inspector

package
v0.0.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 5, 2025 License: Apache-2.0 Imports: 12 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func NewInspector 

func NewInspector() map[string]Inspector

Types

type AccountTakeoverInspector 

type AccountTakeoverInspector struct{}

func (*AccountTakeoverInspector) Inspect 

func (i *AccountTakeoverInspector) Inspect(inspectData InspectData, args InspectorArgs) error

func (*AccountTakeoverInspector) IsSupportTarget 

func (i *AccountTakeoverInspector) IsSupportTarget(target InspectTarget) bool

func (*AccountTakeoverInspector) Name 

func (i *AccountTakeoverInspector) Name() InspectorName

type AccountTakeoverInspectorArgs 

type AccountTakeoverInspectorArgs struct {
	LoginRateLimitPerSecond rate.Limit
}

func (*AccountTakeoverInspectorArgs) IsArgOf 

func (a *AccountTakeoverInspectorArgs) IsArgOf() string

type GetInspectTargetValueOptions 

type GetInspectTargetValueOptions struct {
	ParamNames []string
}

type InspectData 

type InspectData struct {
	Target map[InspectTarget]InspectTargetValue
}

func (*InspectData) HasTarget 

func (d *InspectData) HasTarget(target InspectTarget) bool

type InspectDataBuilder 

type InspectDataBuilder struct {
	InspectData
}

func NewInspectDataBuilder 

func NewInspectDataBuilder() *InspectDataBuilder

func (*InspectDataBuilder) Build 

func (b *InspectDataBuilder) Build() *InspectData

func (*InspectDataBuilder) WithAccountTakeover 

func (b *InspectDataBuilder) WithAccountTakeover(clientIP, userID string) *InspectDataBuilder

func (*InspectDataBuilder) WithClientIP 

func (b *InspectDataBuilder) WithClientIP(clientIP string) *InspectDataBuilder

func (*InspectDataBuilder) WithFileOpenPath 

func (b *InspectDataBuilder) WithFileOpenPath(path string) *InspectDataBuilder

func (*InspectDataBuilder) WithGraphQLRequestOperationName 

func (b *InspectDataBuilder) WithGraphQLRequestOperationName(operationName string) *InspectDataBuilder

func (*InspectDataBuilder) WithGraphQLRequestRawQuery 

func (b *InspectDataBuilder) WithGraphQLRequestRawQuery(query string) *InspectDataBuilder

func (*InspectDataBuilder) WithGraphQLRequestVariables 

func (b *InspectDataBuilder) WithGraphQLRequestVariables(variables map[string][]string) *InspectDataBuilder

func (*InspectDataBuilder) WithHTTPClientRequestURL 

func (b *InspectDataBuilder) WithHTTPClientRequestURL(url string) *InspectDataBuilder

func (*InspectDataBuilder) WithHTTPRequestBody 

func (b *InspectDataBuilder) WithHTTPRequestBody(body map[string][]string) *InspectDataBuilder

func (*InspectDataBuilder) WithHTTPRequestHeader 

func (b *InspectDataBuilder) WithHTTPRequestHeader(header http.Header) *InspectDataBuilder

func (*InspectDataBuilder) WithHTTPRequestQuery 

func (b *InspectDataBuilder) WithHTTPRequestQuery(query url.Values) *InspectDataBuilder

func (*InspectDataBuilder) WithHTTPRequestURL 

func (b *InspectDataBuilder) WithHTTPRequestURL(url string) *InspectDataBuilder

func (*InspectDataBuilder) WithSQLQuery 

func (b *InspectDataBuilder) WithSQLQuery(query string) *InspectDataBuilder

type InspectTarget 

type InspectTarget string
const (
	InspectTargetHttpRequestURL    InspectTarget = "http.request.url"
	InspectTargetHttpRequestPath   InspectTarget = "http.request.path"
	InspectTargetHttpRequestHeader InspectTarget = "http.request.header"
	InspectTargetHttpRequestQuery  InspectTarget = "http.request.query"
	InspectTargetHttpRequestBody   InspectTarget = "http.request.body"
	InspectTargetClientIP          InspectTarget = "client.ip"

	InspectTargetGraphQLRequestRawQuery      InspectTarget = "graphql.request.raw_query"
	InspectTargetGraphQLRequestOperationName InspectTarget = "graphql.request.operation_name"
	InspectTargetGraphQLRequestVariables     InspectTarget = "graphql.request.variables"

	InspectTargetHttpClientRequestURL InspectTarget = "http.client.request.url"

	InspectTargetSQLQuery   InspectTarget = "sql.query"
	InspectTargetOSFileOpen InspectTarget = "os.file.open"

	InspectTargetAccountTakeover InspectTarget = "application.user.login.account_takeover"
)

func (InspectTarget) IsSupportKeyValueFiltering 

func (t InspectTarget) IsSupportKeyValueFiltering() bool

func (InspectTarget) String 

func (t InspectTarget) String() string

type InspectTargetOptions 

type InspectTargetOptions struct {
	Target string
	Params []string
}

type InspectTargetValue 

type InspectTargetValue interface {
	// GetValue returns the value of the target
	GetValue() string
	// GetValues returns the values of the target.
	// If keys are provided, it returns the values of the keys. If keys are not provided, it returns all values.
	GetValues(opts ...WithGetInspectTargetValueOptions) []string
}

func NewInspectTargetValueKeyValues 

func NewInspectTargetValueKeyValues(values map[string][]string) InspectTargetValue

func NewInspectTargetValueString 

func NewInspectTargetValueString(value string) InspectTargetValue

type InspectTargetValueKeyValues 

type InspectTargetValueKeyValues struct {
	Values map[string][]string
}

InspectTargetValueKeyValues is a struct that contains key-values (map[string][]string, like http.Header and url.Values and more...) of the target.

func (*InspectTargetValueKeyValues) GetValue 

func (v *InspectTargetValueKeyValues) GetValue() string

func (*InspectTargetValueKeyValues) GetValues 

func (v *InspectTargetValueKeyValues) GetValues(opts ...WithGetInspectTargetValueOptions) []string

type InspectTargetValueString 

type InspectTargetValueString struct {
	Value string
}

func (*InspectTargetValueString) GetValue 

func (v *InspectTargetValueString) GetValue() string

func (*InspectTargetValueString) GetValues 

func (v *InspectTargetValueString) GetValues(opts ...WithGetInspectTargetValueOptions) []string

type Inspector 

type Inspector interface {
	// Name returns the name of the inspector
	Name() InspectorName
	// Inspect inspects the given data
	// Inspector must return action.DetectionError if it detects something
	Inspect(inspectData InspectData, inspectorArgs InspectorArgs) error
	// IsSupportTarget returns whether the inspector supports the target
	IsSupportTarget(target InspectTarget) bool
}

func NewAccountTakeoverInspector 

func NewAccountTakeoverInspector() Inspector

func NewLFIInspector 

func NewLFIInspector() Inspector

func NewLibInjectionSQLIInspector 

func NewLibInjectionSQLIInspector() Inspector

func NewLibInjectionXSSInspector 

func NewLibInjectionXSSInspector() Inspector

func NewMatchListInspector 

func NewMatchListInspector() Inspector

func NewRegexInspector 

func NewRegexInspector() Inspector

func NewSQLiInspector 

func NewSQLiInspector() Inspector

func NewSSRFInspector 

func NewSSRFInspector() Inspector

type InspectorArgs 

type InspectorArgs interface {
	IsArgOf() string
}

type InspectorName 

type InspectorName string
var (
	RegexInspectorName            InspectorName = "RegexInspector"
	MatchListInspectorName        InspectorName = "MatchListInspector"
	LibInjectionSQLIInspectorName InspectorName = "LibInjectionSQLIInspector"
	LibInjectionXSSInspectorName  InspectorName = "LibInjectionXSSInspector"
	SQLiInspectorName             InspectorName = "SQLiInspector"
	LFIInspectorName              InspectorName = "LFIInspector"
	SSRFInspectorName             InspectorName = "SSRFInspector"
	AccountTakeoverInspectorName  InspectorName = "AccountTakeoverInspector"
)

type LFIInspector 

type LFIInspector struct{}

func (*LFIInspector) Inspect 

func (i *LFIInspector) Inspect(inspectData InspectData, inspectorArgs InspectorArgs) error

func (*LFIInspector) IsSupportTarget 

func (i *LFIInspector) IsSupportTarget(target InspectTarget) bool

func (*LFIInspector) Name 

func (i *LFIInspector) Name() InspectorName

type LFIInspectorArgs 

type LFIInspectorArgs struct{}

func (*LFIInspectorArgs) IsArgOf 

func (a *LFIInspectorArgs) IsArgOf() string

type LibInjectionSQLIInspector 

type LibInjectionSQLIInspector struct{}

func (*LibInjectionSQLIInspector) Inspect 

func (r *LibInjectionSQLIInspector) Inspect(inspectData InspectData, inspectorArgs InspectorArgs) error

