search

puffyCid / artemis

A cross platform forensic parser written in Rust!
MIT License
64 stars 7 forks source link

Allow user to output data from JavaScript using artemis output workflow #34

Closed puffyCid closed 1 year ago

puffyCid commented 1 year ago

This PR allows a user to send data through the output workflow artemis uses. This allows a user to output data programmatically via JavaScript instead of having to return the data back to artemis Ex: Instead this only being able to return data like below

import { getWinProcesses } from "https://raw.githubusercontent.com/puffycid/artemis-api/master/mod.ts";
import { WindowsProcessInfo } from "https://raw.githubusercontent.com/puffycid/artemis-api/master/src/windows/processes.ts";

function main(): WindowsProcessInfo[] {
  const md5 = true;
  const sha1 = false;
  const sha256 = false;
  const pe_info = true;

  const proc_list = getWinProcesses(md5, sha1, sha256, pe_info);
  return proc_list;
}

main();

a user can now manually output data using outputResults() function

import {
  getWinProcesses,
  outputResults,
} from "https://raw.githubusercontent.com/puffycid/artemis-api/master/mod.ts";
import {
  Format,
  Output,
  OutputType,
} from "https://raw.githubusercontent.com/puffycid/artemis-api/master/src/system/output.ts";

function main() {
  const md5 = true;
  const sha1 = false;
  const sha256 = false;
  const pe_info = true;

  const proc_list = getWinProcesses(md5, sha1, sha256, pe_info);
  for (const entry of proc_list) {
    if (entry.name.includes("artemis")) {
      const out: Output = {
        name: "artemis_proc",
        directory: "./tmp",
        format: Format.JSON,
        compress: false,
        endpoint_id: "anything-i-want",
        collection_id: 1,
        output: OutputType.LOCAL,
      };
      const status = outputResults(JSON.stringify(entry), "artemis_info", out);
      if (!status) {
        console.log("Could not output to local directory");
      }
    }
  }
}

main();

This will send the data to artemis for output

codecov[bot] commented 1 year ago

Codecov Report

Patch coverage: 89.74% and project coverage change: -0.79 :warning:

Comparison is base (cbc4b72) 85.02% compared to head (aa76d8f) 84.23%.

Additional details and impacted files ```diff @@ Coverage Diff @@ ## main #34 +/- ## ========================================== - Coverage 85.02% 84.23% -0.79% ========================================== Files 127 292 +165 Lines 13574 35638 +22064 ========================================== + Hits 11541 30020 +18479 - Misses 2033 5618 +3585 ``` | [Impacted Files](https://app.codecov.io/gh/puffyCid/artemis/pull/34?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=None) | Coverage Δ | | |---|---|---| | [artemis-core/src/runtime/system/output.rs](https://app.codecov.io/gh/puffyCid/artemis/pull/34?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=None#diff-YXJ0ZW1pcy1jb3JlL3NyYy9ydW50aW1lL3N5c3RlbS9vdXRwdXQucnM=) | `87.69% <87.69%> (ø)` | | | [...mis-core/src/artifacts/os/macos/fsevents/parser.rs](https://app.codecov.io/gh/puffyCid/artemis/pull/34?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=None#diff-YXJ0ZW1pcy1jb3JlL3NyYy9hcnRpZmFjdHMvb3MvbWFjb3MvZnNldmVudHMvcGFyc2VyLnJz) | `94.82% <100.00%> (ø)` | | | [artemis-core/src/runtime/deno.rs](https://app.codecov.io/gh/puffyCid/artemis/pull/34?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=None#diff-YXJ0ZW1pcy1jb3JlL3NyYy9ydW50aW1lL2Rlbm8ucnM=) | `89.23% <100.00%> (+0.34%)` | :arrow_up: | | [artemis-core/src/runtime/system/extensions.rs](https://app.codecov.io/gh/puffyCid/artemis/pull/34?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=None#diff-YXJ0ZW1pcy1jb3JlL3NyYy9ydW50aW1lL3N5c3RlbS9leHRlbnNpb25zLnJz) | `100.00% <100.00%> (ø)` | | | [artemis-core/src/runtime/windows/shellbags.rs](https://app.codecov.io/gh/puffyCid/artemis/pull/34?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=None#diff-YXJ0ZW1pcy1jb3JlL3NyYy9ydW50aW1lL3dpbmRvd3Mvc2hlbGxiYWdzLnJz) | `86.66% <100.00%> (ø)` | | ... and [180 files with indirect coverage changes](https://app.codecov.io/gh/puffyCid/artemis/pull/34/indirect-changes?src=pr&el=tree-more&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=None)

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Do you have feedback about the report comment? Let us know in this issue.