Documentation
¶
Overview ¶
File: internal/config/config.go This file defines the core configuration structures for the application, using a combination of struct tags for file-based configuration loading (via Viper) and an interface-based approach for dependency injection and mocking.
The `Config` struct aggregates all configuration sub-modules (e.g., Logger, Database, Browser), while the `Interface` defines a contract for accessing these configurations. This separation allows other parts of the application to depend on the `Interface` rather than the concrete `Config` struct, promoting loose coupling.
The file also includes functions for setting default values (`SetDefaults`), creating a default configuration (`NewDefaultConfig`), loading from a Viper instance (`NewConfigFromViper`), and validating the loaded configuration.
Index ¶
- func SetDefaults(v *viper.Viper)
- type ATOConfig
- type ActiveScannersConfig
- type AgentConfig
- type AuthConfig
- type AutofixConfig
- type BrowserConfig
- type Config
- func (c *Config) Agent() AgentConfig
- func (c *Config) Autofix() AutofixConfig
- func (c *Config) Browser() BrowserConfig
- func (c *Config) Database() DatabaseConfig
- func (c *Config) Discovery() DiscoveryConfig
- func (c *Config) Engine() EngineConfig
- func (c *Config) IAST() IASTConfig
- func (c *Config) JWT() JWTConfig
- func (c *Config) Logger() observability.LoggerConfig
- func (c *Config) Network() NetworkConfig
- func (c *Config) Scan() ScanConfig
- func (c *Config) Scanners() ScannersConfig
- func (c *Config) SetATOConfig(atoCfg ATOConfig)
- func (c *Config) SetBrowserDebug(b bool)
- func (c *Config) SetBrowserDisableCache(b bool)
- func (c *Config) SetBrowserDisableGPU(b bool)
- func (c *Config) SetBrowserHeadless(b bool)
- func (c *Config) SetBrowserHumanoidClickHoldMaxMs(ms int)
- func (c *Config) SetBrowserHumanoidClickHoldMinMs(ms int)
- func (c *Config) SetBrowserHumanoidEnabled(b bool)
- func (c *Config) SetBrowserHumanoidKeyHoldMu(ms float64)
- func (c *Config) SetBrowserIgnoreTLSErrors(b bool)
- func (c *Config) SetDiscoveryIncludeSubdomains(b bool)
- func (c *Config) SetDiscoveryMaxDepth(d int)
- func (c *Config) SetEngineWorkerConcurrency(w int)
- func (c *Config) SetIASTEnabled(b bool)
- func (c *Config) SetJWTBruteForceEnabled(b bool)
- func (c *Config) SetJWTEnabled(b bool)
- func (c *Config) SetNetworkCaptureResponseBodies(b bool)
- func (c *Config) SetNetworkIgnoreTLSErrors(b bool)
- func (c *Config) SetNetworkNavigationTimeout(d time.Duration)
- func (c *Config) SetNetworkPostLoadWait(d time.Duration)
- func (c *Config) SetScanConfig(sc ScanConfig)
- func (c *Config) Validate() error
- type DatabaseConfig
- type DiscoveryConfig
- type EngineConfig
- type EvolutionConfig
- type GitConfig
- type GitHubConfig
- type HeadersConfig
- type HumanoidConfig
- type IASTConfig
- type IDORConfig
- type Interface
- type JWTConfig
- type KnowledgeGraphConfig
- type LLMModelConfig
- type LLMProvider
- type LLMRouterConfig
- type LTMConfig
- type NetworkConfig
- type PassiveScannersConfig
- type PostgresConfig
- type ProxyConfig
- type ScanConfig
- type ScannersConfig
- type SignUpConfig
- type StaticScannersConfig
- type TaintConfig
- type TimeSlipConfig
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func SetDefaults ¶
SetDefaults applies a comprehensive set of default values to a `viper.Viper` instance. This ensures that all configuration parameters have a sensible fallback value, preventing nil pointer errors and establishing a baseline behavior for the application out-of-the-box.
Types ¶
type ATOConfig ¶
type ATOConfig struct {
Enabled bool `mapstructure:"enabled" yaml:"enabled"`
CredentialFile string `mapstructure:"credential_file" yaml:"credential_file"`
SecListsPath string `mapstructure:"seclists_path" yaml:"seclists_path"`
Concurrency int `mapstructure:"concurrency" yaml:"concurrency"`
MinRequestDelayMs int `mapstructure:"min_request_delay_ms" yaml:"min_request_delay_ms"`
RequestDelayJitterMs int `mapstructure:"request_delay_jitter_ms" yaml:"request_delay_jitter_ms"`
SuccessKeywords []string `mapstructure:"success_keywords" yaml:"success_keywords"`
UserFailureKeywords []string `mapstructure:"user_failure_keywords" yaml:"user_failure_keywords"`
PassFailureKeywords []string `mapstructure:"pass_failure_keywords" yaml:"pass_failure_keywords"`
GenericFailureKeywords []string `mapstructure:"generic_failure_keywords" yaml:"generic_failure_keywords"`
LockoutKeywords []string `mapstructure:"lockout_keywords" yaml:"lockout_keywords"`
MFAKeywords []string `mapstructure:"mfa_keywords" yaml:"mfa_keywords"`
}
ATOConfig configures the Account Takeover (ATO) scanner, which performs credential stuffing and password spraying attacks.
