Documentation
¶
Index ¶
Constants ¶
View Source
const SQLCharactersToEscape = "'\"\b\n\r\t\\%_"
SQLCharactersToEscape represents the characters that should be escaped in user input. See https://dev.mysql.com/doc/refman/8.0/en/string-literals.html
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type CommandInjection ¶
type CommandInjection struct {
// contains filtered or unexported fields
}
func NewCommandInjection ¶
func NewCommandInjection(id int, path string) *CommandInjection
func (*CommandInjection) Detect ¶
func (ci *CommandInjection) Detect()
type Detector ¶
type Detector interface {
// `Detect` performs class-specific checks for various classes of bugs and upon discovering them report them to the user
// followed by process termiantion. The function can also guide the fuzzer towards producing
// interesting inputs that trigger the bugs of interest.
Detect()
}
type PathTraversal ¶
type PathTraversal struct {
// contains filtered or unexported fields
}
func NewPathTraversal ¶
func NewPathTraversal(id int, path string) *PathTraversal
func (*PathTraversal) Detect ¶
func (pt *PathTraversal) Detect()
type SQLInjection ¶
type SQLInjection struct {
// contains filtered or unexported fields
}
func NewSQLInjection ¶
func NewSQLInjection(id int, query string, err error, vargs ...any) *SQLInjection
func (*SQLInjection) Detect ¶
func (sqli *SQLInjection) Detect()
type TemplateInjection ¶
type TemplateInjection struct {
// contains filtered or unexported fields
}
func NewTemplateInjection ¶
func NewTemplateInjection(id int, tree *parse.Tree) *TemplateInjection
func (*TemplateInjection) Detect ¶
func (ti *TemplateInjection) Detect()
Source Files
Click to show internal directories.
Click to hide internal directories.