func (*LibInjectionSQLIInspector) IsSupportTarget 

func (r *LibInjectionSQLIInspector) IsSupportTarget(target InspectTarget) bool

func (*LibInjectionSQLIInspector) Name 

func (r *LibInjectionSQLIInspector) Name() InspectorName

type LibInjectionSQLIInspectorArgs 

type LibInjectionSQLIInspectorArgs struct {
	InspectTargetOptions []InspectTargetOptions
}

func (*LibInjectionSQLIInspectorArgs) IsArgOf 

func (r *LibInjectionSQLIInspectorArgs) IsArgOf() string

type LibInjectionXSSInspector 

type LibInjectionXSSInspector struct{}

func (*LibInjectionXSSInspector) Inspect 

func (r *LibInjectionXSSInspector) Inspect(inspectData InspectData, inspectorArgs InspectorArgs) error

func (*LibInjectionXSSInspector) IsSupportTarget 

func (r *LibInjectionXSSInspector) IsSupportTarget(target InspectTarget) bool

func (*LibInjectionXSSInspector) Name 

func (r *LibInjectionXSSInspector) Name() InspectorName

type LibInjectionXSSInspectorArgs 

type LibInjectionXSSInspectorArgs struct {
	InspectTargetOptions []InspectTargetOptions
}

func (*LibInjectionXSSInspectorArgs) IsArgOf 

func (r *LibInjectionXSSInspectorArgs) IsArgOf() string

type MatchListInspector 

type MatchListInspector struct{}

func (*MatchListInspector) Inspect 

func (m *MatchListInspector) Inspect(inspectData InspectData, inspectorArgs InspectorArgs) error

func (*MatchListInspector) IsSupportTarget 

func (m *MatchListInspector) IsSupportTarget(target InspectTarget) bool

func (*MatchListInspector) Name 

func (m *MatchListInspector) Name() InspectorName

type MatchListInspectorArgs 

type MatchListInspectorArgs struct {
	List                 []string
	InspectTargetOptions []InspectTargetOptions
}

func (*MatchListInspectorArgs) IsArgOf 

func (m *MatchListInspectorArgs) IsArgOf() string

type RegexInspector 

type RegexInspector struct{}

func (*RegexInspector) Inspect 

func (r *RegexInspector) Inspect(inspectData InspectData, inspectorArgs InspectorArgs) error

func (*RegexInspector) IsSupportTarget 

func (r *RegexInspector) IsSupportTarget(target InspectTarget) bool

func (*RegexInspector) Name 

func (r *RegexInspector) Name() InspectorName

type RegexInspectorArgs 

type RegexInspectorArgs struct {
	Regex                string
	InspectTargetOptions []InspectTargetOptions
}

func (*RegexInspectorArgs) IsArgOf 

func (r *RegexInspectorArgs) IsArgOf() string

type SQLiInspector 

type SQLiInspector struct{}

func (*SQLiInspector) Inspect 

func (r *SQLiInspector) Inspect(inspectData InspectData, inspectorArgs InspectorArgs) error

func (*SQLiInspector) IsSupportTarget 

func (r *SQLiInspector) IsSupportTarget(target InspectTarget) bool

func (*SQLiInspector) Name 

func (r *SQLiInspector) Name() InspectorName

type SQLiInspectorArgs 

type SQLiInspectorArgs struct {
}

func (*SQLiInspectorArgs) IsArgOf 

func (r *SQLiInspectorArgs) IsArgOf() string

type SSRFInspector 

type SSRFInspector struct{}

func (*SSRFInspector) Inspect 

func (i *SSRFInspector) Inspect(inspectData InspectData, args InspectorArgs) error

func (*SSRFInspector) IsSupportTarget 

func (i *SSRFInspector) IsSupportTarget(target InspectTarget) bool

func (*SSRFInspector) Name 

func (i *SSRFInspector) Name() InspectorName

type SSRFInspectorArgs 

type SSRFInspectorArgs struct{}

func (*SSRFInspectorArgs) IsArgOf 

func (a *SSRFInspectorArgs) IsArgOf() string

type WithGetInspectTargetValueOptions 

type WithGetInspectTargetValueOptions func(o *GetInspectTargetValueOptions)

func WithParamNames 

func WithParamNames(paramNames []string) WithGetInspectTargetValueOptions

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.