type ActiveScannersConfig ¶
type ActiveScannersConfig struct {
Taint TaintConfig `mapstructure:"taint" yaml:"taint"`
TimeSlip TimeSlipConfig `mapstructure:"timeslip" yaml:"timeslip"`
Auth AuthConfig `mapstructure:"auth" yaml:"auth"`
}
ActiveScannersConfig holds settings for scanners that actively send malicious or malformed requests to probe for vulnerabilities.
type AgentConfig ¶
type AgentConfig struct {
LLM LLMRouterConfig `mapstructure:"llm" yaml:"llm"`
Evolution EvolutionConfig `mapstructure:"evolution" yaml:"evolution"`
KnowledgeGraph KnowledgeGraphConfig `mapstructure:"knowledge_graph" yaml:"knowledge_graph"`
LTM LTMConfig `mapstructure:"ltm" yaml:"ltm"`
}
AgentConfig aggregates settings for the AI agent, including its LLM router, knowledge graph, long-term memory, and self-improvement (evolution) features.
func (*AgentConfig) Validate ¶
func (a *AgentConfig) Validate() error
Validate checks the AgentConfig, delegating validation to its sub-modules like Evolution and LTM.
type AuthConfig ¶
type AuthConfig struct {
ATO ATOConfig `mapstructure:"ato" yaml:"ato"`
IDOR IDORConfig `mapstructure:"idor" yaml:"idor"`
SignUp *SignUpConfig `mapstructure:"signup" yaml:"signup"`
}
AuthConfig aggregates configurations for all authentication-related scanners.
type AutofixConfig ¶
type AutofixConfig struct {
Enabled bool `mapstructure:"enabled" yaml:"enabled"`
ProjectRoot string `mapstructure:"project_root" yaml:"project_root"`
DASTLogPath string `mapstructure:"dast_log_path" yaml:"dast_log_path"`
MinConfidenceThreshold float64 `mapstructure:"min_confidence_threshold" yaml:"min_confidence_threshold"`
CooldownSeconds int `mapstructure:"cooldown_seconds" yaml:"cooldown_seconds"`
KeepWorkspaceOnFailure bool `mapstructure:"keep_workspace_on_failure" yaml:"keep_workspace_on_failure"`
Git GitConfig `mapstructure:"git" yaml:"git"`
GitHub GitHubConfig `mapstructure:"github" yaml:"github"`
}
AutofixConfig contains settings for the experimental self-healing and auto-patching features of the agent.
func (*AutofixConfig) Validate ¶
func (a *AutofixConfig) Validate() error
Validate checks the AutofixConfig for correctness, ensuring that if the feature is enabled, all required fields (like GitHub repository details and token) are present.
type BrowserConfig ¶
type BrowserConfig struct {
Headless bool `mapstructure:"headless" yaml:"headless"`
DisableCache bool `mapstructure:"disable_cache" yaml:"disable_cache"`
DisableGPU bool `mapstructure:"disable_gpu" yaml:"disable_gpu"`
IgnoreTLSErrors bool `mapstructure:"ignore_tls_errors" yaml:"ignore_tls_errors"`
Concurrency int `mapstructure:"concurrency" yaml:"concurrency"`
Debug bool `mapstructure:"debug" yaml:"debug"`
Args []string `mapstructure:"args" yaml:"args"`
Viewport map[string]int `mapstructure:"viewport" yaml:"viewport"`
Humanoid HumanoidConfig `mapstructure:"humanoid" yaml:"humanoid"`
}
BrowserConfig contains all settings for controlling headless browser instances, including viewport size, concurrency, and behavioral flags.
type Config ¶
type Config struct {
LoggerCfg observability.LoggerConfig `mapstructure:"logger" yaml:"logger"`
DatabaseCfg DatabaseConfig `mapstructure:"database" yaml:"database"`
EngineCfg EngineConfig `mapstructure:"engine" yaml:"engine"`
BrowserCfg BrowserConfig `mapstructure:"browser" yaml:"browser"`
NetworkCfg NetworkConfig `mapstructure:"network" yaml:"network"`
IASTCfg IASTConfig `mapstructure:"iast" yaml:"iast"`
ScannersCfg ScannersConfig `mapstructure:"scanners" yaml:"scanners"`
AgentCfg AgentConfig `mapstructure:"agent" yaml:"agent"`
DiscoveryCfg DiscoveryConfig `mapstructure:"discovery" yaml:"discovery"`
AutofixCfg AutofixConfig `mapstructure:"autofix" yaml:"autofix"`
// ScanCfg holds settings for a specific scan job, typically populated from
// CLI flags rather than a configuration file, hence the ignored tags.
