Documentation
¶
Overview ¶
Package fuzz contains the fuzzing functionality for dynamic fuzzing of HTTP requests and its respective implementation.
Index ¶
- Variables
- func IsErrRuleNotApplicable(err error) bool
- type ExecuteRuleInput
- type GeneratedRequest
- type Rule
- type SliceOrMapSlice
- func (v SliceOrMapSlice) JSONSchema() *jsonschema.Schema
- func (v SliceOrMapSlice) JSONSchemaExtend(schema *jsonschema.Schema) *jsonschema.Schema
- func (v SliceOrMapSlice) MarshalJSON() ([]byte, error)
- func (v SliceOrMapSlice) MarshalYAML() (any, error)
- func (v *SliceOrMapSlice) UnmarshalJSON(data []byte) error
- func (v *SliceOrMapSlice) UnmarshalYAML(callback func(interface{}) error) error
- type ValueOrKeyValue
Constants ¶
This section is empty.
Variables ¶
View Source
var (
ErrRuleNotApplicable = errorutil.NewWithFmt("rule not applicable : %v")
)
Functions ¶
func IsErrRuleNotApplicable ¶
IsErrRuleNotApplicable checks if an error is due to rule not applicable
Types ¶
type ExecuteRuleInput ¶
type ExecuteRuleInput struct {
// Input is the context args input
Input *contextargs.Context
// Callback is the callback for generated rule requests
Callback func(GeneratedRequest) bool
// InteractURLs contains interact urls for execute call
InteractURLs []string
// Values contains dynamic values for the rule
Values map[string]interface{}
// BaseRequest is the base http request for fuzzing rule
BaseRequest *retryablehttp.Request
// DisplayFuzzPoints is a flag to display fuzz points
DisplayFuzzPoints bool
}
ExecuteRuleInput is the input for rule Execute function
type GeneratedRequest ¶
type GeneratedRequest struct {
// Request is the http request for rule
Request *retryablehttp.Request
// InteractURLs is the list of interactsh urls
InteractURLs []string
// DynamicValues contains dynamic values map
DynamicValues map[string]interface{}
// Component is the component for the request
Component component.Component
// Parameter being fuzzed
Parameter string
}
GeneratedRequest is a single generated request for rule
type Rule ¶
type Rule struct {
// description: |
// Type is the type of fuzzing rule to perform.
//
// replace replaces the values entirely. prefix prefixes the value. postfix postfixes the value
// and infix places between the values.
// values:
// - "replace"
// - "prefix"
// - "postfix"
// - "infix"
Type string `` /* 187-byte string literal not displayed */
// description: |
// Part is the part of request to fuzz.
// values:
// - "query"
// - "header"
// - "path"
// - "body"
// - "cookie"
// - "request"
Part string `` /* 184-byte string literal not displayed */
// description: |
// Parts is the list of parts to fuzz. If multiple parts need to be
// defined while excluding some, this should be used instead of singular part.
// values:
// - "query"
// - "header"
// - "path"
// - "body"
// - "cookie"
// - "request"
Parts []string `` /* 187-byte string literal not displayed */
// description: |
// Mode is the mode of fuzzing to perform.
//
// single fuzzes one value at a time. multiple fuzzes all values at same time.
// values:
// - "single"
// - "multiple"
Mode string `` /* 142-byte string literal not displayed */
// description: |
// Keys is the optional list of key named parameters to fuzz.
// examples:
// - name: Examples of keys
// value: >
// []string{"url", "file", "host"}
Keys []string `` /* 128-byte string literal not displayed */
// description: |
// KeysRegex is the optional list of regex key parameters to fuzz.
// examples:
// - name: Examples of key regex
// value: >
// []string{"url.*"}
KeysRegex []string `` /* 137-byte string literal not displayed */
// description: |
// Values is the optional list of regex value parameters to fuzz.
// examples:
// - name: Examples of value regex
// value: >
// []string{"https?://.*"}
ValuesRegex []string `` /* 133-byte string literal not displayed */
// description: |
// Fuzz is the list of payloads to perform substitutions with.
// examples:
// - name: Examples of fuzz
// value: >
// []string{"{{ssrf}}", "{{interactsh-url}}", "example-value"}
// or
// x-header: 1
// x-header: 2
Fuzz SliceOrMapSlice `` /* 143-byte string literal not displayed */
// description: |
// replace-regex is regex for regex-replace rule type
// it is only required for replace-regex rule type
// examples:
// - type: replace-regex
// replace-regex: "https?://.*"
ReplaceRegex string `` /* 148-byte string literal not displayed */
// contains filtered or unexported fields
}
Rule is a single rule which describes how to fuzz the request
func (*Rule) Compile ¶
func (rule *Rule) Compile(generator *generators.PayloadGenerator, options *protocols.ExecutorOptions) error
Compile compiles a fuzzing rule and initializes it for operation
func (*Rule) Execute ¶
func (rule *Rule) Execute(input *ExecuteRuleInput) (err error)
Execute executes a fuzzing rule accepting a callback on which generated requests are returned.
Input is not thread safe and should not be shared between concurrent goroutines.
type SliceOrMapSlice ¶
type SliceOrMapSlice struct {
Value []string
KV *mapsutil.OrderedMap[string, string]
}
func (SliceOrMapSlice) JSONSchema ¶
func (v SliceOrMapSlice) JSONSchema() *jsonschema.Schema
func (SliceOrMapSlice) JSONSchemaExtend ¶
func (v SliceOrMapSlice) JSONSchemaExtend(schema *jsonschema.Schema) *jsonschema.Schema
func (SliceOrMapSlice) MarshalJSON ¶
func (v SliceOrMapSlice) MarshalJSON() ([]byte, error)
MarshalJSON implements json.Marshaler interface.
func (SliceOrMapSlice) MarshalYAML ¶
func (v SliceOrMapSlice) MarshalYAML() (any, error)
MarshalYAML implements yaml.Marshaler interface.
func (*SliceOrMapSlice) UnmarshalJSON ¶
func (v *SliceOrMapSlice) UnmarshalJSON(data []byte) error
UnmarshalJSON implements json.Unmarshaler interface.
func (*SliceOrMapSlice) UnmarshalYAML ¶
func (v *SliceOrMapSlice) UnmarshalYAML(callback func(interface{}) error) error
UnmarshalYAML implements yaml.Unmarshaler interface.
type ValueOrKeyValue ¶
func (*ValueOrKeyValue) IsKV ¶
func (v *ValueOrKeyValue) IsKV() bool
Source Files
Directories
Click to show internal directories.
Click to hide internal directories.