project

package
v0.0.0-...-2dd83b6 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 20, 2025 License: MIT Imports: 43 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	RecordActionAdd    = 1
	RecordActionDelete = 2
)
View Source 
const FilterResourcesSQL = "" /* 390-byte string literal not displayed */

Ensure that the code-based check is also updated in this scenario

View Source 
const RequestFilterSQL = "" /* 249-byte string literal not displayed */
View Source 
const RequestNegativeFilterSQL = "" /* 258-byte string literal not displayed */

Variables

View Source 
var MaxResponsePacketSize = 1024 * 1024 * 2

2 MB is the maximum size of a single "packet" for a request

Functions

func CancelScript 

func CancelScript(guid string)

func CancelScriptAPI 

func CancelScriptAPI(w http.ResponseWriter, r *http.Request)

CancelScript godoc @Summary Cancel the running script @Description cancels the provided script @Tags Scripting @Produce json @Security ApiKeyAuth @Param guid path string true "Script to cancel" @Success 200 {string} string Message @Failure 500 {string} string Error @Router /scripts/{guid}/cancel [patch]

func CloseProject 

func CloseProject()

func CompareRequests 

func CompareRequests(w http.ResponseWriter, r *http.Request, db *gorm.DB)

CompareRequests godoc @Summary Compare Two Requests @Description compares two requests and returns the differences @Tags Requests @Produce text/text @Security ApiKeyAuth @Param base_guid path string true "Base Request guid" @Param compare_guid path string true "Request to Compare guid" @Success 200 {array} RequestDifference @Failure 500 {string} string Error @Router /requests/{base_guid}/compare/{compare_guid} [get]

func CompareRequestsByBlock 

func CompareRequestsByBlock(w http.ResponseWriter, r *http.Request, db *gorm.DB)

CompareRequestsByBlock godoc @Summary Compare Two Requests Split By Headers and Bodies @Description compares two requests and returns the differences, with each header and body being compared differently @Tags Requests @Produce text/text @Security ApiKeyAuth @Param base_guid path string true "Base Request guid" @Param compare_guid path string true "Request to Compare guid" @Success 200 {array} RequestDifferenceBlock @Failure 500 {string} string Error @Router /requests/{base_guid}/compare_by_block/{compare_guid} [get]

func CorrectLengthHeaders 

func CorrectLengthHeaders(request []byte) []byte

func Debug 

func Debug(w http.ResponseWriter, r *http.Request)

func DeleteHook 

func DeleteHook(w http.ResponseWriter, r *http.Request)

DeleteHook godoc @Summary Delete hook @Description delete a hook @Tags Requests @Produce json @Security ApiKeyAuth @Param guid path string true "Hook guid" @Success 200 {string} string Message @Failure 500 {string} string Error @Router /hooks/{guid} [delete]

func DeleteHookError 

func DeleteHookError(w http.ResponseWriter, r *http.Request)

DeleteHookError godoc @Summary Delete hook error @Description delete a hook error @Tags Requests @Produce json @Security ApiKeyAuth @Param guid path string true "Hook error guid" @Success 200 {string} string Message @Failure 500 {string} string Error @Router /hooks/errors/{guid} [delete]

func DeleteScopeEntry 

func DeleteScopeEntry(w http.ResponseWriter, r *http.Request)

DeleteScopeEntry godoc @Summary Delete scope entry @Description delete a scope entry @Tags Requests @Produce json @Security ApiKeyAuth @Param path query string true "GUID to delete" @Success 200 {string} string Message @Failure 500 {string} string Error @Router /scope/entry/{guid} [delete]

func EnableHook 

func EnableHook(w http.ResponseWriter, r *http.Request)

EnableHook godoc @Summary Enable hook @Description enable or disable a given hook @Tags Requests @Produce json @Security ApiKeyAuth @Param guid path string true "Hook guid" @Param enabled query bool true "Whether the hook should be enabled or disabled" @Success 200 {string} string Message @Failure 500 {string} string Error @Router /hooks/{guid}/enable [put]

func EscapeForPython 

func EscapeForPython(input string) string

func ExportScriptGroup 

func ExportScriptGroup(w http.ResponseWriter, r *http.Request, db *gorm.DB)

ExportScriptResults godoc @Summary HTML Export of a script result @Description export a script result @Tags Scripting @Produce json @Security ApiKeyAuth @Param guid path string true "script guid" @Success 200 {string} string HTML Output @Failure 500 {string} string Error @Router /script_groups/{guid}/export [get]

func ExportScriptResults 

func ExportScriptResults(w http.ResponseWriter, r *http.Request, db *gorm.DB)

ExportScriptResults godoc @Summary HTML Export of a script result @Description export a script result @Tags Scripting @Produce json @Security ApiKeyAuth @Param guid path string true "script guid" @Success 200 {string} string HTML Output @Failure 500 {string} string Error @Router /scripts/{guid}/export [get]

func GetHookErrors 

func GetHookErrors(w http.ResponseWriter, r *http.Request)

GetHookErrors godoc @Summary Get All Hooks @Description gets a list of all hooks @Tags Requests @Produce json @Security ApiKeyAuth @Param type query string false "hook type" @Success 200 {array} project.Hook @Failure 500 {string} string Error @Router /hooks/errors [get]

func GetInjectOperation 

func GetInjectOperation(w http.ResponseWriter, r *http.Request)

