minvws · underdarknl · Sep 26, 2024 · Sep 16, 2024 · Sep 17, 2024 · Sep 18, 2024
@@ -1,7 +1,7 @@
 {
   "id": "adr-validator-normalize",
   "name": "API Design Rules validator",
-  "description": "TODO",
+  "description": "Parses and validates the API Design Rules (ADR).",
   "consumes": [
     "boefje/adr-validator"
   ],

@@ -1,7 +1,7 @@
 {
   "id": "kat_answer_parser",
   "name": "Answer Parser",
-  "description": "Parses the answers from Config objects.",
+  "description": "Parses the answers from 'Config' objects. Config OOIs are used when your policies and objects need different treatment from the usual setup.",
   "consumes": [
     "answer"
   ],

@@ -1,6 +1,7 @@
 {
   "id": "kat_binaryedge_containers",
   "name": "BinaryEdge containers",
+  "description": "Parse BinaryEdge data to check if Kubernetes hosts have any vulnerabilities. Creates 'VERIFIED-VULNERABILITY' findings.",
   "consumes": [
     "boefje/binaryedge"
   ],

@@ -1,6 +1,7 @@
 {
   "id": "kat_binaryedge_databases",
   "name": "BinaryEdge databases",
+  "description": "Parses BinaryEdge data to check if any Cassandra, ElasticSearch, Memcached, MongoDB and Redis servers are identified and parses the version number. Create 'EXPOSED-SOFTWARE' findings.",
   "consumes": [
     "boefje/binaryedge"
   ],

@@ -1,6 +1,7 @@
 {
   "id": "kat_binaryedge_http_web",
   "name": "BinaryEdge Websites",
+  "description": "Parses BinaryEdge data to check for AWS secrets, F5 BIG IP loadbalancers and Citrix NetScaler.",
   "consumes": [
     "boefje/binaryedge"
   ],

@@ -1,6 +1,7 @@
 {
   "id": "kat_binaryedge_message_queues",
   "name": "BinaryEdge message queues",
+  "description": "Parses BinaryEdge data to check for message queues (mqtt) servers. Creates the finding 'EXPOSED-SOFTWARE' if mqtt servers are found.",
   "consumes": [
     "boefje/binaryedge"
   ],

@@ -1,6 +1,7 @@
 {
   "id": "kat_binaryedge_protocols",
-  "name": "BinaryEdge protocols",
+  "name": "BinaryEdge SSL/TLS protocols",
+  "description": "Parses BinaryEdge data to check for various vulnerabilities within SSL/TLS protocols, such as Heartbleed, Secure Renegotiation and SSL Compression.",
   "consumes": [
     "boefje/binaryedge"
   ],

@@ -1,6 +1,7 @@
 {
   "id": "kat_binaryedge_remote_desktop",
   "name": "Binary Edge remote desktop",
+  "description": "Parses BinaryEdge data to check for remote desktop services such as RDP, VNC and X11. Creates 'EXPOSED-SOFTWARE' findings.",
   "consumes": [
     "boefje/binaryedge"
   ],

@@ -1,6 +1,7 @@
 {
   "id": "kat_binaryedge_service_identification",
   "name": "BinaryEdge service identification",
+  "description": "Parses BinaryEdge data to check if Software is present that is known for malware.",
   "consumes": [
     "boefje/binaryedge"
   ],

@@ -1,6 +1,7 @@
 {
   "id": "kat_binaryedge_services",
   "name": "BinaryEdge services",
+  "description": "Parses BinaryEdge data to check for services such as SSH, rsync, FTP, telnet and SMB.",
   "consumes": [
     "boefje/binaryedge"
   ],

@@ -1,7 +1,7 @@
 {
   "id": "censys",
   "name": "Censys",
-  "description": "Use Censys to discover open ports, services and certificates. Requires and API key.",
+  "description": "Use Censys to discover open ports, services and certificates. Requires an API key.",
   "consumes": [
     "IPAddressV4",
     "IPAddressV6"

