3.0.0 • Published 7 years ago

nimbusec v3.0.0

Weekly downloads
4
License
MIT
Repository
github
Last release
7 years ago

Nimbusec client API library for Node.js

Installation

$ npm install nimbusec

## Usage Example

var nimbusecAPI = require('nimbusec');

var api = new nimbusecAPI('NIMBUSEC-KEY', 'NIMBUSEC-SECRET');
api.findDomains(null, function(err, domains) {

    if (err) {
        console.log('An error occured : ');
        console.log(' - code : '+ err.statusCode);
        console.log(' - message : '+ err.message);
        process.exit(1);
    }

    console.log('My domains are :');
    for (var i = 0; i < domains.length; i++) {
        console.log('  - ' + domains[i].name);
    }
});

Commands

Generate HTML documentation

$ grunt doc

Generate README.md file

$ grunt shell:generateReadme

Check the coding style

$ grunt eslint

To Do

  • Implement /v2/user/* part of the API
  • Implement /v2/domain//screenshot/* part of the API when available

API Reference

NimbusecAPI

Kind: global class
Access: public

new NimbusecAPI(key, secret, options)

Construct a new NimbusecAPI object.

ParamTypeDescription
keystringnimbusec API key
secretstringnimbusec API secret
optionsObject
options.baseURLstringNimbusec base URL

nimbusecAPI.findBundles(filter, callback)

Read all existing bundles depending on an optional filter.

Kind: instance method of NimbusecAPI
Access: public

ParamTypeDescription
filterstringoptional filter
callbackfindBundlesCallback

nimbusecAPI.findDomains(filter, callback)

Read all existing domains depending on an optional filter.

Kind: instance method of NimbusecAPI
Access: public

ParamTypeDescription
filterstringoptional filter
callbackfindDomainsCallback

nimbusecAPI.createDomain(domain, callback)

Create a domain from the given object.

Kind: instance method of NimbusecAPI
Access: public

ParamTypeDescription
domainDomaindomain to be created. id will be ignored.
callbackcreateDomainCallback

nimbusecAPI.updateDomain(domain, domainID, callback)

Update an existing domain by the given object. To modify only certain fields of the domain you can include just these fields inside of the domain object you pass. The destination path for the request is determined by the ID.

Kind: instance method of NimbusecAPI
Access: public

ParamTypeDescription
domainDomainthe domain object with the fields to be updated
domainIDintegerthe domain's assigned ID (must be valid)
callbackupdateDomainCallback

nimbusecAPI.deleteDomain(domainID, callback)

Delete a specific domain. The destination path for the request is determined by the ID.

Kind: instance method of NimbusecAPI
Access: public

ParamTypeDescription
domainIDintegerthe domain's assigned ID (must be valid)
callbackdeleteDomainCallback

nimbusecAPI.findAgentToken(filter, callback)

Read all existing tokens depending on an optional filter.

Kind: instance method of NimbusecAPI
Access: public

ParamTypeDescription
filterstringoptional filter
callbackfindAgentTokenCallback

nimbusecAPI.createAgentToken(agentToken, callback)

Create an server agent token from the given object. In the following step this token can be used to run the server agent.

Kind: instance method of NimbusecAPI
Access: public

ParamTypeDescription
agentTokenAgentTokentoken to be created
callbackcreateAgentTokenCallback

nimbusecAPI.deleteAgentToken(agentToken, callback)

Delete a specific agent token. The destination path for the request is determined by the ID.

Kind: instance method of NimbusecAPI
Access: public

ParamTypeDescription
agentTokenAgentTokentoken to be created
callbackcreateAgentTokenCallback

nimbusecAPI.findInfectedDomains(filter, callback)

Read list of infected domains depending on an optional filter.

Kind: instance method of NimbusecAPI
Access: public

ParamTypeDescription
filterstringoptional filter
callbackfindInfectedDomainsCallback

nimbusecAPI.findDomainResults(domainID, filter, callback)

Read list of results of a domain depending on an optional filter.

Kind: instance method of NimbusecAPI
Access: public

ParamTypeDescription
domainIDinteger
filterstringoptional filter
callbackfindDomainResultsCallback

nimbusecAPI.updateDomainResult(domainID, resultID, result, callback)

Update an existing DomainResult by the given object. Only status can be modified to acknowledge a specific result. The destination path for the request is determined by the ID.

Kind: instance method of NimbusecAPI
Access: public

ParamTypeDescription
domainIDinteger
resultIDintegerthe result assigned ID (must be valid)
resultResultthe result object. Only the status field will be modified.
callbackupdateDomainResultCallback

nimbusecAPI.getDomainMetadata(domainID, callback)

Retrieve domain metadata. The destination path for the request is determined by the ID.

Kind: instance method of NimbusecAPI
Access: public

ParamType
domainIDinteger
callbackgetDomainMetadataCallback

nimbusecAPI._parseResponse(err, data, response, callback) ℗

Parse the HTTP response. Will get the error message in x-nimbusec-error header if present. Will parse JSON into JavaScript Object if present.

Kind: instance method of NimbusecAPI
Access: private

ParamTypeDescription
errObjectoauth requester error object
datastringbody of the HTTP response
responseObjectoauth requester response object
callbackNimbusecAPI~apiCallCallbackcallback called at end of parsing

nimbusecAPI._get(uri, filter, callback) ℗

Execute a HTTP GET request on the API server.

Kind: instance method of NimbusecAPI
Access: private

ParamTypeDescription
uristringURI of the resource
filterstringoptional filter
callbackstringcallback function

nimbusecAPI._delete(uri, callback) ℗

Execute a HTTP DELETE request on the API server.

Kind: instance method of NimbusecAPI
Access: private

ParamTypeDescription
uristringURI of the resource
callbackstringcallback function

nimbusecAPI._post(uri, obj, callback) ℗

Execute a HTTP POST request on the API server.

Kind: instance method of NimbusecAPI
Access: private

ParamTypeDescription
uristringURI of the resource
objObjectObject to be posted
callbackstringcallback function

nimbusecAPI._put(uri, obj, callback) ℗

Execute a HTTP PUT request on the API server.

Kind: instance method of NimbusecAPI
Access: private

ParamTypeDescription
uristringURI of the resource
objObjectObject to be put
callbackstringcallback function

NimbusecAPI~findBundlesCallback : function

Kind: inner typedef of NimbusecAPI

ParamTypeDescription
errorError
packagesArray.<Package>array of selected packages objects

NimbusecAPI~findDomainsCallback : function

Kind: inner typedef of NimbusecAPI

ParamTypeDescription
errorError
domainsArray.<Domain>array of selected domain objects

NimbusecAPI~createDomainCallback : function

Kind: inner typedef of NimbusecAPI

ParamTypeDescription
errorError
domainDomainthe created domain object

NimbusecAPI~updateDomainCallback : function

Kind: inner typedef of NimbusecAPI

ParamTypeDescription
errorError
domainDomainthe created domain object

NimbusecAPI~deleteDomainCallback : function

Kind: inner typedef of NimbusecAPI

ParamType
errorError

NimbusecAPI~findAgentTokenCallback : function

Kind: inner typedef of NimbusecAPI

ParamTypeDescription
errorError
agentTokenAgentTokenarray of selected agent token objects

NimbusecAPI~createAgentTokenCallback : function

Kind: inner typedef of NimbusecAPI

ParamTypeDescription
errorError
agentTokenAgentTokenthe created agent token object

NimbusecAPI~deleteAgentTokenCallback : function

Kind: inner typedef of NimbusecAPI

ParamType
errorError

NimbusecAPI~findInfectedDomainsCallback : function

Kind: inner typedef of NimbusecAPI

ParamTypeDescription
errorError
domainsArray.<Domain>array of selected domains

NimbusecAPI~findDomainResultsCallback : function

Kind: inner typedef of NimbusecAPI

ParamTypeDescription
errorError
resultsArray.<Result>array of selected results

NimbusecAPI~updateDomainResultCallback : function

Kind: inner typedef of NimbusecAPI

ParamTypeDescription
errorError
domainDomainthe domain object

NimbusecAPI~getDomainMetadataCallback : function

Kind: inner typedef of NimbusecAPI

ParamTypeDescription
errorError
domainMetadataDomainMetadatathe metadata object

NimbusecAPI~Domain : object

Kind: inner typedef of NimbusecAPI
Properties

NameTypeDescription
idintegerunique identification of domain
bundlestringid of assigned package
schemestringwhether the domain uses http or https
namestringname of domain (usually DNS name)
deepScanstringstarting point for the domain deep scan
fastScansArray.<string>landing pages of the domain scanned

NimbusecAPI~DomainMetadata : object

Kind: inner typedef of NimbusecAPI
Properties

NameTypeDescription
lastDeepScandatetimestamp (in ms) of last external scan of the whole site
nextDeepScandatetimestamp (in ms) for next external scan of the whole site
lastFastScandatetimestamp (in ms) of last external scan of the landing pages
nextFastScandatetimestamp (in ms) for next external scan of the landing pages
agentdatelast date server agent sent results to the domain
cmsstringdetected CMS vendor and version
httpdstringdetected HTTP server vendor and version
phpstringdetected PHP version
filesintegernumber of downloaded files/URLs for last deep scan
sizeintegersize of downloaded files for last deep scan (in byte)

