable[str])

Return type:

list[HostScanResult]

class ScanConfig(ports: 'str | None' = None, nmap_script: 'str | None' = None, timeout: 'int' = 120, web_scheme: 'str' = 'auto', nuclei_profile: 'str' = 'fast', output_format: 'str' = 'json', output_dir: 'str' = 'reports', log_dir: 'str' = 'logs', deep_wordpress: 'bool' = False, vuln_backend: 'str' = 'none', min_cvss: 'float' = 0.0, nvd_api_key: 'str | None' = None, nvd_cache: 'str' = '~/.cache/driftmux/nvd.sqlite', nvd_cache_ttl_hours: 'int' = 168)

Bases: object

Parameters:

• ports (str | None)

• nmap_script (str | None)

• timeout (int)

• web_scheme (str)

• nuclei_profile (str)

• output_format (str)

• output_dir (str)

• log_dir (str)

• deep_wordpress (bool)

• vuln_backend (str)

• min_cvss (float)

• nvd_api_key (str | None)

• nvd_cache (str)

• nvd_cache_ttl_hours (int)

deep_wordpress: bool

log_dir: str

min_cvss: float

nmap_script: str | None

nuclei_profile: str

nvd_api_key: str | None

nvd_cache: str

nvd_cache_ttl_hours: int

output_dir: str

output_format: str

ports: str | None

timeout: int

vuln_backend: str

web_scheme: str

guess_scheme(service, configured_scheme)

Parameters:

configured_scheme (str)

Return type:

str

is_web_candidate(service)

Return type:

bool

Models

class Finding(scanner: 'str', host: 'str', title: 'str', severity: 'str' = 'info', description: 'str' = '', evidence: 'str' = '', confidence: 'str' = 'medium', port: 'Optional[int]' = None, service: 'Optional[str]' = None, detected_version: 'Optional[str]' = None, reference: 'Optional[str]' = None, metadata: 'Dict[str, Any]'=<factory>)

Bases: object

Parameters:

• scanner (str)

• host (str)

• title (str)

• severity (str)

• description (str)

• evidence (str)

• confidence (str)

• port (int | None)

• service (str | None)

• detected_version (str | None)

• reference (str | None)

• metadata (Dict[str, Any])

confidence: str

description: str

detected_version: str | None

evidence: str

host: str

metadata: Dict[str, Any]

normalized_severity()

Return type:

str

port: int | None

reference: str | None

scanner: str

service: str | None

severity: str

title: str

to_dict()

Return type:

Dict[str, Any]

class HostScanResult(host: 'str', services: 'List[OpenPort]' = <factory>, findings: 'List[Finding]' = <factory>, errors: 'List[ToolError]' = <factory>, metadata: 'Dict[str, Any]'=<factory>)

Bases: object

Parameters:

• host (str)

• services (List[OpenPort])

• findings (List[Finding])

• errors (List[ToolError])

• metadata (Dict[str, Any])

add_error(scanner, message, details=None)

Parameters:

• scanner (str)

• message (str)

• details (str | None)

Return type:

None

errors: List[ToolError]

findings: List[Finding]

host: str

max_severity()

Return type:

str

metadata: Dict[str, Any]

services: List[OpenPort]

to_dict()

Return type:

Dict[str, Any]

class OpenPort(port: 'int', protocol: 'str', state: 'str', service: 'str', product: 'str' = '', version: 'str' = '', extrainfo: 'str' = '', tunnel: 'str' = '', cpes: 'List[str]' = <factory>, classifications: 'List[str]' = <factory>)

Bases: object

Parameters:

• port (int)

• protocol (str)

• state (str)

• service (str)

• product (str)

• version (str)

• extrainfo (str)

• tunnel (str)

• cpes (List[str])

• classifications (List[str])

classifications: List[str]

cpes: List[str]

detected_version()

Return type:

str

endpoint()

Return type:

str

extrainfo: str

port: int

product: str

protocol: str

service: str

state: str

to_dict()

Return type:

Dict[str, Any]

tunnel: str

version: str

class ToolError(scanner: 'str', message: 'str', host: 'Optional[str]' = None, details: 'Optional[str]' = None)

Bases: object

Parameters:

• scanner (str)

• message (str)

• host (str | None)

• details (str | None)

details: str | None

host: str | None

message: str

scanner: str

to_dict()

Return type:

Dict[str, Any]

Planner

class NucleiTarget(host: 'str', service: 'OpenPort', url: 'str', tags: 'set[str]' = <factory>, severity: 'str' = 'high, critical', reason: 'str' = '')

Bases: object

Parameters:

• host (str)

• service (OpenPort)

• url (str)

• tags (set[str])

• severity (str)

• reason (str)

host: str

reason: str

service: OpenPort

severity: str

tags: set[str]

url: str

class ScanPlan(nuclei_targets: 'list[NucleiTarget]' = <factory>, wordpress_targets: 'list[OpenPort]' = <factory>, passive_only: 'bool' = False)

Bases: object

Parameters:

• nuclei_targets (list[NucleiTarget])

• wordpress_targets (list[OpenPort])

• passive_only (bool)

nuclei_targets: list[NucleiTarget]

passive_only: bool

wordpress_targets: list[OpenPort]

build_scan_plan(host, services, passive_findings, scheme='auto', profile='fast')

Parameters:

• host (str)

• services (list[OpenPort])

• passive_findings (list[Finding])

• scheme (str)

• profile (str)

Return type:

ScanPlan

build_url(host, service, scheme='auto')

Parameters:

• host (str)

• service (OpenPort)

• scheme (str)

Return type:

str

is_web_candidate(service)

Parameters:

service (OpenPort)

Return type:

bool

tags_for_service(service)

Parameters:

service (OpenPort)

Return type:

set[str]

Nmap scanner

class NmapScanner(timeout: 'int' = 600, ports: 'str | None' = None, nmap_script: 'str | None' = None, extra_args: 'list[str]' = <factory>, debug: 'bool' = False)

Bases: object

Parameters:

• timeout (int)

• ports (str | None)

• nmap_script (str | None)

• extra_args (list[str])

• debug (bool)

debug: bool

extra_args: list[str]

nmap_script: str | None

ports: str | None

scan(host)

Parameters:

host (str)

Return type:

HostScanResult

timeout: int

Nuclei scanner

class NucleiScanner(timeout: 'int' = 180, profile: 'str' = 'fast')

Bases: object

Parameters:

• timeout (int)

• profile (str)

profile: str

scan_many(host, targets)

Parameters:

• host (str)

• targets (list[NucleiTarget])

Return type:

HostScanResult

timeout: int