Documentation ¶
Index ¶
- Variables
- func MakeDefaultExtractFunc(data map[string]interface{}, extractor *extractors.Extractor) map[string]struct{}
- func MakeDefaultMatchFunc(data map[string]interface{}, matcher *matchers.Matcher) (bool, []string)
- func MakeDefaultResultEvent(request Request, wrapped *output.InternalWrappedEvent) []*output.ResultEvent
- type Executer
- type ExecutorOptions
- func (e *ExecutorOptions) AddTemplateVar(input *contextargs.MetaInput, templateType templateTypes.ProtocolType, ...)
- func (e *ExecutorOptions) AddTemplateVars(input *contextargs.MetaInput, reqType templateTypes.ProtocolType, reqID string, ...)
- func (e ExecutorOptions) Copy() ExecutorOptions
- func (e *ExecutorOptions) CreateTemplateCtxStore()
- func (e *ExecutorOptions) EncodeTemplate() string
- func (e *ExecutorOptions) GetTemplateCtx(input *contextargs.MetaInput) *contextargs.Context
- func (e *ExecutorOptions) GetThreadsForNPayloadRequests(totalRequests int, currentThreads int) int
- func (e *ExecutorOptions) HasTemplateCtx(input *contextargs.MetaInput) bool
- func (eo *ExecutorOptions) RateLimitTake()
- func (e *ExecutorOptions) RemoveTemplateCtx(input *contextargs.MetaInput)
- type OutputEventCallback
- type Request
Constants ¶
This section is empty.
Variables ¶
var (
MaxTemplateFileSizeForEncoding = 1024 * 1024
)
Functions ¶
func MakeDefaultExtractFunc ¶
func MakeDefaultExtractFunc(data map[string]interface{}, extractor *extractors.Extractor) map[string]struct{}
MakeDefaultExtractFunc performs extracting operation for an extractor on model and returns true or false.
func MakeDefaultMatchFunc ¶
MakeDefaultMatchFunc performs matching operation for a matcher on model and returns true or false.
func MakeDefaultResultEvent ¶
func MakeDefaultResultEvent(request Request, wrapped *output.InternalWrappedEvent) []*output.ResultEvent
Types ¶
type Executer ¶
type Executer interface { // Compile compiles the execution generators preparing any requests possible. Compile() error // Requests returns the total number of requests the rule will perform Requests() int // Execute executes the protocol group and returns true or false if results were found. Execute(ctx *scan.ScanContext) (bool, error) // ExecuteWithResults executes the protocol requests and returns results instead of writing them. ExecuteWithResults(ctx *scan.ScanContext) ([]*output.ResultEvent, error) }
Executer is an interface implemented any protocol based request executer.
type ExecutorOptions ¶
type ExecutorOptions struct { // TemplateID is the ID of the template for the request TemplateID string // TemplatePath is the path of the template for the request TemplatePath string // TemplateInfo contains information block of the template request TemplateInfo model.Info // RawTemplate is the raw template for the request RawTemplate []byte // Output is a writer interface for writing output events from executer. Output output.Writer // Options contains configuration options for the executer. Options *types.Options // IssuesClient is a client for nuclei issue tracker reporting IssuesClient reporting.Client // Progress is a progress client for scan reporting Progress progress.Progress // RateLimiter is a rate-limiter for limiting sent number of requests. RateLimiter *ratelimit.Limiter // Catalog is a template catalog implementation for nuclei Catalog catalog.Catalog // ProjectFile is the project file for nuclei ProjectFile *projectfile.ProjectFile // Browser is a browser engine for running headless templates Browser *engine.Browser // Interactsh is a client for interactsh oob polling server Interactsh *interactsh.Client // HostErrorsCache is an optional cache for handling host errors HostErrorsCache hosterrorscache.CacheInterface // Stop execution once first match is found (Assigned while parsing templates) // Note: this is different from Options.StopAtFirstMatch (Assigned from CLI option) StopAtFirstMatch bool // Variables is a list of variables from template Variables variables.Variable // Constants is a list of constants from template Constants map[string]interface{} // ExcludeMatchers is the list of matchers to exclude ExcludeMatchers *excludematchers.ExcludeMatchers // InputHelper is a helper for input normalization InputHelper *input.Helper Operators []*operators.Operators // only used by offlinehttp module // DoNotCache bool disables optional caching of the templates structure DoNotCache bool Colorizer aurora.Aurora WorkflowLoader model.WorkflowLoader ResumeCfg *types.ResumeCfg // ProtocolType is the type of the template ProtocolType templateTypes.ProtocolType // Flow is execution flow for the template (written in javascript) Flow string // IsMultiProtocol is true if template has more than one protocol IsMultiProtocol bool // JsCompiler is abstracted javascript compiler which adds node modules and provides execution // environment for javascript templates JsCompiler *compiler.Compiler // AuthProvider is a provider for auth strategies AuthProvider authprovider.AuthProvider //TemporaryDirectory is the directory to store temporary files TemporaryDirectory string Parser parser.Parser // ExportReqURLPattern exports the request URL pattern // in ResultEvent it contains the exact url pattern (ex: {{BaseURL}}/{{randstr}}/xyz) used in the request ExportReqURLPattern bool // contains filtered or unexported fields }
