Documentation
¶
Index ¶
- Constants
- func CreateURLScanHandler(name string, seclistUrl string, defaultUrls []string, ...) ...
- func DiscoverableGraphQLPathScanHandler(operation *request.Operation, securityScheme auth.SecurityScheme) (*report.ScanReport, error)
- func DiscoverableOpenAPIScanHandler(operation *request.Operation, securityScheme auth.SecurityScheme) (*report.ScanReport, error)
- func ExtractBaseURL(inputURL *url.URL) *url.URL
- func GraphqlIntrospectionScanHandler(operation *request.Operation, securityScheme auth.SecurityScheme) (*report.ScanReport, error)
- func ServerSignatureScanHandler(operation *request.Operation, securityScheme auth.SecurityScheme) (*report.ScanReport, error)
Constants ¶
View Source
const ( DiscoverableOpenAPISeverityLevel = 0 DiscoverableOpenAPIVulnerabilityName = "Discoverable OpenAPI" DiscoverableOpenAPIVulnerabilityDescription = "An OpenAPI file is exposed without protection. This can lead to information disclosure and security issues" )
View Source
const ( DiscoverableGraphQLPathSeverityLevel = 0 DiscoverableGraphQLPathVulnerabilityName = "Discoverable GraphQL Path" DiscoverableGraphQLPathVulnerabilityDescription = "GraphQL path seems discoverable and can lead to information disclosure and security issues" GraphqlIntrospectionEnabledSeverityLevel = 0 GraphqlIntrospectionEnabledVulnerabilityName = "GraphQL Introspection enabled" GraphqlIntrospectionEnabledVulnerabilityDescription = "GraphQL Introspection seems enabled and can lead to information disclosure and security issues" )
View Source
const ( ServerSignatureSeverityLevel = 0 ServerSignatureVulnerabilityName = "Server Signature Exposed" ServerSignatureVulnerabilityDescription = "A Server signature is exposed in an header." )
Variables ¶
This section is empty.
Functions ¶
func CreateURLScanHandler ¶ added in v0.4.2
func CreateURLScanHandler(name string, seclistUrl string, defaultUrls []string, vulnReport *report.VulnerabilityReport) func(operation *request.Operation, securityScheme auth.SecurityScheme) (*report.ScanReport, error)
func DiscoverableGraphQLPathScanHandler ¶ added in v0.4.2
func DiscoverableGraphQLPathScanHandler(operation *request.Operation, securityScheme auth.SecurityScheme) (*report.ScanReport, error)
func DiscoverableOpenAPIScanHandler ¶
func DiscoverableOpenAPIScanHandler(operation *request.Operation, securityScheme auth.SecurityScheme) (*report.ScanReport, error)
func GraphqlIntrospectionScanHandler ¶
func GraphqlIntrospectionScanHandler(operation *request.Operation, securityScheme auth.SecurityScheme) (*report.ScanReport, error)
func ServerSignatureScanHandler ¶
func ServerSignatureScanHandler(operation *request.Operation, securityScheme auth.SecurityScheme) (*report.ScanReport, error)
Types ¶
This section is empty.
Source Files
Click to show internal directories.
Click to hide internal directories.