analyzer

package

v1.5.0 Latest Latest Go to latest Published: Apr 4, 2026 License: MIT Imports: 7 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/su1ph3r/indago

Links

Open Source Insights

Documentation ¶

Overview ¶

Package analyzer provides business logic analysis using LLMs

Index ¶

Constants
type APIContext
type AnalysisResult
type BusinessAnalyzer
- func NewBusinessAnalyzer(provider llm.Provider, userContext string) *BusinessAnalyzer
type ContextExtractor
- func NewContextExtractor() *ContextExtractor
type EndpointAnalysis
type EndpointRelation
type EndpointRelationship
type RelationshipMapper
- func NewRelationshipMapper() *RelationshipMapper
- func (m *RelationshipMapper) GetSecurityImplications(relationships []EndpointRelationship) []string
- func (m *RelationshipMapper) MapRelationships(endpoints []types.Endpoint) []EndpointRelationship

Constants ¶

View Source

const (
	RelationCreates    = "creates"
	RelationReads      = "reads"
	RelationUpdates    = "updates"
	RelationDeletes    = "deletes"
	RelationReferences = "references"
	RelationBelongsTo  = "belongs_to"
)

Relationship types

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type APIContext ¶

type APIContext struct {
	Domain             string
	AuthEndpoints      []types.Endpoint
	CRUDGroups         map[string][]types.Endpoint
	IDORCandidates     []types.Endpoint
	SensitiveEndpoints []types.Endpoint
}

APIContext contains extracted API context

type AnalysisResult ¶

type AnalysisResult struct {
	Domain           string             `json:"domain"`
	BusinessContext  string             `json:"business_context"`
	EndpointAnalysis []EndpointAnalysis `json:"endpoint_analysis"`
	Relationships    []EndpointRelation `json:"relationships"`
	SecurityConcerns []string           `json:"security_concerns"`
}

AnalysisResult contains the LLM's analysis of endpoints

type BusinessAnalyzer ¶

type BusinessAnalyzer struct {
	// contains filtered or unexported fields
}

BusinessAnalyzer uses LLM to understand API business context

func NewBusinessAnalyzer ¶

func NewBusinessAnalyzer(provider llm.Provider, userContext string) *BusinessAnalyzer

NewBusinessAnalyzer creates a new business logic analyzer

func (*BusinessAnalyzer) Analyze ¶

func (a *BusinessAnalyzer) Analyze(ctx context.Context, endpoints []types.Endpoint) (*AnalysisResult, error)

Analyze analyzes endpoints to understand business context

func (*BusinessAnalyzer) AnalyzeForAttacks ¶

func (a *BusinessAnalyzer) AnalyzeForAttacks(ctx context.Context, endpoint types.Endpoint) ([]types.AttackVector, error)

AnalyzeForAttacks generates targeted attack recommendations

func (*BusinessAnalyzer) EnrichEndpoints ¶

func (a *BusinessAnalyzer) EnrichEndpoints(ctx context.Context, endpoints []types.Endpoint) ([]types.Endpoint, error)

EnrichEndpoints enriches endpoints with LLM analysis

type ContextExtractor ¶

type ContextExtractor struct{}

ContextExtractor extracts context from endpoints without LLM

func NewContextExtractor ¶

func NewContextExtractor() *ContextExtractor

NewContextExtractor creates a new context extractor

func (*ContextExtractor) ClassifyEndpoint ¶

func (e *ContextExtractor) ClassifyEndpoint(ep types.Endpoint) string

ClassifyEndpoint classifies an endpoint's sensitivity without LLM

func (*ContextExtractor) ExtractContext ¶

func (e *ContextExtractor) ExtractContext(endpoints []types.Endpoint) *APIContext

ExtractContext extracts context from endpoints using heuristics

func (*ContextExtractor) SuggestAttacksHeuristic ¶

func (e *ContextExtractor) SuggestAttacksHeuristic(ep types.Endpoint) []types.AttackVector

SuggestAttacksHeuristic suggests attacks based on heuristics

type EndpointAnalysis ¶

type EndpointAnalysis struct {
	Endpoint         string               `json:"endpoint"`
	Method           string               `json:"method"`
	Purpose          string               `json:"purpose"`
	SensitivityLevel string               `json:"sensitivity_level"`
	IDORCandidate    bool                 `json:"idor_candidate"`
	AuthRequired     bool                 `json:"auth_required"`
	DataExposureRisk bool                 `json:"data_exposure_risk"`
	SuggestedAttacks []types.AttackVector `json:"suggested_attacks"`
	TargetParams     []string             `json:"target_params"`
}

EndpointAnalysis contains analysis for a single endpoint

type EndpointRelation ¶

type EndpointRelation struct {
	From        string `json:"from"`
	To          string `json:"to"`
	Relation    string `json:"relation"` // creates, reads, updates, deletes, references
	Description string `json:"description"`
}

EndpointRelation describes a relationship between endpoints

type EndpointRelationship ¶

type EndpointRelationship struct {
	Source      types.Endpoint
	Target      types.Endpoint
	Type        string
	Description string
}

EndpointRelationship describes a relationship between endpoints

type RelationshipMapper ¶

type RelationshipMapper struct{}

RelationshipMapper maps relationships between endpoints

func NewRelationshipMapper ¶

func NewRelationshipMapper() *RelationshipMapper

NewRelationshipMapper creates a new relationship mapper

func (*RelationshipMapper) GetSecurityImplications ¶

func (m *RelationshipMapper) GetSecurityImplications(relationships []EndpointRelationship) []string

GetSecurityImplications returns security implications of relationships

func (*RelationshipMapper) MapRelationships ¶

func (m *RelationshipMapper) MapRelationships(endpoints []types.Endpoint) []EndpointRelationship

MapRelationships identifies relationships between endpoints

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL