scan

package

v1.0.2 Latest Latest Go to latest Published: Apr 11, 2021 License: AGPL-3.0 Imports: 25 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/assetnote/kiterunner

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
func ParseDomain(domain string) ([]*http.Target, error)
func ParseFile(filename string) ([]*http.Target, error)
func ParseInput(in string) ([]*http.Target, error)
func ParseStdin(ctx context.Context) (chan []*http.Target, error)
func ScanDomainOrFile(ctx context.Context, domainOrFile string, opts ...ScanOption) error
func ScanStdin(ctx context.Context, opts ...ScanOption) error
type ErrInvalidProtocol
- func (e *ErrInvalidProtocol) Error() string
type FileLen
- func ParseFileWithLen(in string) (FileLen, error)
type ProgressBar
- func NewProgress(max int64) *ProgressBar
- func (b *ProgressBar) AddTotal(n int64)
- func (b *ProgressBar) Incr(n int64)
type ScanOption
type ScanOptions
- func NewDefaultScanOptions() *ScanOptions

Constants ¶

View Source

const (
	DefaultUserAgent       = "" /* 128-byte string literal not displayed */
	DefaultMaxConnPerHost  = 3
	DefaultMaxParallelHost = 50
	DefaultMaxRedirects    = 3
	DefaultDelay           = 0 * time.Second
	DefaultTimeout         = 3 * time.Second
)

Variables ¶

This section is empty.

Functions ¶

func ParseDomain ¶

func ParseDomain(domain string) ([]*http.Target, error)

ParseDomain will attempt to determine the target based off the input The only support protocols are http, https If protocol is missing, then we will assume from the port. If the port is missing, then we will try both http:80 and https:443 we use net/url to parse the URL

func ParseFile ¶

func ParseFile(filename string) ([]*http.Target, error)

ParseFile will perform a ParseDomain on all lines in a file

func ParseInput ¶

func ParseInput(in string) ([]*http.Target, error)

ParseInput will attempt to extract all targets from a given input We will attempt to find a file matching your provided <input>, and otherwise attempt to parse it as a URI. If protocol is missing, then we will assume from the port. If the port is missing, then we will try both http:80 and https:443 "-" should not be passed to this, as we want to parse stdin asynchronously.

func ParseStdin ¶

func ParseStdin(ctx context.Context) (chan []*http.Target, error)

ParseStdin will return a channel that will publish chunks of targets every second (if there are any targets) This attempts to optimise against pipes that slowly write out the targets, allowing us to asynchronously to start processing targets without waiting for all the input

func ScanDomainOrFile ¶

func ScanDomainOrFile(ctx context.Context, domainOrFile string, opts ...ScanOption) error

ScanDomainOrFile will perform a scan using the domain or file provided. This will first attempt to read the file specified, and if not found, attempt to parse the input as a target. If you wish to read from stdin, use ScanStdin

func ScanStdin ¶

func ScanStdin(ctx context.Context, opts ...ScanOption) error

ScanStdin will perform a scan using the options provided, reading targets from stdin TODO: figure out how to do phase scanning with stdin scan

Types ¶

type ErrInvalidProtocol ¶

type ErrInvalidProtocol struct {
	Protocol string
	URL      string
}

func (*ErrInvalidProtocol) Error ¶

func (e *ErrInvalidProtocol) Error() string

type FileLen ¶

type FileLen struct {
	Filename  string
	MaxLength int
}

func ParseFileWithLen ¶

func ParseFileWithLen(in string) (FileLen, error)

type ProgressBar ¶

type ProgressBar struct {
	Pb       *mpb.Progress
	Requests *progressbar.ProgressBar
}

func NewProgress ¶

func NewProgress(max int64) *ProgressBar

func (*ProgressBar) AddTotal ¶

func (b *ProgressBar) AddTotal(n int64)

func (*ProgressBar) Incr ¶

func (b *ProgressBar) Incr(n int64)

type ScanOption ¶

type ScanOption func(o *ScanOptions) error

func AddHeader ¶

func AddHeader(h string) ScanOption

func AddHeaders ¶

func AddHeaders(hs []string) ScanOption

func BlacklistDomains ¶

func BlacklistDomains(in []string) ScanOption

func ContentLengthIgnoreRange ¶

func ContentLengthIgnoreRange(v string) ScanOption

func ContentLengthIgnoreRanges ¶

func ContentLengthIgnoreRanges(v []string) ScanOption

func Delay ¶

func Delay(n time.Duration) ScanOption

func FailStatusCodes ¶

func FailStatusCodes(v []int) ScanOption

func FilterAPIs ¶

func FilterAPIs(apis []string) ScanOption

FilterAPIs will modify the output of FilteredRoutes to return the routes that only match the apis set

func ForceMethod ¶

func ForceMethod(method string) ScanOption

func KitebuilderFullScan ¶

func KitebuilderFullScan(v bool) ScanOption

func LoadAssetnoteWordlist ¶

func LoadAssetnoteWordlist(fns []string, extensions []string, dirsearchCompatabilityMode bool) ScanOption

func LoadAssetnoteWordlistKitebuilder ¶

func LoadAssetnoteWordlistKitebuilder(fns []string) ScanOption

func LoadKitebuilderFile ¶

func LoadKitebuilderFile(fns []string) ScanOption

func LoadTextWordlist ¶

func LoadTextWordlist(fns []string, extensions []string, dirsearchCompatabilityMode bool) ScanOption

LoadTextWordlist will load the lines from the text wordlist, ensure the paths are valid with a prefixing slash and append any required extensions to the wordlist we do not lazy load the wordlist because thats hard and a pain for allocations

func MaxConnPerHost ¶

func MaxConnPerHost(n int) ScanOption

func MaxParallelHosts ¶

func MaxParallelHosts(n int) ScanOption

func MaxRedirects ¶

func MaxRedirects(n int) ScanOption

func Precheck ¶

func Precheck(v bool) ScanOption

func PreflightDepth ¶

func PreflightDepth(n int64) ScanOption

func ProgressBarEnabled ¶

func ProgressBarEnabled(v bool) ScanOption

func QuarantineThreshold ¶

func QuarantineThreshold(n int64) ScanOption

func ShowProgress ¶

func ShowProgress(n bool) ScanOption

func SuccessStatusCodes ¶

func SuccessStatusCodes(v []int) ScanOption

func Timeout ¶

func Timeout(n time.Duration) ScanOption

func UserAgent ¶

func UserAgent(n string) ScanOption

func WildcardDetection ¶

func WildcardDetection(v bool) ScanOption

type ScanOptions ¶

type ScanOptions struct {
	Routes                   []*http.Route
	Headers                  []http.Header
	PrecheckTargets          bool
	MaxConnPerHost           int
	MaxParallelHosts         int
	Delay                    time.Duration
	UserAgent                string
	Timeout                  time.Duration
	MaxRedirects             int
	ForceMethod              string
	ShowProgress             bool
	WildcardDetection        bool
	ContentLengthIgnoreRange []http.Range
	ProgressBar              bool
	QuarantineThreshold      int64
	PreflightDepth           int64

	KitebuilderFullScan bool
	SuccessStatusCodes  map[int]interface{}
	FailStatusCodes     map[int]interface{}

	BlacklistRedirectDomains []string
	FilterAPIs               map[string]interface{}
	// contains filtered or unexported fields
}

func NewDefaultScanOptions ¶

func NewDefaultScanOptions() *ScanOptions

func (ScanOptions) FilteredRoutes ¶

func (s ScanOptions) FilteredRoutes() (ret []*http.Route)

FilteredRoutes will return the routes that match have a source in s.FilterAPIs. If s.FilterAPIs is empty then this will return s.Routes

func (ScanOptions) KiterunnerOptions ¶

func (s ScanOptions) KiterunnerOptions() []kiterunner.ConfigOption

func (ScanOptions) String ¶

func (s ScanOptions) String() string

func (ScanOptions) Validate ¶

func (s ScanOptions) Validate() error

Validate will ensure the config is sane after all the flags and then return an error if things dont make sense

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL