Documentation
¶
Index ¶
- Constants
- Variables
- func Cluster(list map[string]*Template) [][]*Template
- func ClusterID(templates []*Template) string
- type Executer
- type Preprocessor
- type Template
- func (template *Template) MarshalJSON() ([]byte, error)
- func (template *Template) MarshalYAML() ([]byte, error)
- func (template *Template) Requests() int
- func (template *Template) Type() types.ProtocolType
- func (template *Template) UnmarshalJSON(data []byte) error
- func (template *Template) UnmarshalYAML(unmarshal func(interface{}) error) error
Constants ¶
const (
// TemplateExtension defines the template default file extension
TemplateExtension = ".yaml"
)
Variables ¶
var (
ErrCreateTemplateExecutor = errors.New("cannot create template executer")
)
Functions ¶
func Cluster ¶
Cluster clusters a list of templates into a lesser number if possible based on the similarity between the sent requests.
If the attributes match, multiple requests can be clustered into a single request which saves time and network resources during execution.
The clusterer goes through all the templates, looking for templates with a single HTTP request to an endpoint (multiple requests aren't clustered as of now).
All the templates are iterated and any templates with request that is identical to the first individual HTTP request is compared for equality. The equality check is performed as described below -
Cases where clustering is not perfomed (request is considered different)
- If request contains payloads,raw,body,unsafe,req-condition,name attributes
- If request methods,max-redirects,cookie-reuse,redirects are not equal
- If request paths aren't identical.
- If request headers aren't identical
If multiple requests are identified as identical, they are appended to a slice. Finally, the engine creates a single executer with a clusteredexecuter for all templates in a cluster.
Types ¶
type Executer ¶
type Executer struct {
// contains filtered or unexported fields
}
Executer executes a group of requests for a protocol for a clustered request. It is different from normal executers since the original operators are all combined and post processed after making the request.
TODO: We only cluster http requests as of now.
func NewExecuter ¶
func NewExecuter(requests []*Template, options *protocols.ExecuterOptions) *Executer
NewExecuter creates a new request executer for list of requests
func (*Executer) Compile ¶
Compile compiles the execution generators preparing any requests possible.
func (*Executer) Execute ¶
Execute executes the protocol group and returns true or false if results were found.
func (*Executer) ExecuteWithResults ¶
func (e *Executer) ExecuteWithResults(input string, callback protocols.OutputEventCallback) error
ExecuteWithResults executes the protocol requests and returns results instead of writing them.
type Preprocessor ¶
type Template ¶
type Template struct {
// description: |
// ID is the unique id for the template.
//
// #### Good IDs
//
// A good ID uniquely identifies what the requests in the template
// are doing. Let's say you have a template that identifies a git-config
// file on the webservers, a good name would be `git-config-exposure`. Another
// example name is `azure-apps-nxdomain-takeover`.
// examples:
// - name: ID Example
// value: "\"CVE-2021-19520\""
ID string `` /* 155-byte string literal not displayed */
// description: |
// Info contains metadata information about the template.
// examples:
// - value: exampleInfoStructure
Info model.Info `yaml:"info" jsonschema:"title=info for the template,description=Info contains metadata for the template"`
// description: |
// Requests contains the http request to make in the template.
// examples:
// - value: exampleNormalHTTPRequest
RequestsHTTP []*http.Request `` /* 143-byte string literal not displayed */
// description: |
// DNS contains the dns request to make in the template
// examples:
// - value: exampleNormalDNSRequest
RequestsDNS []*dns.Request `` /* 131-byte string literal not displayed */
// description: |
// File contains the file request to make in the template
// examples:
// - value: exampleNormalFileRequest
RequestsFile []*file.Request `` /* 135-byte string literal not displayed */
// description: |
// Network contains the network request to make in the template
// examples:
// - value: exampleNormalNetworkRequest
RequestsNetwork []*network.Request `` /* 147-byte string literal not displayed */
// description: |
// Headless contains the headless request to make in the template.
RequestsHeadless []*headless.Request `` /* 151-byte string literal not displayed */
// description: |
// SSL contains the SSL request to make in the template.
RequestsSSL []*ssl.Request `` /* 131-byte string literal not displayed */
// description: |
// Websocket contains the Websocket request to make in the template.
RequestsWebsocket []*websocket.Request `` /* 155-byte string literal not displayed */
// description: |
// WHOIS contains the WHOIS request to make in the template.
RequestsWHOIS []*whois.Request `` /* 139-byte string literal not displayed */
// description: |
// Workflows is a yaml based workflow declaration code.
workflows.Workflow `yaml:",inline,omitempty" jsonschema:"title=workflows to run,description=Workflows to run for the template"`
CompiledWorkflow *workflows.Workflow `yaml:"-" json:"-" jsonschema:"-"`
// description: |
// Self Contained marks Requests for the template as self-contained
SelfContained bool `` /* 143-byte string literal not displayed */
// description: |
// Stop execution once first match is found
StopAtFirstMatch bool `yaml:"stop-at-first-match,omitempty" jsonschema:"title=stop at first match,description=Stop at first match for the template"`
// description: |
// Signature is the request signature method
// values:
// - "AWS"
Signature http.SignatureTypeHolder `` /* 160-byte string literal not displayed */
// description: |
// Variables contains any variables for the current request.
Variables variables.Variable `` /* 145-byte string literal not displayed */
// TotalRequests is the total number of requests for the template.
TotalRequests int `yaml:"-" json:"-"`
// Executer is the actual template executor for running template requests
Executer protocols.Executer `yaml:"-" json:"-"`
Path string `yaml:"-" json:"-"`
}
Template is a YAML input file which defines all the requests and other metadata for a template.
func ClusterTemplates ¶
func ClusterTemplates(templatesList []*Template, options protocols.ExecuterOptions) ([]*Template, int)
func Parse ¶
func Parse(filePath string, preprocessor Preprocessor, options protocols.ExecuterOptions, Pocs embed.FS) (*Template, error)
Parse parses a yaml request template file TODO make sure reading from the disk the template parsing happens once: see parsers.ParseTemplate vs templates.Parse
func (*Template) MarshalJSON ¶
MarshalJSON forces recursive struct validation during marshal operation
func (*Template) MarshalYAML ¶
MarshalYAML forces recursive struct validation during marshal operation
func (*Template) Type ¶
func (template *Template) Type() types.ProtocolType
Type returns the type of the template
func (*Template) UnmarshalJSON ¶
UnmarshalJSON forces recursive struct validation after unmarshal operation
func (*Template) UnmarshalYAML ¶
MarshalYAML forces recursive struct validation after unmarshal operation
Source Files