ScanCfg ScanConfig `mapstructure:"-" yaml:"-"`
// contains filtered or unexported fields
}
Config is the top-level struct that aggregates all configuration modules for the application. It uses `mapstructure` tags to facilitate loading from configuration files (e.g., YAML, JSON) via the Viper library.
func NewConfigFromViper ¶
NewConfigFromViper unmarshals a `viper.Viper` instance into a `Config` struct. It is the primary mechanism for loading configuration from files and environment variables. It also binds specific environment variables for sensitive data (like API keys and database URLs) and performs validation on the resulting configuration.
func NewDefaultConfig ¶
func NewDefaultConfig() *Config
NewDefaultConfig creates a new Config struct and populates it with default values by calling SetDefaults. This ensures that the application has a sensible baseline configuration even if a config file is missing.
func (*Config) Agent ¶
func (c *Config) Agent() AgentConfig
func (*Config) Autofix ¶
func (c *Config) Autofix() AutofixConfig
func (*Config) Browser ¶
func (c *Config) Browser() BrowserConfig
func (*Config) Database ¶
func (c *Config) Database() DatabaseConfig
func (*Config) Discovery ¶
func (c *Config) Discovery() DiscoveryConfig
func (*Config) Engine ¶
func (c *Config) Engine() EngineConfig
func (*Config) IAST ¶
func (c *Config) IAST() IASTConfig
func (*Config) Logger ¶
func (c *Config) Logger() observability.LoggerConfig
func (*Config) Network ¶
func (c *Config) Network() NetworkConfig
func (*Config) Scan ¶
func (c *Config) Scan() ScanConfig
func (*Config) Scanners ¶
func (c *Config) Scanners() ScannersConfig
func (*Config) SetBrowserDebug ¶
func (*Config) SetBrowserDisableCache ¶
func (*Config) SetBrowserDisableGPU ¶
func (*Config) SetBrowserHumanoidClickHoldMaxMs ¶
func (*Config) SetBrowserHumanoidClickHoldMinMs ¶
func (*Config) SetBrowserHumanoidEnabled ¶
Humanoid Setters
func (*Config) SetBrowserHumanoidKeyHoldMu ¶
func (*Config) SetBrowserIgnoreTLSErrors ¶
func (*Config) SetDiscoveryIncludeSubdomains ¶
func (*Config) SetDiscoveryMaxDepth ¶
Discovery Setters
func (*Config) SetEngineWorkerConcurrency ¶
Engine Setters
func (*Config) SetJWTBruteForceEnabled ¶
func (*Config) SetNetworkCaptureResponseBodies ¶
Network Setters
func (*Config) SetNetworkIgnoreTLSErrors ¶
func (*Config) SetNetworkNavigationTimeout ¶
func (*Config) SetNetworkPostLoadWait ¶
func (*Config) SetScanConfig ¶
func (c *Config) SetScanConfig(sc ScanConfig)
type DatabaseConfig ¶
type DatabaseConfig struct {
URL string `mapstructure:"url" yaml:"url"`
}
DatabaseConfig holds the connection string for the application's database.
type DiscoveryConfig ¶
type DiscoveryConfig struct {
MaxDepth int `mapstructure:"max_depth" yaml:"max_depth"`
Concurrency int `mapstructure:"concurrency" yaml:"concurrency"`
Timeout time.Duration `mapstructure:"timeout" yaml:"timeout"`
PassiveEnabled *bool `mapstructure:"passive_enabled" yaml:"passive_enabled"`
IncludeSubdomains bool `mapstructure:"include_subdomains" yaml:"include_subdomains"`
CrtShRateLimit float64 `mapstructure:"crtsh_rate_limit" yaml:"crtsh_rate_limit"`
CacheDir string `mapstructure:"cache_dir" yaml:"cache_dir"`
PassiveConcurrency int `mapstructure:"passive_concurrency" yaml:"passive_concurrency"`
}
DiscoveryConfig contains settings for the initial asset discovery and enumeration phase of a scan.