GetInjectOperation godoc @Summary Get Inject Operation @Description gets a single inject operation @Tags Injection Operations @Produce json @Security ApiKeyAuth @Param guid path string true "The GUID of the request to fetch" @Success 200 {object} project.InjectOperation @Failure 500 {string} string Error @Router /inject_operations/{path} [get]

func GetInjectOperations 

func GetInjectOperations(w http.ResponseWriter, r *http.Request, db *gorm.DB)

GetInjectOperations godoc @Summary Get All Inject Operations @Description gets a list of all injection operations @Tags Injection Operations @Produce json @Security ApiKeyAuth @Success 200 {array} project.InjectOperation @Failure 500 {string} string Error @Router /inject_operations [get]

func GetLastResponseOfURL 

func GetLastResponseOfURL(url string) ([]byte, error)

func GetRequest 

func GetRequest(w http.ResponseWriter, r *http.Request, db *gorm.DB)

GetRequest godoc @Summary Get A Request @Description gets a specific request @Tags Requests @Produce json @Security ApiKeyAuth @Param guid path string true "The GUID of the request to fetch" @Success 200 {object} project.RequestSummary @Failure 500 {string} string Error @Router /requests/{guid} [get]

func GetRequestPartialData 

func GetRequestPartialData(w http.ResponseWriter, r *http.Request, db *gorm.DB)

GetRequestPartialData godoc @Summary Get Request/Response Data @Description gets part of the request/response. will attempt to return at least 5MB of data to cache @Tags Requests @Produce text/text @Security ApiKeyAuth @Param guid path string true "Request guid" @Param from query int true "Offset to request from" @Success 200 {object} project.PartialRequestResponseData @Failure 500 {string} string Error @Router /requests/{guid}/partial_data [get]

func GetRequestResponseContents 

func GetRequestResponseContents(w http.ResponseWriter, r *http.Request)

GetRequestResponseContents godoc @Summary Get Request and Response @Description gets the full request and response of a given request @Tags Requests @Produce text/text @Security ApiKeyAuth @Param guid path string true "Request GUID" @Param highlight query bool true "Syntax Highlight Req/Resp" @Param max_highlight_length query int false "Maximum length of data to highlight (in bytes, default is 50KB)" @Success 200 {object} project.RequestResponseContents @Failure 500 {string} string Error @Router /requests/{guid}/contents [get]

func GetRequests 

func GetRequests(w http.ResponseWriter, r *http.Request)

GetRequests godoc @Summary Get All Requests @Description gets a list of all requests @Tags Requests @Produce json @Param scanid query string false "Scan ID, can be multiple separated by semi-colons" @Param filter query string false "Only show requests which contain the filter string in the url, request, or response" @Param negative_filter query bool false "Reverse the filter to show requests which do not contain the given text in the url, request, or response" @Param url_filter query string false "Only show requests which contain the given string in the URL" @Param in_scope query string false "Only show requests which are in scope" @Param verb query string false "Filter by specific verbs" @Param sort_col query string false "Column to sort by (default time)" @Param sort_dir query string false "Column direction to sort by (default asc)" @Param last query int false "Limit to the last n requests (sorted by time)" @Param limit query int false "Maximum number of rows to return" @Param limit_last query bool false "When limiting the number of rows to return, return the last n rows instead of the first n (does not apply when using in_scope)" @Param offset query int false "Offset X rows from the start (if limit_last is not set)" @Security ApiKeyAuth @Success 200 {array} project.Request @Failure 500 {string} string Error @Router /requests [get]

func GetScanStatusStats 

func GetScanStatusStats(w http.ResponseWriter, r *http.Request)

GetScanStatusStats godoc @Summary Get A Summary of Response Codes @Description gets a list of response code types and counts @Tags Requests @Produce json @Param scanid path string true "Scan ID" @Security ApiKeyAuth @Success 200 {object} project.RequestStatusStatistics @Failure 500 {string} string Error @Router /scans/{scanid}/status_statistics [get]

func GetScanUniqueResponses 

func GetScanUniqueResponses(w http.ResponseWriter, r *http.Request)

GetScanUniqueResponses godoc @Summary Get Unique Responses for a scan @Description gets a list of the unique responses, grouped by URL @Tags Requests @Produce json @Param scanid path string true "Scan ID" @Security ApiKeyAuth @Success 200 {array} project.SuccessfulResponsesByHash @Failure 500 {string} string Error @Router /scans/{scanid}/unique_responses [get]

func GetScopeEntries 

func GetScopeEntries(w http.ResponseWriter, r *http.Request)

GetScopeEntries godoc @Summary Get All Scope Entries @Description gets a list of all scope entries @Tags Requests @Produce json @Security ApiKeyAuth @Success 200 {array} project.ScopeEntry @Failure 500 {string} string Error @Router /scope/entries [get]

func GetScript 

func GetScript(w http.ResponseWriter, r *http.Request, db *gorm.DB)

GetScript godoc @Summary Get A Script @Description gets a single script @Tags Scripting @Produce json @Security ApiKeyAuth @Param guid path string true "The GUID of the script to fetch" @Success 200 {string} string ScriptRun Data @Failure 500 {string} string Error @Router /scripts/{guid} [get]

func GetScriptGroup 

func GetScriptGroup(w http.ResponseWriter, r *http.Request, db *gorm.DB)

GetScriptGroup godoc @Summary Get Script Group @Description gets a specific script group @Tags Scripting @Produce json @Security ApiKeyAuth @Param guid path string true "Script group guid" @Success 200 {object} project.ScriptGroup @Failure 500 {string} string Error @Router /script_groups/{guid} [get]

func GetScripts 

func GetScripts(w http.ResponseWriter, r *http.Request, db *gorm.DB)

GetScripts godoc @Summary Get All Scripts @Description gets a list of all scripts @Tags Scripting @Produce json @Security ApiKeyAuth @Param script_group query string false "Optional Script Group to filter by" @Success 200 {array} project.ScriptRun @Failure 500 {string} string Error @Router /scripts [get]

func GetSetting 

func GetSetting(name string) string

func GetSitemap 

func GetSitemap(w http.ResponseWriter, r *http.Request)

GetSitemap godoc @Summary Gets the sitemap @Description gets a list of all paths observed by the proxy @Tags Requests @Produce json @Security ApiKeyAuth @Param parent query string true "An optional filter on the query to restrict to specific paths" @Param scan_id query string true "An optional filter on the query to restrict to the paths to those seen for a particular scan" @Success 200 {array} project.SiteMapItem @Failure 500 {string} string Error @Router /requests/sitemap [get]

func HandleHooks 

func HandleHooks(w http.ResponseWriter, r *http.Request)

func HandleScriptGroups 

func HandleScriptGroups(w http.ResponseWriter, r *http.Request, db *gorm.DB)

func HighlightRequest 

func HighlightRequest(w http.ResponseWriter, r *http.Request)

HighlightRequest godoc @Summary Highlight A Request @Description applies syntax highlighting to the given request @Tags Requests @Produce html @Security ApiKeyAuth @Param body body string true "The request to highlight (base64 encoded)" @Success 200 {string} string message @Failure 500 {string} string Error @Router /requests/highlight [post]

func ImportScope 

func ImportScope(w http.ResponseWriter, r *http.Request)

ImportScope godoc @Summary Import a scope file @Description imports a scope export from a bug bounty program @Tags Requests @Produce json @Security ApiKeyAuth @Param body body project.ScopeTargetJSON true "Scope target JSON, as exported from a bug bounty program" @Success 200 {string} string Message @Failure 500 {string} string Error @Router /scope/import [post]

func Notifications 

func Notifications(hub *IOHub, apiToken string, w http.ResponseWriter, r *http.Request)

Notifications godoc @Summary Stream updates @Description websocket endpoint to stream data as it is inserted/modified @Tags Misc @Produce json @Security ApiKeyAuth @Param objectfieldfilter query string false "JSON object (key:value) where the returned objects will be filtered by the values" @Param filter query string false "additional filter to apply to the objects (behaviour is object dependent)" @Success 200 {string} string Message @Failure 500 {string} string Error @Router /notifications [get]

func OrderHooks 

func OrderHooks(w http.ResponseWriter, r *http.Request)

OrderHook godoc @Summary Order Hooks @Description sets the order for the hooks @Tags Requests @Produce json @Security ApiKeyAuth @Param body body string true "Colon separated list of GUIDs" @Success 200 {string} string Message @Failure 500 {string} string Error @Router /hooks/order [post]

func OrderScopeEntries 

func OrderScopeEntries(w http.ResponseWriter, r *http.Request)

OrderScopeEntries godoc @Summary Order Scope Entries @Description sets the order for the scope entries @Tags Requests @Produce json @Security ApiKeyAuth @Param body body string true "Colon separated list of GUIDs" @Success 200 {string} string Message @Failure 500 {string} string Error @Router /scope/order [post]

func PatchArchiveScript 

func PatchArchiveScript(w http.ResponseWriter, r *http.Request, db *gorm.DB)

PatchArchiveScript godoc @Summary Archive Script @Description updates the the archived status of a script @Tags Scripting @Produce json @Security ApiKeyAuth @Param guid path string true "script guid" @Param archive formData bool true "archive status to set" @Success 200 {string} string Message @Failure 500 {string} string Error @Router /scripts/{guid}/archive [patch]

func PatchInjectOperationArchive 

func PatchInjectOperationArchive(w http.ResponseWriter, r *http.Request, db *gorm.DB)

PatchInjectOperationArchive godoc @Summary Archive Inject Operation @Description updates the the archived status of an inject operation @Tags Injection Operations @Produce json @Security ApiKeyAuth @Param guid path string true "inject operation guid" @Param archive formData bool true "archive status to set" @Success 200 {string} string Message @Failure 500 {string} string Error @Router /inject_operations/{guid}/archive [patch]

func PatchInjectOperationTitle 

func PatchInjectOperationTitle(w http.ResponseWriter, r *http.Request, db *gorm.DB)

PatchInjectOperationArchive godoc @Summary Set Inject Operation Title @Description updates the title of an inject operation @Tags Injection Operations @Produce json @Security ApiKeyAuth @Param guid path string true "inject operation guid" @Param title formData string true "title to set" @Success 200 {string} string Message @Failure 500 {string} string Error @Router /inject_operations/{guid}/title [patch]

func PatchRequestNotes 

func PatchRequestNotes(w http.ResponseWriter, r *http.Request)

PatchRequestNotes godoc @Summary Update Request Notes @Description updates a specific request's notes @Tags Requests @Produce json @Security ApiKeyAuth @Param guid path string true "The GUID of the request to update" @Param notes body string true "The notes for the request" @Success 200 {string} string message @Failure 500 {string} string Error @Router /requests/{guid}/notes [patch]

func PatchRequestPayloads 

func PatchRequestPayloads(w http.ResponseWriter, r *http.Request, db *gorm.DB)

PatchRequestPayloads godoc @Summary Set Request Payloads @Description sets the payloads associated with a specific request @Tags Requests @Produce json @Security ApiKeyAuth @Param guid path string true "The GUID of the request to update" @Param payloads body string true "A JSON Object containing the payloads in {'key':'value'} format" @Success 200 {string} string Message @Failure 500 {string} string Error @Router /requests/{guid}/payloads [patch]

func PatchScriptGroupArchive 

func PatchScriptGroupArchive(w http.ResponseWriter, r *http.Request, db *gorm.DB)

PatchScriptGroupArchive godoc @Summary Archive Script Group @Description updates the archived status of a script group @Tags Scripting @Produce json @Security ApiKeyAuth @Param guid path string true "script group guid" @Param archive formData bool true "archive status to set" @Success 200 {string} string Message @Failure 500 {string} string Error @Router /script_groups/{guid}/archive [patch]

func PatchScriptGroupExpanded 

func PatchScriptGroupExpanded(w http.ResponseWriter, r *http.Request, db *gorm.DB)

PatchScriptGroupExpanded godoc @Summary Set Script Group Expanded Status @Description updates whether a script group is expanded (used for the UI) @Tags Scripting @Produce json @Security ApiKeyAuth @Param guid path string true "script group guid" @Param expanded formData bool true "expanded state" @Success 200 {string} string Message @Failure 500 {string} string Error @Router /script_groups/{guid}/expanded [patch]

func PatchScriptGroupTitle 

func PatchScriptGroupTitle(w http.ResponseWriter, r *http.Request, db *gorm.DB)

PatchScriptGroupTitle godoc @Summary Set Script Group Title @Description updates the title of a script group @Tags Scripting @Produce json @Security ApiKeyAuth @Param guid path string true "script group guid" @Param title formData bool true "title to set" @Success 200 {string} string Message @Failure 500 {string} string Error @Router /script_groups/{guid}/title [patch]

func PostAppendHTMLOutputScript 

func PostAppendHTMLOutputScript(w http.ResponseWriter, r *http.Request, db *gorm.DB)

PostAppendHTMLOutputScript godoc @Summary Append HTML Output for a Script @Description appends the given HTML to the HTML output of the script @Tags Scripting @Produce json @Security ApiKeyAuth @Param guid path string true "The GUID of the script to fetch" @Param html body string true "HTML Output to append" @Success 200 {string} string Message @Failure 500 {string} string Error @Router /scripts/{guid}/append_html_output [post]

func PostScopeEntry 

func PostScopeEntry(w http.ResponseWriter, r *http.Request)

PostScopeEntries godoc @Summary Add/Update Scope Entry @Description adds or updates a scope entry @Tags Requests @Produce json @Security ApiKeyAuth @Param body body project.ScopeEntry true "Script Entry details in JSON format" @Success 200 {string} string Message @Failure 500 {string} string Error @Router /scope/entry [post]

func RequestDataSearch 

func RequestDataSearch(w http.ResponseWriter, r *http.Request, db *gorm.DB)

RequestDataSearch godoc @Summary Search Request/Response Data @Description @Tags Requests @Produce json @Security ApiKeyAuth @Param guid path string true "Request guid" @Param query query string true "Base64 encoded bytes to search for" @Success 200 {array} project.RequestSearchResult @Failure 500 {string} string Error @Router /requests/{guid}/search [get]

func RunScript 

func RunScript(w http.ResponseWriter, r *http.Request)

RunScript godoc @Summary Run provided script @Description runs the provided script @Tags Scripting @Produce json @Security ApiKeyAuth @Param body body project.RunScriptParameters true "Run Script Parameters in JSON format" @Success 200 {string} string Guid @Failure 500 {string} string Error @Router /scripts/run [post]

func ScriptDecrementRequestCount 

func ScriptDecrementRequestCount(guid string)

func ScriptDecrementTotalRequests 

func ScriptDecrementTotalRequests(guid string)

func ScriptIncrementRequestCount 

func ScriptIncrementRequestCount(guid string)

func ScriptIncrementTotalRequests 

func ScriptIncrementTotalRequests(guid string)

func ScriptIncrementTotalRequestsBy 

func ScriptIncrementTotalRequestsBy(guid string, amount int)

func SetHookLibrary 

func SetHookLibrary(w http.ResponseWriter, r *http.Request)

SetHookLibrary godoc @Summary Set Hook Library @Description sets the library code which will be used when executing hooks @Tags Requests @Produce json @Security ApiKeyAuth @Param body body string true "Library Code in Python" @Success 200 {string} string Message @Failure 500 {string} string Error @Router /hooks/set_library [post]

func SetSetting 

func SetSetting(name string, value string)

func TitlizeName 

func TitlizeName(filename string) string

func URLInScope 

func URLInScope(w http.ResponseWriter, r *http.Request)

URLInScope godoc @Summary Checks URL Scope @Description checks if the given URL is in scope @Tags Requests @Produce plain @Security ApiKeyAuth @Param url query string true "URL to check" @Success 200 {string} string true or false @Failure 500 {string} string Error @Router /scope/url_in_scope [get]

func UpdateProgress 

func UpdateProgress(w http.ResponseWriter, r *http.Request)

UpdateProgress godoc @Summary Updates running script progress @Description updates the progress of a currently running script @Tags Scripting @Produce json @Security ApiKeyAuth @Param guid path string true "Script to update" @Param body body project.ScriptProgressUpdate true "Update Details" @Success 200 @Failure 500 {string} string Error @Router /scripts/{guid}/update_progress [post]

Types

type BroadcastableObject 

type BroadcastableObject interface {
	ShouldFilter(filter string) bool
}

type DBRecord 

type DBRecord interface {
	WriteToDatabase(db *gorm.DB)
}

type DataPacket 

type DataPacket struct {
	ID          uint
	GUID        string
	Time        int64
	Data        []byte
	RequestID   uint   `gorm:"index:idx_req_id;index:idx_req_direction;index:idx_req_modified;index:idx_req_modified_direction;index:idx_req_start"`
	Direction   string `gorm:"index:idx_req_modified_direction;index:idx_req_direction"`
	Modified    bool   `gorm:"index;index:idx_req_modified;index:idx_req_modified_direction"`
	DisplayData string
	StartOffset int64 `gorm:"index:idx_req_start"`
	EndOffset   int64
	IsUTF8      bool `gorm:"-"`
}

DataPacket holds further details of either the request or the response to an HTTP request this is done so that we can support WebSockets, HTTP/2, etc.

func (*DataPacket) Record 

func (p *DataPacket) Record()

func (*DataPacket) WriteToDatabase 

func (p *DataPacket) WriteToDatabase(db *gorm.DB)

type Hook 

type Hook struct {
	ID                uint `json:"-"`
	GUID              string
	Name              string
	Enabled           bool
	InternallyManaged bool
	HookType          string
	MatchRequest      bool
	MatchResponse     bool
	DisplayJson       string
	Code              string
	SortOrder         int
	ObjectType        string `gorm:"-"`
}

Hook contains the details of a piece of code which can be run either before or after a request

func (*Hook) Record 

func (h *Hook) Record()

func (*Hook) ShouldFilter 

func (h *Hook) ShouldFilter(str string) bool

func (*Hook) WriteToDatabase 

func (h *Hook) WriteToDatabase(db *gorm.DB)

type HookErrorLog 

type HookErrorLog struct {
	ID           uint `json:"-"`
	GUID         string
	Time         time.Time
	Code         string
	Error        string
	Output       string
	ObjectType   string        `gorm:"-"`
	HookResponse *HookResponse `gorm:"-" json:"-"`
}

HookErrorLog is used to record errors which occur when running hooks in the future, my preference would be to run each hook individually within the Python interpreter so that we can record errors and still process the rest of the hooks

func (*HookErrorLog) GetGUID 

func (h *HookErrorLog) GetGUID() string

func (*HookErrorLog) Record 

func (h *HookErrorLog) Record()

func (*HookErrorLog) RecordError 

func (h *HookErrorLog) RecordError(err string)

func (*HookErrorLog) SetFullOutput 

func (h *HookErrorLog) SetFullOutput(output string)

func (*HookErrorLog) SetOutput 

func (h *HookErrorLog) SetOutput(output string)

func (*HookErrorLog) SetStatus 

func (h *HookErrorLog) SetStatus(status string)

func (*HookErrorLog) ShouldFilter 

func (h *HookErrorLog) ShouldFilter(str string) bool

func (*HookErrorLog) WriteToDatabase 

func (h *HookErrorLog) WriteToDatabase(db *gorm.DB)

type HookResponse 

type HookResponse struct {
	ResponseReady   chan bool
	Modified        bool
	ModifiedRequest []byte
}

HookResponse is used by the proxy to get the results after running a hook

func RunHooksOnRequest 

func RunHooksOnRequest(req *Request, reqBytes []byte) *HookResponse

func RunHooksOnResponse 

func RunHooksOnResponse(req *Request, respBytes []byte) *HookResponse

type IOHub 

type IOHub struct {
	// contains filtered or unexported fields
}

func NewIOHub 

func NewIOHub(port string, apiToken string) *IOHub

func (*IOHub) Run 

func (h *IOHub) Run(p string, tempPath string) (*gorm.DB, string)

type InjectOperation 

type InjectOperation struct {
	ID              uint `json:"-"`
	GUID            string
	Title           string
	Request         []InjectOperationRequestPart
	Host            string
	SSL             bool
	FuzzDB          []string `gorm:"-"`
	CustomPayloads  []string `gorm:"-"`
	CustomFilenames []string `gorm:"-"`
	IterateFrom     int
	IterateTo       int
	Archived        bool `gorm:"default:false"`
	Error           string

	// Parts of the object which cannot be set by JSON
	PercentCompleted   int    `gorm:"-"`
	ObjectType         string `gorm:"-"`
	FuzzDBGorm         string `json:"-"`
	CustomFilesGorm    string `json:"-"`
	CustomPayloadsGorm string `json:"-"`
	URL                string
	InjectDescription  string `gorm:"-"`
	RequestsMadeCount  int    `gorm:"-"`
	TotalRequestCount  int
	DoNotRecord        bool `gorm:"-"`
}

InjectOperation contains the parameters which are passed to the Injection API calls

func InjectFromGUID 

func InjectFromGUID(guid string) *InjectOperation

func (*InjectOperation) Broadcast 

func (injectOperation *InjectOperation) Broadcast()

func (*InjectOperation) GetGUID 

func (injectOp *InjectOperation) GetGUID() string

func (*InjectOperation) IncrementRequestCount 

func (injectOperation *InjectOperation) IncrementRequestCount()

func (*InjectOperation) Record 

func (injectOperation *InjectOperation) Record()

Record sends the inject operation to the user interface and/or records it in the database

func (*InjectOperation) RecordError 

func (injectOp *InjectOperation) RecordError(err string)

RecordError updates the error field and transmits notification of the error to the GUI

func (*InjectOperation) SetFullOutput 

func (injectOp *InjectOperation) SetFullOutput(string)

func (*InjectOperation) SetOutput 

func (injectOp *InjectOperation) SetOutput(string)

func (*InjectOperation) SetStatus 

func (injectOp *InjectOperation) SetStatus(s string)

func (*InjectOperation) ShouldFilter 

func (injectOperation *InjectOperation) ShouldFilter(str string) bool

func (*InjectOperation) UpdateAndRecord 

func (injectOperation *InjectOperation) UpdateAndRecord()

func (*InjectOperation) UpdateForDisplay 

func (injectOperation *InjectOperation) UpdateForDisplay()

func (*InjectOperation) ValidateAndSanitize 

func (injectOp *InjectOperation) ValidateAndSanitize() error

func (*InjectOperation) WriteToDatabase 

func (injectOperation *InjectOperation) WriteToDatabase(db *gorm.DB)

type InjectOperationRequestPart 

type InjectOperationRequestPart struct {
	ID                uint `json:"-"`
	RequestPart       string
	Inject            bool
	InjectOperationID uint `json:"-"`
}

InjectOperationRequestPart contains the components of a request

type InterceptedRequest 

type InterceptedRequest struct {
	Request       *Request
	GUID          string
	Body          string    `example:"<base64 encoded body>"`
	RequestBody   string    `example:"<base64 encoded body> (for responses)"`
	Direction     string    `example:"Either browser_to_server or server_to_browser"`
	ResponseReady chan bool `json:"-"`
	ObjectType    string
	RecordAction  string `example:"Either add or delete"`
	RequestAction string `json:"-" example:"One of forward, forward_and_intercept_response or drop"`
	IsUTF8        bool
	HookRun       bool
}

InterceptedRequest contains the parameters which hold the details of intercepted requests

func (*InterceptedRequest) Record 

func (interceptedRequest *InterceptedRequest) Record(recordAction int)

func (*InterceptedRequest) ShouldFilter 

func (interceptedRequest *InterceptedRequest) ShouldFilter(str string) bool

type PartialRequestResponse 

type PartialRequestResponse struct {
	TotalRequests uint64
	Requests      []Request
	Offset        int
}

PartialRequestResponse contains a list of rows which match the given criteria and how many rows in total match

type PartialRequestResponseData 

type PartialRequestResponseData struct {
	From uint64
	To   uint64
	Data string
}

PartialRequestResponseData contains a slice of the request/response from a given request

type Request 

type Request struct {
	ID                    uint   `json:"-"`
	URL                   string `gorm:"index:,collate:nocase"`
	GUID                  string `gorm:"index:,collate:nocase"`
	Time                  int64
	Protocol              string
	Verb                  string
	Hash                  string
	ObjectType            string `gorm:"-"`
	ResponseSize          int64  `gorm:"index:"`
	ResponseContentLength int64
	ResponseTime          int
	ResponseStatusCode    int
	ResponseContentType   string `gorm:"index:,collate:nocase"`
	ScanID                string `gorm:"index:,collate:nocase"`
	Notes                 string
	Error                 string
	DataPackets           []DataPacket `json:"-"`
	Payloads              string
	InterceptResponse     bool  `gorm:"-" json:"-"`
	RequestSize           int64 `gorm:"index:"`

	SiteMapPathID int         `json:"-"`
	SiteMapPath   SiteMapPath `json:"-"`

	Action string `gorm:"-"`
	Saved  bool   `gorm:"-" json:"-"`
}

Request represents all of the fields required by the GUI to show a request to the user and its properties

func NewRequest 

func NewRequest(rawBytes []byte) (*Request, error)

NewRequest creates a new request from a byte stream

func NewRequestFromHttp 

func NewRequestFromHttp(httpRequest *http.Request, rawBytes []byte) *Request

func NewRequestFromHttpWithoutBytes 

func NewRequestFromHttpWithoutBytes(httpRequest *http.Request) (*Request, error)

func (*Request) CorrectModifiedRequestResponse 

func (request *Request) CorrectModifiedRequestResponse(direction string)

CorrectModifiedRequestResponse removes transfer encoding headers and sets a correct content length it should only be called on requests/responses where we have the entire contents in one data packet

func (*Request) GetRequestResponseData 

func (request *Request) GetRequestResponseData(direction string, modified bool) []byte

func (*Request) HandleResponse 

func (request *Request) HandleResponse(resp *http.Response, ctx *goproxy.ProxyCtx, copyBody bool) bool

func (*Request) Record 

func (request *Request) Record()

Record sends the request to the user interface and record it in the database

func (*Request) ShouldFilter 

func (request *Request) ShouldFilter(filter string) bool

func (*Request) WriteToDatabase 

func (r *Request) WriteToDatabase(db *gorm.DB)

type RequestDifference 

type RequestDifference struct {
	Text    string
	Request int // 1 for request number one, 2 for request number two, 0 for both
}

RequestDifference contains an individual difference between two requests

type RequestDifferenceBlock 

type RequestDifferenceBlock struct {
	Name        string
	Differences []RequestDifference
}

RequestDifferenceBlock contains a site of RequestDifferences, along with the name representing what part of the request they are (EG: Request Body)

type RequestObjWithHash 

type RequestObjWithHash struct {
	GUID                string
	URL                 string
	Verb                string
	ResponseStatusCode  int
	ResponseContentType string
	Hash                string
}

type RequestResponseContents 

type RequestResponseContents struct {
	Protocol              string
	Request               string
	Response              string
	ModifiedRequest       string
	ModifiedResponse      string
	Preview               string
	Modified              bool
	URL                   string
	MimeType              string
	DataPackets           []DataPacket
	LargeResponse         bool
	IsUTF8                bool
	CombinedContentLength int64
	Error                 string
}

RequestResponseContents contains the request and response in base64 format

type RequestSearchResult 

type RequestSearchResult struct {
	StartOffset uint64
	EndOffset   uint64
}

RequestSearchResult contains the result from a search across a request/response

type RequestStatusStatistics 

type RequestStatusStatistics struct {
	OneHundreds   int `json:"100"`
	TwoHundreds   int `json:"200"`
	ThreeHundreds int `json:"300"`
	FourHundreds  int `json:"400"`
	FiveHundreds  int `json:"500"`
}

type RequestSummary 

type RequestSummary struct {
	Hostname     string
	GUID         string
	Protocol     string
	RequestData  string
	URL          string
	SiteMapPath  string
	Headers      map[string]string
	SplitRequest []InjectOperationRequestPart
}

RequestSummary represents all of the fields required by the GUI to render the screens where you can manipulate reqeusts

type RunScriptParameters 

type RunScriptParameters struct {
	Code        []scripting.ScriptCode
	Title       string
	Development bool
	ScriptGroup string
}

MakeRequestParameters contains the parameters which are parsed to the Make Request API call

type Scope 

type Scope struct {
	Advanced bool                   `json:"advanced_mode"`
	Exclude  []ScopeEntryImportJSON `json:"exclude"`
	Include  []ScopeEntryImportJSON `json:"include"`
}

type ScopeEntry 

type ScopeEntry struct {
	ID             uint `json:"-"`
	GUID           string
	Name           string
	Prefix         string
	Protocol       string
	HostRegex      string
	PortRegex      string
	FileRegex      string
	IncludeInScope bool
	SortOrder      int
	ObjectType     string `gorm:"-"`
}

ScopeEntry contains the details of a single scope inclusion/exclusion

func (*ScopeEntry) Record 

func (se *ScopeEntry) Record()

func (*ScopeEntry) ShouldFilter 

func (se *ScopeEntry) ShouldFilter(str string) bool

func (*ScopeEntry) URLInScope 

func (se *ScopeEntry) URLInScope(urlStr string) (bool, error)

func (*ScopeEntry) Validate 

func (se *ScopeEntry) Validate() error

func (*ScopeEntry) WriteToDatabase 

func (se *ScopeEntry) WriteToDatabase(db *gorm.DB)

type ScopeEntryImportJSON 

type ScopeEntryImportJSON struct {
	File     string `json:"file"`
	Host     string `json:"host"`
	Port     string `json:"port"`
	Protocol string `json:"protocol"`
}

type ScopeTarget 

type ScopeTarget struct {
	Scope Scope `json:"scope"`
}

type ScopeTargetJSON 

type ScopeTargetJSON struct {
	Target ScopeTarget `json:"target"`
}

type ScriptGroup 

type ScriptGroup struct {
	ID         uint `json:"-"`
	GUID       string
	Title      string
	Status     string
	Expanded   bool
	ObjectType string `gorm:"-"`
}

ScriptGroup contains a collection of scripts

func (*ScriptGroup) Record 

func (scriptGroup *ScriptGroup) Record()

func (*ScriptGroup) ShouldFilter 

func (scriptGroup *ScriptGroup) ShouldFilter(str string) bool

func (*ScriptGroup) WriteToDatabase 

func (scriptGroup *ScriptGroup) WriteToDatabase(db *gorm.DB)

type ScriptGroupExport 

type ScriptGroupExport struct {
	Title   string
	Scripts []ScriptRun
}

type ScriptOutputUpdate 

type ScriptOutputUpdate struct {
	GUID       string
	ObjectType string
	TextOutput string
	HTMLOutput string
}

ScriptOutputUpdate contains the partial output of a script

func (*ScriptOutputUpdate) Record 

func (scriptOutputUpdate *ScriptOutputUpdate) Record()

Record sends the script output update details to the user interface

func (*ScriptOutputUpdate) ShouldFilter 

func (scriptOutputUpdate *ScriptOutputUpdate) ShouldFilter(str string) bool

func (*ScriptOutputUpdate) WriteToDatabase 

func (scriptOutputUpdate *ScriptOutputUpdate) WriteToDatabase(db *gorm.DB)

type ScriptProgressUpdate 

type ScriptProgressUpdate struct {
	GUID         string
	Count        int
	Total        int
	ObjectType   string
	ShouldUpdate bool `json:"-"`
}

ScriptProgressUpdate contains the details of script progress

func (*ScriptProgressUpdate) Record 

func (scriptProgressUpdate *ScriptProgressUpdate) Record()

Record sends the script update details to the user interface

func (*ScriptProgressUpdate) ShouldFilter 

func (scriptProgressUpdate *ScriptProgressUpdate) ShouldFilter(str string) bool

func (*ScriptProgressUpdate) WriteToDatabase 

func (scriptProgressUpdate *ScriptProgressUpdate) WriteToDatabase(db *gorm.DB)

type ScriptRun 

type ScriptRun struct {
	ID          uint `json:"-"`
	GUID        string
	Script      string `json:"-"`
	Title       string
	Development bool
	ScriptGroup string

	TextOutput string
	HtmlOutput string
	Error      string

	ObjectType        string `gorm:"-"`
	PercentCompleted  int    `gorm:"-"`
	RequestsMadeCount int    `gorm:"-"`
	TotalRequestCount int
	DoNotRecord       bool `gorm:"-"`
	DoNotBroadcast    bool `gorm:"-" json:"-"`
	Status            string
}

ScriptRun contains the details of a script which has been run for the project

func ScriptRunFromGUID 

func ScriptRunFromGUID(guid string) *ScriptRun

func (*ScriptRun) GetGUID 

func (sr *ScriptRun) GetGUID() string

func (*ScriptRun) Record 

func (scriptRun *ScriptRun) Record()

Record sends the script run to the user interface and/or records it in the database

func (*ScriptRun) RecordError 

func (scriptRun *ScriptRun) RecordError(err string)

RecordError updates the error field and transmits notification of the error to the GUI

func (*ScriptRun) RecordOrUpdate 

func (scriptRun *ScriptRun) RecordOrUpdate()

func (*ScriptRun) SetFullOutput 

func (scriptRun *ScriptRun) SetFullOutput(output string)

func (*ScriptRun) SetOutput 

func (scriptRun *ScriptRun) SetOutput(output string)

func (*ScriptRun) SetStatus 

func (scriptRun *ScriptRun) SetStatus(status string)

func (*ScriptRun) ShouldFilter 

func (scriptRun *ScriptRun) ShouldFilter(str string) bool

func (*ScriptRun) UpdateAndRecord 

func (scriptRun *ScriptRun) UpdateAndRecord()

func (*ScriptRun) UpdateFromRunningScript 

func (scriptRun *ScriptRun) UpdateFromRunningScript()

func (*ScriptRun) UpdateRunningScripts 

func (scriptRun *ScriptRun) UpdateRunningScripts()

func (*ScriptRun) WriteToDatabase 

func (scriptRun *ScriptRun) WriteToDatabase(db *gorm.DB)

type Setting 

type Setting struct {
	ID    uint `json:"-"`
	Name  string
	Value string
}

Setting represents a single setting for the project

func (*Setting) Record 

func (setting *Setting) Record()

func (*Setting) WriteToDatabase 

func (setting *Setting) WriteToDatabase(db *gorm.DB)

type SiteMapItem 

type SiteMapItem struct {
	Path    string
	InScope bool
}

SiteMapItem represents a path in the sitemap to be returned

type SiteMapPath 

type SiteMapPath struct {
	ID         uint   `json:"-"`
	ObjectType string `gorm:"-"`
	Path       string
	InScope    bool `gorm:"-"`
}

SiteMapPath represents a path in the sitemap

func (*SiteMapPath) Record 

func (siteMapPath *SiteMapPath) Record()

func (*SiteMapPath) ShouldFilter 

func (siteMapPath *SiteMapPath) ShouldFilter(str string) bool

func (*SiteMapPath) WriteToDatabase 

func (siteMapPath *SiteMapPath) WriteToDatabase(db *gorm.DB)

type SuccessfulResponsesByHash 

type SuccessfulResponsesByHash struct {
	URLs          []string
	SampleRequest RequestObjWithHash
}

type WebSocketClient 

type WebSocketClient struct {
	// contains filtered or unexported fields
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.