"""Data models for bug bounty operations."""
from datetime import datetime
from enum import Enum
from typing import Dict, List, Optional
from pydantic import BaseModel, Field, HttpUrl, validator
class ScopeType(str, Enum):
"""Types of scope targets."""
DOMAIN = "domain"
IP_RANGE = "ip_range"
MOBILE_APP = "mobile_app"
API = "api"
HARDWARE = "hardware"
OTHER = "other"
class Platform(str, Enum):
"""Bug bounty platforms."""
HACKERONE = "hackerone"
BUGCROWD = "bugcrowd"
INTIGRITI = "intigriti"
YESWEHACK = "yeswehack"
CUSTOM = "custom"
class Severity(str, Enum):
"""Vulnerability severity levels."""
CRITICAL = "critical"
HIGH = "high"
MEDIUM = "medium"
LOW = "low"
INFO = "info"
class ScanStatus(str, Enum):
"""Status of scanning operations."""
PENDING = "pending"
RUNNING = "running"
COMPLETED = "completed"
FAILED = "failed"
CANCELLED = "cancelled"
class ScopeRule(BaseModel):
"""Represents a scope rule for a bug bounty program."""
type: ScopeType
target: str
notes: Optional[str] = None
wildcard: bool = False
@validator('target')
def validate_target(cls, v: str, values: dict) -> str:
"""Validate target format based on type."""
if not v:
raise ValueError("Target cannot be empty")
return v.strip()
class BugBountyProgram(BaseModel):
"""Represents a bug bounty program configuration."""
program_id: str = Field(..., description="Unique identifier for the program")
platform: Platform
name: str
url: str
in_scope: List[ScopeRule] = Field(default_factory=list)
out_of_scope: List[ScopeRule] = Field(default_factory=list)
max_severity: Severity = Severity.CRITICAL
enrolled: bool = False
api_token: Optional[str] = None
notes: Optional[str] = None
created_at: datetime = Field(default_factory=datetime.utcnow)
updated_at: datetime = Field(default_factory=datetime.utcnow)
class Config:
use_enum_values = True
class Finding(BaseModel):
"""Represents a security finding/vulnerability."""
title: str
severity: Severity
description: str
cvss_score: Optional[float] = Field(None, ge=0.0, le=10.0)
cwe_id: Optional[str] = None
evidence: Dict = Field(default_factory=dict)
remediation: Optional[str] = None
references: List[str] = Field(default_factory=list)
confirmed: bool = False
class Config:
use_enum_values = True
class ScanResult(BaseModel):
"""Represents the result of a security scan."""
scan_id: str
program_id: str
tool: str
target: str
timestamp: datetime = Field(default_factory=datetime.utcnow)
findings: List[Finding] = Field(default_factory=list)
status: ScanStatus = ScanStatus.PENDING
error_message: Optional[str] = None
metadata: Dict = Field(default_factory=dict)
duration_seconds: Optional[float] = None
class Config:
use_enum_values = True
class Target(BaseModel):
"""Represents a target for testing."""
target_id: str
program_id: str
value: str
type: ScopeType
in_scope: bool
last_scanned: Optional[datetime] = None
active: bool = True
notes: Optional[str] = None
class Config:
use_enum_values = True
class AuditLogEntry(BaseModel):
"""Represents an audit log entry."""
timestamp: datetime = Field(default_factory=datetime.utcnow)
action: str
program_id: Optional[str] = None
target: Optional[str] = None
tool: Optional[str] = None
success: bool
details: Dict = Field(default_factory=dict)
validation_result: Optional[str] = None
class ToolResult(BaseModel):
"""Generic result from tool execution."""
success: bool
tool_name: str
output: str
parsed_data: Dict = Field(default_factory=dict)
errors: List[str] = Field(default_factory=list)
warnings: List[str] = Field(default_factory=list)
execution_time: float = 0.0
