Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
var Modules = map[string]func([]byte) (VulnResults, error){ "XSS": XSS, "SQLI": SQLI, "CMDEXEC": CMDEXEC, "LFI": LFI, }
Modules contains a map of the currently available analysis functions. its exported so the scanner can print what functions exist more dynamically. Update this if you add a new analysis module to have it run.
Functions ¶
Types ¶
type Results ¶
type Results struct {
Plugin string
Modules map[string][]VulnResults
}
Results is a struct for storing the results of every vulnerable file that was scanned within a plugins archive
type VulnResults ¶
VulnResults type is for each vuln module to output its results to. Each one is appended to the files "Results" object
func CMDEXEC ¶
func CMDEXEC(content []byte) (VulnResults, error)
CMDEXEC is the function that searches PHP code for common RCE vulnerability patterns
func LFI ¶
func LFI(content []byte) (VulnResults, error)
LFI is the function that searches PHP code for common Local File Inclusion vulnerability patterns
func SQLI ¶
func SQLI(content []byte) (VulnResults, error)
SQLI is the SQL injection module that will scan a php file for SQLi vulns
func XSS ¶
func XSS(content []byte) (VulnResults, error)
XSS is the XSS module that will scan a php file for XSS vulns
Source Files