Documentation
¶
Index ¶
- Constants
- Variables
- func BaseURL(u *url.URL) string
- func CompareWithExpr(exp *vm.Program, params map[string]interface{}) bool
- func Dir(u string) string
- func Format(filename string, color bool)
- func FormatURL(base, u string) string
- func MatchWithGlobs(u string, globs []string) bool
- func RandomUA() string
- type CheckPool
- type FunctionOptions
- type InputOptions
- type MiscOptions
- type ModeOptions
- type Option
- type Origin
- type OutputOptions
- type PluginOptions
- type Pool
- func (pool *Pool) BaseCompare(bl *pkg.Baseline) bool
- func (pool *Pool) Close()
- func (pool *Pool) Handler()
- func (pool *Pool) Init() error
- func (pool *Pool) Invoke(v interface{})
- func (pool *Pool) NoScopeInvoke(v interface{})
- func (pool *Pool) PreCompare(resp *ihttp.Response) error
- func (pool *Pool) Run(offset, limit int)
- func (pool *Pool) Upgrade(bl *pkg.Baseline) error
- type RequestOptions
- type Runner
- func (r *Runner) AddPool(task *Task)
- func (r *Runner) AddRecursive(bl *pkg.Baseline)
- func (r *Runner) Done()
- func (r *Runner) Output()
- func (r *Runner) Prepare(ctx context.Context) error
- func (r *Runner) PrepareConfig() *pkg.Config
- func (r *Runner) PrintStat(pool *Pool)
- func (r *Runner) Run(ctx context.Context)
- func (r *Runner) RunWithCheck(ctx context.Context)
- type Task
- type Unit
Constants ¶
View Source
const ( CheckSource = iota + 1 InitRandomSource InitIndexSource RedirectSource CrawlSource ActiveSource WordSource WafSource RuleSource BakSource CommonFileSource UpgradeSource RetrySource )
Variables ¶
View Source
var ( MaxRedirect = 3 MaxCrawl = 3 MaxRecursion = 0 )
View Source
var ( WhiteStatus = []int{200} BlackStatus = []int{400, 410} FuzzyStatus = []int{403, 404, 500, 501, 502, 503} WAFStatus = []int{493, 418, 1020, 406} UniqueStatus = []int{403} )
View Source
var (
DefaultThreads = 20
)
Functions ¶
func CompareWithExpr ¶ added in v0.4.1
func MatchWithGlobs ¶ added in v0.9.0
Types ¶
type CheckPool ¶ added in v0.1.2
func NewCheckPool ¶ added in v0.1.2
类似httpx的无状态, 无scope, 无并发池的检测模式
type FunctionOptions ¶
type FunctionOptions struct {
Extensions string `short:"e" long:"extension" description:"String, add extensions (separated by commas), e.g.: -e jsp,jspx"`
ExcludeExtensions string `long:"exclude-extension" description:"String, exclude extensions (separated by commas), e.g.: --exclude-extension jsp,jspx"`
RemoveExtensions string `long:"remove-extension" description:"String, remove extensions (separated by commas), e.g.: --remove-extension jsp,jspx"`
Uppercase bool `short:"U" long:"uppercase" description:"Bool, upper wordlist, e.g.: --uppercase"`
Lowercase bool `short:"L" long:"lowercase" description:"Bool, lower wordlist, e.g.: --lowercase"`
Prefixes []string `long:"prefix" description:"Strings, add prefix, e.g.: --prefix aaa --prefix bbb"`
Suffixes []string `long:"suffix" description:"Strings, add suffix, e.g.: --suffix aaa --suffix bbb"`
Replaces map[string]string `long:"replace" description:"Strings, replace string, e.g.: --replace aaa:bbb --replace ccc:ddd"`
}
type InputOptions ¶
type InputOptions struct {
ResumeFrom string `long:"resume"`
URL []string `short:"u" long:"url" description:"Strings, input baseurl, e.g.: http://google.com"`
URLFile string `short:"l" long:"list" description:"File, input filename"`
PortRange string `short:"p" long:"port" description:"String, input port range, e.g.: 80,8080-8090,db"`
CIDRs string `short:"c" long:"cidr" description:"String, input cidr, e.g.: 1.1.1.1/24 "`
Raw string `long:"raw" description:"File, input raw request filename"`
Dictionaries []string `short:"d" long:"dict" description:"Files, Multi,dict files, e.g.: -d 1.txt -d 2.txt"`
Offset int `long:"offset" description:"Int, wordlist offset"`
