Documentation
¶
Overview ¶
Package infer provides protocol reverse engineering — automatic structure inference from binary data.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type InferResult ¶
type InferResult struct {
Fields []InferredField `json:"fields"`
MinLength int `json:"min_length"`
MaxLength int `json:"max_length"`
FixedFields []int `json:"fixed_offsets"`
}
InferResult holds the inference result.
func Infer ¶
func Infer(packets [][]byte) (*InferResult, error)
Infer analyzes multiple packets and infers protocol structure.
func (*InferResult) ToPSL ¶
func (r *InferResult) ToPSL(name string) string
ToPSL generates a candidate PSL file from inference results.
type InferredField ¶
type InferredField struct {
Offset int `json:"offset"`
Length int `json:"length"`
Name string `json:"name"`
Type string `json:"type"` // "uint", "bytes", "string", "length_field", "enum"
Confidence float64 `json:"confidence"`
Values []uint64 `json:"sample_values,omitempty"`
EnumVals map[uint64]int `json:"enum_distribution,omitempty"`
}
InferredField represents a field discovered by inference.
Source Files
Click to show internal directories.
Click to hide internal directories.