type EngineConfig ¶
type EngineConfig struct {
QueueSize int `mapstructure:"queue_size" yaml:"queue_size"`
WorkerConcurrency int `mapstructure:"worker_concurrency" yaml:"worker_concurrency"`
DefaultTaskTimeout time.Duration `mapstructure:"default_task_timeout" yaml:"default_task_timeout"`
FindingsBatchSize int `mapstructure:"findings_batch_size" yaml:"findings_batch_size"`
FindingsFlushInterval time.Duration `mapstructure:"findings_flush_interval" yaml:"findings_flush_interval"`
}
EngineConfig provides settings for the core task processing engine, controlling concurrency, queue sizes, and timeouts.
type EvolutionConfig ¶
type EvolutionConfig struct {
Enabled bool `mapstructure:"enabled" yaml:"enabled"`
MaxCycles int `mapstructure:"max_cycles" yaml:"max_cycles"`
SettleTime time.Duration `mapstructure:"settle_time" yaml:"settle_time"`
}
EvolutionConfig contains settings for the agent's self-improvement and code evolution capabilities.
func (*EvolutionConfig) Validate ¶
func (e *EvolutionConfig) Validate() error
Validate checks the EvolutionConfig, ensuring that if the feature is enabled, its parameters (like `MaxCycles`) are valid.
type GitConfig ¶
type GitConfig struct {
AuthorName string `mapstructure:"author_name" yaml:"author_name"`
AuthorEmail string `mapstructure:"author_email" yaml:"author_email"`
}
GitConfig defines the author identity for commits made by the autofix agent.
type GitHubConfig ¶
type GitHubConfig struct {
Token string `mapstructure:"token" yaml:"-"` // Loaded from env, not config file.
RepoOwner string `mapstructure:"repo_owner" yaml:"repo_owner"`
RepoName string `mapstructure:"repo_name" yaml:"repo_name"`
BaseBranch string `mapstructure:"base_branch" yaml:"base_branch"`
}
GitHubConfig holds the necessary information for the autofix agent to create pull requests on GitHub.
type HeadersConfig ¶
type HeadersConfig struct {
Enabled bool `mapstructure:"enabled" yaml:"enabled"`
}
HeadersConfig enables or disables the passive HTTP header scanner.
type HumanoidConfig ¶
type HumanoidConfig struct {
// -- Main Switch --
Enabled bool `mapstructure:"enabled" yaml:"enabled"`
Providers []string `mapstructure:"providers" yaml:"providers"`
// -- General Physics & Limits --
MaxVelocity float64 `mapstructure:"max_velocity" yaml:"max_velocity"`
TimeStep time.Duration `mapstructure:"time_step" yaml:"time_step"`
MaxSimTime time.Duration `mapstructure:"max_sim_time" yaml:"max_sim_time"`
// -- Movement Physics (Spring-Damped Model) --
// Omega: Angular frequency (stiffness of the "spring"). Higher is faster.
Omega float64 `mapstructure:"omega" yaml:"omega"`
// Zeta: Damping ratio. Zeta=1 is critically damped, >1 is overdamped (slow),
// <1 is underdamped (overshoots). 0.85 is a good "human-like" value.
Zeta float64 `mapstructure:"zeta" yaml:"zeta"`
// -- Fitts's Law (Terminal Pause Estimation) --
// Models the time taken to hit a target. Used to estimate pause times.
// t = a + b * log2(D/W + 1)
FittsA float64 `mapstructure:"fitts_a" yaml:"fitts_a"`
FittsB float64 `mapstructure:"fitts_b" yaml:"fitts_b"`
FittsWTerminal float64 `mapstructure:"fitts_w_terminal" yaml:"fitts_w_terminal"`
FittsJitterPercent float64 `mapstructure:"fitts_jitter_percent" yaml:"fitts_jitter_percent"`
// -- Ex-Gaussian Timing Model (Cognitive & Action Delays) --
// Models human reaction times. Sum of a Normal(mu, sigma) and Exponential(tau).
// Used for delays *before* an action (e.g., time to "find" the button).
ExGaussianMu float64 `mapstructure:"ex_gaussian_mu" yaml:"ex_gaussian_mu"`
ExGaussianSigma float64 `mapstructure:"ex_gaussian_sigma" yaml:"ex_gaussian_sigma"`
ExGaussianTau float64 `mapstructure:"ex_gaussian_tau" yaml:"ex_gaussian_tau"`
// Separate model for the "task switch" cost (e.g., moving from typing to mousing).
TaskSwitchMu float64 `mapstructure:"task_switch_mu" yaml:"task_switch_mu"`
TaskSwitchSigma float64 `mapstructure:"task_switch_sigma" yaml:"task_switch_sigma"`
TaskSwitchTau float64 `mapstructure:"task_switch_tau" yaml:"task_switch_tau"`
// -- Noise and Perturbations --
// Pink Noise: Simulates 1/f noise (tremor) in human motor control.
