scanner

package
v0.4.11 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 26, 2024 License: MIT Imports: 42 Imported by: 0

Documentation

Index

Constants

View Source
const (
	GTWDebugHeader = "X-GoTestWAF-Test"
)

Variables

This section is empty.

Functions

func GetTargetURL added in v0.4.0

func GetTargetURL(reqURL *url.URL) string

func NewDNSCache added in v0.4.0

func NewDNSCache(logger *logrus.Logger) (*dnscache.Resolver, error)

Types

type GRPCConn added in v0.4.0

type GRPCConn struct {
	// contains filtered or unexported fields
}

func NewGRPCConn added in v0.4.0

func NewGRPCConn(cfg *config.Config) (*GRPCConn, error)

func (*GRPCConn) CheckAvailability added in v0.4.0

func (g *GRPCConn) CheckAvailability(ctx context.Context) (bool, error)

func (*GRPCConn) Close added in v0.4.0

func (g *GRPCConn) Close() error

func (*GRPCConn) IsAvailable added in v0.4.0

func (g *GRPCConn) IsAvailable() bool

func (*GRPCConn) Send added in v0.4.0

func (g *GRPCConn) Send(ctx context.Context, encoderName, payload string) (body string, statusCode int, err error)

type HTTPClient

type HTTPClient struct {
	// contains filtered or unexported fields
}

func NewHTTPClient

func NewHTTPClient(cfg *config.Config, dnsResolver *dnscache.Resolver) (*HTTPClient, error)

func (*HTTPClient) SendPayload added in v0.4.0

func (c *HTTPClient) SendPayload(
	ctx context.Context,
	targetURL string,
	payload string,
	encoderName string,
	placeholderName string,
	placeholderConfig any,
	testHeaderValue string,
) (
	responseMsgHeader string,
	responseBody string,
	statusCode int,
	err error,
)

func (*HTTPClient) SendRequest added in v0.4.0

func (c *HTTPClient) SendRequest(
	req *http.Request,
	testHeaderValue string,
) (
	respHeaders http.Header,
	responseMsgHeader string,
	body string,
	statusCode int,
	err error,
)

type Scanner

type Scanner struct {
	// contains filtered or unexported fields
}

Scanner allows you to test WAF in various ways with given payloads.

func New

func New(
	logger *logrus.Logger,
	cfg *config.Config,
	db *db.DB,
	dnsResolver *dnscache.Resolver,
	requestTemplates openapi.Templates,
	router routers.Router,
	enableDebugHeader bool,
) (*Scanner, error)

New creates a new Scanner.

func (*Scanner) CheckGRPCAvailability added in v0.4.0

func (s *Scanner) CheckGRPCAvailability(ctx context.Context)

CheckGRPCAvailability checks if the gRPC server is available at the given URL.

func (*Scanner) Run

func (s *Scanner) Run(ctx context.Context) error

Run starts a host scan to check WAF security.

func (*Scanner) WAFBlockCheck added in v0.4.0

func (s *Scanner) WAFBlockCheck(ctx context.Context) error

WAFBlockCheck checks if WAF exists and blocks malicious requests.

func (*Scanner) WAFwsBlockCheck added in v0.4.0

func (s *Scanner) WAFwsBlockCheck(ctx context.Context)

WAFwsBlockCheck checks if WebSocket exists and is protected by WAF.

type WAFDetector added in v0.4.0

type WAFDetector struct {
	// contains filtered or unexported fields
}

func NewDetector added in v0.4.0

func NewDetector(cfg *config.Config, dnsResolver *dnscache.Resolver) (*WAFDetector, error)

func (*WAFDetector) DetectWAF added in v0.4.0

func (w *WAFDetector) DetectWAF(ctx context.Context) (name, vendor string, err error)

DetectWAF performs WAF identification. Returns WAF name and vendor after the first positive match.

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL