scanner

package
v0.11.3 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 26, 2026 License: MIT Imports: 21 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func BruteforcePlugins added in v0.6.0 

func BruteforcePlugins(req BruteforceRequest) ([]string, map[string]string)

BruteforcePlugins attempts to detect plugins by parsing their readme.txt for version. It updates the progress bar message with a fixed-width plugin name.

func CheckVulnerabilities added in v0.9.0 

func CheckVulnerabilities(req VulnerabilityCheckRequest) (map[string]string, []file.PluginEntry)

CheckVulnerabilities checks vulnerabilities for detected plugins and themes.

func FetchEndpoints 

func FetchEndpoints(ctx context.Context, target string, cfg http.Config) []string

func HTTPConfigFromOpts added in v0.10.13 

func HTTPConfigFromOpts(opts ScanOptions) wphttp.Config

HTTPConfigFromOpts builds an http.Config from ScanOptions. Uses the global shared rate limiter from opts, or creates one if not set.

func HybridScan added in v0.6.0 

func HybridScan(req HybridScanRequest) ([]string, map[string]string)

HybridScan performs a hybrid scan: first stealthy, then brute-forces remaining plugins.

func LoadPluginEndpointsFromData 

func LoadPluginEndpointsFromData(data []byte) (map[string][]string, error)

LoadPluginEndpointsFromData loads plugin endpoints from JSONL data.

func LoadPluginsFromFile added in v0.6.0 

func LoadPluginsFromFile(filename string) ([]string, error)

LoadPluginsFromFile loads a list of plugins from an embedded file or a user-specified file. The default embedded plugin list is cached globally since it never changes.

func ScanSite 

func ScanSite(ctx ScanSiteContext)

func ScanTargets 

func ScanTargets(opts ScanOptions)

Types

type AuthGroup added in v0.6.0 

type AuthGroup struct {
	AuthTypes map[string][]CVEEntry
}

AuthGroup groups vulnerabilities by authentication type.

type BruteforceContext added in v0.9.0 

type BruteforceContext struct {
	ScanContext
	Mu       *sync.Mutex
	Wg       *sync.WaitGroup
	Sem      chan struct{}
	Detected *[]string
	Versions *map[string]string
	Ctx      context.Context
	Client   *wphttp.HTTPClientManager
}

BruteforceContext contains context for bruteforce operations.

type BruteforceRequest added in v0.9.0 

type BruteforceRequest struct {
	Target   string
	Plugins  []string
	Threads  int
	Progress Progress
	HTTP     wphttp.Config
}

BruteforceRequest contains request parameters for bruteforce operations.

type CVEEntry added in v0.11.3 

type CVEEntry struct {
	ID    string
	Title string
}

CVEEntry holds a CVE ID and its title.

type DisplayResultsContext added in v0.9.0 

type DisplayResultsContext struct {
	Target    string
	Detected  map[string]string
	PluginRes PluginDetectionResult
	Results   []file.PluginEntry
	Opts      ScanOptions
	Progress  Progress
}

DisplayResultsContext contains context for displaying scan results.

type HTMLDiscoveryResult added in v0.11.0 

type HTMLDiscoveryResult struct {
	Plugins []string
	Themes  []string
}

HTMLDiscoveryResult holds both plugins and themes discovered from HTML.

type HybridScanRequest added in v0.9.0 

type HybridScanRequest struct {
	Target            string
	StealthyPlugins   []string
	BruteforcePlugins []string
	Threads           int
	Progress          Progress
	HTTP              wphttp.Config
}

HybridScanRequest contains request parameters for hybrid scan operations.

type PluginAuthGroups added in v0.6.0 

type PluginAuthGroups struct {
	Plugins map[string]SeverityAuthGroup
}

PluginAuthGroups organizes vulnerabilities by plugin, severity, and auth type.

type PluginData added in v0.6.0 

type PluginData struct {
	Score      int
	Confidence float64
	Ambiguous  bool
	Matches    []string
}

PluginData contains information about a detected plugin.

type PluginDetectionResult 

type PluginDetectionResult struct {
	Plugins  map[string]*PluginData
	Detected []string
}

PluginDetectionResult contains the results of plugin detection.

func DetectPlugins 

func DetectPlugins(
	detectedEndpoints []string,
	pluginEndpoints map[string][]string,
) PluginDetectionResult

DetectPlugins detects plugins by matching detected endpoints with known plugin endpoints.

type PluginVulnerabilities added in v0.6.0 

type PluginVulnerabilities struct {
	Plugins map[string]VulnCategories
}

PluginVulnerabilities maps plugin names to their vulnerability categories.

type Progress added in v0.10.21 

type Progress interface {
	Increment()
	Finish()
	SetTotal(int)
	SetMessage(string)
	RenderBlank()
	ClearLine()
	Bprintln(a ...interface{}) (int, error)
}

Progress defines the interface for progress reporting. The real implementation lives in internal/progress and is only imported by CLI code, keeping TUI dependencies out of the library path.

type ScanContext added in v0.9.0 

type ScanContext struct {
	Target   string
	Threads  int
	HTTP     wphttp.Config
	Progress Progress
}

ScanContext contains context for scanning operations.

type ScanDetectionResult added in v0.11.0 

type ScanDetectionResult struct {
	Plugins      []string
	Themes       []string
	PluginResult PluginDetectionResult
	Versions     map[string]string
}

ScanDetectionResult holds the combined results of plugin and theme detection.

type ScanExecutionConfig added in v0.9.0 

type ScanExecutionConfig struct {
	Targets  []string
	Opts     ScanOptions
	Vulns    []wordfence.Vulnerability
	Config   scanConfig
	Progress Progress
	Writer   file.WriterInterface
}

ScanExecutionConfig contains all configuration for executing multiple scans.

type ScanExecutionContext added in v0.9.0 

type ScanExecutionContext struct {
	Target   string
	Opts     ScanOptions
	Progress Progress
	Ctx      context.Context
}

ScanExecutionContext contains all context needed for executing a scan.

type ScanOptions 

type ScanOptions struct {
	URL            string
	File           string
	NoCheckVersion bool
	Threads        int
	Output         string
	OutputFormat   string
	Verbose        bool
	ScanMode       string
	PluginList     string
	Headers        []string
	Proxy          string
	RateLimit      int                                      // Requests per second (0 = unlimited)
	MaxRedirects   int                                      // Maximum redirects to follow (0 = disable, -1 = default: 10)
	Context        context.Context                          // Context for cancellation
	HTTPClient     *http.Client                             // External HTTP client (optional, for connection pooling)
	SharedLimiter  *wphttp.RateLimiter                      // Global rate limiter shared across all targets
	NewProgress    func(total int, message string) Progress // Factory for creating progress bars (CLI only)
	DisplayFunc    func(DisplayResultsContext)              // Callback for displaying results (CLI only)
}

ScanOptions contains all configuration options for scanning.

type ScanSiteContext added in v0.9.0 

type ScanSiteContext struct {
	Target   string
	Opts     ScanOptions
	Writer   file.WriterInterface
	Progress Progress
	Vulns    []wordfence.Vulnerability
}

ScanSiteContext contains all context needed for scanning a single site.

type SeverityAuthGroup added in v0.6.0 

type SeverityAuthGroup struct {
	Severities map[string]AuthGroup
}

SeverityAuthGroup groups vulnerabilities by severity and auth type.

type TargetScanContext added in v0.9.0 

type TargetScanContext struct {
	Target   string
	Opts     ScanOptions
	PerSite  int
	Writer   file.WriterInterface
	Progress Progress
	Vulns    []wordfence.Vulnerability
	Sem      chan struct{}
	Wg       *sync.WaitGroup
}

TargetScanContext contains context for scanning a single target.

type VulnCategories 

type VulnCategories struct {
	Critical []string
	High     []string
	Medium   []string
	Low      []string
}

VulnCategories groups vulnerabilities by severity.

type VulnerabilityCheckContext added in v0.9.0 

type VulnerabilityCheckContext struct {
	ScanContext
	Mu                  *sync.Mutex
	Wg                  *sync.WaitGroup
	Sem                 chan struct{}
	EntriesMap          *map[string]string
	EntriesList         *[]file.PluginEntry
	Vulnerabilities     []wordfence.Vulnerability
	VulnIndex           map[string][]*wordfence.Vulnerability // Indexed by plugin slug for fast lookup
	PreDetectedVersions map[string]string
	Ctx                 context.Context // Context for cancellation
}

VulnerabilityCheckContext contains context for vulnerability checking.

type VulnerabilityCheckRequest added in v0.9.0 

type VulnerabilityCheckRequest struct {
	Plugins  []string
	Themes   []string
	Target   string
	Vulns    []wordfence.Vulnerability
	Opts     ScanOptions
	Progress Progress
	Versions map[string]string
	Ctx      context.Context // Context for cancellation
}

VulnerabilityCheckRequest contains request parameters for checking vulnerabilities.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.