SecTester.Core 0.8.0

There is a newer version of this package available.
See the version list below for details.
dotnet add package SecTester.Core --version 0.8.0                
NuGet\Install-Package SecTester.Core -Version 0.8.0                
This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package.
<PackageReference Include="SecTester.Core" Version="0.8.0" />                
For projects that support PackageReference, copy this XML node into the project file to reference the package.
paket add SecTester.Core --version 0.8.0                
#r "nuget: SecTester.Core, 0.8.0"                
#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package.
// Install SecTester.Core as a Cake Addin
#addin nuget:?package=SecTester.Core&version=0.8.0

// Install SecTester.Core as a Cake Tool
#tool nuget:?package=SecTester.Core&version=0.8.0                

SecTester.Core

Maintainability Test Coverage Build Status Nuget Downloads

The core package can be used to obtain a config including credentials from different sources, and provide a simplified abstraction to handle events and commands.

Setup

$ dotnet add package SecTester.Core

Usage

Configuration

First, you need to generate a new instance of Configuration.

var config = new Configuration(
    hostname: "app.neuralegion.com", 
    credentials: new Credentials("your API key"));

You can also register the configuration using the dependency injection framework providing information that will be used to construct other clients.

public void ConfigureServices(IServiceCollection services)
{
  services.AddSecTesterConfig("app.neuralegion.com");
  // or
  services.AddSecTesterConfig(config);
}
Options

Configuration can be customized using the following options:

public interface ConfigurationOptions {
  string hostname
  { 
    get; 
  }
  Credentials? credentials
  {
    get;
  }
  List<CredentialProvider>? credentialProviders
  {
    get;
  }
}

The default configuration is as follows:

{
  credentialProviders = new List<CredentialProvider> { new EnvCredentialProvider() }
}
hostname
  • type: string

Set the application name (domain name), that is used to establish connection with.

var config = new Configuration(hostname: "app.neuralegion.com");
credentials
  • type: Credentials

Set credentials to access the application.

var config = new Configuration(
  // ...
  credentials: new Credential("your API key"));

More info about setting up an API key

credentialProviders
  • type: CredentialProvider[]

Allows you to provide credentials and load it in runtime. The configuration will invoke one provider at a time and only continue to the next if no credentials have been located. For example, if the process finds values defined via the BRIGHT_TOKEN environment variables, the file at .sectesterrc will not be read.

EnvCredentialProvider

Use this provider to read credentials from the following environment variable: BRIGHT_TOKEN

If the BRIGHT_TOKEN environment variable is not set or contains a falsy value, it will return undefined.

var credentialsProvider = new EnvCredentialProvider();
var config = new Configuration(
  // ...
  credentialProviders: new List<CredentialProvider> { credentialsProvider });

Messages

Message is used for syncing state between SDK, application and/or external services. This functionality is done by sending messages outside using a concrete implementation of Dispatcher.

Depending on the type of derived class from the Message, it might be addressed to only one consumer or have typically multiple consumers as well. When a message is sent to multiple consumers, the appropriate event handler in each consumer handles the message.

The Message is a data-holding class, but it implements a Visitor pattern to allow clients to perform operations on it using a visitor class (see Dispatcher) without modifying the source.

For instance, you can dispatch a message in a way that is more approach you or convenient from the client's perspective.

public record Ping : Event 
{
  public readonly string Status;
}

var @event = new Ping("connected");

// using a visitor pattern
await @event.Execute(dispatcher);

// or directly
await dispatcher.execute(@event);

The same is applicable for the Event. You just need to use the EventDispatcher instead of CommandDispatcher.

Each message have a correlation ID to ensure atomicity. The regular UUID is used, but you might also want to consider other options.

Request-response

The request-response message (aka Command) style is useful when you need to exchange messages between various external services. Using Command you can easily ensure that the service has actually received the message and sent a response back.

To create an instance of Command use the abstract class as follows:

public record RequestOptions 
{
  public string Url;
  public string Method;
  public Dictionary<string, string>? headers;
  public string? Body;
}

public record RequestOutput 
{
  public int Status;
  public Dictionary<string, string>? headers;
  public string? Body;
}

private record Request(RequestOptions Payload) : Command<RequestOutput>
{
  public RequestOptions Payload = Payload;
}

To adjust its behavior you can use next options:

Option Description
ExpectReply Indicates whether to wait for a reply. By default true.
Ttl Period of time that command should be handled before being discarded. By default 10000 ms.
Type The name of a command. By default, it is the name of specific class.
CorelationId Used to ensure atomicity while working with EventBus. By default, random UUID.
CreatedAt The exact date and time the command was created.

Publish-subscribe

When you just want to publish events without waiting for a response, it is better to use the Event. The ideal use case for the publish-subscribe model is when you want to simply notify another service that a certain condition has occurred.

To create an instance of Event use the abstract class as follows:

public record Issue
{
  public string Name;
  public string Details;
  public string Type;
  public string? Cvss;
  public string? Cwe;
}

private record IssueDetected(Issue Issue) : Event
{
  public Issue Issue = Issue;
}

To adjust its behavior you can use next options:

Option Description
Type The name of a command. By default, it is the name of specific class.
CorelationId Used to ensure atomicity while working with EventBus. By default, random UUID.
CreatedAt The exact date and time the event was created.

