Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
View Source
var FingerprintDB = []TechSignature{ {Name: "Nginx", Category: "Web Server", Confidence: 9, Headers: map[string]string{"Server": "nginx"}}, {Name: "Apache", Category: "Web Server", Confidence: 8, Headers: map[string]string{"Server": "apache"}}, {Name: "OpenResty", Category: "Web Server", Confidence: 8, Headers: map[string]string{"Server": "openresty"}}, {Name: "Cloudflare", Category: "CDN", Confidence: 9, Headers: map[string]string{"Server": "cloudflare"}, Cookies: []string{"__cfduid", "__cfruid"}}, {Name: "Akamai", Category: "CDN", Confidence: 7, Headers: map[string]string{"Server": "akamai"}}, {Name: "Go (Golang)", Category: "Backend", Confidence: 7, Headers: map[string]string{"Server": "go"}}, {Name: "Laravel", Category: "Backend", Confidence: 8, Headers: map[string]string{"X-Powered-By": "laravel"}, Cookies: []string{"laravel_session"}}, {Name: "Django", Category: "Backend", Confidence: 8, Cookies: []string{"csrftoken"}, BodyPattern: []string{"csrfmiddlewaretoken"}}, {Name: "PHP", Category: "Backend", Confidence: 6, Headers: map[string]string{"X-Powered-By": "php"}, Cookies: []string{"PHPSESSID"}}, {Name: "Node.js", Category: "Backend", Confidence: 6, Headers: map[string]string{"X-Powered-By": "express"}}, {Name: "React", Category: "Frontend", Confidence: 8, BodyPattern: []string{"react-dom", "__REACT_DEVTOOLS_GLOBAL_HOOK__"}}, {Name: "Vue.js", Category: "Frontend", Confidence: 8, BodyPattern: []string{"data-v-"}}, {Name: "Angular", Category: "Frontend", Confidence: 7, BodyPattern: []string{"ng-version"}}, {Name: "WordPress", Category: "CMS", Confidence: 9, BodyPattern: []string{"wp-content", "wp-includes", "wp-emoji"}}, {Name: "Shopify", Category: "CMS", Confidence: 8, BodyPattern: []string{"shopify.com", "cdn.shopify"}}, {Name: "Wix", Category: "CMS", Confidence: 7, BodyPattern: []string{"_wix"}}, {Name: "Google Analytics", Category: "Analytics", Confidence: 8, BodyPattern: []string{"google-analytics.com", "gtag/js"}}, {Name: "Hotjar", Category: "Analytics", Confidence: 7, BodyPattern: []string{"hotjar"}}, {Name: "Sentry", Category: "Error Tracking", Confidence: 7, BodyPattern: []string{"_sentry", "sentry.io"}}, }
Patterns sourced and refined from Wappalyzer and manual research.
View Source
var SecurityHeaders = []HeaderCheck{
{
Name: "Strict-Transport-Security",
DisplayName: "HSTS",
GoodLabel: "Enabled",
Risk: "Traffic can be downgraded to insecure HTTP",
Recommendation: "Add: Strict-Transport-Security: max-age=31536000; includeSubDomains",
},
{
Name: "Content-Security-Policy",
DisplayName: "CSP",
GoodLabel: "Present",
Risk: "Cross-site scripting (XSS) attacks are possible",
Recommendation: "Add a strong Content-Security-Policy header",
},
{
Name: "X-Frame-Options",
DisplayName: "X-Frame-Options",
GoodLabel: "Present",
Risk: "Clickjacking attacks are possible",
Recommendation: "Add: X-Frame-Options: DENY or SAMEORIGIN",
},
{
Name: "X-Content-Type-Options",
DisplayName: "X-Content-Type-Options",
GoodLabel: "nosniff",
Risk: "MIME-type sniffing attacks possible",
Recommendation: "Add: X-Content-Type-Options: nosniff",
},
{
Name: "Referrer-Policy",
DisplayName: "Referrer-Policy",
GoodLabel: "Present",
Risk: "Sensitive referrer information may leak to other sites",
Recommendation: "Add: Referrer-Policy: strict-origin-when-cross-origin",
},
{
Name: "Permissions-Policy",
DisplayName: "Permissions-Policy",
GoodLabel: "Present",
Risk: "Browser features (camera, mic, geolocation) are unrestricted",
Recommendation: "Add Permissions-Policy to control browser features",
},
{
Name: "Cross-Origin-Opener-Policy",
DisplayName: "COOP",
GoodLabel: "Present",
Risk: "Cross-origin attacks (e.g. Spectre) are more likely",
Recommendation: "Add: Cross-Origin-Opener-Policy: same-origin",
},
{
Name: "Server",
DisplayName: "Server",
GoodLabel: "Hidden",
Risk: "Leaking server software version helps attackers",
Recommendation: "Hide or obscure the Server header",
},
{
Name: "X-Powered-By",
DisplayName: "X-Powered-By",
GoodLabel: "Hidden",
Risk: "Reveals backend technology and version",
Recommendation: "Remove X-Powered-By header",
},
{
Name: "X-XSS-Protection",
DisplayName: "X-XSS-Protection",
GoodLabel: "Enabled",
Risk: "Older browsers have reduced XSS protection",
Recommendation: "Add: X-XSS-Protection: 1; mode=block (if needed)",
},
{
Name: "X-AspNet-Version",
DisplayName: "X-AspNet-Version",
GoodLabel: "Hidden",
Risk: "Reveals ASP.NET version to attackers",
Recommendation: "Remove X-AspNet-Version header",
},
}
View Source
var SuspiciousParams = map[string]string{
"redirect": "High",
"redir": "High",
"next": "High",
"url": "High",
"return": "High",
"return_to": "High",
"goto": "High",
"destination": "High",
"continue": "High",
"forward": "High",
"callback": "High",
"sub1": "High",
"sub2": "High",
"sub3": "High",
"sub4": "High",
"sub5": "High",
"link": "Medium",
"path": "Medium",
"file": "Medium",
"download": "Medium",
"source": "Medium",
"ref": "Medium",
"referer": "Medium",
"location": "Medium",
"to": "Medium",
"target": "Medium",
"token": "Medium",
"auth": "Medium",
"login": "Medium",
"logout": "Medium",
"reset": "Medium",
"recover": "Medium",
"password": "Medium",
}
View Source
var SuspiciousTLDs = []string{
".tk",
".ml",
".ga",
".cf",
".gq",
".top",
".xyz",
".bond",
".xin",
".cfd",
".vip",
".icu",
".lol",
".fun",
".pw",
".cc",
".sbs",
".club",
".online",
".info",
".party",
".click",
".bid",
".date",
".stream",
".work",
".shop",
".site",
".live",
}
Functions ¶
func IsLeakHeader ¶
Types ¶
type HTTPResponse ¶
type HTTPResponse struct {
URL string `json:"url"`
FinalURL string `json:"final_url,omitempty"`
StatusCode int `json:"status_code"`
Status string `json:"status"`
Headers http.Header `json:"headers"`
Body string `json:"body,omitempty"`
Title string `json:"title,omitempty"`
Server string `json:"server,omitempty"`
ContentType string `json:"content_type,omitempty"`
ResponseTime time.Duration `json:"response_time"`
Cookies []*http.Cookie `json:"cookies,omitempty"`
Redirects []string `json:"redirects,omitempty"`
Error string `json:"error,omitempty"`
}
func Fetch ¶
func Fetch(url string, timeout int) HTTPResponse
type HeaderCheck ¶
type HeaderResult ¶
type HeaderResult struct {
HeaderCheck
Present bool `json:"present"`
Value string `json:"value,omitempty"`
}
func AnalyzeHeaders ¶
func AnalyzeHeaders(url string, timeout int) []HeaderResult
type TechSignature ¶
type TechSignature struct {
Name string
Category string
Confidence int
Headers map[string]string
Cookies []string
BodyPattern []string
}
func GetTechStack ¶
func GetTechStack(url string, timeout int) []TechSignature
type URLAnalysis ¶
type URLAnalysis struct {
OriginalURL string `json:"original_url"`
FinalURL string `json:"final_url"`
Redirects []string `json:"redirects"`
Findings []Finding `json:"findings"`
RiskLevel string `json:"risk_level"`
}
func AnalyzeURL ¶
func AnalyzeURL(url string, timeout int) (URLAnalysis, error)
Source Files
Click to show internal directories.
Click to hide internal directories.