Documentation
¶
Overview ¶
Package types provides core data structures for Indago
Package types provides core data structures for Indago
Index ¶
- Constants
- func ValidateConfig(config *Config) error
- func ValidateInputFile(path string) error
- func ValidateURL(rawURL string) error
- type AttackSettings
- type AttackVector
- type AuthConfig
- type AuthContext
- type BodyField
- type CallbackSettings
- type ChainSettings
- type CheckpointSettings
- type Config
- type ConfigValidator
- type DifferentialSettings
- type Endpoint
- type Evidence
- type FilterSettings
- type Finding
- type FlexibleString
- type FlexibleStringSlice
- type GraphQLSettings
- type HTTPRequest
- type HTTPResponse
- type HTTPSettings
- type IDORSettings
- type InferenceSettings
- type InjectionSettings
- type InputType
- type OutputSettings
- type Parameter
- type PluginSettings
- type ProviderConfig
- type RequestBody
- type RulesSettings
- type ScanConfig
- type ScanError
- type ScanResult
- type ScanSettings
- type ScanStats
- type ScanSummary
- type StateSettings
- type ValidationError
- type ValidationErrors
- type WAFSettings
Constants ¶
View Source
const ( AttackIDOR = "idor" AttackSQLi = "sqli" AttackNoSQLi = "nosqli" AttackCommandInject = "command_injection" AttackXSS = "xss" AttackAuthBypass = "auth_bypass" AttackMassAssignment = "mass_assignment" AttackBOLA = "bola" AttackBFLA = "bfla" AttackRateLimit = "rate_limit" AttackDataExposure = "data_exposure" AttackSSRF = "ssrf" AttackPathTraversal = "path_traversal" AttackLDAP = "ldap_injection" AttackXPath = "xpath_injection" AttackSSTI = "ssti" AttackJWT = "jwt_manipulation" // GraphQL attack types AttackGraphQLDepth = "graphql_depth" AttackGraphQLBatch = "graphql_batch" AttackGraphQLIntrospect = "graphql_introspection" AttackGraphQLAlias = "graphql_alias" // Blind/Out-of-band attack types AttackBlindSSRF = "blind_ssrf" AttackBlindXXE = "blind_xxe" AttackBlindCmdInject = "blind_command_injection" // Attack chain types AttackChainPrivEsc = "privilege_escalation_chain" AttackChainDataLeak = "data_leakage_chain" AttackChainIDOR = "idor_chain" // WAF bypass AttackWAFBypass = "waf_bypass" )
AttackCategory constants
View Source
const ( SensitivityCritical = "critical" SensitivityHigh = "high" SensitivityMedium = "medium" SensitivityLow = "low" )
SensitivityLevel constants
View Source
const ( SeverityCritical = "critical" SeverityHigh = "high" SeverityMedium = "medium" SeverityLow = "low" SeverityInfo = "info" )
Severity constants
View Source
const ( ConfidenceHigh = "high" ConfidenceMedium = "medium" ConfidenceLow = "low" )
Confidence constants
Variables ¶
This section is empty.