@@ -1,6 +1,7 @@
 {
   "id": "kat_censys_normalize",
   "name": "Censys",
+  "description": "Parses Cencys data into objects that can be used by other boefjes and normalizers. Can create ports, certificates, software, websites and headers. Doesn't create findings.",
   "consumes": [
     "boefje/censys"
   ],

@@ -1,7 +1,7 @@
 {
   "id": "cve-finding-types",
   "name": "CVE Finding Types",
-  "description": "Hydrate information of Common Vulnerabilities and Exposures (CVE) finding types from the CVE API",
+  "description": "Hydrate information of Common Vulnerabilities and Exposures (CVE) finding types from the CVE API.",
   "consumes": [
     "CVEFindingType"
   ],

@@ -1,7 +1,7 @@
 {
   "id": "kat_cve_finding_types_normalize",
   "name": "CVE finding types",
-  "description": "Parses CVE findings.",
+  "description": "Parses Common Vulnerability Exposures (CVE) into findings.",
   "consumes": [
     "boefje/cve-finding-types"
   ],

@@ -1,7 +1,7 @@
 {
   "id": "cwe-finding-types",
   "name": "CWE Finding Types",
-  "description": "Hydrate information of Common Weakness Enumeration (CWE) finding types",
+  "description": "Hydrate information of Common Weakness Enumeration (CWE) finding types.",
   "consumes": [
     "CWEFindingType"
   ],

@@ -1,7 +1,7 @@
 {
   "id": "kat_cwe_finding_types_normalize",
   "name": "CWE finding",
-  "description": "Parses CWE findings.",
+  "description": "Parses Common Weakness Enumeration (CWE) into findings.",
   "consumes": [
     "boefje/cwe-finding-types"
   ],

@@ -1,7 +1,7 @@
 {
   "id": "kat_dicom_normalize",
   "name": "DICOM servers",
-  "description": "Parses DICOM output into findings and identified software.",
+  "description": "Parses medical imaging data (DICOM) into findings and identified software.",
   "consumes": [
     "boefje/dicom"
   ],

@@ -1,7 +1,7 @@
 {
   "id": "kat_dns_normalize",
   "name": "DNS records",
-  "description": "Parses the DNS records.",
+  "description": "Parses DNS records. Can parse A, AAAA, CAA, CNAME, MX, NS, SOA, TXT, DKIM and DMARC data.",
   "consumes": [
     "boefje/dns-records"
   ],

@@ -1,6 +1,7 @@
 {
   "id": "dns-bind-version-normalize",
   "name": "DNS bind version normalizer",
+  "description": "Parses DNS Bind data into Software version objects.",
   "consumes": [
     "boefje/dns-bind-version"
   ],

@@ -1,7 +1,7 @@
 {
   "id": "dns-zone",
   "name": "DNS zone",
-  "description": "Fetch the parent DNS zone of a DNS zone",
+  "description": "Fetch the parent DNS zone of a DNS zone.",
   "consumes": [
     "DNSZone"
   ],

@@ -1,7 +1,7 @@
 {
   "id": "dns-sec",
   "name": "DNSSEC",
-  "description": "Validates DNSSec of a hostname",
+  "description": "Validates DNSSEC of a hostname by checking the cryptographic signatures.",
   "consumes": [
     "Hostname"
   ],

@@ -1,7 +1,7 @@
 {
   "id": "external_db",
   "name": "External database host fetcher",
-  "description": "Fetch hostnames and IP addresses/netblocks from an external database with API. See `description.md` for more information. Useful if you have a large network.",
+  "description": "Fetch hostnames and IP addresses/netblocks from an external database with API. See `description.md` for more information. Useful if you have a large network and wish to add all your hosts. You can also upload hosts through the CSV upload functionality.",
   "consumes": [
     "Network"
   ],

