qlty; untls; Censeye
Today, we have three handy tools that are fit for purpose in anyone’s toolbox, and were all recent discoveries that have helped me get stuff done.
TL;DR
(This is an AI-generated summary of today’s Drop using Ollama + llama 3.2 and a custom prompt.)
- Qlty CLI is a Rust-based multi-language code quality tool that combines features from disparate tools into a unified interface, streamlining code quality processes with static analysis and auto-formatting. (https://docs.qlty.sh/what-is-qlty)
untlsis a small Golang CLI tool that establishes transparent TCP and TLS connections, using a bidirectional copy mechanism to optimize memory usage and maintain high throughput. (https://github.com/lucasew/untls)- Censeye is a tool developed by Censys Research to identify hosts with characteristics similar to a specified target, helping researchers determine effective search terms and query the Censys API for related infrastructure. (https://github.com/Censys-Research/censeye)
qlty
Qlty CLI (GH) is a Rust-based multi-language code quality tool that combines many features of disparate tools into a single, unified interface. A primary goal of Qlty is to help streamline code quality processes by providing static analysis and auto-formatting across multiple programming languages.
It integrates several code quality dimensions into one workflow. It performs comprehensive linting across programming languages, handles auto-formatting of code, and includes security scanning features covering Infrastructure as Code (IaC), Static Application Security Testing (SAST), and Software Composition Analysis (SCA). It also analyzes code complexity metrics and identifies maintainability issues.
This is a sample session (first run immediately after d/l) of it working on my CVESky app, which I recently reconfigured into a Vite project:
$ cd ~/projects/cvesky
$ qlty init
› Initializing qlty in the current directory...
✔ Created .qlty/ directory
✔ Fetched plugins definitions
✔ Created .gitignore in .qlty/
✔ Created qlty.toml config file with 7 plugins
Plugin Version Targets Config
ripgrep latest 8 files
golangci-lint latest 0 files
osv-scanner latest 1 files
checkov latest 2 files
trufflehog latest 16 files
trivy latest 1 files
prettier 3.4.1 10 files
✔ Set up qlty in the current directory
? Would you like to run plugins to see a sample of issues? (y/n) › yes
› Running qlty check --sample 5
(installs a bunch of stuff)
Checked 18 files
✔ 0 issues
What's next?
1. Read the documentation: https://qlty.sh/docs
2. Get help and give feedback
Our developers are on Discord: https://qlty.sh/discord
$ qlty metrics --all
[0/3] 🤔 Planning... 0.02s
[1/3] 🔍 Analyzing files over all targets... 0.15s
[2/3] 👀 Parsing 6 files... 0.00s
[3/3] ✨ Reporting...
name | classes | funcs | fields | cyclo | complex | LCOM | lines | LOC
-------------------------------------------+---------+-------+--------+-------+---------+------+-------+------
src/components/AboutSection.js | 1 | 1 | 1 | 1 | 0 | 1 | 101 | 98
src/components/CVEEngagementVisualizer.js | 1 | 11 | 7 | 61 | 22 | 1 | 713 | 654
src/components/CVEHeatmap.js | 1 | 14 | 6 | 36 | 12 | 1 | 247 | 214
src/components/ServiceStatus.js | 1 | 6 | 4 | 11 | 8 | 1 | 138 | 124
src/main.js | 0 | 0 | 0 | 3 | 1 | 0 | 16 | 13
vite.config.js | 0 | 0 | 0 | 1 | 0 | 0 | 80 | 77
TOTAL | 4 | 32 | 18 | 113 | 43 | 4 | 1295 | 1180
I did a similar run on my spackrat repo, and Qlty was nowhere near as kind (1 2), but the suggestions were solid.
Qlty has tons of plugins, is configured via a TOML file, and has a meta qlty-ignore directive for silencing the nitpicks. And, it greatly simplified the process of keeping all the plugins up-to-date.
This is 100% a new default install in every new project for me.
untls
untls is a small, focused Golang CLI tool that lets us create a transparent bridge between plain TCP and TLS-encrypted connections. When launched, it establishes a local TCP listener that accepts incoming connections on either a specified or automatically assigned port. For each client connection, untls creates a corresponding TLS connection to the remote endpoint, effectively making the TLS handshake and encryption invisible to local applications.
It uses a bidirectional copy mechanism with a smart buffer pool system. When data arrives on either end:
- A 32KB buffer is retrieved from a sync.Pool to optimize memory usage
- Data is copied from the source connection to the destination
- The buffer is returned to the pool for reuse
This approach allows for efficient memory utilization and maintaining high throughput for the proxied connections. It also leverages Go’s concurrency model by spawning a new goroutine for each connection pair. This lets it handle multiple concurrent connections efficiently while maintaining isolated connection states.
The implementation uses Go’s standard crypto/tls package with default configurations for the TLS connection. While this provides basic security, it’s worth highlighting that untls acts as a termination point for the TLS encryption. This means traffic between your local application and untls is unencrypted, while traffic between untls and the remote server is encrypted using TLS.
untls proves particularly useful when working with applications that don’t natively support TLS but need to communicate with TLS-enabled services. Common use cases include:
- Testing TLS services locally with legacy tools
- Debugging encrypted protocols
- Creating secure tunnels for applications that only speak plain TCP
It’s far from being the only tool for this particulare niche job, but the simplicity of the implementation makes it an excellent example of how to bridge the gap between encrypted and unencrypted network protocols in Go.
Censeye
Censeye is a tool developed by my pals over at Censys Research to assist researchers in identifying hosts with characteristics similar to a specified target. When encountering a suspicious host, Censeye helps determine the most effective Censys Query Language (CenQL) search terms to uncover related infrastructure. After identifying these search terms, the tool can automatically query the Censys API to retrieve hosts matching the criteria, download the results, and perform further analysis on the newly discovered hosts.
There is a non-zero chance they made this tool in a futile attempt to stop me and my team from bugging them in our shared Slack 🙃.
Censeye operates by analyzing a target host to identify unique attributes that can serve as search terms in CenQL. These attributes may include specific services, configurations, or other distinctive features. The tool then uses these search terms to query the Censys database, seeking out hosts that exhibit similar characteristics. This process can be automated to iterate through newly found hosts, continually refining the search and expanding the network of related infrastructure.
It offers reporting features that allow users to save and review the findings from their searches. The tool’s configuration options enable customization of various parameters, such as defining which fields to consider during analysis, setting weights for specific attributes, and specifying fields to ignore. This flexibility allows researchers to tailor the tool’s behavior to their specific needs and research objectives.
The concept of “workspaces” in Censeye allows users to organize their research into distinct projects. Each workspace can maintain its own configuration settings, search terms, and results, facilitating structured and efficient analysis across multiple investigations.
While this is definitely a niche tool, it will be very useful for anyone performing security research on what’s connected to the big, bad intertubes.
FIN
Remember, you can follow and interact with the full text of The Daily Drop’s free posts on Mastodon via @dailydrop.hrbrmstr.dev@dailydrop.hrbrmstr.dev ☮️
hrbrmstr's Daily Drop 
Leave a comment