Limit int `long:"limit" description:"Int, wordlist limit, start with offset. e.g.: --offset 1000 --limit 100"`
Word string `short:"w" long:"word" description:"String, word generate dsl, e.g.: -w test{?ld#4}"`
Rules []string `short:"r" long:"rules" description:"Files, rule files, e.g.: -r rule1.txt -r rule2.txt"`
AppendRule []string `long:"append-rule" description:"Files, when found valid path , use append rule generator new word with current path"`
FilterRule string `long:"filter-rule" description:"String, filter rule, e.g.: --rule-filter '>8 <4'"`
}
type MiscOptions ¶
type MiscOptions struct {
Deadline int `long:"deadline" default:"999999" description:"Int, deadline (seconds)"` // todo 总的超时时间,适配云函数的deadline
Timeout int `long:"timeout" default:"5" description:"Int, timeout with request (seconds)"`
PoolSize int `short:"P" long:"pool" default:"5" description:"Int, Pool size"`
Threads int `short:"t" long:"thread" default:"20" description:"Int, number of threads per pool"`
Debug bool `long:"debug" description:"Bool, output debug info"`
Version bool `short:"v" long:"version" description:"Bool, show version"`
Quiet bool `short:"q" long:"quiet" description:"Bool, Quiet"`
NoColor bool `long:"no-color" description:"Bool, no color"`
NoBar bool `long:"no-bar" description:"Bool, No progress bar"`
Mod string `short:"m" long:"mod" default:"path" choice:"path" choice:"host" description:"String, path/host spray"`
Client string `short:"C" long:"client" default:"auto" choice:"fast" choice:"standard" choice:"auto" description:"String, Client type"`
}
type ModeOptions ¶
type ModeOptions struct {
RateLimit int `long:"rate-limit" default:"0" description:"Int, request rate limit (rate/s), e.g.: --rate-limit 100"`
Force bool `long:"force" description:"Bool, skip error break"`
CheckOnly bool `long:"check-only" description:"Bool, check only"`
NoScope bool `long:"no-scope" description:"Bool, no scope"`
Scope []string `long:"scope" description:"String, custom scope, e.g.: --scope *.example.com"`
Recursive string `long:"recursive" default:"current.IsDir()" description:"String,custom recursive rule, e.g.: --recursive current.IsDir()"`
Depth int `long:"depth" default:"0" description:"Int, recursive depth"`
Index string `long:"index" default:"" description:"String, custom index path"`
Random string `long:"random" default:"" description:"String, custom random path"`
CheckPeriod int `long:"check-period" default:"200" description:"Int, check period when request"`
ErrPeriod int `long:"error-period" default:"10" description:"Int, check period when error"`
BreakThreshold int `long:"error-threshold" default:"20" description:"Int, break when the error exceeds the threshold "`
BlackStatus string `long:"black-status" default:"400,410" description:"Strings (comma split),custom black status, "`
WhiteStatus string `long:"white-status" default:"200" description:"Strings (comma split), custom white status"`
FuzzyStatus string `long:"fuzzy-status" default:"404,403,500,501,502,503" description:"Strings (comma split), custom fuzzy status"`
UniqueStatus string `long:"unique-status" default:"403" description:"Strings (comma split), custom unique status"`
Unique bool `long:"unique" description:"Bool, unique response"`
RetryCount int `long:"retry" default:"1" description:"Int, retry count"`
SimhashDistance int `long:"distance" default:"5"`
}
type Option ¶
type Option struct {
InputOptions `group:"Input Options"`
FunctionOptions `group:"Function Options"`
OutputOptions `group:"Output Options"`
PluginOptions `group:"Plugin Options"`
RequestOptions `group:"Request Options"`
ModeOptions `group:"Modify Options"`
MiscOptions `group:"Miscellaneous Options"`
}
func (*Option) GenerateTasks ¶
Generate Tasks
func (*Option) PrepareRunner ¶ added in v0.1.0
type OutputOptions ¶
type OutputOptions struct {
Match string `long:"match" description:"String, custom match function, e.g.: --match 'current.Status != 200''" json:"match,omitempty"`
Filter string `` /* 132-byte string literal not displayed */
OutputFile string `short:"f" long:"file" description:"String, output filename" json:"output_file,omitempty"`
Format string `short:"F" long:"format" description:"String, output format, e.g.: --format 1.json"`
FuzzyFile string `long:"fuzzy-file" description:"String, fuzzy output filename" json:"fuzzy_file,omitempty"`
DumpFile string `long:"dump-file" description:"String, dump all request, and write to filename"`
Dump bool `long:"dump" description:"Bool, dump all request"`
AutoFile bool `long:"auto-file" description:"Bool, auto generator output and fuzzy filename" `
Fuzzy bool `long:"fuzzy" description:"String, open fuzzy output" json:"fuzzy,omitempty"`
OutputProbe string `short:"o" long:"probe" description:"String, output format" json:"output_probe,omitempty"`
}
type PluginOptions ¶
type PluginOptions struct {
Advance bool `short:"a" long:"advance" description:"Bool, enable crawl and active"`
Extracts []string `long:"extract" description:"Strings, extract response, e.g.: --extract js --extract ip --extract version:(.*?)"`
Recon bool `long:"recon" description:"Bool, enable recon"`
Active bool `long:"active" description:"Bool, enable active finger detect"`
Bak bool `long:"bak" description:"Bool, enable bak found"`
FileBak bool `long:"file-bak" description:"Bool, enable valid result bak found, equal --append-rule rule/filebak.txt"`
Common bool `long:"common" description:"Bool, enable common file found"`
Crawl bool `long:"crawl" description:"Bool, enable crawl"`
CrawlDepth int `long:"crawl-depth" default:"3" description:"Int, crawl depth"`
}
type Pool ¶ added in v0.1.0
type Pool struct {
*pkg.Config // read only
Statistor *pkg.Statistor
// contains filtered or unexported fields
}
func (*Pool) NoScopeInvoke ¶ added in v0.9.0
func (pool *Pool) NoScopeInvoke(v interface{})
type RequestOptions ¶
type RequestOptions struct {
Headers []string `long:"header" description:"Strings, custom headers, e.g.: --headers 'Auth: example_auth'"`
UserAgent string `long:"user-agent" description:"String, custom user-agent, e.g.: --user-agent Custom"`
RandomUserAgent bool `long:"random-agent" description:"Bool, use random with default user-agent"`
Cookie []string `long:"cookie" description:"Strings, custom cookie"`
ReadAll bool `long:"read-all" description:"Bool, read all response body"`
MaxBodyLength int `long:"max-length" default:"100" description:"Int, max response body length (kb), default 100k, e.g. -max-length 1000"`
}
type Runner ¶
type Runner struct {
Tasks chan *Task
Count int // tasks total number
Wordlist []string
Rules *rule.Program
AppendRules *rule.Program
Headers map[string]string
Fns []func(string) string
FilterExpr *vm.Program
MatchExpr *vm.Program
RecursiveExpr *vm.Program
RecuDepth int
Threads int
PoolSize int
ClientType int
Pools *ants.PoolWithFunc
PoolName map[string]bool
Timeout int
Mod string
Probes []string
OutputCh chan *pkg.Baseline
FuzzyCh chan *pkg.Baseline
Fuzzy bool
OutputFile *files.File
FuzzyFile *files.File
DumpFile *files.File
StatFile *files.File
Progress *uiprogress.Progress
Offset int
Limit int
RateLimit int
Total int // wordlist total number
Deadline int
CheckPeriod int
ErrPeriod int
BreakThreshold int
Color bool
CheckOnly bool
Force bool
IgnoreWaf bool
Crawl bool
Scope []string
Active bool
Bak bool
Common bool
RetryCount int
RandomUserAgent bool
Random string
Index string
// contains filtered or unexported fields
}
func (*Runner) AddRecursive ¶
func (*Runner) PrepareConfig ¶
func (*Runner) RunWithCheck ¶
Source Files
Click to show internal directories.
Click to hide internal directories.