manual

package

v0.0.0-...-bdd1cc4 Latest Latest Go to latest Published: Dec 1, 2024 License: GPL-3.0 Imports: 29 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/pyneda/sukyan

Links

Open Source Insights

Documentation ¶

Index ¶

func Fuzz(input RequestFuzzOptions, taskID uint) (int, error)
func GenerateCrossSiteWebsocketHijackingPoC(connection db.WebSocketConnection, interactionURL string) (bytes.Buffer, error)
func InsertPayloadIntoRawRequest(raw string, point FuzzerInsertionPoint, payload string) string
func LaunchUserBrowser(workspaceID uint, initialURL string, taskID uint)
type BrowserReplayActions
type BrowserReplayActionsResults
type FilesystemWordlistStorage
- func NewFilesystemWordlistStorage() *FilesystemWordlistStorage
- func (s *FilesystemWordlistStorage) GetWordlistByID(id string) (Wordlist, error)
- func (s *FilesystemWordlistStorage) GetWordlists() ([]Wordlist, error)
- func (s *FilesystemWordlistStorage) ReadWordlist(name string, maxLines int) ([]string, error)
type FuzzerInsertionPoint
type FuzzerPayloadsGroup
type ReplayResult
- func Replay(input RequestReplayOptions) (ReplayResult, error)
- func ReplayInBrowser(input RequestReplayOptions) (ReplayResult, error)
- func ReplayRaw(input RequestReplayOptions) (ReplayResult, error)
type Request
- func ParseRawRequest(raw string, targetURL string) (*Request, error)
type RequestFuzzOptions
type RequestOptions
type RequestReplayOptions
type Wordlist
- func (w Wordlist) String() string
type WordlistStorage

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func Fuzz ¶

func Fuzz(input RequestFuzzOptions, taskID uint) (int, error)

func GenerateCrossSiteWebsocketHijackingPoC ¶

func GenerateCrossSiteWebsocketHijackingPoC(connection db.WebSocketConnection, interactionURL string) (bytes.Buffer, error)

GenerateCrossSiteWebsocketHijackingPoC generates a PoC for CSWH

func InsertPayloadIntoRawRequest ¶

func InsertPayloadIntoRawRequest(raw string, point FuzzerInsertionPoint, payload string) string

func LaunchUserBrowser ¶

func LaunchUserBrowser(workspaceID uint, initialURL string, taskID uint)

LaunchUserBrowser launches a browser in non headless mode and logs all network requests

Types ¶

type BrowserReplayActions ¶

type BrowserReplayActions struct {
	PreRequestAction  *db.StoredBrowserActions `json:"pre_request_action" validate:"omitempty"`
	PostRequestAction *db.StoredBrowserActions `json:"post_request_action" validate:"omitempty"`
}

type BrowserReplayActionsResults ¶

type BrowserReplayActionsResults struct {
	PreRequest  actions.ActionsExecutionResults `json:"pre_request,omitempty"`
	PostRequest actions.ActionsExecutionResults `json:"post_request,omitempty"`
}

type FilesystemWordlistStorage ¶

type FilesystemWordlistStorage struct {
	// contains filtered or unexported fields
}

func NewFilesystemWordlistStorage ¶

func NewFilesystemWordlistStorage() *FilesystemWordlistStorage

func (*FilesystemWordlistStorage) GetWordlistByID ¶

func (s *FilesystemWordlistStorage) GetWordlistByID(id string) (Wordlist, error)

func (*FilesystemWordlistStorage) GetWordlists ¶

func (s *FilesystemWordlistStorage) GetWordlists() ([]Wordlist, error)

func (*FilesystemWordlistStorage) ReadWordlist ¶

func (s *FilesystemWordlistStorage) ReadWordlist(name string, maxLines int) ([]string, error)

type FuzzerInsertionPoint ¶

type FuzzerInsertionPoint struct {
	Start         int                   `json:"start"`
	End           int                   `json:"end"`
	OriginalValue string                `json:"originalValue"`
	PayloadGroups []FuzzerPayloadsGroup `json:"payloadGroups"`
}

type FuzzerPayloadsGroup ¶

type FuzzerPayloadsGroup struct {
	Payloads   []string `json:"payloads"`
	Type       string   `json:"type"`
	Processors []string `` /* 156-byte string literal not displayed */
	Wordlist   string   `json:"wordlist,omitempty"`
}

type ReplayResult ¶

type ReplayResult struct {
	Result                *db.History                 `json:"result"`
	BrowserEvents         []web.PageEvent             `json:"browser_events"`
	BrowserActionsResults BrowserReplayActionsResults `json:"browser_actions_results"`
}

func Replay ¶

func Replay(input RequestReplayOptions) (ReplayResult, error)

func ReplayInBrowser ¶

func ReplayInBrowser(input RequestReplayOptions) (ReplayResult, error)

func ReplayRaw ¶

func ReplayRaw(input RequestReplayOptions) (ReplayResult, error)

type Request ¶

type Request struct {
	URL         string              `json:"url" validate:"required"`
	URI         string              `json:"uri" validate:"omitempty"`
	Method      string              `json:"method" validate:"required"`
	Headers     map[string][]string `json:"headers" validate:"required"`
	Body        string              `json:"body" validate:"omitempty"`
	HTTPVersion string              `json:"http_version" validate:"omitempty"`
}

func ParseRawRequest ¶

func ParseRawRequest(raw string, targetURL string) (*Request, error)

ParseRawRequest parses a raw HTTP request and returns a Request struct

type RequestFuzzOptions ¶

type RequestFuzzOptions struct {
	URL             string                 `json:"url" validate:"required"`
	Raw             string                 `json:"raw" validate:"required"`
	InsertionPoints []FuzzerInsertionPoint `json:"insertion_points" validate:"required"`
	Session         db.PlaygroundSession   `json:"session" validate:"required"`
	Options         RequestOptions         `json:"options"`
}

type RequestOptions ¶

type RequestOptions struct {
	FollowRedirects     bool `json:"follow_redirects"`
	MaxRedirects        int  `json:"max_redirects" validate:"min=0"`
	UpdateHostHeader    bool `json:"update_host_header"`
	UpdateContentLength bool `json:"update_content_length"`
	Timeout             int  `json:"timeout" validate:"min=0"`
}

type RequestReplayOptions ¶

type RequestReplayOptions struct {
	Mode           string               `json:"mode" validate:"required,oneof=raw browser"`
	Request        Request              `json:"request" validate:"required"`
	Session        db.PlaygroundSession `json:"session" validate:"required"`
	BrowserActions BrowserReplayActions `json:"browser_actions" validate:"omitempty"`
	Options        RequestOptions       `json:"options"`
}

type Wordlist ¶

type Wordlist struct {
	ID        string `json:"id"`
	Name      string `json:"name"`
	SizeBytes int64  `json:"size_bytes"`
	SizeHuman string `json:"size_human"`
}

func (Wordlist) String ¶

func (w Wordlist) String() string

type WordlistStorage ¶

type WordlistStorage interface {
	GetWordlists() ([]Wordlist, error)
}

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL