Documentation
¶
Index ¶
- type AuthenticatorSelection
- type HTTPClient
- type JWTHeader
- type JWTPayload
- type OAuth2Client
- func (o *OAuth2Client) DiscoverOAuth2Config(baseURL string) (*OAuth2Config, error)
- func (o *OAuth2Client) TestJWTAlgorithmConfusion(token string) (bool, string, error)
- func (o *OAuth2Client) TestOAuth2FlowVulnerabilities(config *OAuth2Config, clientID string) ([]string, error)
- func (o *OAuth2Client) TestTokenEndpointVulnerabilities(config *OAuth2Config, clientID, clientSecret string) ([]string, error)
- type OAuth2Config
- type PubKeyCredParam
- type PublicKeyCredential
- type PublicKeyCredentialCreationOptions
- type PublicKeyCredentialRequestOptions
- type RelyingParty
- type SAMLClient
- type SAMLEndpoints
- type SAMLMetadata
- type SMTPClient
- type User
- type WebAuthnClient
- func (w *WebAuthnClient) DiscoverWebAuthnEndpoints(baseURL string) (map[string]string, error)
- func (w *WebAuthnClient) TestVirtualAuthenticatorAttack(registrationEndpoint, authEndpoint string) (bool, string, error)
- func (w *WebAuthnClient) TestWebAuthnVulnerabilities(endpoints map[string]string) ([]string, error)
- type WebAuthnConfig
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AuthenticatorSelection ¶
type HTTPClient ¶
HTTPClient is a wrapper around http.Client with vulnerability testing helpers
func NewHTTPClient ¶
func NewHTTPClient() *HTTPClient
NewHTTPClient creates a new HTTP client for vulnerability testing
func (*HTTPClient) CheckEndpoint ¶
func (h *HTTPClient) CheckEndpoint(endpoint string) (int, error)
CheckEndpoint checks if an endpoint exists and returns status code
func (*HTTPClient) GetResponseBody ¶
func (h *HTTPClient) GetResponseBody(url string) (string, error)
GetResponseBody fetches the response body from a URL
func (*HTTPClient) TestCredentials ¶
func (h *HTTPClient) TestCredentials(loginURL, username, password string) (bool, error)
TestCredentials attempts to login with given credentials
type JWTHeader ¶
type JWTHeader struct {
Alg string `json:"alg"`
Typ string `json:"typ"`
Kid string `json:"kid,omitempty"`
}
JWTHeader represents JWT header
type JWTPayload ¶
type JWTPayload struct {
Iss string `json:"iss,omitempty"`
Sub string `json:"sub,omitempty"`
Aud interface{} `json:"aud,omitempty"`
Exp int64 `json:"exp,omitempty"`
Iat int64 `json:"iat,omitempty"`
Scope string `json:"scope,omitempty"`
}
JWTPayload represents JWT payload
type OAuth2Client ¶
type OAuth2Client struct {
// contains filtered or unexported fields
}
OAuth2Client handles OAuth2/OIDC vulnerability testing
func NewOAuth2Client ¶
func NewOAuth2Client() *OAuth2Client
NewOAuth2Client creates a new OAuth2 testing client
func (*OAuth2Client) DiscoverOAuth2Config ¶
func (o *OAuth2Client) DiscoverOAuth2Config(baseURL string) (*OAuth2Config, error)
DiscoverOAuth2Config attempts to discover OAuth2/OIDC configuration
func (*OAuth2Client) TestJWTAlgorithmConfusion ¶
func (o *OAuth2Client) TestJWTAlgorithmConfusion(token string) (bool, string, error)
TestJWTAlgorithmConfusion tests for JWT algorithm confusion vulnerabilities
func (*OAuth2Client) TestOAuth2FlowVulnerabilities ¶
func (o *OAuth2Client) TestOAuth2FlowVulnerabilities(config *OAuth2Config, clientID string) ([]string, error)
TestOAuth2FlowVulnerabilities tests OAuth2 authorization flow vulnerabilities
func (*OAuth2Client) TestTokenEndpointVulnerabilities ¶
func (o *OAuth2Client) TestTokenEndpointVulnerabilities(config *OAuth2Config, clientID, clientSecret string) ([]string, error)
TestTokenEndpointVulnerabilities tests token endpoint for vulnerabilities
type OAuth2Config ¶
type OAuth2Config struct {
AuthorizationEndpoint string `json:"authorization_endpoint"`
TokenEndpoint string `json:"token_endpoint"`
JWKSUri string `json:"jwks_uri"`
Issuer string `json:"issuer"`
SupportedGrantTypes []string `json:"grant_types_supported"`
SupportedScopes []string `json:"scopes_supported"`
SupportedCodeChallengeMethods []string `json:"code_challenge_methods_supported"`
}
OAuth2Config represents discovered OAuth2 configuration
type PubKeyCredParam ¶
type PublicKeyCredential ¶
type PublicKeyCredentialCreationOptions ¶
type PublicKeyCredentialCreationOptions struct {
Challenge string `json:"challenge"`
RP RelyingParty `json:"rp"`
User User `json:"user"`
Timeout int `json:"timeout"`
PubKeyCredParams []PubKeyCredParam `json:"pubKeyCredParams"`
AuthenticatorSelection AuthenticatorSelection `json:"authenticatorSelection"`
Attestation string `json:"attestation"`
ExcludeCredentials []PublicKeyCredential `json:"excludeCredentials"`
}
PublicKeyCredentialCreationOptions represents registration options
type PublicKeyCredentialRequestOptions ¶
type PublicKeyCredentialRequestOptions struct {
Challenge string `json:"challenge"`
Timeout int `json:"timeout"`
RPID string `json:"rpId"`
AllowCredentials []PublicKeyCredential `json:"allowCredentials"`
UserVerification string `json:"userVerification"`
}
PublicKeyCredentialRequestOptions represents authentication options
type RelyingParty ¶
type SAMLClient ¶
type SAMLClient struct {
// contains filtered or unexported fields
}
SAMLClient handles SAML vulnerability testing
func NewSAMLClient ¶
func NewSAMLClient() *SAMLClient
NewSAMLClient creates a new SAML testing client
func (*SAMLClient) DiscoverSAMLEndpoints ¶
func (s *SAMLClient) DiscoverSAMLEndpoints(baseURL string) (*SAMLEndpoints, error)
DiscoverSAMLEndpoints discovers SAML endpoints and metadata
func (*SAMLClient) TestSAMLVulnerabilities ¶
func (s *SAMLClient) TestSAMLVulnerabilities(endpoints *SAMLEndpoints) ([]string, error)
TestSAMLVulnerabilities tests for SAML implementation vulnerabilities
type SAMLEndpoints ¶
type SAMLEndpoints struct {
MetadataURL string
SingleSignOnURL string
SingleLogoutURL string
AssertionConsumerURL string
}
SAMLEndpoints represents discovered SAML endpoints
type SAMLMetadata ¶
type SAMLMetadata struct {
EntityID string
SingleSignOnURL string
SingleLogoutURL string
Certificates []string
NameIDFormats []string
AttributeMapping map[string]string
}
SAMLMetadata represents SAML SP/IdP metadata
type SMTPClient ¶
type SMTPClient struct {
// contains filtered or unexported fields
}
SMTPClient handles SMTP vulnerability testing
func NewSMTPClient ¶
func NewSMTPClient() *SMTPClient
NewSMTPClient creates a new SMTP testing client
func (*SMTPClient) CheckSMTPBanner ¶
func (s *SMTPClient) CheckSMTPBanner(host string, port int) (string, error)
CheckSMTPBanner gets the SMTP banner for fingerprinting
func (*SMTPClient) TestOpenRelay ¶
TestOpenRelay checks if the SMTP server is an open relay
func (*SMTPClient) TestSMTPAuth ¶
TestSMTPAuth tests for authentication bypass or weak auth
type WebAuthnClient ¶
type WebAuthnClient struct {
// contains filtered or unexported fields
}
WebAuthnClient handles FIDO2/WebAuthn vulnerability testing
func NewWebAuthnClient ¶
func NewWebAuthnClient() *WebAuthnClient
NewWebAuthnClient creates a new WebAuthn testing client
func (*WebAuthnClient) DiscoverWebAuthnEndpoints ¶
func (w *WebAuthnClient) DiscoverWebAuthnEndpoints(baseURL string) (map[string]string, error)
DiscoverWebAuthnEndpoints discovers WebAuthn registration and authentication endpoints
func (*WebAuthnClient) TestVirtualAuthenticatorAttack ¶
func (w *WebAuthnClient) TestVirtualAuthenticatorAttack(registrationEndpoint, authEndpoint string) (bool, string, error)
TestVirtualAuthenticatorAttack tests for virtual authenticator vulnerabilities
func (*WebAuthnClient) TestWebAuthnVulnerabilities ¶
func (w *WebAuthnClient) TestWebAuthnVulnerabilities(endpoints map[string]string) ([]string, error)
TestWebAuthnVulnerabilities tests for WebAuthn implementation vulnerabilities
Source Files