@@ -1,7 +1,7 @@
 {
   "id": "kat_external_db_normalize",
   "name": "External database hosts fetcher",
-  "description": "Parse data the fetched host data from the external database into hostnames and IP-addresses.",
+  "description": "Parse the fetched host data from the external database into hostnames and IP-addresses.",
   "consumes": [
     "boefje/external_db"
   ],

@@ -1,7 +1,7 @@
 {
   "id": "fierce",
   "name": "Fierce",
-  "description": "Perform DNS reconnaissance using Fierce, to help locate non-contiguous IP space and hostnames against specified hostnames. No exploitation is performed.",
+  "description": "Perform DNS reconnaissance using Fierce. Helps to locate non-contiguous IP space and hostnames against specified hostnames. No exploitation is performed.",
   "consumes": [
     "Hostname"
   ],

@@ -1,6 +1,7 @@
 {
   "id": "kat_generic_finding_normalize",
   "name": "Finding types",
+  "description": "Parses data to create (CVE) Findings.",
   "consumes": [
     "openkat/finding"
   ],

@@ -1,7 +1,7 @@
 {
   "id": "kat-finding-types",
   "name": "KAT Finding Types",
-  "description": "Hydrate information of KAT finding types",
+  "description": "Hydrate information of KAT finding types.",
   "consumes": [
     "KATFindingType"
   ],

@@ -1,6 +1,7 @@
 {
   "id": "kat_manual_csv",
   "name": "Manual CSV",
+  "description": "Parses uploaded CSV files into objects.",
   "consumes": [
     "manual/csv"
   ],

@@ -1,7 +1,7 @@
 {
   "id": "masscan",
   "name": "masscan",
-  "description": "Quickly scan large amounts of IPs.",
+  "description": "Quickly scan large amounts of IPs. Due to the quick scanning it may not always show accurate results.",
   "consumes": [
     "IPV4NetBlock"
   ],

@@ -1,7 +1,7 @@
 {
   "id": "nmap-ip-range",
   "name": "Nmap IP range",
-  "description": "Scan an IP range and store found IPs. Defaults to top-250 TCP and top-10 UDP on ranges with 1024 addresses or less. Larger ranges are skipped by default.",
+  "description": "Scan an IP range and store found IPs. Defaults to top-250 TCP and top-10 UDP on ranges with 1024 addresses or less (max is a /22). Larger ranges are skipped by default.",
   "consumes": [
     "IPV6NetBlock",
     "IPV4NetBlock"

@@ -1,7 +1,7 @@
 {
   "id": "nmap-ports",
   "name": "Nmap Ports",
-  "description": "Scan a specific set of ports including service detection",
+  "description": "Scan a specific set of ports including service detection.",
   "consumes": [
     "IPAddressV4",
     "IPAddressV6"

@@ -1,6 +1,7 @@
 {
   "id": "kat_nmap_normalize",
   "name": "nmap",
+  "description": "Parses data from all nmap variants into IP-addresses, ports and services.",
   "consumes": [
     "boefje/nmap",
     "boefje/nmap-udp",

@@ -1,7 +1,7 @@
 {
   "id": "nuclei-cve",
   "name": "Nuclei CVE scan",
-  "description": "Nuclei is used to send requests across targets based on a template, providing fast scanning. (CVE scanning)",
+  "description": "Nuclei is used to send requests across targets based on a template, providing fast scanning. (CVE scanning).",
   "consumes": [
     "Hostname",
     "HostnameHTTPURL"

@@ -1,6 +1,7 @@
 {
   "id": "kat_nuclei_cve_normalize",
   "name": "Nuclei CVE",
+  "description": "Parses Nuclei CVE data into findings.",
   "consumes": [
     "boefje/nuclei-cve"
   ],