NimbusecAPI~Result : object

Kind: inner typedef of NimbusecAPI
Properties

NameTypeDescription
idintegerunique identification of a result
statusstringstatus of the result (1 = pending, 2 = acknowledged, 3 = falsepositive, 4 = removed)
eventstringevent type of result, possible values are : webshell malware renamed-executable defacement cms-version cms-vulnerable blacklist blacklist-ref changed-file changed-template ssl-expires ssl-expired ssl-ciphersuite ssl-notrust ssl-protocol
categorystringcategory of result, possible values are : applications blacklist webshell text blacklist-ref configuration
severityintegerseverity level of result (1 = medium to 3 = severe)
probabilityfloatprobability the result is critical
safeToDeletebooleanflag indicating if the file can be safely deleted without loosing user data
createDatedatetimestamp (in ms) of the first occurrence
lastDatedatetimestamp (in ms) of the last occurrence the following fields contain more details about the result. Not all fields must be filled or present.
threatnamestringname identifying the threat of a result. meaning differs per category : malware & webshell: the virus database name of the malicious software blacklist: the name of the blacklist containing the domain Blacklist names are : Google Safe Browsing Web of Trust Malc0de Malware Domain List Phishtank Zeus Tracker
resourcestringaffected resource (e.g. file path or URL)
md5stringMD5 hash sum of the affected file
filesizeintegerfilesize of the affected file
ownerstringfile owner of the affected file
groupstringfile group of the affected file
permissionintegerpermission of the affected file as decimal integer
diffstringdiff of a content change between two scans
reasonstringreason why a domain/URL is blacklisted

NimbusecAPI~Package : object

Kind: inner typedef of NimbusecAPI
Properties

NameTypeDescription
idstringunique identification of a bundle
namestringgiven name for a bundle
startDatedatetimestamp in milliseconds when bundle was added / set active
endDatetdatetimestamp in milliseconds when bundle will expire
quotastringmaximum size of files that will be downloaded per scan
depthintegermaximum link depth that will be followed (-1 means no limit)
fastintegerinterval of fast scans in minutes (-1 means disabled)
deepintegerinterval of deep scans in minutes (-1 means disabled)
contingentintegermaximum number of domains that can be assigned
activeintegernumber of currently assigned domain
enginesArray.<string>list of used anti-virus engines

NimbusecAPI~Agent : object

Kind: inner typedef of NimbusecAPI
Properties

NameTypeDescription
osstringoperating system of agent (windows, macosx, linux)
archstringcpu architecture of agent (32bit, 64bit)
versionintversion of agent
md5stringMD5 hash of download file
sha1stringSHA1 hash of download file
formatstringformat of downloaded file (zip)
urlstringURL were agent can be downloaded from

NimbusecAPI~AgentToken : object

Kind: inner typedef of NimbusecAPI
Properties

NameTypeDescription
idintegerunique identification of a token
namestringgiven name for a token
keystringoauth key
secretstringoauth secret
lastCalldatelast timestamp (in ms) an agent used the token
versionintegerlast agent version that was seen for this key

NimbusecAPI~User : object

Kind: inner typedef of NimbusecAPI
Properties

NameTypeDescription
idintegerunique identification of a user
loginstringlogin name of user
mailstringe-mail contact where mail notificatins are sent to
rolestringrole of an user (administrator or user)
companystringcompany name of user
surnamestringsurname of user
forenamestringsurname of user
titlestringacademic title of user
mobilestringphone contact where sms notificatins are sent to
passwordstringpassword of user (only used when creating or updating a user)
signatureKeystringsecret for SSO (only used when creating or updating a user)

NimbusecAPI~Notification : object

Kind: inner typedef of NimbusecAPI
Properties

NameTypeDescription
idintegerunique identification of a notification
domainintegerid of a domain
transportstringtype of contact (mail, sms)
serversideintegerlevel for server side notifications (see result severity, >3 = disabled)
contentintegerlevel for content notifications (see result severity, >3 = disabled)
blacklistintegerlevel for blacklist notifications (see result severity, >3 = disabled)

NimbusecAPI~CMS : object

Kind: inner typedef of NimbusecAPI
Properties

NameType
CpeIdstring
LatestStablestring
Pathstring

NimbusecAPI~Error : object

Error object passed in first argument of callbacks.

Kind: inner typedef of NimbusecAPI
Properties

NameTypeDescription
statusCodeintegerHTTP reponse status code
messagestringError message (from X-Nimbusec-Error header)
dataobjectHTTP error details
data.timestampintegerHTTP response date
data.statusstringHTTP reponse status code
data.errorstringshort error message
data.messagestringdetailed error message
data.pathstringpath of the request
request
@infinitebrahmanuniverse/nolb-nim@everything-registry/sub-chunk-2292@zalastax/nolb-nim
3.0.0

7 years ago

2.0.1

8 years ago

2.0.0-alpha.3

8 years ago

2.0.0-alpha.2

8 years ago

2.0.0-alpha.1

8 years ago

2.0.0

8 years ago