To create an event handler, you should implement the Handler interface and use the IoC container to register a handler using the interface as a provider:

public class IssueDetectedHandler : EventHandler<Issue> 
{
  public Task<Unit> Handle(IssueDetected @event) 
  {
    // implementation
    return Unit.Task;
  }
}

It is not possible to register multiple event handlers for a single event pattern.

As soon as the IssueDetected event appears, the event handler takes a single argument, the data passed from the client (in this case, an event payload which has been sent over the network).

License

Copyright © 2022 Bright Security.

This project is licensed under the MIT License - see the LICENSE file for details.

Product Compatible and additional computed target framework versions.
.NET net5.0 was computed.  net5.0-windows was computed.  net6.0 was computed.  net6.0-android was computed.  net6.0-ios was computed.  net6.0-maccatalyst was computed.  net6.0-macos was computed.  net6.0-tvos was computed.  net6.0-windows was computed.  net7.0 was computed.  net7.0-android was computed.  net7.0-ios was computed.  net7.0-maccatalyst was computed.  net7.0-macos was computed.  net7.0-tvos was computed.  net7.0-windows was computed.  net8.0 was computed.  net8.0-android was computed.  net8.0-browser was computed.  net8.0-ios was computed.  net8.0-maccatalyst was computed.  net8.0-macos was computed.  net8.0-tvos was computed.  net8.0-windows was computed. 
.NET Core netcoreapp2.0 was computed.  netcoreapp2.1 was computed.  netcoreapp2.2 was computed.  netcoreapp3.0 was computed.  netcoreapp3.1 was computed. 
.NET Standard netstandard2.0 is compatible.  netstandard2.1 was computed. 
.NET Framework net461 was computed.  net462 was computed.  net463 was computed.  net47 was computed.  net471 was computed.  net472 was computed.  net48 was computed.  net481 was computed. 
MonoAndroid monoandroid was computed. 
MonoMac monomac was computed. 
MonoTouch monotouch was computed. 
Tizen tizen40 was computed.  tizen60 was computed. 
Xamarin.iOS xamarinios was computed. 
Xamarin.Mac xamarinmac was computed. 
Xamarin.TVOS xamarintvos was computed. 
Xamarin.WatchOS xamarinwatchos was computed. 
Compatible target framework(s)
Included target framework(s) (in package)
Learn more about Target Frameworks and .NET Standard.

NuGet packages (3)

Showing the top 3 NuGet packages that depend on SecTester.Core:

Package Downloads
SecTester.Bus

This SDK is designed to provide all the basic tools and functions that will allow you to easily integrate the Bright security testing engine into your own project.

SecTester.Scan

This SDK is designed to provide all the basic tools and functions that will allow you to easily integrate the Bright security testing engine into your own project.

SecTester.Repeater

This SDK is designed to provide all the basic tools and functions that will allow you to easily integrate the Bright security testing engine into your own project.

GitHub repositories

This package is not used by any popular GitHub repositories.

Version Downloads Last updated
0.41.4 279 6/8/2024
0.41.3 422 10/4/2023
0.41.2 357 10/4/2023
0.41.1 358 10/4/2023
0.41.0 360 10/4/2023
0.40.0 399 8/3/2023
0.39.1 428 8/1/2023
0.39.0 403 7/31/2023
0.38.0 408 7/28/2023
0.37.0 396 7/20/2023
0.36.0 450 6/5/2023
0.35.1 472 5/2/2023
0.35.0 607 4/11/2023
0.34.0 962 2/8/2023
0.33.7 1,168 12/20/2022
0.33.6 1,194 12/16/2022
0.33.5 1,164 12/16/2022
0.33.4 1,188 12/15/2022
0.33.3 1,190 12/14/2022
0.33.2 1,200 12/14/2022
0.33.1 1,188 12/14/2022
0.33.0 1,170 12/14/2022
0.32.8 1,217 12/13/2022
0.32.7 1,178 12/13/2022
0.32.6 1,190 12/13/2022
0.32.5 1,148 12/13/2022
0.32.4 1,168 12/13/2022
0.32.3 1,181 12/13/2022
0.32.2 1,171 12/13/2022
0.32.1 1,205 12/13/2022
0.32.0 1,215 12/13/2022
0.31.0 1,215 12/11/2022
0.30.1 1,018 12/10/2022
0.30.0 1,025 12/9/2022
0.29.2 833 12/9/2022
0.29.1 867 12/9/2022
0.29.0 840 12/8/2022
0.28.0 868 12/8/2022
0.27.0 838 12/8/2022
0.26.0 856 12/7/2022
0.25.0 867 12/7/2022
0.24.0 860 12/6/2022
0.23.0 920 12/5/2022
0.22.0 936 12/2/2022
0.21.0 973 12/1/2022
0.20.0 972 12/1/2022
0.19.0 949 11/28/2022
0.18.0 942 11/28/2022
0.17.0 770 11/28/2022
0.16.0 745 11/28/2022
0.15.0 791 11/21/2022
0.14.0 590 11/16/2022
0.13.0 576 11/16/2022
0.12.0 579 11/16/2022
0.11.0 612 11/14/2022
0.10.0 575 11/14/2022
0.9.0 606 11/14/2022
0.8.0 382 11/8/2022
0.7.0 359 11/8/2022
0.6.0 376 11/8/2022
0.5.0 379 11/7/2022
0.4.0 397 11/7/2022
0.3.0 382 11/7/2022
0.2.0 381 11/7/2022
0.1.0 358 11/7/2022