Functions ¶
func ValidateConfig ¶
ValidateConfig is a convenience function to validate a config
func ValidateInputFile ¶
ValidateInputFile validates an input file exists and is readable
Types ¶
type AttackSettings ¶
type AttackSettings struct {
Enabled []string `yaml:"enabled" mapstructure:"enabled"` // Empty = all
Disabled []string `yaml:"disabled" mapstructure:"disabled"`
MaxPayloadsPerType int `yaml:"max_payloads_per_type" mapstructure:"max_payloads_per_type"`
CustomPayloads string `yaml:"custom_payloads" mapstructure:"custom_payloads"` // Path to custom payloads file
UseLLMPayloads bool `yaml:"use_llm_payloads" mapstructure:"use_llm_payloads"` // Generate additional context-aware payloads using LLM
LLMConcurrency int `yaml:"llm_concurrency" mapstructure:"llm_concurrency"` // Concurrent LLM calls for payload generation
// Category-specific settings
IDOR IDORSettings `yaml:"idor" mapstructure:"idor"`
Injection InjectionSettings `yaml:"injection" mapstructure:"injection"`
}
AttackSettings holds attack configuration
type AttackVector ¶
type AttackVector struct {
Type string `json:"type" yaml:"type"`
Category string `json:"category" yaml:"category"`
Priority string `json:"priority" yaml:"priority"` // high, medium, low
Rationale string `json:"rationale,omitempty" yaml:"rationale,omitempty"`
TargetParam FlexibleString `json:"target_param,omitempty" yaml:"target_param,omitempty"`
Payloads FlexibleStringSlice `json:"payloads,omitempty" yaml:"payloads,omitempty"`
}
AttackVector represents a suggested attack type
type AuthConfig ¶
type AuthConfig struct {
Type string `json:"type" yaml:"type"` // bearer, basic, api_key, oauth2
Location string `json:"location,omitempty" yaml:"location,omitempty"`
Name string `json:"name,omitempty" yaml:"name,omitempty"`
Value string `json:"value,omitempty" yaml:"value,omitempty"`
HeaderName string `json:"header_name,omitempty" yaml:"header_name,omitempty"`
HeaderPrefix string `json:"header_prefix,omitempty" yaml:"header_prefix,omitempty"`
Extra map[string]string `json:"extra,omitempty" yaml:"extra,omitempty"`
}
AuthConfig represents authentication configuration
type AuthContext ¶
type AuthContext struct {
Name string `yaml:"name" mapstructure:"name"` // "user_a", "admin", "anonymous"
AuthType string `yaml:"auth_type" mapstructure:"auth_type"` // "bearer", "cookie", "api_key", "basic"
Token string `yaml:"token" mapstructure:"token" json:"-"` // Excluded from JSON to prevent credential leakage
Headers map[string]string `yaml:"headers" mapstructure:"headers"`
Cookies map[string]string `yaml:"cookies" mapstructure:"cookies" json:"-"` // Excluded from JSON to prevent credential leakage
Priority int `yaml:"priority" mapstructure:"priority"` // Lower = higher privilege (0=admin, 1=user, etc.)
UserID string `yaml:"user_id" mapstructure:"user_id"` // User identifier for horizontal access checks
}
AuthContext represents an authentication context for differential analysis
type BodyField ¶
type BodyField struct {
Name string `json:"name" yaml:"name"`
Type string `json:"type" yaml:"type"`
Required bool `json:"required" yaml:"required"`
Description string `json:"description,omitempty" yaml:"description,omitempty"`
Example interface{} `json:"example,omitempty" yaml:"example,omitempty"`
Nested []BodyField `json:"nested,omitempty" yaml:"nested,omitempty"`
}
BodyField represents a field in the request body
type CallbackSettings ¶
type CallbackSettings struct {
Enabled bool `yaml:"enabled" mapstructure:"enabled"`
ExternalURL string `yaml:"external_url" mapstructure:"external_url"` // External URL (if behind NAT)
HTTPPort int `yaml:"http_port" mapstructure:"http_port"` // HTTP callback port
DNSPort int `yaml:"dns_port" mapstructure:"dns_port"` // DNS callback port
Timeout time.Duration `yaml:"timeout" mapstructure:"timeout"` // Wait timeout for callbacks
}
CallbackSettings holds callback/OOB detection configuration
type ChainSettings ¶
type ChainSettings struct {
Enabled bool `yaml:"enabled" mapstructure:"enabled"`
MaxDepth int `yaml:"max_depth" mapstructure:"max_depth"`
ChainFile string `yaml:"chain_file" mapstructure:"chain_file"` // Custom chain definitions YAML
}
ChainSettings holds attack chain configuration
type CheckpointSettings ¶
type CheckpointSettings struct {
Enabled bool `yaml:"enabled" mapstructure:"enabled"` // Enable checkpointing
Interval time.Duration `yaml:"interval" mapstructure:"interval"` // Save interval
File string `yaml:"file" mapstructure:"file"` // Checkpoint file path
}
CheckpointSettings holds checkpoint configuration
type Config ¶
type Config struct {
// LLM Provider settings
Provider ProviderConfig `yaml:"provider" mapstructure:"provider"`
// Scan settings
Scan ScanSettings `yaml:"scan" mapstructure:"scan"`
// HTTP settings
HTTP HTTPSettings `yaml:"http" mapstructure:"http"`
// Output settings
Output OutputSettings `yaml:"output" mapstructure:"output"`
// Filter settings for false positive reduction
Filter FilterSettings `yaml:"filter" mapstructure:"filter"`
// Attack settings
Attacks AttackSettings `yaml:"attacks" mapstructure:"attacks"`
// Attack Chain settings
Chains ChainSettings `yaml:"chains" mapstructure:"chains"`
// Stateful session tracking
State StateSettings `yaml:"state" mapstructure:"state"`
// Differential response analysis
Differential DifferentialSettings `yaml:"differential" mapstructure:"differential"`
// GraphQL settings
GraphQL GraphQLSettings `yaml:"graphql" mapstructure:"graphql"`
// Business rules settings
Rules RulesSettings `yaml:"rules" mapstructure:"rules"`
// Schema inference settings
Inference InferenceSettings `yaml:"inference" mapstructure:"inference"`
// Callback/OOB detection settings
Callback CallbackSettings `yaml:"callback" mapstructure:"callback"`
// WAF detection settings
WAF WAFSettings `yaml:"waf" mapstructure:"waf"`
// Plugin settings
Plugins PluginSettings `yaml:"plugins" mapstructure:"plugins"`
// Checkpoint settings
Checkpoint CheckpointSettings `yaml:"checkpoint" mapstructure:"checkpoint"`
}
Config represents the application configuration
func DefaultConfig ¶
func DefaultConfig() *Config
DefaultConfig returns a configuration with sensible defaults
type ConfigValidator ¶
type ConfigValidator struct {
// contains filtered or unexported fields
}
ConfigValidator validates configuration settings
func NewConfigValidator ¶
func NewConfigValidator() *ConfigValidator
NewConfigValidator creates a new config validator
func (*ConfigValidator) Validate ¶
func (v *ConfigValidator) Validate(config *Config) ValidationErrors
Validate performs comprehensive validation of the config
type DifferentialSettings ¶
type DifferentialSettings struct {
Enabled bool `yaml:"enabled" mapstructure:"enabled"`
AuthContexts []AuthContext `yaml:"auth_contexts" mapstructure:"auth_contexts"`
AuthFile string `yaml:"auth_file" mapstructure:"auth_file"` // Auth contexts YAML file
}
DifferentialSettings holds differential response analysis configuration
type Endpoint ¶
type Endpoint struct {
Method string `json:"method" yaml:"method"`
Path string `json:"path" yaml:"path"`
BaseURL string `json:"base_url" yaml:"base_url"`
Parameters []Parameter `json:"parameters,omitempty" yaml:"parameters,omitempty"`
Headers map[string]string `json:"headers,omitempty" yaml:"headers,omitempty"`
Body *RequestBody `json:"body,omitempty" yaml:"body,omitempty"`
Auth *AuthConfig `json:"auth,omitempty" yaml:"auth,omitempty"`
