Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add CRTTool for SSL Certificate Analysis #201

Open
darielnoel opened this issue Jan 24, 2025 · 0 comments
Open

Add CRTTool for SSL Certificate Analysis #201

darielnoel opened this issue Jan 24, 2025 · 0 comments
Labels
feature New feature or request integrations Adding support for third-party tools, agents, or services tools

Comments

@darielnoel
Copy link
Contributor

Is your feature request related to a problem? Please describe.
Currently, KaibanJS does not include a tool for analyzing SSL certificates, which can be useful for security-related workflows. This feature could enhance agent capabilities in domains such as security and compliance by enabling SSL analysis directly within workflows.

Describe the solution you'd like
I propose adding the CRTTool, a utility that fetches SSL certificate data from crt.sh via a CORS proxy. This tool will enable agents to analyze SSL certificates for a specified domain, providing insights into subdomains, certificate issuers, validity periods, and potential risks. The tool would integrate seamlessly with the KaibanJS framework, as demonstrated in the provided example code.

Describe alternatives you've considered

  • Manually fetching and parsing SSL certificate data outside KaibanJS workflows, which adds unnecessary complexity.
  • Using third-party tools for SSL analysis, which lacks direct integration with agents in KaibanJS.

Additional context
The CRTTool is designed to fetch and parse JSON data of SSL certificates from crt.sh using the axios library and the allorigins.win proxy. Here is the implementation:

import { Tool } from "@langchain/core/tools";
import { z } from "zod";
import axios from "axios";

export class CRTTool extends Tool {
  constructor(fields) {
    super(fields);
    this.name = "crt_tool";
    this.description = "Fetches JSON data of certificates from crt.sh for a given domain using a CORS proxy.";
    this.schema = z.object({
      domain: z
        .string()
        .describe("The domain to fetch certificate JSON data for."),
    });
  }

  async _call(input) {
    try {
      const requestUrl = `https://api.allorigins.win/raw?url=${encodeURIComponent(
        `https://crt.sh/json?q=${input.domain}`
      )}`;
      const response = await axios.get(requestUrl);

      const data = response.data;
      if (typeof data === 'string') {
        return JSON.parse(data); // Ensure string JSON is parsed
      }
      return data;
    } catch (error) {
      return `Error fetching JSON data from crt.sh: ${error.message}`;
    }
  }
}

Additionally, this feature integrates into a sample agent and task:

  • Agent: SSL Certificate Analyzer
  • Task: Analyze SSL certificates and generate security reports.

This feature was suggested and implemented by @aitorroma
@darielnoel darielnoel added feature New feature or request integrations Adding support for third-party tools, agents, or services tools labels Jan 24, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
feature New feature or request integrations Adding support for third-party tools, agents, or services tools
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@darielnoel