Directories
¶
| Path | Synopsis |
|---|---|
|
Package activescan is the deterministic active-scan engine: it enumerates the injection points of a request, fires per-class payloads at them through a caller-supplied sender, and confirms vulnerabilities with detectors.
|
Package activescan is the deterministic active-scan engine: it enumerates the injection points of a request, fires per-class payloads at them through a caller-supplied sender, and confirms vulnerabilities with detectors. |
|
Package activescript runs user-authored ACTIVE scanner checks written in Starlark — the active twin of internal/checkscript.
|
Package activescript runs user-authored ACTIVE scanner checks written in Starlark — the active twin of internal/checkscript. |
|
Package aiassist is an optional, bring-your-own-key bridge to an LLM that explains requests, suggests payloads, and summarizes findings.
|
Package aiassist is an optional, bring-your-own-key bridge to an LLM that explains requests, suggests payloads, and summarizes findings. |
|
Package android configures a USB-connected Android device for HTTPS interception via adb.
|
Package android configures a USB-connected Android device for HTTPS interception via adb. |
|
auth
|
|
|
jwtextract
Package jwtextract pulls JWT-shaped tokens from HTTP flows (Bearer header, JSON fields, URL path/query, cookies) for cross-host replay and SSO testing.
|
Package jwtextract pulls JWT-shaped tokens from HTTP flows (Bearer header, JSON fields, URL path/query, cookies) for cross-host replay and SSO testing. |
|
Package bind holds listen-address policy shared by the CLI and control plane.
|
Package bind holds listen-address policy shared by the CLI and control plane. |
|
Package capture streams HTTP bodies into the store as they pass through, without buffering them in memory.
|
Package capture streams HTTP bodies into the store as they pass through, without buffering them in memory. |
|
Package checkscript runs user-authored passive scanner checks written in Starlark — a small, Python-like, deterministic language.
|
Package checkscript runs user-authored passive scanner checks written in Starlark — a small, Python-like, deterministic language. |
|
Package codec — body.go: HTTP response-body decompression helpers shared by control (display decoding) and intruder (grep decoding).
|
Package codec — body.go: HTTP response-body decompression helpers shared by control (display decoding) and intruder (grep decoding). |
|
Package control serves the Interceptor UI and the REST + SSE control API on the fixed localhost control port.
|
Package control serves the Interceptor UI and the REST + SSE control API on the fixed localhost control port. |
|
Package curlgen renders a captured request as a runnable curl command, so a tester (or the AI) can reproduce and iterate on it in a terminal.
|
Package curlgen renders a captured request as a runnable curl command, so a tester (or the AI) can reproduce and iterate on it in a terminal. |
|
Package discovery is a scope-aware content-discovery (forced-browse) engine: it brute-forces paths from a wordlist against a base URL, calibrates a per-directory soft-404 signature so it doesn't drown in false hits, optionally recurses into discovered directories, and streams results as it goes.
|
Package discovery is a scope-aware content-discovery (forced-browse) engine: it brute-forces paths from a wordlist against a base URL, calibrates a per-directory soft-404 signature so it doesn't drown in false hits, optionally recurses into discovered directories, and streams results as it goes. |
|
Package harx converts captured flows to and from the HAR 1.2 (HTTP Archive) format for interop with browsers, Postman, and other tooling.
|
Package harx converts captured flows to and from the HAR 1.2 (HTTP Archive) format for interop with browsers, Postman, and other tooling. |
|
Package hostpattern matches host strings against simple scope-style patterns (exact, *.wildcard).
|
Package hostpattern matches host strings against simple scope-style patterns (exact, *.wildcard). |
|
Package httplines normalizes HTTP header input from APIs and MCP tools.
|
Package httplines normalizes HTTP header input from APIs and MCP tools. |
|
Package intercept implements the request hold queue (Burp-style intercept) and the request-side match-&-replace engine.
|
Package intercept implements the request hold queue (Burp-style intercept) and the request-side match-&-replace engine. |
|
Package intruder runs payload-driven attacks (Sniper, Pitchfork) against a request template whose fuzz points are wrapped in §…§ markers.
|
Package intruder runs payload-driven attacks (Sniper, Pitchfork) against a request template whose fuzz points are wrapped in §…§ markers. |
|
Package ios configures iOS simulators and devices for HTTPS interception.
|
Package ios configures iOS simulators and devices for HTTPS interception. |
|
Package mcp implements a Model Context Protocol server over stdio so an AI agent can operate Interceptor as a set of tools.
|
Package mcp implements a Model Context Protocol server over stdio so an AI agent can operate Interceptor as a set of tools. |
|
Package netutil provides helpers for enumerating local network addresses.
|
Package netutil provides helpers for enumerating local network addresses. |
|
Package oob is an out-of-band interaction catcher for blind-vulnerability testing (blind SSRF / XXE / SQLi / RCE).
|
Package oob is an out-of-band interaction catcher for blind-vulnerability testing (blind SSRF / XXE / SQLi / RCE). |
|
Package proc discovers and stops running Interceptor processes by image name.
|
Package proc discovers and stops running Interceptor processes by image name. |
|
Package proxy implements an intercepting HTTP/HTTPS forward proxy that captures every flow.
|
Package proxy implements an intercepting HTTP/HTTPS forward proxy that captures every flow. |
|
Package report renders scanner findings as a human-readable Markdown report, ready to paste into a pentest writeup.
|
Package report renders scanner findings as a human-readable Markdown report, ready to paste into a pentest writeup. |
|
Package scanner runs passive security checks over captured flows.
|
Package scanner runs passive security checks over captured flows. |
|
Package scope evaluates target-scope rules: which flows are "in scope" for an engagement.
|
Package scope evaluates target-scope rules: which flows are "in scope" for an engagement. |
|
Package sender issues one-off HTTP/HTTPS requests directly to a target (bypassing the proxy listener) and records each as a flow.
|
Package sender issues one-off HTTP/HTTPS requests directly to a target (bypassing the proxy listener) and records each as a flow. |
|
Package store persists flow metadata in SQLite and bodies on disk.
|
Package store persists flow metadata in SQLite and bodies on disk. |
|
Package sysproxy points the operating system's HTTP/HTTPS proxy at Interceptor (and turns it back off).
|
Package sysproxy points the operating system's HTTP/HTTPS proxy at Interceptor (and turns it back off). |
|
Package tlsca manages a local certificate authority for TLS interception: it loads or generates a CA, then mints and caches short-lived per-host leaf certificates signed by that CA so the proxy can terminate client TLS.
|
Package tlsca manages a local certificate authority for TLS interception: it loads or generates a CA, then mints and caches short-lived per-host leaf certificates signed by that CA so the proxy can terminate client TLS. |
|
Package version is the single source of truth for the build version and a best-effort "is a newer release out?" check against the GitHub tags.
|
Package version is the single source of truth for the build version and a best-effort "is a newer release out?" check against the GitHub tags. |
|
Package wsrepeater opens a fresh WebSocket connection to a target, sends one message, and captures the frames the server returns — a "Repeater" for WebSockets.
|
Package wsrepeater opens a fresh WebSocket connection to a target, sends one message, and captures the frames the server returns — a "Repeater" for WebSockets. |
Click to show internal directories.
Click to hide internal directories.