scanning

package

v2.6.4 Latest Latest Go to latest Published: Dec 21, 2021 License: MIT Imports: 30 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/ksg97031/dalfox

Links

Open Source Insights

Documentation ¶

Index ¶

func CRLFAnalysis(target string, options model.Options, rl *rateLimiter)
func CheckXSSWithHeadless(url string, options model.Options) bool
func CodeView(resbody, pattern string) string
func GetAttrPayload() ([]string, int)
func GetCommonPayload() ([]string, int)
func GetEventHandlers() []string
func GetGfXSS() []string
func GetHTMLPayload() ([]string, int)
func GetInJsPayload() ([]string, int)
func GetPType(av string) string
func GetPayloadBoxPayload() ([]string, int)
func GetPortswiggerPayload() ([]string, int)
func GetSpecialChar() []string
func GetTags() []string
func GetUsefulCode() []string
func Grepping(data, regex string) []string
func InterfaceGetEventHandlers() ([]string, int)
func InterfaceGetGfXSS() ([]string, int)
func InterfaceGetSpecialChar() ([]string, int)
func InterfaceGetTags() ([]string, int)
func InterfaceGetUsefulCode() ([]string, int)
func MakePoC(poc string, req *http.Request, options model.Options) string
func MakeTargetSlice(targets []string) map[string][]string
func OpenRedirectorAnalysis(target string, options model.Options, rl *rateLimiter)
func ParameterAnalysis(target string, options model.Options, rl *rateLimiter) map[string][]string
func SSTIAnalysis(target string, options model.Options, rl *rateLimiter)
func Scan(target string, options model.Options, sid string) (model.Result, error)
func SendReq(req *http.Request, payload string, options model.Options) (string, *http.Response, bool, bool, error)
func SqliAnalysis(target string, options model.Options, rl *rateLimiter)
func StaticAnalysis(target string, options model.Options, rl *rateLimiter) (map[string]string, map[int]string)
type Asset
type Queries
type WAFPattern

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func CRLFAnalysis ¶

func CRLFAnalysis(target string, options model.Options, rl *rateLimiter)

CRLFAnalysis is basic check for CRLF Injection

func CheckXSSWithHeadless ¶

func CheckXSSWithHeadless(url string, options model.Options) bool

func CodeView ¶

func CodeView(resbody, pattern string) string

CodeView is showing reflected code function

func GetAttrPayload ¶

func GetAttrPayload() ([]string, int)

GetAttrPayload is exported interface

func GetCommonPayload ¶

func GetCommonPayload() ([]string, int)

GetCommonPayload is exported interface

func GetEventHandlers ¶

func GetEventHandlers() []string

GetEventHandlers is return event handlers (array type) level: 1(none trigger) / 2(user interaction) / 3(direct trigger)

func GetGfXSS ¶

func GetGfXSS() []string

GetGfXSS is get cool parameter name from Gf-Patterns

func GetHTMLPayload ¶

func GetHTMLPayload() ([]string, int)

GetHTMLPayload is exported interface

func GetInJsPayload ¶

func GetInJsPayload() ([]string, int)

GetInJsPayload is exported interface

func GetPType ¶

func GetPType(av string) string

func GetPayloadBoxPayload ¶

func GetPayloadBoxPayload() ([]string, int)

GetPayloadBoxPayload is exported interface

func GetPortswiggerPayload ¶

func GetPortswiggerPayload() ([]string, int)

GetPortswiggerPayload is exported interface

func GetSpecialChar ¶

func GetSpecialChar() []string

GetSpecialChar is return chars (array type)

func GetTags ¶

func GetTags() []string

GetTags is return tag list (array type)

func GetUsefulCode ¶

func GetUsefulCode() []string

GetUsefulCode is return code list (array type)

func Grepping ¶

func Grepping(data, regex string) []string

Grepping is function for checking pattern

func InterfaceGetEventHandlers ¶

func InterfaceGetEventHandlers() ([]string, int)

InterfaceGetEventHandlers is exported interface

func InterfaceGetGfXSS ¶

func InterfaceGetGfXSS() ([]string, int)

InterfaceGetGfXSS is exported interface

func InterfaceGetSpecialChar ¶

func InterfaceGetSpecialChar() ([]string, int)

InterfaceGetSpecialChar is exported interface

func InterfaceGetTags ¶

func InterfaceGetTags() ([]string, int)

InterfaceGetTags is exported interface

func InterfaceGetUsefulCode ¶

func InterfaceGetUsefulCode() ([]string, int)

InterfaceGetUsefulCode is exported interface

func MakePoC ¶

func MakePoC(poc string, req *http.Request, options model.Options) string

func MakeTargetSlice ¶

func MakeTargetSlice(targets []string) map[string][]string

MakeTargetSlice is make slice for multicast option

func OpenRedirectorAnalysis ¶

func OpenRedirectorAnalysis(target string, options model.Options, rl *rateLimiter)

OpenRedirectorAnalysis is basic check for open redirectors

func ParameterAnalysis ¶

func ParameterAnalysis(target string, options model.Options, rl *rateLimiter) map[string][]string

ParameterAnalysis is check reflected and mining params

func SSTIAnalysis ¶

func SSTIAnalysis(target string, options model.Options, rl *rateLimiter)

SSTIAnalysis is basic check for SSTI

func Scan ¶

func Scan(target string, options model.Options, sid string) (model.Result, error)

Scan is main scanning function

func SendReq ¶

func SendReq(req *http.Request, payload string, options model.Options) (string, *http.Response, bool, bool, error)

SendReq is sending http request (handled GET/POST)

func SqliAnalysis ¶

func SqliAnalysis(target string, options model.Options, rl *rateLimiter)

SqliAnalysis is basic check for SQL Injection

func StaticAnalysis ¶

func StaticAnalysis(target string, options model.Options, rl *rateLimiter) (map[string]string, map[int]string)

StaticAnalysis is found information on original req/res

Types ¶

type Asset ¶

type Asset struct {
	Line string
	Size string
}

type Queries ¶

type Queries struct {
	// contains filtered or unexported fields
}

Queries is struct of queries

type WAFPattern ¶

type WAFPattern struct {
	Name   string
	Body   string
	Header string
}

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL