crawler

package
v0.0.0-...-9da19f5 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Aug 3, 2025 License: AGPL-3.0 Imports: 19 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func CheckConfig 

func CheckConfig() error

CheckConfig 检查配置文件

func Run 

func Run() error

Run 主入口函数

Types

type APIInfo 

type APIInfo struct {
	Path   string
	Source string
}

APIInfo API信息

type CandidateURL 

type CandidateURL struct {
	URL        string
	Method     string
	StatusCode int
	Content    string
	ErrorHints []string
}

CandidateURL 候选URL结构

type CrawlTask 

type CrawlTask struct {
	URL   string
	Depth int
}

CrawlTask 爬取任务

type Crawler 

type Crawler struct {
	HTTPClient    *util.HTTPClient    // HTTP客户端
	Visited       map[string]bool     // 已访问的URL记录
	JSFiles       []mode.JSFile       // 发现的JS文件列表
	JSFileCheck   map[string]struct{} // JS文件查重
	Links         []mode.Link         // 发现的链接列表
	LinkCheck     map[string]struct{} // Link查重
	SensitiveInfo []mode.Info         // 提取的敏感信息

	SensitiveCheck   map[string]struct{}    // 敏感信息查重
	FuzzResults      []mode.FuzzResult      // 模糊测试结果
	DomainInfo       []mode.DomainInfo      // 域名信息
	DomainCheck      map[string]struct{}    // 域名查重
	IpCheck          map[string]struct{}    // IP查重
	ParamFuzzResults []mode.ParamFuzzResult // 参数模糊测试结果

	Depth           int    // 当前爬取深度
	MaxDepth        int    // 最大爬取深度
	BaseURL         string // 基础URL
	Domain          string // 目标域名
	LinkConcurrency int    // 链接爬取并发数
	JSConcurrency   int    // JS文件获取并发数
	// contains filtered or unexported fields
}

Crawler 网页爬虫结构体,负责爬取网页内容并提取敏感信息

func NewCrawler 

func NewCrawler(baseURL string, maxDepth int, threadCount int) *Crawler

NewCrawler 创建新的爬虫实例

func (*Crawler) AddFuzzResult 

func (c *Crawler) AddFuzzResult(result mode.FuzzResult)

AddFuzzResult 添加模糊测试结果

func (*Crawler) GetResults 

func (c *Crawler) GetResults() ([]mode.JSFile, []mode.Link, []mode.Info, []mode.FuzzResult, []mode.DomainInfo)

GetResults 获取爬取结果

func (*Crawler) Start 

func (c *Crawler) Start() error

Start 开始爬取网页内容

type FuzzTask 

type FuzzTask struct {
	URL      string
	Method   string
	Source   string
	Original string
	Payload  string
	FuzzType string
}

FuzzTask 模糊测试任务

type Fuzzer 

type Fuzzer struct {
	HTTPClient *util.HTTPClient // HTTP客户端
	BaseURL    string           // 基础URL
	Crawler    *Crawler         // 爬虫实例
	BaseDir    string           // 基础目录
}

Fuzzer 模糊测试器

func NewFuzzer 

func NewFuzzer(baseURL string, crawler *Crawler) *Fuzzer

NewFuzzer 创建新的模糊测试器

func (*Fuzzer) SetBaseDir 

func (f *Fuzzer) SetBaseDir(baseDir string)

SetBaseDir 设置基础目录

func (*Fuzzer) StartFuzzing 

func (f *Fuzzer) StartFuzzing() error

StartFuzzing 开始模糊测试

type ParamFuzzer 

type ParamFuzzer struct {
	HTTPClient *util.HTTPClient
	Crawler    *Crawler
	BaseURL    string
	Results    []mode.ParamFuzzResult
}

ParamFuzzer 参数模糊测试器

func NewParamFuzzer 

func NewParamFuzzer(baseURL string, crawler *Crawler) *ParamFuzzer

NewParamFuzzer 创建新的参数模糊测试器

func (*ParamFuzzer) GetResults 

func (pf *ParamFuzzer) GetResults() []mode.ParamFuzzResult

GetResults 获取参数模糊测试结果

func (*ParamFuzzer) StartParamFuzzing 

func (pf *ParamFuzzer) StartParamFuzzing() error

StartParamFuzzing 开始参数模糊测试

type PermissionChecker 

type PermissionChecker struct {
	LowAuthClient              *util.HTTPClient                 // 低权限HTTP客户端
	HighAuthClient             *util.HTTPClient                 // 高权限HTTP客户端
	NoAuthClient               *util.HTTPClient                 // 无认证HTTP客户端
	TargetURLs                 []string                         // 目标URL列表
	AuthorityResults           []mode.AuthorityResult           // 权限检测结果
	UnauthorityResults         []mode.UnauthorityResult         // 未授权访问检测结果
	PrivilegeEscalationResults []mode.PrivilegeEscalationResult // 未授权访问检测结果
}

PermissionChecker 统一的权限检测器,支持多种权限检测模式

func NewAuthorityChecker 

func NewAuthorityChecker(urls []string) *PermissionChecker

NewAuthorityChecker 创建权限检测器(向后兼容)

func NewPermissionChecker 

func NewPermissionChecker(lowAuthClient, highAuthClient *util.HTTPClient, urls []string) *PermissionChecker

NewPermissionChecker 创建统一权限检测器

func NewPrivilegeEscalationChecker 

func NewPrivilegeEscalationChecker(lowAuthClient, highAuthClient *util.HTTPClient, urls []string) *PermissionChecker

NewPrivilegeEscalationChecker 创建未授权访问检测器(向后兼容)

func NewUnauthorityChecker 

func NewUnauthorityChecker(client *util.HTTPClient, urls []string) *PermissionChecker

NewUnauthorityChecker 创建未授权访问检测器(向后兼容)

func (*PermissionChecker) CheckAuthority 

func (pc *PermissionChecker) CheckAuthority() error

CheckAuthority 检测权限

func (*PermissionChecker) CheckPrivilegeEscalation 

func (pc *PermissionChecker) CheckPrivilegeEscalation()

CheckPrivilegeEscalation 执行未授权访问检测

func (*PermissionChecker) CheckUnauthority 

func (pc *PermissionChecker) CheckUnauthority() error

CheckUnauthority 检测未授权访问

func (*PermissionChecker) GetAuthorityResults 

func (pc *PermissionChecker) GetAuthorityResults() []mode.AuthorityResult

GetAuthorityResults 获取权限检测结果

func (*PermissionChecker) GetPrivilegeEscalationResults 

func (pc *PermissionChecker) GetPrivilegeEscalationResults() []mode.PrivilegeEscalationResult

GetPrivilegeEscalationResults 获取未授权访问检测结果

func (*PermissionChecker) GetResults 

func (pc *PermissionChecker) GetResults() []mode.AuthorityResult

GetResults 获取权限检测结果(向后兼容)

func (*PermissionChecker) GetUnauthorityResults 

func (pc *PermissionChecker) GetUnauthorityResults() []mode.UnauthorityResult

GetUnauthorityResults 获取未授权访问检测结果

type TestURL 

type TestURL struct {
	URL      string
	Method   string
	Payload  string
	FuzzType string
}

TestURL 测试URL

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.