PinkNoiseAmplitude float64 `mapstructure:"pink_noise_amplitude" yaml:"pink_noise_amplitude"`
// Gaussian Strength: General random noise added to the physics model.
GaussianStrength float64 `mapstructure:"gaussian_strength" yaml:"gaussian_strength"`
// ClickNoise: Random pixel offset when clicking.
ClickNoise float64 `mapstructure:"click_noise" yaml:"click_noise"`
// HesitationDriftFactor: How much the cursor "drifts" during a cognitive pause.
HesitationDriftFactor float64 `mapstructure:"hesitation_drift_factor" yaml:"hesitation_drift_factor"`
// SDNFactor: State-Dependent Noise factor (noise increases with velocity).
SDNFactor float64 `mapstructure:"sdn_factor" yaml:"sdn_factor"`
// -- Anti-Periodicity (Breaking Rhythmic Patterns) --
AntiPeriodicityMinPause time.Duration `mapstructure:"anti_periodicity_min_pause" yaml:"anti_periodicity_min_pause"`
AntiPeriodicityTimeJitter time.Duration `mapstructure:"anti_periodicity_time_jitter" yaml:"anti_periodicity_time_jitter"`
AntiPeriodicityFrameDropProb float64 `mapstructure:"anti_periodicity_frame_drop_prob" yaml:"anti_periodicity_frame_drop_prob"`
// -- Trajectory Behavior & Micro-corrections --
// If the cursor is > this distance from the "ideal" path, a correction may occur.
MicroCorrectionThreshold float64 `mapstructure:"micro_correction_threshold" yaml:"micro_correction_threshold"`
// How far "into" the target to aim (0.8 = 80% of the way to the center).
TargetInnerAimPercent float64 `mapstructure:"target_inner_aim_percent" yaml:"target_inner_aim_percent"`
// Biases the aim point based on velocity (aims "ahead" of the target).
TargetVelocityBiasMax float64 `mapstructure:"target_velocity_bias_max" yaml:"target_velocity_bias_max"`
TargetVelocityBiasThresh float64 `mapstructure:"target_velocity_bias_thresh" yaml:"target_velocity_bias_thresh"`
// Don't bother simulating a move if it's less than this many pixels.
MinMoveDistance float64 `mapstructure:"min_move_distance" yaml:"min_move_distance"`
// How close to the target to be considered "arrived".
TerminalDistThreshold float64 `mapstructure:"terminal_dist_threshold" yaml:"terminal_dist_threshold"`
TerminalVelocityThreshold float64 `mapstructure:"terminal_velocity_threshold" yaml:"terminal_velocity_threshold"`
// Threshold to trigger an "anticipatory" move (e.g., moving the mouse
// *towards* an element before the "cognitive delay" has finished).
AnticipatoryMovementThreshold float64 `mapstructure:"anticipatory_movement_threshold" yaml:"anticipatory_movement_threshold"`
AnticipatoryMovementDistance float64 `mapstructure:"anticipatory_movement_distance" yaml:"anticipatory_movement_distance"`
AnticipatoryMovementDuration time.Duration `mapstructure:"anticipatory_movement_duration" yaml:"anticipatory_movement_duration"`
AnticipatoryMovementOmegaFactor float64 `mapstructure:"anticipatory_movement_omega_factor" yaml:"anticipatory_movement_omega_factor"`
AnticipatoryMovementZetaFactor float64 `mapstructure:"anticipatory_movement_zeta_factor" yaml:"anticipatory_movement_zeta_factor"`
// -- Fatigue & Habituation Modeling --
// Simulates long-term session behavior.
FatigueIncreaseRate float64 `mapstructure:"fatigue_increase_rate" yaml:"fatigue_increase_rate"`
FatigueRecoveryRate float64 `mapstructure:"fatigue_recovery_rate" yaml:"fatigue_recovery_rate"`
HabituationRate float64 `mapstructure:"habituation_rate" yaml:"habituation_rate"`
// -- Clicking Behavior --
ClickHoldMinMs int `mapstructure:"click_hold_min_ms" yaml:"click_hold_min_ms"`
ClickHoldMaxMs int `mapstructure:"click_hold_max_ms" yaml:"click_hold_max_ms"`
// -- Inter-Key Delay (IKD) Modeling --
// KeyHold: How long a single key is pressed down (Ex-Gaussian).
KeyHoldMu float64 `mapstructure:"key_hold_mu" yaml:"key_hold_mu"`
KeyHoldSigma float64 `mapstructure:"key_hold_sigma" yaml:"key_hold_sigma"`
KeyHoldTau float64 `mapstructure:"key_hold_tau" yaml:"key_hold_tau"`
// IKD: Time *between* key presses (Ex-Gaussian).
