[][src]Struct twistrs::enrich::DomainMetadata

pub struct DomainMetadata {
    pub fqdn: String,
    pub ips: Option<Vec<IpAddr>>,
    pub smtp: Option<SmtpMetadata>,
    pub http_banner: Option<String>,
    pub geo_ip_lookups: Option<Vec<(IpAddr, String)>>,
}

Container to store interesting FQDN metadata on domains that we resolve.

Whenever any domain enrichment occurs, the following struct is return to indicate the information that was derived.

N.B—there will be cases where a single domain can have multiple DomainMetadata instancees associated with it.

Fields

fqdn: String

The domain that is being enriched.

ips: Option<Vec<IpAddr>>

Any IPv4 and IPv6 ips that were discovered during domain resolution.

smtp: Option<SmtpMetadata>

Any SMTP message data (if any) that was returned by an SMTP server.

http_banner: Option<String>

HTTP server banner data extracted.

geo_ip_lookups: Option<Vec<(IpAddr, String)>>

Implementations

impl DomainMetadata[src]

pub fn new(fqdn: String) -> DomainMetadata[src]

Create a new empty state for a particular FQDN.

pub async fn dns_resolvable<'_>(&'_ self) -> Result<DomainMetadata>[src]

Asynchronous DNS resolution on a DomainMetadata instance.

Returns Ok(DomainMetadata) is the domain was resolved, otherwise returns Err(EnrichmentError).

N.B—also host lookups are done over port 80.

pub async fn mx_check<'_>(&'_ self) -> Result<DomainMetadata>[src]

Asynchronous SMTP check. Attempts to establish an SMTP connection to the FQDN on port 25 and send a pre-defi ned email.

Currently returns Ok(DomainMetadata) always, which internally contains Option<SmtpMetadata>. To check if the SMTP relay worked, check that DomainMetadata.smtp is Some(v).

pub async fn http_banner<'_>(&'_ self) -> Result<DomainMetadata>[src]

Asynchronous HTTP Banner fetch. Searches and parses server header from an HTTP request to gather the HTTP banner.

Note that a HEAD request is issued to minimise bandwidth. Also note that the internal HttpConnector sets the response buffer window to 1024 bytes, the CONNECT timeout to 5s and enforces HTTP scheme.

use twistrs::enrich::DomainMetadata;
 
#[tokio::main]
async fn main() {
    let domain_metadata = DomainMetadata::new(String::from("www.phishdeck.com"));
    println!("{:?}", domain_metadata.http_banner().await);
}

Panics

Currently panics if the HTTP server header value is not parseable. For more information please refer to the Hyper implementation.

pub async fn all<'_>(&'_ self) -> Result<Vec<DomainMetadata>>[src]

Performs all FQDN enrichment methods on a given FQDN. This is the only function that returns a Vec<DomainMetadata>.

N.B -- this is currently very slow, and serializes the operations rather than running them concurrently. It should only be used for testing or debugging purposes.

Panics

Currently panics if any of the internal enrichment methods returns an Err.

Trait Implementations

impl Clone for DomainMetadata[src]

impl Debug for DomainMetadata[src]

Auto Trait Implementations

Blanket Implementations

impl<T> Any for T where
    T: 'static + ?Sized[src]

impl<T> Borrow<T> for T where
    T: ?Sized[src]

impl<T> BorrowMut<T> for T where
    T: ?Sized[src]

impl<T> From<T> for T[src]

impl<T> Instrument for T[src]

impl<T> Instrument for T[src]

impl<T, U> Into<U> for T where
    U: From<T>, [src]

impl<T> ToOwned for T where
    T: Clone[src]

type Owned = T

The resulting type after obtaining ownership.

impl<T, U> TryFrom<U> for T where
    U: Into<T>, [src]

type Error = Infallible

The type returned in the event of a conversion error.

impl<T, U> TryInto<U> for T where
    U: TryFrom<T>, [src]

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.