Description string `json:"description,omitempty" yaml:"description,omitempty"`
Tags []string `json:"tags,omitempty" yaml:"tags,omitempty"`
OperationID string `json:"operation_id,omitempty" yaml:"operation_id,omitempty"`
// AI-enriched fields
BusinessContext string `json:"business_context,omitempty" yaml:"business_context,omitempty"`
SensitivityLevel string `json:"sensitivity_level,omitempty" yaml:"sensitivity_level,omitempty"`
RelatedEndpoints []string `json:"related_endpoints,omitempty" yaml:"related_endpoints,omitempty"`
SuggestedAttacks []AttackVector `json:"suggested_attacks,omitempty" yaml:"suggested_attacks,omitempty"`
}
Endpoint represents a unified API endpoint model
type Evidence ¶
type Evidence struct {
Request *HTTPRequest `json:"request" yaml:"request"`
Response *HTTPResponse `json:"response" yaml:"response"`
MatchedData []string `json:"matched_data,omitempty" yaml:"matched_data,omitempty"`
Anomalies []string `json:"anomalies,omitempty" yaml:"anomalies,omitempty"`
BaselineResp *HTTPResponse `json:"baseline_response,omitempty" yaml:"baseline_response,omitempty"`
Screenshots []string `json:"screenshots,omitempty" yaml:"screenshots,omitempty"`
}
Evidence contains proof of the finding
type FilterSettings ¶
type FilterSettings struct {
Enabled bool `yaml:"enabled" mapstructure:"enabled"` // Enable filtering
MinConfidence float64 `yaml:"min_confidence" mapstructure:"min_confidence"` // Minimum confidence score (0.0-1.0)
MinSeverity string `yaml:"min_severity" mapstructure:"min_severity"` // Minimum severity level
DedupeByEndpoint bool `yaml:"dedupe_by_endpoint" mapstructure:"dedupe_by_endpoint"` // Deduplicate findings by endpoint
FilterNoise bool `yaml:"filter_noise" mapstructure:"filter_noise"` // Filter common false positives
}
FilterSettings holds finding filter configuration
type Finding ¶
type Finding struct {
ID string `json:"id" yaml:"id"`
Type string `json:"type" yaml:"type"`
Severity string `json:"severity" yaml:"severity"` // critical, high, medium, low, info
Confidence string `json:"confidence" yaml:"confidence"` // high, medium, low
Title string `json:"title" yaml:"title"`
Description string `json:"description" yaml:"description"`
Endpoint string `json:"endpoint" yaml:"endpoint"`
Method string `json:"method" yaml:"method"`
Parameter string `json:"parameter,omitempty" yaml:"parameter,omitempty"`
Payload string `json:"payload,omitempty" yaml:"payload,omitempty"`
Evidence *Evidence `json:"evidence,omitempty" yaml:"evidence,omitempty"`
Remediation string `json:"remediation,omitempty" yaml:"remediation,omitempty"`
References []string `json:"references,omitempty" yaml:"references,omitempty"`
CWE string `json:"cwe,omitempty" yaml:"cwe,omitempty"`
CVSS float64 `json:"cvss,omitempty" yaml:"cvss,omitempty"`
Timestamp time.Time `json:"timestamp" yaml:"timestamp"`
Tags []string `json:"tags,omitempty" yaml:"tags,omitempty"`
}
Finding represents a discovered vulnerability or anomaly
type FlexibleString ¶
type FlexibleString string
FlexibleString can unmarshal from either a string or an array of strings
func (FlexibleString) String ¶
func (f FlexibleString) String() string
String returns the string value
func (*FlexibleString) UnmarshalJSON ¶
func (f *FlexibleString) UnmarshalJSON(data []byte) error
UnmarshalJSON handles both string and array inputs
type FlexibleStringSlice ¶
type FlexibleStringSlice []string
FlexibleStringSlice can unmarshal from a string array, object, or string
func (*FlexibleStringSlice) UnmarshalJSON ¶
func (f *FlexibleStringSlice) UnmarshalJSON(data []byte) error
UnmarshalJSON handles various input formats
type GraphQLSettings ¶
type GraphQLSettings struct {
Endpoint string `yaml:"endpoint" mapstructure:"endpoint"` // GraphQL endpoint URL
Introspect bool `yaml:"introspect" mapstructure:"introspect"` // Enable introspection query
MaxDepth int `yaml:"max_depth" mapstructure:"max_depth"` // Max query depth to test
MaxBatchSize int `yaml:"max_batch_size" mapstructure:"max_batch_size"` // Max batch size to test
MaxAliases int `yaml:"max_aliases" mapstructure:"max_aliases"` // Max aliases to test
}
GraphQLSettings holds GraphQL scanning configuration
type HTTPRequest ¶
type HTTPRequest struct {
Method string `json:"method" yaml:"method"`
URL string `json:"url" yaml:"url"`
Headers map[string]string `json:"headers" yaml:"headers"`
Body string `json:"body,omitempty" yaml:"body,omitempty"`
}
HTTPRequest represents an HTTP request
type HTTPResponse ¶
type HTTPResponse struct {
StatusCode int `json:"status_code" yaml:"status_code"`
Status string `json:"status" yaml:"status"`
Headers map[string]string `json:"headers" yaml:"headers"`
Body string `json:"body" yaml:"body"`
ContentLength int64 `json:"content_length" yaml:"content_length"`
ResponseTime time.Duration `json:"response_time" yaml:"response_time"`
}
HTTPResponse represents an HTTP response
type HTTPSettings ¶
type HTTPSettings struct {
ProxyURL string `yaml:"proxy_url" mapstructure:"proxy_url"`
Headers map[string]string `yaml:"headers" mapstructure:"headers"`
UserAgent string `yaml:"user_agent" mapstructure:"user_agent"`
AuthHeader string `yaml:"auth_header" mapstructure:"auth_header"`
AuthToken string `yaml:"auth_token" mapstructure:"auth_token"`
Cookies map[string]string `yaml:"cookies" mapstructure:"cookies"`
}
HTTPSettings holds HTTP client configuration
type IDORSettings ¶
type IDORSettings struct {
IDRange int `yaml:"id_range" mapstructure:"id_range"` // How far to increment/decrement
TestUUIDs bool `yaml:"test_uuids" mapstructure:"test_uuids"`
SwapUsers bool `yaml:"swap_users" mapstructure:"swap_users"`
}
IDORSettings holds IDOR-specific configuration
type InferenceSettings ¶
type InferenceSettings struct {
Enabled bool `yaml:"enabled" mapstructure:"enabled"`
OutputFile string `yaml:"output_file" mapstructure:"output_file"` // Save generated OpenAPI spec
MinConfidence float64 `yaml:"min_confidence" mapstructure:"min_confidence"` // Min confidence threshold
ClusterThreshold float64 `yaml:"cluster_threshold" mapstructure:"cluster_threshold"` // Similarity threshold for clustering
}
InferenceSettings holds schema inference configuration
type InjectionSettings ¶
type InjectionSettings struct {
SQLi bool `yaml:"sqli" mapstructure:"sqli"`
NoSQLi bool `yaml:"nosqli" mapstructure:"nosqli"`
Command bool `yaml:"command" mapstructure:"command"`
LDAP bool `yaml:"ldap" mapstructure:"ldap"`
XPath bool `yaml:"xpath" mapstructure:"xpath"`
SSTI bool `yaml:"ssti" mapstructure:"ssti"`
BlindDelay int `yaml:"blind_delay" mapstructure:"blind_delay"` // Seconds for time-based detection
}
InjectionSettings holds injection attack configuration
type OutputSettings ¶
type OutputSettings struct {
Format string `yaml:"format" mapstructure:"format"` // json, html, markdown, sarif
File string `yaml:"file" mapstructure:"file"`
Verbose bool `yaml:"verbose" mapstructure:"verbose"`
Color bool `yaml:"color" mapstructure:"color"`
IncludeRaw bool `yaml:"include_raw" mapstructure:"include_raw"` // Include raw request/response
}
OutputSettings holds output configuration
type Parameter ¶
type Parameter struct {
Name string `json:"name" yaml:"name"`
In string `json:"in" yaml:"in"` // query, path, header, cookie
Type string `json:"type" yaml:"type"`
Required bool `json:"required" yaml:"required"`
Description string `json:"description,omitempty" yaml:"description,omitempty"`
Example interface{} `json:"example,omitempty" yaml:"example,omitempty"`
Default interface{} `json:"default,omitempty" yaml:"default,omitempty"`
Enum []string `json:"enum,omitempty" yaml:"enum,omitempty"`
Format string `json:"format,omitempty" yaml:"format,omitempty"`
Pattern string `json:"pattern,omitempty" yaml:"pattern,omitempty"`
Minimum *float64 `json:"minimum,omitempty" yaml:"minimum,omitempty"`
Maximum *float64 `json:"maximum,omitempty" yaml:"maximum,omitempty"`
}
Parameter represents an API parameter
type PluginSettings ¶
type PluginSettings struct {
Enabled bool `yaml:"enabled" mapstructure:"enabled"` // Enable plugins
PayloadFiles []string `yaml:"payload_files" mapstructure:"payload_files"` // Custom payload files
MatcherFiles []string `yaml:"matcher_files" mapstructure:"matcher_files"` // Custom matcher files
}
PluginSettings holds plugin configuration
type ProviderConfig ¶
type ProviderConfig struct {
Name string `yaml:"name" mapstructure:"name"` // openai, anthropic, ollama, lmstudio
APIKey string `yaml:"api_key" mapstructure:"api_key"`
BaseURL string `yaml:"base_url" mapstructure:"base_url"` // For ollama/lmstudio
Model string `yaml:"model" mapstructure:"model"`
MaxTokens int `yaml:"max_tokens" mapstructure:"max_tokens"`
Temperature float64 `yaml:"temperature" mapstructure:"temperature"`
}
ProviderConfig holds LLM provider configuration
type RequestBody ¶
type RequestBody struct {
ContentType string `json:"content_type" yaml:"content_type"`
Required bool `json:"required" yaml:"required"`
Schema map[string]interface{} `json:"schema,omitempty" yaml:"schema,omitempty"`
Example interface{} `json:"example,omitempty" yaml:"example,omitempty"`
Fields []BodyField `json:"fields,omitempty" yaml:"fields,omitempty"`
}
RequestBody represents the request body configuration
type RulesSettings ¶
type RulesSettings struct {
File string `yaml:"file" mapstructure:"file"` // Business rules YAML file
Strict bool `yaml:"strict" mapstructure:"strict"` // Fail scan if rules violated
}
RulesSettings holds business rules configuration
type ScanConfig ¶
type ScanConfig struct {
Provider string `json:"provider" yaml:"provider"`
Model string `json:"model,omitempty" yaml:"model,omitempty"`
InputFile string `json:"input_file" yaml:"input_file"`
InputType string `json:"input_type" yaml:"input_type"`
AttackTypes []string `json:"attack_types,omitempty" yaml:"attack_types,omitempty"`
Concurrency int `json:"concurrency" yaml:"concurrency"`
RateLimit float64 `json:"rate_limit" yaml:"rate_limit"`
Timeout int `json:"timeout" yaml:"timeout"`
ProxyURL string `json:"proxy_url,omitempty" yaml:"proxy_url,omitempty"`
}
ScanConfig captures the configuration used for the scan
type ScanError ¶
type ScanError struct {
Endpoint string `json:"endpoint" yaml:"endpoint"`
Error string `json:"error" yaml:"error"`
Timestamp time.Time `json:"timestamp" yaml:"timestamp"`
Retried bool `json:"retried" yaml:"retried"`
}
ScanError represents an error during scanning
type ScanResult ¶
type ScanResult struct {
ScanID string `json:"scan_id" yaml:"scan_id"`
Target string `json:"target" yaml:"target"`
StartTime time.Time `json:"start_time" yaml:"start_time"`
EndTime time.Time `json:"end_time" yaml:"end_time"`
Duration time.Duration `json:"duration" yaml:"duration"`
Findings []Finding `json:"findings" yaml:"findings"`
Summary *ScanSummary `json:"summary" yaml:"summary"`
Stats *ScanStats `json:"stats,omitempty" yaml:"stats,omitempty"`
Endpoints int `json:"endpoints_scanned" yaml:"endpoints_scanned"`
Requests int `json:"requests_made" yaml:"requests_made"`
Errors []ScanError `json:"errors,omitempty" yaml:"errors,omitempty"`
Config *ScanConfig `json:"config,omitempty" yaml:"config,omitempty"`
}
ScanResult contains the complete scan results
type ScanSettings ¶
type ScanSettings struct {
Concurrency int `yaml:"concurrency" mapstructure:"concurrency"`
RateLimit float64 `yaml:"rate_limit" mapstructure:"rate_limit"` // requests per second
Timeout time.Duration `yaml:"timeout" mapstructure:"timeout"`
MaxRetries int `yaml:"max_retries" mapstructure:"max_retries"`
RetryDelay time.Duration `yaml:"retry_delay" mapstructure:"retry_delay"`
FollowRedirects bool `yaml:"follow_redirects" mapstructure:"follow_redirects"`
MaxRedirects int `yaml:"max_redirects" mapstructure:"max_redirects"`
VerifySSL bool `yaml:"verify_ssl" mapstructure:"verify_ssl"`
}
ScanSettings holds scan configuration
type ScanStats ¶
type ScanStats struct {
TotalRequests int `json:"total_requests" yaml:"total_requests"`
SuccessfulReqs int `json:"successful_requests" yaml:"successful_requests"`
FailedReqs int `json:"failed_requests" yaml:"failed_requests"`
TotalDuration time.Duration `json:"total_duration" yaml:"total_duration"`
AvgResponseTime time.Duration `json:"avg_response_time" yaml:"avg_response_time"`
MinResponseTime time.Duration `json:"min_response_time" yaml:"min_response_time"`
MaxResponseTime time.Duration `json:"max_response_time" yaml:"max_response_time"`
RequestsPerSecond float64 `json:"requests_per_second" yaml:"requests_per_second"`
BytesSent int64 `json:"bytes_sent" yaml:"bytes_sent"`
BytesReceived int64 `json:"bytes_received" yaml:"bytes_received"`
}
ScanStats provides timing and performance metrics for a scan
func NewScanStats ¶
func NewScanStats() *ScanStats
NewScanStats creates a new ScanStats with default values
type ScanSummary ¶
type ScanSummary struct {
TotalFindings int `json:"total_findings" yaml:"total_findings"`
BySeverity map[string]int `json:"by_severity" yaml:"by_severity"`
ByType map[string]int `json:"by_type" yaml:"by_type"`
ByConfidence map[string]int `json:"by_confidence" yaml:"by_confidence"`
CriticalFindings int `json:"critical_findings" yaml:"critical_findings"`
HighFindings int `json:"high_findings" yaml:"high_findings"`
MediumFindings int `json:"medium_findings" yaml:"medium_findings"`
LowFindings int `json:"low_findings" yaml:"low_findings"`
InfoFindings int `json:"info_findings" yaml:"info_findings"`
}
ScanSummary provides statistics about the scan
func NewScanSummary ¶
func NewScanSummary(findings []Finding) *ScanSummary
NewScanSummary creates a summary from findings
type StateSettings ¶
type StateSettings struct {
Enabled bool `yaml:"enabled" mapstructure:"enabled"`
ExtractFile string `yaml:"extract_file" mapstructure:"extract_file"` // Custom extraction rules YAML
Inject bool `yaml:"inject" mapstructure:"inject"` // Enable variable injection into payloads
}
StateSettings holds stateful session tracking configuration
type ValidationError ¶
ValidationError represents a configuration validation error
func (*ValidationError) Error ¶
func (e *ValidationError) Error() string
type ValidationErrors ¶
type ValidationErrors []ValidationError
ValidationErrors is a collection of validation errors
func (ValidationErrors) Error ¶
func (e ValidationErrors) Error() string
func (ValidationErrors) HasErrors ¶
func (e ValidationErrors) HasErrors() bool
HasErrors returns true if there are any validation errors
type WAFSettings ¶
type WAFSettings struct {
Detect bool `yaml:"detect" mapstructure:"detect"` // Enable WAF detection
Bypass bool `yaml:"bypass" mapstructure:"bypass"` // Enable WAF bypass attempts
Threshold int `yaml:"threshold" mapstructure:"threshold"` // Consecutive blocks to trigger detection
MaxRetries int `yaml:"max_retries" mapstructure:"max_retries"` // Max bypass attempts per payload
}
WAFSettings holds WAF detection and bypass configuration
Source Files
Click to show internal directories.
Click to hide internal directories.