IKDMu float64 `mapstructure:"ikd_mu" yaml:"ikd_mu"`
IKDSigma float64 `mapstructure:"ikd_sigma" yaml:"ikd_sigma"`
IKDTau float64 `mapstructure:"ikd_tau" yaml:"ikd_tau"`
// Modifiers for IKD based on typing patterns.
KeyPauseMin float64 `mapstructure:"key_pause_min" yaml:"key_pause_min"`
KeyPauseNgramFactor2 float64 `mapstructure:"key_pause_ngram_factor_2" yaml:"key_pause_ngram_factor_2"`
KeyPauseNgramFactor3 float64 `mapstructure:"key_pause_ngram_factor_3" yaml:"key_pause_ngram_factor_3"`
IKDHandAlternationBonus float64 `mapstructure:"ikd_hand_alternation_bonus" yaml:"ikd_hand_alternation_bonus"`
IKDSameFingerPenalty float64 `mapstructure:"ikd_same_finger_penalty" yaml:"ikd_same_finger_penalty"`
IKDDistanceFactor float64 `mapstructure:"ikd_distance_factor" yaml:"ikd_distance_factor"`
KeyPauseFatigueFactor float64 `mapstructure:"key_pause_fatigue_factor" yaml:"key_pause_fatigue_factor"`
KeyBurstPauseProbability float64 `mapstructure:"key_burst_pause_probability" yaml:"key_burst_pause_probability"`
// -- Typo Simulation --
TypoRate float64 `mapstructure:"typo_rate" yaml:"typo_rate"`
TypoHomoglyphRate float64 `mapstructure:"typo_homoglyph_rate" yaml:"typo_homoglyph_rate"`
TypoNeighborRate float64 `mapstructure:"typo_neighbor_rate" yaml:"typo_neighbor_rate"`
TypoTransposeRate float64 `mapstructure:"typo_transpose_rate" yaml:"typo_transpose_rate"`
TypoOmissionRate float64 `mapstructure:"typo_omission_rate" yaml:"typo_omission_rate"`
TypoCorrectionProbability float64 `mapstructure:"typo_correction_probability" yaml:"typo_correction_probability"`
TypoShiftCorrectionProbability float64 `mapstructure:"typo_shift_correction_probability" yaml:"typo_shift_correction_probability"`
TypoOmissionNoticeProbability float64 `mapstructure:"typo_omission_notice_probability" yaml:"typo_omission_notice_probability"`
TypoInsertionNoticeProbability float64 `mapstructure:"typo_insertion_notice_probability" yaml:"typo_insertion_notice_probability"`
TypoCorrectionPauseMeanScale float64 `mapstructure:"typo_correction_pause_mean_scale" yaml:"typo_correction_pause_mean_scale"`
TypoCorrectionPauseStdDevScale float64 `mapstructure:"typo_correction_pause_std_dev_scale" yaml:"typo_correction_pause_std_dev_scale"`
// -- Scrolling Behavior --
ScrollReadDensityFactor float64 `mapstructure:"scroll_read_density_factor" yaml:"scroll_read_density_factor"`
ScrollOvershootProbability float64 `mapstructure:"scroll_overshoot_probability" yaml:"scroll_overshoot_probability"`
ScrollRegressionProbability float64 `mapstructure:"scroll_regression_probability" yaml:"scroll_regression_probability"`
ScrollMouseWheelProbability float64 `mapstructure:"scroll_mouse_wheel_probability" yaml:"scroll_mouse_wheel_probability"`
ScrollDetentWheelProbability float64 `mapstructure:"scroll_detent_wheel_probability" yaml:"scroll_detent_wheel_probability"`
// -- Session Persona Randomization --
// Applies a jitter to key parameters at the start of each session
// to create a unique "persona".
PersonaJitterMovement float64 `mapstructure:"persona_jitter_movement" yaml:"persona_jitter_movement"`
PersonaJitterDamping float64 `mapstructure:"persona_jitter_damping" yaml:"persona_jitter_damping"`
PersonaJitterSkill float64 `mapstructure:"persona_jitter_skill" yaml:"persona_jitter_skill"`
}
HumanoidConfig contains all settings for the humanoid simulation model, which aims to produce realistic, non-deterministic mouse movements, typing, and scrolling behavior to evade bot detection.
type IASTConfig ¶
type IASTConfig struct {
Enabled bool `mapstructure:"enabled" yaml:"enabled"`
ShimPath string `mapstructure:"shim_path" yaml:"shim_path"`
ConfigPath string `mapstructure:"config_path" yaml:"config_path"`
}
IASTConfig holds settings for the Interactive Application Security Testing (IAST) module, which injects a JavaScript shim to perform taint tracking.
