internal/

directory
v0.8.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jun 26, 2026 License: MIT

Directories

Path Synopsis
Package activescan is the deterministic active-scan engine: it enumerates the injection points of a request, fires per-class payloads at them through a caller-supplied sender, and confirms vulnerabilities with detectors.
Package activescan is the deterministic active-scan engine: it enumerates the injection points of a request, fires per-class payloads at them through a caller-supplied sender, and confirms vulnerabilities with detectors.
Package aiassist is an optional, bring-your-own-key bridge to an LLM that explains requests, suggests payloads, and summarizes findings.
Package aiassist is an optional, bring-your-own-key bridge to an LLM that explains requests, suggests payloads, and summarizes findings.
Package capture streams HTTP bodies into the store as they pass through, without buffering them in memory.
Package capture streams HTTP bodies into the store as they pass through, without buffering them in memory.
Package checkscript runs user-authored passive scanner checks written in Starlark — a small, Python-like, deterministic language.
Package checkscript runs user-authored passive scanner checks written in Starlark — a small, Python-like, deterministic language.
Package codec provides the small, pure encode/decode transforms behind the Decoder tool and the MCP `decode` tool: base64, URL, hex, HTML entities, and JWT inspection, plus a best-effort "smart" auto-decode.
Package codec provides the small, pure encode/decode transforms behind the Decoder tool and the MCP `decode` tool: base64, URL, hex, HTML entities, and JWT inspection, plus a best-effort "smart" auto-decode.
Package control serves the Interceptor UI and the REST + SSE control API on the fixed localhost control port.
Package control serves the Interceptor UI and the REST + SSE control API on the fixed localhost control port.
Package curlgen renders a captured request as a runnable curl command, so a tester (or the AI) can reproduce and iterate on it in a terminal.
Package curlgen renders a captured request as a runnable curl command, so a tester (or the AI) can reproduce and iterate on it in a terminal.
Package discovery is a scope-aware content-discovery (forced-browse) engine: it brute-forces paths from a wordlist against a base URL, calibrates a per-directory soft-404 signature so it doesn't drown in false hits, optionally recurses into discovered directories, and streams results as it goes.
Package discovery is a scope-aware content-discovery (forced-browse) engine: it brute-forces paths from a wordlist against a base URL, calibrates a per-directory soft-404 signature so it doesn't drown in false hits, optionally recurses into discovered directories, and streams results as it goes.
Package harx converts captured flows to and from the HAR 1.2 (HTTP Archive) format for interop with browsers, Postman, and other tooling.
Package harx converts captured flows to and from the HAR 1.2 (HTTP Archive) format for interop with browsers, Postman, and other tooling.
Package intercept implements the request hold queue (Burp-style intercept) and the request-side match-&-replace engine.
Package intercept implements the request hold queue (Burp-style intercept) and the request-side match-&-replace engine.
Package intruder runs payload-driven attacks (Sniper, Pitchfork) against a request template whose fuzz points are wrapped in §…§ markers.
Package intruder runs payload-driven attacks (Sniper, Pitchfork) against a request template whose fuzz points are wrapped in §…§ markers.
Package mcp implements a Model Context Protocol server over stdio so an AI agent can operate Interceptor as a set of tools.
Package mcp implements a Model Context Protocol server over stdio so an AI agent can operate Interceptor as a set of tools.
Package oob is an out-of-band interaction catcher for blind-vulnerability testing (blind SSRF / XXE / SQLi / RCE).
Package oob is an out-of-band interaction catcher for blind-vulnerability testing (blind SSRF / XXE / SQLi / RCE).
Package proxy implements an intercepting HTTP/HTTPS forward proxy that captures every flow.
Package proxy implements an intercepting HTTP/HTTPS forward proxy that captures every flow.
Package report renders scanner findings as a human-readable Markdown report, ready to paste into a pentest writeup.
Package report renders scanner findings as a human-readable Markdown report, ready to paste into a pentest writeup.
Package scanner runs passive security checks over captured flows.
Package scanner runs passive security checks over captured flows.
Package scope evaluates target-scope rules: which flows are "in scope" for an engagement.
Package scope evaluates target-scope rules: which flows are "in scope" for an engagement.
Package sender issues one-off HTTP/HTTPS requests directly to a target (bypassing the proxy listener) and records each as a flow.
Package sender issues one-off HTTP/HTTPS requests directly to a target (bypassing the proxy listener) and records each as a flow.
Package store persists flow metadata in SQLite and bodies on disk.
Package store persists flow metadata in SQLite and bodies on disk.
Package sysproxy points the operating system's HTTP/HTTPS proxy at Interceptor (and turns it back off).
Package sysproxy points the operating system's HTTP/HTTPS proxy at Interceptor (and turns it back off).
Package tlsca manages a local certificate authority for TLS interception: it loads or generates a CA, then mints and caches short-lived per-host leaf certificates signed by that CA so the proxy can terminate client TLS.
Package tlsca manages a local certificate authority for TLS interception: it loads or generates a CA, then mints and caches short-lived per-host leaf certificates signed by that CA so the proxy can terminate client TLS.
Package version is the single source of truth for the build version and a best-effort "is a newer release out?" check against the GitHub tags.
Package version is the single source of truth for the build version and a best-effort "is a newer release out?" check against the GitHub tags.
Package wsrepeater opens a fresh WebSocket connection to a target, sends one message, and captures the frames the server returns — a "Repeater" for WebSockets.
Package wsrepeater opens a fresh WebSocket connection to a target, sends one message, and captures the frames the server returns — a "Repeater" for WebSockets.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL