modules

package
v0.1.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 11, 2026 License: MIT Imports: 15 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func IsRealAPIResponse 

func IsRealAPIResponse(r ProbeResult) bool

IsRealAPIResponse checks if a 200 response is actually an API response and not a framework catch-all

func IsSPACatchAll 

func IsSPACatchAll(body string) bool

IsSPACatchAll detects if an HTTP response body is a SPA framework catch-all page (Next.js, React, Vue, Angular, Nuxt) rather than a real response to the request.

Types

type CORS 

type CORS struct{}

func (*CORS) Description 

func (c *CORS) Description() string

func (*CORS) Name 

func (c *CORS) Name() string

func (*CORS) Run 

func (c *CORS) Run(cfg *engine.Config) ([]engine.Finding, error)

type Cookies 

type Cookies struct{}

func (*Cookies) Description 

func (c *Cookies) Description() string

func (*Cookies) Name 

func (c *Cookies) Name() string

func (*Cookies) Run 

func (c *Cookies) Run(cfg *engine.Config) ([]engine.Finding, error)

type Discovery 

type Discovery struct{}

func (*Discovery) Description 

func (d *Discovery) Description() string

func (*Discovery) Name 

func (d *Discovery) Name() string

func (*Discovery) Run 

func (d *Discovery) Run(cfg *engine.Config) ([]engine.Finding, error)

type HTTPMethods 

type HTTPMethods struct{}

func (*HTTPMethods) Description 

func (h *HTTPMethods) Description() string

func (*HTTPMethods) Name 

func (h *HTTPMethods) Name() string

func (*HTTPMethods) Run 

func (h *HTTPMethods) Run(cfg *engine.Config) ([]engine.Finding, error)

type Headers 

type Headers struct{}

func (*Headers) Description 

func (h *Headers) Description() string

func (*Headers) Name 

func (h *Headers) Name() string

func (*Headers) Run 

func (h *Headers) Run(cfg *engine.Config) ([]engine.Finding, error)

type InfoDisclosure 

type InfoDisclosure struct{}

func (*InfoDisclosure) Description 

func (i *InfoDisclosure) Description() string

func (*InfoDisclosure) Name 

func (i *InfoDisclosure) Name() string

func (*InfoDisclosure) Run 

func (i *InfoDisclosure) Run(cfg *engine.Config) ([]engine.Finding, error)

type JSDiscovery 

type JSDiscovery struct{}

JSDiscovery discovers API endpoints by analysing JavaScript bundles.

func (*JSDiscovery) Description 

func (j *JSDiscovery) Description() string

func (*JSDiscovery) Name 

func (j *JSDiscovery) Name() string

func (*JSDiscovery) Run 

func (j *JSDiscovery) Run(cfg *engine.Config) ([]engine.Finding, error)

type Login 

type Login struct{}

func (*Login) Description 

func (l *Login) Description() string

func (*Login) Name 

func (l *Login) Name() string

func (*Login) Run 

func (l *Login) Run(cfg *engine.Config) ([]engine.Finding, error)

type OpenRedirect 

type OpenRedirect struct{}

OpenRedirect detects open redirect vulnerabilities by testing common redirect parameters with evil-domain payloads and inspecting Location headers.

func (*OpenRedirect) Description 

func (o *OpenRedirect) Description() string

func (*OpenRedirect) Name 

func (o *OpenRedirect) Name() string

func (*OpenRedirect) Run 

func (o *OpenRedirect) Run(cfg *engine.Config) ([]engine.Finding, error)

type PathTraversal 

type PathTraversal struct{}

PathTraversal detects path traversal / local file inclusion vulnerabilities by injecting traversal payloads into common file-related parameters.

func (*PathTraversal) Description 

func (p *PathTraversal) Description() string

func (*PathTraversal) Name 

func (p *PathTraversal) Name() string

func (*PathTraversal) Run 

func (p *PathTraversal) Run(cfg *engine.Config) ([]engine.Finding, error)

type PortScan 

type PortScan struct{}

func (*PortScan) Description 

func (p *PortScan) Description() string

func (*PortScan) Name 

func (p *PortScan) Name() string

func (*PortScan) Run 

func (p *PortScan) Run(cfg *engine.Config) ([]engine.Finding, error)

type ProbeResult 

type ProbeResult struct {
	Code        int
	Body        string
	ContentType string
}

ProbeResult holds the result of an HTTP probe with metadata

func DoRequest 

func DoRequest(client *http.Client, method, url, ua string) ProbeResult

DoRequest performs an HTTP request with any method and returns a ProbeResult

type SQLi 

type SQLi struct{}

SQLi detects SQL injection vulnerabilities via error-based and time-based techniques.

func (*SQLi) Description 

func (s *SQLi) Description() string

func (*SQLi) Name 

func (s *SQLi) Name() string

func (*SQLi) Run 

func (s *SQLi) Run(cfg *engine.Config) ([]engine.Finding, error)

type Subdomain 

type Subdomain struct{}

func (*Subdomain) Description 

func (s *Subdomain) Description() string

func (*Subdomain) Name 

func (s *Subdomain) Name() string

func (*Subdomain) Run 

func (s *Subdomain) Run(cfg *engine.Config) ([]engine.Finding, error)

type TLS 

type TLS struct{}

func (*TLS) Description 

func (t *TLS) Description() string

func (*TLS) Name 

func (t *TLS) Name() string

func (*TLS) Run 

func (t *TLS) Run(cfg *engine.Config) ([]engine.Finding, error)

type Webservice 

type Webservice struct{}

func (*Webservice) Description 

func (w *Webservice) Description() string

func (*Webservice) Name 

func (w *Webservice) Name() string

func (*Webservice) Run 

func (w *Webservice) Run(cfg *engine.Config) ([]engine.Finding, error)

type XSS 

type XSS struct{}

func (*XSS) Description 

func (x *XSS) Description() string

func (*XSS) Name 

func (x *XSS) Name() string

func (*XSS) Run 

func (x *XSS) Run(cfg *engine.Config) ([]engine.Finding, error)

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.