type IDORConfig ¶
type IDORConfig struct {
Enabled bool `mapstructure:"enabled" yaml:"enabled"`
IgnoreList []string `mapstructure:"ignore_list" yaml:"ignore_list"`
TestStrategies map[string][]string `mapstructure:"test_strategies" yaml:"test_strategies"`
}
IDORConfig defines settings for the Insecure Direct Object Reference (IDOR) scanner.
type Interface ¶
type Interface interface {
Logger() observability.LoggerConfig
Database() DatabaseConfig
Engine() EngineConfig
Browser() BrowserConfig
Network() NetworkConfig
IAST() IASTConfig
Scanners() ScannersConfig
JWT() JWTConfig // Specific getter for JWT config
Agent() AgentConfig
Discovery() DiscoveryConfig
Autofix() AutofixConfig
Scan() ScanConfig
SetScanConfig(sc ScanConfig)
// Discovery Setters
SetDiscoveryMaxDepth(int)
SetDiscoveryIncludeSubdomains(bool)
// Engine Setters
SetEngineWorkerConcurrency(int)
// Browser Setters
SetBrowserHeadless(bool)
SetBrowserDisableCache(bool)
SetBrowserDisableGPU(bool)
SetBrowserIgnoreTLSErrors(bool)
SetBrowserDebug(bool)
// Humanoid Setters
SetBrowserHumanoidEnabled(bool)
SetBrowserHumanoidClickHoldMinMs(ms int)
SetBrowserHumanoidClickHoldMaxMs(ms int)
SetBrowserHumanoidKeyHoldMu(ms float64)
// Network Setters
SetNetworkCaptureResponseBodies(bool)
SetNetworkPostLoadWait(d time.Duration)
SetNetworkIgnoreTLSErrors(bool)
// IAST Setters
SetIASTEnabled(bool)
// JWT Setters
SetJWTEnabled(bool)
SetJWTBruteForceEnabled(bool)
// ATO Setter
SetATOConfig(atoCfg ATOConfig)
}
Interface defines a contract for accessing application configuration settings. It uses a getter/setter pattern to provide a stable, decoupled interface that hides the underlying implementation of the configuration struct. This allows different parts of the application to depend on this interface, making them easier to test and more resilient to changes in the configuration structure.
type JWTConfig ¶
type JWTConfig struct {
Enabled bool `mapstructure:"enabled" yaml:"enabled"`
KnownSecrets []string `mapstructure:"known_secrets" yaml:"known_secrets"`
BruteForceEnabled bool `mapstructure:"brute_force_enabled" yaml:"brute_force_enabled"`
DictionaryFile string `mapstructure:"dictionary_file" yaml:"dictionary_file"`
}
JWTConfig defines settings for the JSON Web Token (JWT) static scanner, including known secrets and options for brute-force attacks.
type KnowledgeGraphConfig ¶
type KnowledgeGraphConfig struct {
Type string `mapstructure:"type" yaml:"type"`
Postgres PostgresConfig `mapstructure:"postgres" yaml:"postgres"`
}
KnowledgeGraphConfig specifies the backend database for the agent's knowledge graph.
type LLMModelConfig ¶
type LLMModelConfig struct {
Provider LLMProvider `mapstructure:"provider" yaml:"provider"`
Model string `mapstructure:"model" yaml:"model"`
// APIKey can be set in YAML or injected via environment variables (preferred).
APIKey string `mapstructure:"api_key" yaml:"api_key"`
// Endpoint specifies the API endpoint. Format depends on the provider and SDK (e.g., "hostname:port" for Gemini SDK).
Endpoint string `mapstructure:"endpoint" yaml:"endpoint"`
APITimeout time.Duration `mapstructure:"api_timeout" yaml:"api_timeout"`
Temperature float64 `mapstructure:"temperature" yaml:"temperature"`
TopP float64 `mapstructure:"top_p" yaml:"top_p"`
TopK int `mapstructure:"top_k" yaml:"top_k"`
MaxTokens int `mapstructure:"max_tokens" yaml:"max_tokens"`
SafetyFilters map[string]string `mapstructure:"safety_filters" yaml:"safety_filters"`
}
LLMModelConfig specifies the connection and generation parameters for a single Large Language Model.
type LLMProvider ¶
type LLMProvider string
LLMProvider is an enumeration of the supported Large Language Model providers.
const ( ProviderGemini LLMProvider = "gemini" ProviderOpenAI LLMProvider = "openai" ProviderAnthropic LLMProvider = "anthropic" ProviderOllama LLMProvider = "ollama" )
Supported LLM providers.
type LLMRouterConfig ¶
type LLMRouterConfig struct {
DefaultFastModel string `mapstructure:"default_fast_model" yaml:"default_fast_model"`
DefaultPowerfulModel string `mapstructure:"default_powerful_model" yaml:"default_powerful_model"`
Models map[string]LLMModelConfig `mapstructure:"models" yaml:"models"`
}
LLMRouterConfig defines the settings for routing requests to different LLMs based on whether a "fast" or "powerful" model is required.
