Documentation
¶
Overview ¶
Package verify provides finding verification capabilities
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func AdjustConfidence ¶
func AdjustConfidence(finding *types.Finding, result *VerificationResult)
AdjustConfidence adjusts finding confidence based on verification
func FilterVerified ¶
func FilterVerified(results []*VerificationResult) []types.Finding
FilterVerified filters findings to only verified ones
Types ¶
type FuzzExecutor ¶ added in v1.4.0
type FuzzExecutor interface {
Fuzz(ctx context.Context, requests []payloads.FuzzRequest) <-chan *fuzzer.FuzzResult
GetBaseline(ctx context.Context, endpoint types.Endpoint) (*types.HTTPResponse, error)
}
FuzzExecutor abstracts the fuzzing engine for testability.
type LLMVerifier ¶ added in v1.4.0
type LLMVerifier struct {
// contains filtered or unexported fields
}
LLMVerifier uses an LLM to assess fuzzing findings for exploitability
func NewLLMVerifier ¶ added in v1.4.0
func NewLLMVerifier(provider llm.Provider, config types.VerificationSettings, engine FuzzExecutor, analyzer ResponseAnalyzer) *LLMVerifier
NewLLMVerifier creates a new LLM-powered finding verifier. engine and analyzer can be nil to disable follow-up fuzzing.
func (*LLMVerifier) ConfirmFindings ¶ added in v1.4.0
func (v *LLMVerifier) ConfirmFindings(ctx context.Context, findings []types.Finding, maxPasses int) ([]types.Finding, error)
ConfirmFindings runs additional confirmation passes on findings that are not yet definitively confirmed or ruled out. Each pass generates targeted payloads via LLM, fuzzes them, and re-verifies with combined evidence. maxPasses includes the initial verify pass (already done), so the loop runs maxPasses-1 additional passes.
func (*LLMVerifier) VerifyFindings ¶ added in v1.4.0
func (v *LLMVerifier) VerifyFindings(ctx context.Context, findings []types.Finding) (verified []types.Finding, followUp []types.Finding, err error)
VerifyFindings sends findings to the LLM for verification and optionally fuzzes suggested follow-up payloads. Returns verified findings and any new findings discovered during follow-up.
type PayloadVariationGenerator ¶
type PayloadVariationGenerator interface {
GenerateVariations(payload string, attackType string) []string
}
PayloadVariationGenerator generates variations of payloads
type ResponseAnalyzer ¶ added in v1.4.0
type ResponseAnalyzer interface {
AnalyzeResult(result *fuzzer.FuzzResult, baseline *types.HTTPResponse) []types.Finding
}
ResponseAnalyzer abstracts the response analyzer for testability.
type VerificationResult ¶
type VerificationResult struct {
Finding types.Finding
Verified bool
ConfidenceChange float64
SuccessfulPayloads []string
FailedPayloads []string
Notes []string
}
VerificationResult holds the result of verification
type Verifier ¶
type Verifier struct {
// contains filtered or unexported fields
}
Verifier verifies findings with additional testing
func NewVerifier ¶
func NewVerifier(config VerifyConfig) *Verifier
NewVerifier creates a new finding verifier
type VerifyConfig ¶
type VerifyConfig struct {
Timeout time.Duration
MaxVariations int
ConfirmationCount int // Number of successful variations to confirm
RetryCount int
}
VerifyConfig holds verification configuration
func DefaultVerifyConfig ¶
func DefaultVerifyConfig() VerifyConfig
DefaultVerifyConfig returns default verification config
Source Files