@@ -1,7 +1,7 @@
 {
   "id": "nuclei-exposed-panels",
   "name": "Nuclei Exposed panels",
-  "description": "Nuclei is used to send requests across targets based on a template, providing fast scanning. (Exposed panels)",
+  "description": "Nuclei is used to send requests across targets based on a template, providing fast scanning. Can be used to find specific exposed administrative panels in your network.",
   "consumes": [
     "Hostname",
     "HostnameHTTPURL"

@@ -1,6 +1,7 @@
 {
   "id": "kat_nuclei_exposed_panels_normalize",
   "name": "Nuclei exposed admin panels",
+  "description": "Parses Nuclei of exposed panels into findings.",
   "consumes": [
     "boefje/nuclei-exposed-panels"
   ],

@@ -1,7 +1,7 @@
 {
   "id": "nuclei-takeover",
   "name": "Nuclei takeover scan",
-  "description": "Nuclei is used to send requests across targets based on a template, providing fast scanning.(sub-domain takeover)",
+  "description": "Nuclei is used to send requests across targets based on a template, providing fast scanning. This will try to perform a sub sub-domain takeover.",
   "consumes": [
     "Hostname",
     "HostnameHTTPURL"

@@ -1,6 +1,7 @@
 {
   "id": "kat_nuclei_takeover_normalize",
   "name": "Nuclei takeover",
+  "description": "Parses Nuclei takeover data into findings.",
   "consumes": [
     "boefje/nuclei-takeover"
   ],

@@ -1,7 +1,7 @@
 {
   "id": "rdns",
   "name": "Reverse DNS",
-  "description": "Resolve IP addresses to a hostname",
+  "description": "Resolve IP addresses to a hostname.",
   "consumes": [
     "IPAddressV4",
     "IPAddressV6"

@@ -1,6 +1,7 @@
 {
   "id": "kat_rdns_normalize",
-  "name": "RDNS",
+  "name": "Reverse DNS",
+  "description": "Parses reverse DNS data into PTR records.",
   "consumes": [
     "boefje/rdns"
   ],

@@ -1,6 +1,7 @@
 {
   "id": "kat_report_data",
   "name": "Report data",
+  "description": "Parses (uploaded) report data to create reports.",
   "consumes": [
     "openkat/report-data"
   ],

@@ -1,7 +1,7 @@
 {
   "id": "retirejs-finding-types",
   "name": "RetireJS Finding Types",
-  "description": "Hydrate information of RetireJS finding types",
+  "description": "Hydrate information of RetireJS finding types.",
   "consumes": [
     "RetireJSFindingType"
   ],

@@ -1,6 +1,7 @@
 {
   "id": "kat_retirejs_finding_types_normalize",
   "name": "RetireJS finding types",
+  "description": "Parses RetireJS data into findings.",
   "consumes": [
     "boefje/retirejs-finding-types"
   ],

@@ -1,7 +1,7 @@
 {
   "id": "rpki",
   "name": "RPKI",
-  "description": "Check if an IPv4 or IPv6 address has a valid VRPS record.",
+  "description": "Check BGP announcements to see if an IPv4 or IPv6 address has Validated ROA Payload (VRPs).",
   "consumes": [
     "IPAddressV4",
     "IPAddressV6"

@@ -1,6 +1,7 @@
 {
   "id": "kat_rpki_normalize",
   "name": "RPKI",
+  "description": "Parses RPKI data into findings.",
   "consumes": [
     "rpki/results"
   ],

@@ -1,7 +1,7 @@
 {
   "id": "security_txt_downloader",
   "name": "Security.txt downloader",
-  "description": "Downloads the security.txt file from the target host.",
+  "description": "Downloads the security.txt file from the target website to check if it contains all the required elements.",
   "consumes": [
     "Website"
   ],

@@ -1,6 +1,7 @@
 {
   "id": "kat_sec_txt_downloader_normalize",
   "name": "Security.txt downloader",
+  "description": "Parses the downloaded security.txt data from a website.",
   "consumes": [
     "boefje/security_txt_downloader"
   ],