Documentation ¶
Index ¶
- func CheckRule(rule Rule, logger logging.ILogger) error
- func CheckRuleInfo(info *RuleInfo) error
- func ConvertSeverityStringToInteger(severity string) int64
- type BodyHashMatch
- type BodyRule
- type HeadersRule
- type RequestParametersRule
- type RequestRule
- type ResponseRule
- type Rule
- type RuleInfo
- type RuleRunner
- type RuleSearchMode
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func CheckRule ¶
Checks if the rule is valid or not @param rule - the rule struct to be tested @param logger - the logger to be used Returns an error which specifies the problem with the rule
func CheckRuleInfo ¶
Check if the rule information is valid or not @param info - the rule information structure Returns an error if the info field is not valid
func ConvertSeverityStringToInteger ¶
Converts the severity string to integer value @param severity - the string format of the representation (can be low, medium, high, critical) - case insensitive Returns the integer coresponding to severity or -1 if the severity type does not exist
Types ¶
type BodyHashMatch ¶
Holds all the information about the matched hash of the body
type BodyRule ¶
type BodyRule struct { SHA256Sum string `yaml:"sha256sum"` //The SHA256 hash of the body to match MD5Sum string `yaml:"md5sum"` //The MD5 hash of the body Match string `yaml:"match"` //The string to match exactly Regex string `yaml:"regex"` //The regex used for searching }
Holds all the information about the body
type HeadersRule ¶
type HeadersRule struct { Name string `yaml:"name"` //The name of the search to search for matches Match string `yaml:"match"` //The string to match exactly Regex string `yaml:"regex"` //The regex used for searching }
Holds all the information about headers
type RequestParametersRule ¶
type RequestParametersRule struct { Name string `yaml:"name"` //The name of the query variable (can be any which means look through all the query variable names for a match) Match string `yaml:"match"` //The string to match exactly Regex string `yaml:"regex"` //The regex used for searching }
Holds all the information about request parameters
type RequestRule ¶
type RequestRule struct { Method *RuleSearchMode `yaml:"method"` //The modes to search on the method URL *RuleSearchMode `yaml:"url"` //The modes to search on the URL Headers []*HeadersRule `yaml:"headers"` //The headers to be checked Parameters []*RequestParametersRule `yaml:"params"` //The request parameters (both from URL and body) Body []*BodyRule `yaml:"body"` //The string to search for in the body }
Holds all the information in the request field of the rule YAML file
type ResponseRule ¶
type ResponseRule struct { Code *RuleSearchMode `yaml:"code"` //The modes to search on the status code Headers []*HeadersRule `yaml:"headers"` //The headers to be checked Body []*BodyRule `yaml:"body"` //The string to search for in the body }
Holds all the information in the response field of the rule YAML file
type Rule ¶
type Rule struct { Id string `yaml:"id"` //The ID of the rule (should be unique) Info *RuleInfo `yaml:"info"` //The info structure Request *RequestRule `yaml:"request"` //The request matchers Response *ResponseRule `yaml:"response"` //The response matchers }
Structure which holds all the information about the rule parsed from the rule.yaml file
func LoadRulesFromDirectory ¶
Loads all the rules that can be found in the specified directory Pass the logger as a parameter for better view of the problems @param rulesDirectory - the directory from which the rules should be pulled @param logger - the logger to be used to display the errors If the directory cannot be opened to read all the files in it then an error is returned
type RuleInfo ¶
type RuleInfo struct { Name string `yaml:"name"` //The name of the rule Description string `yaml:"description"` //The description of the rule Severity string `yaml:"severity"` //The severity of the rule, in the string representation Classification string `yaml:"classification"` //The classification if it matches, in the string representation }
Holds all the information in the info field of the rule.yaml files
type RuleRunner ¶
type RuleRunner struct {
// contains filtered or unexported fields
}
Structure which will hold all the necessary data to match the rules on the request and the response
func NewRuleRunner ¶
func NewRuleRunner(logger logging.ILogger, rules []Rule, apiWsConn *websocket.APIWebSocketConnection, configuration config.Configuration) *RuleRunner
Creates a new rule runner struct
func (*RuleRunner) RunRulesOnRequest ¶
func (rl *RuleRunner) RunRulesOnRequest(r *http.Request) ([]*data.RuleFindingData, error)
Run all the rules on the request @param r - the http request to operate on Returns a list of findings or an error if something occured
func (*RuleRunner) RunRulesOnResponse ¶
func (rl *RuleRunner) RunRulesOnResponse(r *http.Response) ([]*data.RuleFindingData, error)
Run all the rules on the response @param r - the http response to operate on Returns a list of findings or an error if something occured
type RuleSearchMode ¶
type RuleSearchMode struct { Match string `yaml:"match"` //The string to match exactly Regex string `yaml:"regex"` //The regex used for searching }
Holds all the modes the search can be made