stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity

save checkpoint

Browse Source
This commit is contained in:
master
2026-02-14 09:11:48 +02:00
parent 9ca2de05df
commit e9aeadc040
1512 changed files with 30863 additions and 4728 deletions
Download Patch File Download Diff File Expand all files Collapse all files

37
docs/features/checked/scanner/exploit-path-grouping-service.md Normal file
View File

@@ -0,0 +1,37 @@
# Exploit Path Grouping Service (Attack Chain Triage)
## Module
Scanner
## Status
VERIFIED
## Description
Groups vulnerability findings into exploit paths based on (artifact, package, vulnerable symbol, entry point) tuples with deterministic SHA-256 path IDs. Correlates reachability evidence, VEX status, and active exceptions per path. Falls back to package-level grouping when no reachability data is available. Sorted by aggregated risk score.
## Implementation Details
- **Core Service**:
- `src/Scanner/__Libraries/StellaOps.Scanner.Triage/Services/IExploitPathGroupingService.cs` - Interface for exploit path grouping
- `src/Scanner/__Libraries/StellaOps.Scanner.Triage/Models/ExploitPath.cs` - Exploit path model with deterministic SHA-256 path IDs
- **API Integration**:
- `src/Scanner/StellaOps.Scanner.WebService/Endpoints/Triage/TriageInboxEndpoints.cs` - Triage inbox with exploit path grouping
- `src/Scanner/StellaOps.Scanner.WebService/Endpoints/Triage/ProofBundleEndpoints.cs` - Proof bundle endpoints including exploit path summaries (`ExploitPathSummary`)
## E2E Test Plan
- [ ] Scan an image with multiple vulnerabilities sharing the same entry point and verify they are grouped into a single exploit path
- [ ] Verify exploit path IDs are deterministic SHA-256 hashes of (artifact, package, vulnerable symbol, entry point) tuples
- [ ] Verify each exploit path correlates reachability evidence, VEX status, and active exceptions
- [ ] Verify fallback to package-level grouping when no reachability data is available
- [ ] Verify exploit paths are sorted by aggregated risk score (highest first)
- [ ] Query the triage inbox via API and verify grouped findings are returned
---
## Verification
| Check | Result |
|-------|--------|
| Tier 0 - Source files exist | PASS |
| Tier 1 - Build + code review | PASS |
| Tier 2 - Integration tests | PASS |
| Verified | 2026-02-13T18:10:00Z |