Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
View Source
var ( // ErrProcessRequestFile is the error returned when [Config] points to a file // with requests, and it could not be processed successfully. ErrProcessRequestFile = errors.New("could not process request(s) file") // ErrProcessUrlsFile is the error returned when [Config] points to a file // with urls, and it could not be processed successfully. ErrProcessUrlsFile = errors.New("could not process url(s) file") // ErrInvalidHeader is the error returned when [Config] contains some headers // configured by they have an invalid format. ErrInvalidHeader = errors.New("invalid header") )
Functions ¶
func PrepareTemplates ¶
PrepareTemplates takes a Config and a gbounty.FileSystem, and uses the first one to initialize the [Template] instances that compound the scan defined by that configuration, and stores them into the given file system, so it is ready for the scan to start.
Types ¶
type Config ¶
type Config struct {
// SaveOnStop determines whether the scan will be saved when stopped.
SaveOnStop bool
// Continue contains the scan's identifier to be used to continue.
Continue string
// ForceHTTP2 determines whether the scan will use HTTP/2.
ForceHTTP2 bool
// URLS specifies the list of URLs used to define the scan.
URLS MultiValue
// UrlsFile specifies the path to the URLs file to define the scan.
UrlsFile string
// RequestsFile specifies the path to the request(s) file to define the scan.
RequestsFile string
// RawRequests specifies the path(s) to the raw request file(s) to define the scan.
RawRequests MultiValue
// ParamsFile specifies the path to the paths file to define the scan.
ParamsFile string
// ParamsSplit determines the size of the params groups the params from file will be grouped into.
ParamsSplit int
// ParamsMethod determines the HTTP method that will be used to inject the params into the request.
ParamsMethod string
// ParamsEncoding specifies the encoding that will be used to inject the params into the request.
ParamsEncoding string
// Method specifies the HTTP method used to define the scan's requests.
Method string
// Headers specifies the HTTP header(s) used to define the scan's requests.
Headers MultiValue
// Data specifies the body's data used to define the scan's requests.
Data MultiValue
// ProfilesPath specifies the paths to the directories/files containing profiles.
ProfilesPath MultiValue
// Concurrency determines the amount of URLs scanned at the same time (concurrently).
Concurrency int
// Rps determines the maximum amount of requests per second per each URL.
Rps int
// OnlyActive determines whether the scan will only use active profiles.
OnlyActive bool
// OnlyPassive determines whether the scan will only use passive profiles.
OnlyPassive bool
// OnlyPassiveReq determines whether the scan will only use passive request profiles.
OnlyPassiveReq bool
// OnlyPassiveRes determines whether the scan will only use passive response profiles.
OnlyPassiveRes bool
// OutPath specifies the path where the scan output will be written to.
OutPath string
// OutFormat specifies the format the scan output will be written.
OutFormat string
// Silent determines whether the scan summary will be printed.
Silent bool
// ShowAll determines whether all the scan tasks will be printed.
ShowAll bool
// ShowAllRequests determines whether the scan details will include all requests.
ShowAllRequests bool
// ShowAllResponses determines whether the scan details will include all responses.
ShowAllResponses bool
// ShowErrors determines whether errors happened will be printed.
ShowErrors bool
// ShowResponses determines whether matches responses will be printed.
ShowResponses bool
// StreamErrors determines whether errors happened will be streamed.
StreamErrors bool
// StreamMatches determines whether matches found will be streamed.
StreamMatches bool
// ShowHelp determines whether the help flag has been provided.
ShowHelp bool
// PrintTags determines whether the show tags flag has been provided.
PrintTags bool
// InMemory determines whether the scan uses memory as storage.
InMemory bool
// FilterTags determines whether enabled profiles will be filtered by provided tags.
FilterTags MultiValue
// BlindHost determines the host that will be used for interactions.
BlindHost string
// EmailAddress determines the email address that will be used during the scan.
EmailAddress string
// CustomTokens can be used to replace certain tokens or labels (like {MY_TOKEN}) with user-configured values.
CustomTokens map[string]string
// ProxyAddress determines the proxy host and port that will be used during the scan.
ProxyAddress string
// ProxyAuth determines the proxy auth that will be used during the scan.
ProxyAuth string
// Verbosity determines the level of verbosity for the internal logger.
Verbosity Verbosity
// Update determines whether both app and profiles will be updated.
Update bool
// UpdateApp determines whether the app will be updated.
UpdateApp bool
// UpdateProfiles determines whether profiles will be updated.
UpdateProfiles bool
// ForceUpdateProfiles determines whether profiles will be updated forcefully.
ForceUpdateProfiles bool
// CheckUpdates checks for updates forcefully. By default, only once per day.
CheckUpdates bool
// OnlyProofOfConcept determines whether the proof-of-concept mode is enabled or not.
// When enabled, only matched requests will be printed, nothing else.
OnlyProofOfConcept bool
// StopAtFirstMatch determines whether the scan will stop at the first match, considering the combination of
// (a) the profile name,
// (b) the step number (index),
// and (c) the entry point (index).
StopAtFirstMatch bool
}
Config is the set of the different command-line configuration options.
func Parse ¶
Parse parses a slice of strings as a list of arguments (e.g. os.Args), and constructs a Config based on those. If any error occurs during parsing, it is returned, and in such case the returned Config is empty.
func (Config) ProfUpdate ¶
ProfUpdate returns true if Config is set to perform a profiles update.
func (Config) ScanAllProfiles ¶
ScanAllProfiles returns true if Config is set to return a subset of any specific type of [profile], either [profile.Active], [profile.Request] or [profile.Response].
type MultiValue ¶
type MultiValue []string
MultiValue defines a stringified command-line argument that can contain multiple values. So, it can be used multiple times within the same command run.
func (*MultiValue) Set ¶
func (m *MultiValue) Set(value string) error
func (*MultiValue) String ¶
func (m *MultiValue) String() string
type Verbosity ¶
Verbosity is a structure used to capture the corresponding logger.Level from configuration (command-line) options, including whether it's logger.LevelDebug, logger.LevelInfo, logger.LevelWarn or disabled.
Source Files
Click to show internal directories.
Click to hide internal directories.