ExecutorOptions contains the configuration options for executer clients
func (*ExecutorOptions) AddTemplateVar ¶
func (e *ExecutorOptions) AddTemplateVar(input *contextargs.MetaInput, templateType templateTypes.ProtocolType, reqID string, key string, value interface{})
AddTemplateVar adds given var to template context with given template type as prefix this method is no-op if template is not multi protocol
func (*ExecutorOptions) AddTemplateVars ¶
func (e *ExecutorOptions) AddTemplateVars(input *contextargs.MetaInput, reqType templateTypes.ProtocolType, reqID string, vars map[string]interface{})
AddTemplateVars adds vars to template context with given template type as prefix this method is no-op if template is not multi protocol
func (ExecutorOptions) Copy ¶
func (e ExecutorOptions) Copy() ExecutorOptions
Copy returns a copy of the executeroptions structure
func (*ExecutorOptions) CreateTemplateCtxStore ¶
func (e *ExecutorOptions) CreateTemplateCtxStore()
CreateTemplateCtxStore creates template context store (which contains templateCtx for every scan)
func (*ExecutorOptions) EncodeTemplate ¶
func (e *ExecutorOptions) EncodeTemplate() string
func (*ExecutorOptions) GetTemplateCtx ¶
func (e *ExecutorOptions) GetTemplateCtx(input *contextargs.MetaInput) *contextargs.Context
GetTemplateCtx returns template context for given input
func (*ExecutorOptions) GetThreadsForNPayloadRequests ¶
func (e *ExecutorOptions) GetThreadsForNPayloadRequests(totalRequests int, currentThreads int) int
GetThreadsForPayloadRequests returns the number of threads to use as default for given max-request of payloads
func (*ExecutorOptions) HasTemplateCtx ¶
func (e *ExecutorOptions) HasTemplateCtx(input *contextargs.MetaInput) bool
HasTemplateCtx returns true if template context exists for given input
func (*ExecutorOptions) RateLimitTake ¶
func (eo *ExecutorOptions) RateLimitTake()
todo: centralizing components is not feasible with current clogged architecture a possible approach could be an internal event bus with pub-subs? This would be less invasive than reworking dep injection from scratch
func (*ExecutorOptions) RemoveTemplateCtx ¶
func (e *ExecutorOptions) RemoveTemplateCtx(input *contextargs.MetaInput)
RemoveTemplateCtx removes template context of given scan from store
type OutputEventCallback ¶
type OutputEventCallback func(result *output.InternalWrappedEvent)
OutputEventCallback is a callback event for any results found during scanning.
type Request ¶
type Request interface { // Compile compiles the request generators preparing any requests possible. Compile(options *ExecutorOptions) error // Requests returns the total number of requests the rule will perform Requests() int // GetID returns the ID for the request if any. IDs are used for multi-request // condition matching. So, two requests can be sent and their match can // be evaluated from the third request by using the IDs for both requests. GetID() string // Match performs matching operation for a matcher on model and returns: // true and a list of matched snippets if the matcher type is supports it // otherwise false and an empty string slice Match(data map[string]interface{}, matcher *matchers.Matcher) (bool, []string) // Extract performs extracting operation for an extractor on model and returns true or false. Extract(data map[string]interface{}, matcher *extractors.Extractor) map[string]struct{} // ExecuteWithResults executes the protocol requests and returns results instead of writing them. ExecuteWithResults(input *contextargs.Context, dynamicValues, previous output.InternalEvent, callback OutputEventCallback) error // MakeResultEventItem creates a result event from internal wrapped event. Intended to be used by MakeResultEventItem internally MakeResultEventItem(wrapped *output.InternalWrappedEvent) *output.ResultEvent // MakeResultEvent creates a flat list of result events from an internal wrapped event, based on successful matchers and extracted data MakeResultEvent(wrapped *output.InternalWrappedEvent) []*output.ResultEvent // GetCompiledOperators returns a list of the compiled operators GetCompiledOperators() []*operators.Operators // Type returns the type of the protocol request Type() templateTypes.ProtocolType }
Request is an interface implemented any protocol based request generator.
Directories ¶
Path | Synopsis |
---|---|
common
|
|
automaticscan
Package automaticscan implements automatic technology based template execution for a nuclei instance.
|
Package automaticscan implements automatic technology based template execution for a nuclei instance. |
contextargs
Package contextargs implements a generic entity for shared context within workflows
|
Package contextargs implements a generic entity for shared context within workflows |
helpers/deserialization
Package deserialization implements helpers for deserialization issues in nuclei.
|
Package deserialization implements helpers for deserialization issues in nuclei. |
raw
Package raw provides raw http request parsing abilities for nuclei.
|
Package raw provides raw http request parsing abilities for nuclei. |