func (*LLMRouterConfig) Validate ¶
func (l *LLMRouterConfig) Validate() error
Validate checks the LLMRouterConfig to ensure the specified default models actually exist in the models map.
type LTMConfig ¶
type LTMConfig struct {
CacheTTLSeconds int `mapstructure:"cache_ttl_seconds" yaml:"cache_ttl_seconds"`
CacheJanitorIntervalSeconds int `mapstructure:"cache_janitor_interval_seconds" yaml:"cache_janitor_interval_seconds"`
}
LTMConfig holds settings for the agent's Long-Term Memory (LTM) module, which is used for caching and knowledge retention.
type NetworkConfig ¶
type NetworkConfig struct {
Timeout time.Duration `mapstructure:"timeout" yaml:"timeout"`
CaptureResponseBodies bool `mapstructure:"capture_response_bodies" yaml:"capture_response_bodies"`
Headers map[string]string `mapstructure:"headers" yaml:"headers"`
PostLoadWait time.Duration `mapstructure:"post_load_wait" yaml:"post_load_wait"`
Proxy ProxyConfig `mapstructure:"proxy" yaml:"proxy"`
IgnoreTLSErrors bool `mapstructure:"ignore_tls_errors" yaml:"ignore_tls_errors"`
}
NetworkConfig tunes the global network behavior for HTTP clients, such as timeouts, default headers, and proxy settings.
type PassiveScannersConfig ¶
type PassiveScannersConfig struct {
Headers HeadersConfig `mapstructure:"headers" yaml:"headers"`
}
PassiveScannersConfig holds settings for scanners that only analyze traffic without sending new requests.
type PostgresConfig ¶
type PostgresConfig struct {
Host string `mapstructure:"host" yaml:"host"`
Port int `mapstructure:"port" yaml:"port"`
User string `mapstructure:"user" yaml:"user"`
Password string `mapstructure:"password" yaml:"password"`
DBName string `mapstructure:"dbname" yaml:"dbname"`
SSLMode string `mapstructure:"sslmode" yaml:"sslmode"`
}
PostgresConfig holds the connection details for a PostgreSQL database.
type ProxyConfig ¶
type ProxyConfig struct {
Enabled bool `mapstructure:"enabled" yaml:"enabled"`
Address string `mapstructure:"address" yaml:"address"`
CACert string `mapstructure:"ca_cert" yaml:"ca_cert"`
CAKey string `mapstructure:"ca_key" yaml:"ca_key"`
}
ProxyConfig defines the settings for an outbound proxy to be used by the application's network clients.
type ScanConfig ¶
type ScanConfig struct {
Targets []string
Output string
Format string
Concurrency int
Depth int
Scope string
}
ScanConfig holds settings for a specific scan job, typically populated from command-line flags.
type ScannersConfig ¶
type ScannersConfig struct {
Passive PassiveScannersConfig `mapstructure:"passive" yaml:"passive"`
Static StaticScannersConfig `mapstructure:"static" yaml:"static"`
Active ActiveScannersConfig `mapstructure:"active" yaml:"active"`
}
ScannersConfig is a container that aggregates the configurations for all passive, static, and active security scanners.
type SignUpConfig ¶
type SignUpConfig struct {
Enabled bool `mapstructure:"enabled" yaml:"enabled"`
EmailDomain string `mapstructure:"email_domain" yaml:"email_domain"`
}
SignUpConfig defines settings for the autonomous sign-up feature.
type StaticScannersConfig ¶
type StaticScannersConfig struct {
JWT JWTConfig `mapstructure:"jwt" yaml:"jwt"`
}
StaticScannersConfig holds settings for scanners that perform static analysis on response content.
type TaintConfig ¶
type TaintConfig struct {
Enabled bool `mapstructure:"enabled" yaml:"enabled"`
Depth int `mapstructure:"depth" yaml:"depth"`
Concurrency int `mapstructure:"concurrency" yaml:"concurrency"`
}
TaintConfig configures the active taint analysis scanner.
type TimeSlipConfig ¶
type TimeSlipConfig struct {
Enabled bool `mapstructure:"enabled" yaml:"enabled"`
RequestCount int `mapstructure:"request_count" yaml:"request_count"`
MaxConcurrency int `mapstructure:"max_concurrency" yaml:"max_concurrency"`
ThresholdMs int `mapstructure:"threshold_ms" yaml:"threshold_ms"`
}
TimeSlipConfig configures the time-based vulnerability scanner, which looks for timing side-channel vulnerabilities.
Source Files
Click to show internal directories.
Click to hide internal directories.