Documentation
¶
Index ¶
- Variables
- func CheckPType(str string) bool
- func ContainsFromArray(slice []string, item string) bool
- func DetectContext(response string, param string, value string) string
- func DuplicatedResult(result []model.PoC, rst model.PoC) bool
- func GenerateMagicCharacter(context string) string
- func GenerateMagicString(context string, length int) string
- func GenerateRandomToken(url string) string
- func GenerateTerminalWidthLine(char string) string
- func GenerateTestPayload(context string) string
- func GetBypassHints(char string) []string
- func GetTerminalWidth() int
- func IndexOf(element string, data []string) int
- func IsAllowType(contentType string) bool
- func MakeTargetSlice(targets []string) map[string][]string
Constants ¶
This section is empty.
Variables ¶
var ContextSpecificMagic = map[string][]string{
"html": {"<", ">", "'", "\"", "&"},
"js": {"'", "\"", ";", "{", "}", "(", ")", "`"},
"css": {"{", "}", ";", ":", "/*", "*/", "'", "\""},
"url": {"&", "=", "?", "#", "%", "+", " "},
"json": {"{", "}", "[", "]", ":", ",", "\""},
"xml": {"<", ">", "&", "'", "\""},
"sql": {"'", "\"", ";", "--", "/*", "*/", "(", ")"},
}
ContextSpecificMagic contains magic characters for specific contexts
var MagicCharacters = []string{
"'", "\"", "<", ">", "&", ";", "(", ")", "{", "}", "[", "]",
"`", "~", "!", "@", "#", "$", "%", "^", "*", "+", "=",
"|", "\\", "/", "?", ":", ",", ".", " ", "\t", "\n", "\r",
}
MagicCharacters contains special characters for manual XSS testing
Functions ¶
func CheckPType ¶
func ContainsFromArray ¶
func DetectContext ¶ added in v2.12.0
DetectContext attempts to detect the context where a parameter appears
func GenerateMagicCharacter ¶ added in v2.12.0
GenerateMagicCharacter generates a magic character based on context
func GenerateMagicString ¶ added in v2.12.0
GenerateMagicString generates a string with multiple magic characters
func GenerateRandomToken ¶
GenerateRandomToken is make scan id
func GenerateTerminalWidthLine ¶
GenerateTerminalWidthLine generates a string that fills the terminal width with the specified character
func GenerateTestPayload ¶ added in v2.12.0
GenerateTestPayload creates a test payload with magic characters
func GetBypassHints ¶ added in v2.12.0
GetBypassHints returns WAF bypass hints for specific characters
func GetTerminalWidth ¶
func GetTerminalWidth() int
GetTerminalWidth returns the width of the terminal
func MakeTargetSlice ¶
MakeTargetSlice is make slice for multicast option
Types ¶
This section is empty.
Source Files