Source: factory.core/ObjSecurityAudit.py
| Method | Signature | Description |
|---|---|---|
| ai_analyse | ai_analyse(category: str, findings_data: dict) -> str |
Ask AI to analyse findings for a specific audit category. |
| ai_analyse_all | ai_analyse_all() -> Dict[str, str] |
Run AI analysis on all audit categories that have findings. |
| add_pass | add_pass(category: str, title: str, detail: str = '') -> None |
Record a passed security check. |
| add_finding | add_finding(category: str, title: str, severity: str, detail: str, remediation: str = '') -> None |
Record a security finding. |
| get_report | get_report() -> dict |
Return structured audit report with all findings. |
| get_report_markdown | get_report_markdown() -> str |
Return findings as formatted markdown. |
| audit_ports | audit_ports(host: str, ports: Optional[List[int]] = None) -> list |
Scan host for open ports using socket connections. |
| audit_ssl | audit_ssl(host: str, port: int = 443) -> dict |
Check SSL/TLS security. |
| audit_http_headers | audit_http_headers(url: str) -> dict |
Check security headers on HTTP response. |
| audit_ssh | audit_ssh(host: str, port: int = 22) -> dict |
Check SSH security. |
| audit_dns | audit_dns(domain: str) -> dict |
Check DNS security. |
| audit_mysql_exposure | audit_mysql_exposure(host: str, port: int = 3306) -> dict |
Check if MySQL/MariaDB port is exposed externally. |
| audit_web_app | audit_web_app(host: str) -> dict |
Web application security checks. |
| audit_tls_deep | audit_tls_deep(host: str, port: int = 443) -> dict |
Deep TLS analysis. |
| audit_databases | audit_databases(host: str) -> dict |
Check exposure of multiple DB types. |
| audit_email | audit_email(host: str) -> dict |
Email security checks. |
| audit_infrastructure | audit_infrastructure(host: str) -> dict |
Infrastructure reconnaissance. |
| audit_subdomains | audit_subdomains(host: str, cache_days: int = 7) -> dict |
Discover subdomains via cache or |
| audit_error_disclosure | audit_error_disclosure(host: str) -> dict |
Check if error pages leak info. |
| audit_host_header | audit_host_header(host: str) -> dict |
Check for host header injection. |
| audit_hsts_preload | audit_hsts_preload(host: str) -> dict |
Check HSTS preload list status. |
| audit_rate_limiting | audit_rate_limiting(host: str) -> dict |
Test if rate limiting is active. |
| audit_api_versions | audit_api_versions(host: str) -> dict |
Probe for old API versions. |
| audit_clickjacking | audit_clickjacking(host: str) -> dict |
Verify clickjacking protection |
| audit_dnssec | audit_dnssec(host: str) -> dict |
Check DNSSEC deployment. |
| audit_websocket | audit_websocket(host: str) -> dict |
Check WebSocket security. |
| audit_screenshot | audit_screenshot(host: str) -> dict |
Capture website screenshot using |
| audit_whois | audit_whois(host: str) -> dict |
WHOIS lookup for domain ownership. |
| audit_os_fingerprint | audit_os_fingerprint(host: str) -> dict |
OS fingerprint and service detection |
| audit_tech_detect | audit_tech_detect(host: str) -> dict |
Detect web technologies, frameworks, |
| audit_dns_trace | audit_dns_trace(host: str) -> dict |
Extended DNS information — NS chain, |
| audit_inet_intel | audit_inet_intel(host: str) -> dict |
Full IP and domain intelligence |
| audit_host | audit_host(host: str, checks: Optional[List[str]] = None) -> dict |
Run all audits against a single host. |
| audit_hosts | audit_hosts(hosts: list) -> dict |
Run audit_host against multiple hosts. Returns combined report. |
| get_report_html | get_report_html(host: str = '') -> str |
Return findings as HTML email body. |
| send_report | send_report(host: str, notify_email: str, notify_severity: str = 'HIGH') -> bool |
Send branded audit report via email. |
Run security audit against an external host.
Scan multiple hosts from config.
Run scheduled audits from def_security_audit_hosts table.