SYMBOL INDEX (894 symbols across 155 files) FILE: api/curl.go type NewURLScanRequest (line 13) | type NewURLScanRequest struct method ScanURL (line 21) | func (h *Handler) ScanURL(ctx *gin.Context) { FILE: api/graphql.go type NewGraphQLScanRequest (line 13) | type NewGraphQLScanRequest struct method ScanGraphQL (line 19) | func (h *Handler) ScanGraphQL(ctx *gin.Context) { FILE: api/handler.go type Handler (line 7) | type Handler struct function NewHandler (line 9) | func NewHandler() *Handler { function Routes (line 13) | func Routes(r *gin.Engine, h *Handler) { FILE: api/openapi.go type NewOpenAPIScanRequest (line 14) | type NewOpenAPIScanRequest struct method ScanOpenAPI (line 23) | func (h *Handler) ScanOpenAPI(ctx *gin.Context) { FILE: api/request.go type ScanOptions (line 9) | type ScanOptions struct function parseScanOptions (line 17) | func parseScanOptions(opts *ScanOptions) request.NewClientOptions { FILE: api/response.go type HTTPResponseReports (line 7) | type HTTPResponseReports struct FILE: api/response_test.go function TestMarshalHTTPResponseReports (line 15) | func TestMarshalHTTPResponseReports(t *testing.T) { FILE: cmd/discover/api.go function NewAPICmd (line 19) | func NewAPICmd() (apiCmd *cobra.Command) { FILE: cmd/discover/domain.go function NewDomainCmd (line 18) | func NewDomainCmd() (domainCmd *cobra.Command) { FILE: cmd/discover/root.go constant otelName (line 9) | otelName = "github.com/cerberauth/vulnapi/cmd/discover" constant otelErrorReasonAttributeKey (line 11) | otelErrorReasonAttributeKey = attribute.Key("error_reason") function NewDiscoverCmd (line 14) | func NewDiscoverCmd() (discoverCmd *cobra.Command) { FILE: cmd/discover/root_test.go function TestNewDiscoverCmd (line 10) | func TestNewDiscoverCmd(t *testing.T) { FILE: cmd/jwt/root.go constant otelName (line 18) | otelName = "github.com/cerberauth/vulnapi/cmd/discover" constant otelErrorReasonAttributeKey (line 20) | otelErrorReasonAttributeKey = attribute.Key("error_reason") constant algorithmAttributeKey (line 21) | algorithmAttributeKey = attribute.Key("algorithm") type Algorithm (line 24) | type Algorithm constant None (line 27) | None Algorithm = "NONE" constant HS256 (line 28) | HS256 Algorithm = "HS256" constant HS384 (line 29) | HS384 Algorithm = "HS384" constant HS512 (line 30) | HS512 Algorithm = "HS512" constant RS256 (line 31) | RS256 Algorithm = "RS256" constant RS384 (line 32) | RS384 Algorithm = "RS384" constant RS512 (line 33) | RS512 Algorithm = "RS512" constant ES256 (line 34) | ES256 Algorithm = "ES256" constant ES384 (line 35) | ES384 Algorithm = "ES384" function GetAlgorithm (line 44) | func GetAlgorithm(alg string) (jwtlib.SigningMethod, error) { function NewJWTCmd (line 69) | func NewJWTCmd() (cmd *cobra.Command) { FILE: cmd/root.go function NewRootCmd (line 24) | func NewRootCmd(projectVersion, commit, date string) (cmd *cobra.Command) { function Execute (line 61) | func Execute(projectVersion, commit, date string) { FILE: cmd/scan/curl.go function NewCURLScanCmd (line 23) | func NewCURLScanCmd() (scanCmd *cobra.Command) { FILE: cmd/scan/graphql.go function NewGraphQLScanCmd (line 18) | func NewGraphQLScanCmd() (scanCmd *cobra.Command) { FILE: cmd/scan/openapi.go function isStdinOpen (line 21) | func isStdinOpen() bool { function readStdin (line 26) | func readStdin() *string { function NewOpenAPIScanCmd (line 36) | func NewOpenAPIScanCmd() (scanCmd *cobra.Command) { FILE: cmd/scan/root.go constant otelName (line 9) | otelName = "github.com/cerberauth/vulnapi/cmd/scan" constant otelErrorReasonAttributeKey (line 11) | otelErrorReasonAttributeKey = attribute.Key("error_reason") constant includeScansAttributeKey (line 12) | includeScansAttributeKey = attribute.Key("include_scans") constant excludeScansAttributeKey (line 13) | excludeScansAttributeKey = attribute.Key("exclude_scans") function NewScanCmd (line 16) | func NewScanCmd() (scanCmd *cobra.Command) { FILE: cmd/scan/root_test.go function TestNewScanCmd (line 10) | func TestNewScanCmd(t *testing.T) { FILE: cmd/serve/root.go function NewServeCmd (line 16) | func NewServeCmd() (serveCmd *cobra.Command) { FILE: internal/auth/api_key.go function NewAPIKeySecurityScheme (line 3) | func NewAPIKeySecurityScheme(name string, in SchemeIn, value *string) (*... function MustNewAPIKeySecurityScheme (line 20) | func MustNewAPIKeySecurityScheme(name string, in SchemeIn, value *string... FILE: internal/auth/api_key_test.go function TestNewAPIKeySecurityScheme (line 10) | func TestNewAPIKeySecurityScheme(t *testing.T) { function TestTestNewAPIKeySecurityScheme_WhenNilValue (line 27) | func TestTestNewAPIKeySecurityScheme_WhenNilValue(t *testing.T) { function TestNewAuthorizationBearerSecurityScheme_WhenInCooke (line 37) | func TestNewAuthorizationBearerSecurityScheme_WhenInCooke(t *testing.T) { function TestMustNewAPIKeySecurityScheme (line 47) | func TestMustNewAPIKeySecurityScheme(t *testing.T) { FILE: internal/auth/basic.go type HTTPBasicCredentials (line 5) | type HTTPBasicCredentials struct method GetUsername (line 17) | func (credentials *HTTPBasicCredentials) GetUsername() string { method GetPassword (line 21) | func (credentials *HTTPBasicCredentials) GetPassword() string { method Encode (line 25) | func (credentials *HTTPBasicCredentials) Encode() string { function NewHTTPBasicCredentials (line 10) | func NewHTTPBasicCredentials(username string, password string) *HTTPBasi... function NewAuthorizationBasicSecurityScheme (line 29) | func NewAuthorizationBasicSecurityScheme(name string, credentials *HTTPB... function MustNewAuthorizationBasicSecurityScheme (line 46) | func MustNewAuthorizationBasicSecurityScheme(name string, credentials *H... FILE: internal/auth/basic_test.go function TestNewAuthorizationBasicSecurityScheme (line 10) | func TestNewAuthorizationBasicSecurityScheme(t *testing.T) { function TestNewAuthorizationBasicSecurityScheme_WhenNilValue (line 25) | func TestNewAuthorizationBasicSecurityScheme_WhenNilValue(t *testing.T) { function TestMustNewAuthorizationBasicSecurityScheme (line 35) | func TestMustNewAuthorizationBasicSecurityScheme(t *testing.T) { FILE: internal/auth/bearer.go function NewAuthorizationBearerSecurityScheme (line 7) | func NewAuthorizationBearerSecurityScheme(name string, value *string) (*... function MustNewAuthorizationBearerSecurityScheme (line 34) | func MustNewAuthorizationBearerSecurityScheme(name string, value *string... FILE: internal/auth/bearer_test.go function TestNewAuthorizationBearerSecurityScheme (line 10) | func TestNewAuthorizationBearerSecurityScheme(t *testing.T) { function TestNewAuthorizationBearerSecurityScheme_WhenNilValue (line 27) | func TestNewAuthorizationBearerSecurityScheme_WhenNilValue(t *testing.T) { function TestNewAuthorizationBearerSecurityScheme_WhenJWTFormatValue (line 38) | func TestNewAuthorizationBearerSecurityScheme_WhenJWTFormatValue(t *test... function TestMustNewAuthorizationBearerSecurityScheme (line 53) | func TestMustNewAuthorizationBearerSecurityScheme(t *testing.T) { FILE: internal/auth/headers.go constant AuthorizationHeader (line 3) | AuthorizationHeader = "Authorization" constant BearerPrefix (line 4) | BearerPrefix = "Bearer" constant BasicPrefix (line 5) | BasicPrefix = "Basic" FILE: internal/auth/no_auth.go function NewNoAuthSecurityScheme (line 5) | func NewNoAuthSecurityScheme() (*SecurityScheme, error) { function MustNewNoAuthSecurityScheme (line 9) | func MustNewNoAuthSecurityScheme() *SecurityScheme { FILE: internal/auth/no_auth_test.go function TestNewNoAuthSecurityScheme (line 10) | func TestNewNoAuthSecurityScheme(t *testing.T) { function TestMustNewNoAuthSecurityScheme (line 21) | func TestMustNewNoAuthSecurityScheme(t *testing.T) { FILE: internal/auth/oauth.go type OAuthFlow (line 9) | type OAuthFlow constant AuthorizationCodeFlow (line 12) | AuthorizationCodeFlow OAuthFlow = "authorization_code" constant ImplicitFlow (line 13) | ImplicitFlow OAuthFlow = "implicit" constant ClientCredentials (line 14) | ClientCredentials OAuthFlow = "client_credentials" type OAuthValue (line 17) | type OAuthValue struct method SetAccessToken (line 33) | func (value *OAuthValue) SetAccessToken(accessToken string) { method GetAccessToken (line 37) | func (value *OAuthValue) GetAccessToken() string { function NewOAuthValue (line 24) | func NewOAuthValue(accessToken string, refreshToken *string, expiresIn *... type OAuthConfig (line 41) | type OAuthConfig struct function NewOAuthSecurityScheme (line 51) | func NewOAuthSecurityScheme(name string, in *SchemeIn, value *OAuthValue... function MustNewOAuthSecurityScheme (line 81) | func MustNewOAuthSecurityScheme(name string, in *SchemeIn, value *OAuthV... FILE: internal/auth/oauth_test.go function TestNewOAuthSecurityScheme (line 10) | func TestNewOAuthSecurityScheme(t *testing.T) { function TestNewOAuthSecurityScheme_WhenNilIn (line 30) | func TestNewOAuthSecurityScheme_WhenNilIn(t *testing.T) { function TestNewOAuthSecurityScheme_WhenQueryIn (line 42) | func TestNewOAuthSecurityScheme_WhenQueryIn(t *testing.T) { function TestNewOAuthSecurityScheme_WhenNilValue (line 55) | func TestNewOAuthSecurityScheme_WhenNilValue(t *testing.T) { function TestNewOAuthSecurityScheme_WhenJWTFormatValue (line 66) | func TestNewOAuthSecurityScheme_WhenJWTFormatValue(t *testing.T) { function TestMustNewOAuthSecurityScheme (line 82) | func TestMustNewOAuthSecurityScheme(t *testing.T) { FILE: internal/auth/scheme.go type SchemeName (line 3) | type SchemeName method String (line 16) | func (s *SchemeName) String() string { method Type (line 20) | func (e *SchemeName) Type() string { constant BasicScheme (line 8) | BasicScheme SchemeName = "Basic" constant BearerScheme (line 9) | BearerScheme SchemeName = "Bearer" constant DigestScheme (line 10) | DigestScheme SchemeName = "Digest" constant OAuthScheme (line 11) | OAuthScheme SchemeName = "OAuth" constant PrivateToken (line 12) | PrivateToken SchemeName = "PrivateToken" constant NoneScheme (line 13) | NoneScheme SchemeName = "None" type SchemeIn (line 24) | type SchemeIn constant InQuery (line 27) | InQuery SchemeIn = "query" constant InHeader (line 28) | InHeader SchemeIn = "header" constant InCookie (line 29) | InCookie SchemeIn = "cookie" type TokenFormat (line 32) | type TokenFormat constant JWTTokenFormat (line 35) | JWTTokenFormat TokenFormat = "jwt" constant NoneTokenFormat (line 36) | NoneTokenFormat TokenFormat = "none" FILE: internal/auth/scheme_test.go function TestSchemeName_String (line 10) | func TestSchemeName_String(t *testing.T) { function TestSchemeName_Type (line 15) | func TestSchemeName_Type(t *testing.T) { function TestSchemeIn (line 20) | func TestSchemeIn(t *testing.T) { function TestSchemeIn_String (line 25) | func TestSchemeIn_String(t *testing.T) { FILE: internal/auth/security_scheme.go function NewErrTokenFormatShouldBeJWT (line 11) | func NewErrTokenFormatShouldBeJWT() error { type SecurityScheme (line 15) | type SecurityScheme struct method GetType (line 53) | func (securityScheme *SecurityScheme) GetType() Type { method GetScheme (line 57) | func (securityScheme *SecurityScheme) GetScheme() SchemeName { method GetIn (line 61) | func (securityScheme *SecurityScheme) GetIn() *SchemeIn { method GetToken (line 65) | func (securityScheme *SecurityScheme) GetToken() string { method SetTokenFormat (line 77) | func (securityScheme *SecurityScheme) SetTokenFormat(tokenFormat Token... method GetTokenFormat (line 86) | func (securityScheme *SecurityScheme) GetTokenFormat() *TokenFormat { method GetName (line 90) | func (securityScheme *SecurityScheme) GetName() string { method GetConfig (line 94) | func (securityScheme *SecurityScheme) GetConfig() interface{} { method validateValue (line 98) | func (securityScheme *SecurityScheme) validateValue(value interface{})... method SetValidValue (line 155) | func (securityScheme *SecurityScheme) SetValidValue(value interface{})... method GetValidValue (line 169) | func (securityScheme *SecurityScheme) GetValidValue() interface{} { method HasValidValue (line 173) | func (securityScheme *SecurityScheme) HasValidValue() bool { method SetAttackValue (line 177) | func (securityScheme *SecurityScheme) SetAttackValue(value interface{}... method GetAttackValue (line 191) | func (securityScheme *SecurityScheme) GetAttackValue() interface{} { method GetHeaders (line 195) | func (securityScheme *SecurityScheme) GetHeaders() http.Header { method GetCookies (line 233) | func (securityScheme *SecurityScheme) GetCookies() []*http.Cookie { type SecuritySchemesMap (line 27) | type SecuritySchemesMap function NewSecurityScheme (line 33) | func NewSecurityScheme(name string, config interface{}, t Type, scheme S... FILE: internal/auth/security_scheme_test.go function TestNewSecurityScheme (line 14) | func TestNewSecurityScheme(t *testing.T) { function TestSetValidValue (line 88) | func TestSetValidValue(t *testing.T) { function TestSetTokenFormat (line 205) | func TestSetTokenFormat(t *testing.T) { function TestSetAttackValue (line 261) | func TestSetAttackValue(t *testing.T) { function TestGetHeaders (line 378) | func TestGetHeaders(t *testing.T) { FILE: internal/auth/type.go type Type (line 3) | type Type constant HttpType (line 6) | HttpType Type = "http" constant OAuth2 (line 7) | OAuth2 Type = "oauth2" constant OpenIdConnect (line 8) | OpenIdConnect Type = "openIdConnect" constant ApiKey (line 9) | ApiKey Type = "apiKey" constant MutualTLS (line 10) | MutualTLS Type = "mutualTLS" constant None (line 11) | None Type = "none" FILE: internal/auth/uniq_name.go function GetSecuritySchemeUniqueName (line 3) | func GetSecuritySchemeUniqueName(securityScheme *SecurityScheme) string { FILE: internal/auth/uniq_name_test.go function TestGetSecuritySchemeUniqueName (line 10) | func TestGetSecuritySchemeUniqueName(t *testing.T) { FILE: internal/cmd/args.go function AddCommonArgs (line 21) | func AddCommonArgs(cmd *cobra.Command) { function FilterScans (line 44) | func FilterScans(scans []string) []string { function GetIncludeScans (line 54) | func GetIncludeScans() []string { function GetExcludeScans (line 58) | func GetExcludeScans() []string { function GetReportFormat (line 62) | func GetReportFormat() string { function GetReportTransport (line 66) | func GetReportTransport() string { function GetNoProgress (line 70) | func GetNoProgress() bool { function GetSeverityThreshold (line 74) | func GetSeverityThreshold() float64 { function SetReportFile (line 78) | func SetReportFile(f string) { function SetReportURL (line 82) | func SetReportURL(u string) { function SetSeverityThreshold (line 86) | func SetSeverityThreshold(t float64) { function ClearValues (line 90) | func ClearValues() { FILE: internal/cmd/args_test.go function TestAddCommonArgs (line 11) | func TestAddCommonArgs(t *testing.T) { FILE: internal/cmd/http.go function NewHTTPClientFromCmd (line 9) | func NewHTTPClientFromCmd(cmd *cobra.Command) (*request.Client, error) { FILE: internal/cmd/printtable/fingerprint_table.go function FingerprintScanReport (line 11) | func FingerprintScanReport(reporter *report.Reporter) { FILE: internal/cmd/printtable/printttable.go function CreateTable (line 12) | func CreateTable(headers []string) *tablewriter.Table { function DisplayUnexpectedErrorMessage (line 49) | func DisplayUnexpectedErrorMessage() { FILE: internal/cmd/printtable/report_table.go type ScanIssueReport (line 14) | type ScanIssueReport struct type SortByPathAndSeverity (line 21) | type SortByPathAndSeverity method Len (line 23) | func (a SortByPathAndSeverity) Len() int { return len(a) } method Swap (line 24) | func (a SortByPathAndSeverity) Swap(i, j int) { a[i], a[j] = a[j], a[i] } method Less (line 25) | func (a SortByPathAndSeverity) Less(i, j int) bool { function NewScanIssueReports (line 37) | func NewScanIssueReports(r *report.ScanReport) []*ScanIssueReport { function NewFullScanIssueReports (line 52) | func NewFullScanIssueReports(reports []*report.ScanReport) []*ScanIssueR... function severityTableColor (line 63) | func severityTableColor(v *report.IssueReport) color.Attribute { function DisplayReportSummaryTable (line 78) | func DisplayReportSummaryTable(r *report.Reporter) { function DisplayReportTable (line 104) | func DisplayReportTable(r *report.Reporter) { FILE: internal/cmd/printtable/report_table_test.go function TestNewScanIssueReports (line 12) | func TestNewScanIssueReports(t *testing.T) { function TestNewFullScanIssueReports (line 50) | func TestNewFullScanIssueReports(t *testing.T) { FILE: internal/cmd/printtable/wellknown_paths_table.go function wellKnownPathsFromReport (line 16) | func wellKnownPathsFromReport(r *report.ScanReport, header string) [][]s... function WellKnownPathsScanReport (line 30) | func WellKnownPathsScanReport(reporter *report.Reporter) { FILE: internal/cmd/progressbar.go function NewProgressBar (line 7) | func NewProgressBar(max int) *progressbar.ProgressBar { FILE: internal/cmd/report.go function PrintOrExportReport (line 13) | func PrintOrExportReport(format string, transport string, report *report... function PrintTable (line 57) | func PrintTable(report *report.Reporter) { function ExportJSON (line 64) | func ExportJSON(report *report.Reporter) ([]byte, error) { function ExportYAML (line 68) | func ExportYAML(report *report.Reporter) ([]byte, error) { function exportWithTransport (line 72) | func exportWithTransport(transport string, output []byte) error { function writeFile (line 89) | func writeFile(path string, output []byte) error { function sendHTTP (line 104) | func sendHTTP(outputURL string, output []byte) error { FILE: internal/operation/operation.go function GenerateOperationID (line 21) | func GenerateOperationID(method string, path string) string { type Operation (line 40) | type Operation struct method IsReachable (line 105) | func (operation *Operation) IsReachable() error { method WithOpenapiOperation (line 151) | func (operation *Operation) WithOpenapiOperation(docPath string, opena... method WithHeader (line 162) | func (operation *Operation) WithHeader(header http.Header) *Operation { method WithCookies (line 167) | func (operation *Operation) WithCookies(cookies []*http.Cookie) *Opera... method NewRequest (line 172) | func (operation *Operation) NewRequest() (*request.Request, error) { method GetSecuritySchemes (line 183) | func (operation *Operation) GetSecuritySchemes() []*auth.SecurityScheme { method GetSecurityScheme (line 190) | func (operation *Operation) GetSecurityScheme() *auth.SecurityScheme { method SetSecuritySchemes (line 197) | func (operation *Operation) SetSecuritySchemes(securitySchemes []*auth... method GetPath (line 202) | func (operation *Operation) GetPath() string { method GetOpenAPIDocPath (line 206) | func (operation *Operation) GetOpenAPIDocPath() *string { method SetID (line 210) | func (operation *Operation) SetID(id string) *Operation { method GenerateID (line 215) | func (operation *Operation) GenerateID() *Operation { method GetID (line 220) | func (operation *Operation) GetID() string { method Clone (line 224) | func (o *Operation) Clone() (*Operation, error) { function getBody (line 54) | func getBody(body io.Reader) ([]byte, error) { function NewOperation (line 69) | func NewOperation(method string, operationUrl string, body io.Reader, cl... function MustNewOperation (line 97) | func MustNewOperation(method string, operationUrl string, body *bytes.Bu... function NewOperationFromRequest (line 138) | func NewOperationFromRequest(r *request.Request) (*Operation, error) { FILE: internal/operation/operation_test.go function TestNewOperation (line 18) | func TestNewOperation(t *testing.T) { function TestMustNewOperation (line 31) | func TestMustNewOperation(t *testing.T) { function TestOperation_IsReachable (line 56) | func TestOperation_IsReachable(t *testing.T) { function TestOperation_IsReachableWhenNotReachable (line 69) | func TestOperation_IsReachableWhenNotReachable(t *testing.T) { function TestOperation_IsReachableWhenHTTPs (line 78) | func TestOperation_IsReachableWhenHTTPs(t *testing.T) { function TestOperation_IsReachableWhenHTTPsAndNoPort (line 87) | func TestOperation_IsReachableWhenHTTPsAndNoPort(t *testing.T) { function TestOperation_IsReachableWhenHTTPAndNoPort (line 96) | func TestOperation_IsReachableWhenHTTPAndNoPort(t *testing.T) { function TestOperation_IsReachableWhenUnsupportedScheme (line 105) | func TestOperation_IsReachableWhenUnsupportedScheme(t *testing.T) { function TestNewOperationFromRequest (line 114) | func TestNewOperationFromRequest(t *testing.T) { function TestNewOperationFromRequest_WithBody (line 134) | func TestNewOperationFromRequest_WithBody(t *testing.T) { function TestOperation_GetSecurityScheme (line 149) | func TestOperation_GetSecurityScheme(t *testing.T) { function TestOperationCloneWithSecuritySchemes (line 171) | func TestOperationCloneWithSecuritySchemes(t *testing.T) { function TestOperation_WithOpenapiOperation (line 185) | func TestOperation_WithOpenapiOperation(t *testing.T) { function TestOperation_WithOpenapiOperation_WithoutOperationID (line 196) | func TestOperation_WithOpenapiOperation_WithoutOperationID(t *testing.T) { function TestOperation_WithOpenapiOperation_WithoutOperationIDAndParameters (line 205) | func TestOperation_WithOpenapiOperation_WithoutOperationIDAndParameters(... function TestOperation_WithHeader (line 214) | func TestOperation_WithHeader(t *testing.T) { function TestOperation_WithCookies (line 225) | func TestOperation_WithCookies(t *testing.T) { function TestOperation_GenerateID (line 237) | func TestOperation_GenerateID(t *testing.T) { function TestOperation_SetId (line 263) | func TestOperation_SetId(t *testing.T) { function TestMarshalJSON (line 271) | func TestMarshalJSON(t *testing.T) { FILE: internal/operation/operations.go type Operations (line 3) | type Operations method Len (line 5) | func (o Operations) Len() int { return len(o) } method Swap (line 6) | func (o Operations) Swap(i, j int) { o[i], o[j] = o[j], o[i] } method Less (line 7) | func (o Operations) Less(i, j int) bool { method GetByID (line 15) | func (o Operations) GetByID(id string) *Operation { FILE: internal/operation/operations_test.go function TestOperations_Less (line 11) | func TestOperations_Less(t *testing.T) { function TestOperations_GetByID (line 61) | func TestOperations_GetByID(t *testing.T) { FILE: internal/request/client.go function GetDefaultClient (line 17) | func GetDefaultClient() *Client { function SetDefaultClient (line 25) | func SetDefaultClient(client *Client) { type Client (line 29) | type Client struct method WithHeader (line 102) | func (c *Client) WithHeader(header http.Header) *Client { method WithCookies (line 107) | func (c *Client) WithCookies(cookies []*http.Cookie) *Client { method ClearSecurityScheme (line 121) | func (c *Client) ClearSecurityScheme(securityScheme *auth.SecuritySche... method ClearSecuritySchemes (line 139) | func (c *Client) ClearSecuritySchemes(securitySchemes []*auth.Security... type NewClientOptions (line 35) | type NewClientOptions struct function NewClientFromHTTPClient (line 45) | func NewClientFromHTTPClient(httpClient *http.Client, limiter *rate.Limi... function NewClient (line 57) | func NewClient(opts NewClientOptions) *Client { function removeCookie (line 112) | func removeCookie(cookies []*http.Cookie, cookie *http.Cookie) []*http.C... FILE: internal/request/client_test.go function TestNewClient_DefaultOptions (line 13) | func TestNewClient_DefaultOptions(t *testing.T) { function TestNewClient_CustomOptions (line 25) | func TestNewClient_CustomOptions(t *testing.T) { function TestGetClient (line 45) | func TestGetClient(t *testing.T) { function TestSetClient (line 50) | func TestSetClient(t *testing.T) { function TestClient_WithHeader (line 56) | func TestClient_WithHeader(t *testing.T) { function TestClient_WithCookies (line 64) | func TestClient_WithCookies(t *testing.T) { function TestClient_ClearHeaderWithSecurityScheme (line 72) | func TestClient_ClearHeaderWithSecurityScheme(t *testing.T) { function TestClient_ClearSecuritySchemes (line 96) | func TestClient_ClearSecuritySchemes(t *testing.T) { FILE: internal/request/error.go function NilResponseError (line 5) | func NilResponseError() error { FILE: internal/request/request.go type Request (line 13) | type Request struct method WithHeader (line 68) | func (r *Request) WithHeader(header http.Header) *Request { method WithCookies (line 75) | func (r *Request) WithCookies(cookies []*http.Cookie) *Request { method WithSecurityScheme (line 82) | func (r *Request) WithSecurityScheme(securityScheme *auth.SecuritySche... method GetID (line 94) | func (r *Request) GetID() string { method GetMethod (line 98) | func (r *Request) GetMethod() string { method GetHeader (line 102) | func (r *Request) GetHeader() http.Header { method SetHeader (line 106) | func (r *Request) SetHeader(key string, value string) *Request { method AddHeader (line 111) | func (r *Request) AddHeader(key string, value string) *Request { method GetCookies (line 116) | func (r *Request) GetCookies() []*http.Cookie { method AddCookie (line 120) | func (r *Request) AddCookie(cookie *http.Cookie) *Request { method GetURL (line 125) | func (r *Request) GetURL() string { method GetBody (line 129) | func (r *Request) GetBody() []byte { method SetBody (line 137) | func (r *Request) SetBody(body io.Reader) *Request { method Do (line 149) | func (r *Request) Do() (*Response, error) { function getBody (line 21) | func getBody(body io.Reader) ([]byte, error) { function NewRequest (line 36) | func NewRequest(method string, url string, body io.Reader, client *Clien... FILE: internal/request/request_test.go function TestNewRequest (line 15) | func TestNewRequest(t *testing.T) { function TestWithHeader (line 29) | func TestWithHeader(t *testing.T) { function TestWithHTTPCookies (line 43) | func TestWithHTTPCookies(t *testing.T) { function TestWithSecurityScheme (line 59) | func TestWithSecurityScheme(t *testing.T) { function TestGetID (line 72) | func TestGetID(t *testing.T) { function TestGetMethod (line 83) | func TestGetMethod(t *testing.T) { function TestGetMethodWithPost (line 93) | func TestGetMethodWithPost(t *testing.T) { function TestGetHeader (line 103) | func TestGetHeader(t *testing.T) { function TestSetHeader (line 116) | func TestSetHeader(t *testing.T) { function TestAddHeader (line 129) | func TestAddHeader(t *testing.T) { function TestGetBody (line 145) | func TestGetBody(t *testing.T) { function TestSetBody (line 158) | func TestSetBody(t *testing.T) { function TestGetCookies (line 186) | func TestGetCookies(t *testing.T) { function TestAddCookie (line 206) | func TestAddCookie(t *testing.T) { function TestGetURL (line 222) | func TestGetURL(t *testing.T) { function TestGetURLWithQueryParams (line 232) | func TestGetURLWithQueryParams(t *testing.T) { function TestDo (line 244) | func TestDo(t *testing.T) { function TestDoWithHeaders (line 269) | func TestDoWithHeaders(t *testing.T) { function TestDoWithClientHeaders (line 297) | func TestDoWithClientHeaders(t *testing.T) { function TestDoWithBody (line 329) | func TestDoWithBody(t *testing.T) { function TestDoWithSecuritySchemeHeaders (line 355) | func TestDoWithSecuritySchemeHeaders(t *testing.T) { function TestDoWithHeadersSecuritySchemeHeaders (line 382) | func TestDoWithHeadersSecuritySchemeHeaders(t *testing.T) { function TestDoWithCookiesSecuritySchemeHeaders (line 415) | func TestDoWithCookiesSecuritySchemeHeaders(t *testing.T) { function TestDoWithCookies (line 449) | func TestDoWithCookies(t *testing.T) { FILE: internal/request/response.go type Response (line 9) | type Response struct method GetStatusCode (line 38) | func (response *Response) GetStatusCode() int { method GetBody (line 42) | func (response *Response) GetBody() *bytes.Buffer { method GetHeader (line 46) | func (response *Response) GetHeader() http.Header { method GetCookies (line 50) | func (response *Response) GetCookies() []*http.Cookie { function NewResponse (line 14) | func NewResponse(response *http.Response) (*Response, error) { FILE: internal/request/response_test.go function TestNewResponse (line 13) | func TestNewResponse(t *testing.T) { function TestNewResponseNil (line 31) | func TestNewResponseNil(t *testing.T) { function TestNewResponseNilBody (line 37) | func TestNewResponseNilBody(t *testing.T) { FILE: internal/scan/attempt.go type IssueScanAttemptStatus (line 8) | type IssueScanAttemptStatus method String (line 10) | func (attemptStatus IssueScanAttemptStatus) String() string { constant IssueScanAttemptStatusPassed (line 15) | IssueScanAttemptStatusPassed IssueScanAttemptStatus = "passed" constant IssueScanAttemptStatusFailed (line 16) | IssueScanAttemptStatusFailed IssueScanAttemptStatus = "failed" constant IssueScanAttemptStatusNone (line 17) | IssueScanAttemptStatusNone IssueScanAttemptStatus = "none" type IssueScanAttempt (line 20) | type IssueScanAttempt struct method WithBooleanStatus (line 39) | func (scanAttempt *IssueScanAttempt) WithBooleanStatus(status bool) *I... method Fail (line 46) | func (scanAttempt *IssueScanAttempt) Fail() *IssueScanAttempt { method Pass (line 51) | func (scanAttempt *IssueScanAttempt) Pass() *IssueScanAttempt { method HasPassed (line 56) | func (scanAttempt *IssueScanAttempt) HasPassed() bool { method HasFailed (line 60) | func (scanAttempt *IssueScanAttempt) HasFailed() bool { function NewIssueScanAttempt (line 28) | func NewIssueScanAttempt(operation *operation.Operation, req *request.Re... FILE: internal/scan/attempt_test.go function TestNewIssueScanAttempt (line 12) | func TestNewIssueScanAttempt(t *testing.T) { function TestIssueScanAttempt_WithBooleanStatus (line 27) | func TestIssueScanAttempt_WithBooleanStatus(t *testing.T) { function TestIssueScanAttempt_Fail (line 42) | func TestIssueScanAttempt_Fail(t *testing.T) { function TestIssueScanAttempt_Pass (line 54) | func TestIssueScanAttempt_Pass(t *testing.T) { function TestIssueScanAttempt_HasPassed (line 66) | func TestIssueScanAttempt_HasPassed(t *testing.T) { function TestIssueScanAttempt_HasFailed (line 79) | func TestIssueScanAttempt_HasFailed(t *testing.T) { FILE: internal/scan/scan_url.go function ScanURL (line 8) | func ScanURL(operation *operation.Operation, securityScheme *auth.Securi... FILE: internal/scan/utils.go function IsUnauthorizedStatusCodeOrSimilar (line 9) | func IsUnauthorizedStatusCodeOrSimilar(res *request.Response) bool { FILE: internal/scan/utils_test.go function TestIsUnauthorizedStatusCodeOrSimilar (line 14) | func TestIsUnauthorizedStatusCodeOrSimilar(t *testing.T) { FILE: main.go function main (line 11) | func main() { FILE: openapi/base_url.go method BaseUrl (line 7) | func (openapi *OpenAPI) BaseUrl() *url.URL { method SetBaseUrl (line 33) | func (openapi *OpenAPI) SetBaseUrl(baseUrl *url.URL) *OpenAPI { FILE: openapi/base_url_test.go function TestBaseUrl (line 12) | func TestBaseUrl(t *testing.T) { function TestBaseUrlWithInvalidURL (line 24) | func TestBaseUrlWithInvalidURL(t *testing.T) { function TestBaseUrlWithBasePath (line 35) | func TestBaseUrlWithBasePath(t *testing.T) { FILE: openapi/loader.go function newLoader (line 12) | func newLoader(ctx context.Context) *openapi3.Loader { function LoadFromData (line 22) | func LoadFromData(ctx context.Context, data []byte) (*OpenAPI, error) { function LoadOpenAPI (line 31) | func LoadOpenAPI(ctx context.Context, urlOrPath string) (*OpenAPI, error) { FILE: openapi/loader_test.go function TestLoadOpenAPIWithEmptyURLOrPath (line 15) | func TestLoadOpenAPIWithEmptyURLOrPath(t *testing.T) { function TestLoadOpenAPIWithInvalidURL (line 22) | func TestLoadOpenAPIWithInvalidURL(t *testing.T) { function TestLoadOpenAPIWithValidURL (line 29) | func TestLoadOpenAPIWithValidURL(t *testing.T) { function TestLoadOpenAPIWithNonExistentFile (line 43) | func TestLoadOpenAPIWithNonExistentFile(t *testing.T) { function TestLoadOpenAPIWithValidFilePath (line 50) | func TestLoadOpenAPIWithValidFilePath(t *testing.T) { FILE: openapi/openapi.go constant otelName (line 11) | otelName = "github.com/cerberauth/vulnapi/openapi" constant otelErrorReasonAttributeKey (line 13) | otelErrorReasonAttributeKey = attribute.Key("error_reason") type OpenAPI (line 16) | type OpenAPI struct function NewOpenAPI (line 22) | func NewOpenAPI(doc *openapi3.T) *OpenAPI { FILE: openapi/operation.go constant otelMethodAttributeKey (line 20) | otelMethodAttributeKey = attribute.Key("method") constant otelMediaTypeAttributeKey (line 21) | otelMediaTypeAttributeKey = attribute.Key("media_type") constant otelSecuritySchemesTypesAttributeKey (line 22) | otelSecuritySchemesTypesAttributeKey = attribute.Key("security_schemes") function getOperationSecuritySchemes (line 25) | func getOperationSecuritySchemes(securityRequirements *openapi3.Security... function GetOperationPath (line 48) | func GetOperationPath(p string, params openapi3.Parameters) (string, err... method Operations (line 60) | func (openapi *OpenAPI) Operations(ctx context.Context, client *request.... FILE: openapi/param.go constant maximumDepth (line 12) | maximumDepth = 4 constant FloatParamType (line 15) | FloatParamType = "float" constant DoubleParamType (line 16) | DoubleParamType = "double" constant Int32ParamFormat (line 17) | Int32ParamFormat = "int32" constant Int64ParamFormat (line 18) | Int64ParamFormat = "int64" function NewErrNoSupportedBodyMediaType (line 21) | func NewErrNoSupportedBodyMediaType() error { function getParameterValue (line 25) | func getParameterValue(param *openapi3.Parameter) string { function mapRequestBodyFakeValueToJSON (line 48) | func mapRequestBodyFakeValueToJSON(schema *openapi3.Schema, fakeValue in... function getRequestBodyValue (line 84) | func getRequestBodyValue(requestBody *openapi3.RequestBody) (*bytes.Buff... function parseSchemaExample (line 99) | func parseSchemaExample(schema *openapi3.Schema) (interface{}, error) { function getSchemaValue (line 149) | func getSchemaValue(schema *openapi3.Schema, depth int) interface{} { FILE: openapi/param_test.go function TestGetSchemaValue_WhenNoParameters (line 11) | func TestGetSchemaValue_WhenNoParameters(t *testing.T) { function TestGetSchemaValue_WhenHeaderParametersWithExample (line 26) | func TestGetSchemaValue_WhenHeaderParametersWithExample(t *testing.T) { function TestGetSchemaValue_WhenHeaderParametersWithoutExample (line 43) | func TestGetSchemaValue_WhenHeaderParametersWithoutExample(t *testing.T) { function TestGetSchemaValue_WhenHeaderParametersNotRequired (line 60) | func TestGetSchemaValue_WhenHeaderParametersNotRequired(t *testing.T) { function TestGetSchemaValue_WhenCookieParametersWithExample (line 75) | func TestGetSchemaValue_WhenCookieParametersWithExample(t *testing.T) { function TestGetSchemaValue_WhenCookieParametersWithoutExample (line 92) | func TestGetSchemaValue_WhenCookieParametersWithoutExample(t *testing.T) { function TestGetSchemaValue_WhenCookieParametersNotRequired (line 109) | func TestGetSchemaValue_WhenCookieParametersNotRequired(t *testing.T) { function TestGetSchemaValue_WhenPathParametersWithExample (line 124) | func TestGetSchemaValue_WhenPathParametersWithExample(t *testing.T) { function TestGetSchemaValue_WhenPathParametersWithoutExample (line 141) | func TestGetSchemaValue_WhenPathParametersWithoutExample(t *testing.T) { function TestGetSchemaValue_WhenRequestBodyParametersWithExample (line 157) | func TestGetSchemaValue_WhenRequestBodyParametersWithExample(t *testing.... function TestGetSchemaValue_WhenRequestBodyParametersWithMultiMediaTypes (line 176) | func TestGetSchemaValue_WhenRequestBodyParametersWithMultiMediaTypes(t *... function TestGetSchemaValue_WhenRequestBodyParametersWithoutExample (line 192) | func TestGetSchemaValue_WhenRequestBodyParametersWithoutExample(t *testi... function TestGetSchemaValue_WhenRequestBodyParametersIsString (line 209) | func TestGetSchemaValue_WhenRequestBodyParametersIsString(t *testing.T) { function TestGetSchemaValue_RequestBodyParameters (line 226) | func TestGetSchemaValue_RequestBodyParameters(t *testing.T) { function TestGetSchemaValue_RequestBodyParametersAndExample (line 313) | func TestGetSchemaValue_RequestBodyParametersAndExample(t *testing.T) { function TestRecursiveParameters (line 398) | func TestRecursiveParameters(t *testing.T) { FILE: openapi/security_scheme.go constant HttpSchemeType (line 16) | HttpSchemeType string = "http" constant OAuth2SchemeType (line 17) | OAuth2SchemeType string = "oauth2" constant OpenIdConnectSchemeType (line 18) | OpenIdConnectSchemeType string = "openidconnect" constant ApiKeySchemeType (line 19) | ApiKeySchemeType string = "apikey" constant BasicScheme (line 21) | BasicScheme string = "basic" constant BearerScheme (line 22) | BearerScheme string = "bearer" constant otelSchemeTypeAttributeKey (line 32) | otelSchemeTypeAttributeKey = attribute.Key("scheme_type") constant otelSchemeSchemeAttributeKey (line 33) | otelSchemeSchemeAttributeKey = attribute.Key("scheme_scheme") constant otelSchemeInAttributeKey (line 34) | otelSchemeInAttributeKey = attribute.Key("scheme_in") constant otelSchemeBearerFormatKey (line 35) | otelSchemeBearerFormatKey = attribute.Key("scheme_bearer_format") function NewErrUnsupportedBearerFormat (line 38) | func NewErrUnsupportedBearerFormat(bearerFormat string) error { function NewErrUnsupportedScheme (line 42) | func NewErrUnsupportedScheme(scheme string) error { function NewErrUnsupportedSecuritySchemeType (line 46) | func NewErrUnsupportedSecuritySchemeType(schemeType string) error { function mapHTTPSchemeType (line 50) | func mapHTTPSchemeType(name string, scheme *openapi3.SecuritySchemeRef, ... function mapAPIKeySchemeType (line 77) | func mapAPIKeySchemeType(name string, scheme *openapi3.SecuritySchemeRef... function mapOAuth2SchemeType (line 81) | func mapOAuth2SchemeType(name string, scheme *openapi3.SecuritySchemeRef... method SecuritySchemeMap (line 108) | func (openapi *OpenAPI) SecuritySchemeMap(ctx context.Context, values *S... FILE: openapi/security_scheme_test.go function TestSecuritySchemeMap_WithoutSecurityComponents (line 13) | func TestSecuritySchemeMap_WithoutSecurityComponents(t *testing.T) { function TestSecuritySchemeMap_WithUnknownSchemeType (line 25) | func TestSecuritySchemeMap_WithUnknownSchemeType(t *testing.T) { function TestSecuritySchemeMap_WithUnknownScheme (line 39) | func TestSecuritySchemeMap_WithUnknownScheme(t *testing.T) { function TestSecuritySchemeMap_WithUnknownBearerFormat (line 53) | func TestSecuritySchemeMap_WithUnknownBearerFormat(t *testing.T) { function TestSecuritySchemeMap_WithHTTPJWTBearer (line 67) | func TestSecuritySchemeMap_WithHTTPJWTBearer(t *testing.T) { function TestSecuritySchemeMap_WithHTTPBearer (line 82) | func TestSecuritySchemeMap_WithHTTPBearer(t *testing.T) { function TestSecuritySchemeMap_WithoutHTTPJWTBearerAndDefaultValue (line 96) | func TestSecuritySchemeMap_WithoutHTTPJWTBearerAndDefaultValue(t *testin... function TestSecuritySchemeMap_WithAPIKeyInHeader (line 113) | func TestSecuritySchemeMap_WithAPIKeyInHeader(t *testing.T) { function TestSecuritySchemeMap_WithInvalidValueType (line 127) | func TestSecuritySchemeMap_WithInvalidValueType(t *testing.T) { function TestSecuritySchemeMap_WithOAuth (line 142) | func TestSecuritySchemeMap_WithOAuth(t *testing.T) { function TestSecuritySchemeMap_WithOAuthAndAuthorizationCodeFlow (line 156) | func TestSecuritySchemeMap_WithOAuthAndAuthorizationCodeFlow(t *testing.... function TestSecuritySchemeMap_WithOAuthAndImplicitFlow (line 174) | func TestSecuritySchemeMap_WithOAuthAndImplicitFlow(t *testing.T) { function TestSecuritySchemeMap_WithOAuthAndClientCredentialsFlow (line 192) | func TestSecuritySchemeMap_WithOAuthAndClientCredentialsFlow(t *testing.... function TestSecuritySchemeMap_WithOpenIDConnect (line 210) | func TestSecuritySchemeMap_WithOpenIDConnect(t *testing.T) { FILE: openapi/security_scheme_values.go type SecuritySchemeValues (line 3) | type SecuritySchemeValues struct method WithDefault (line 20) | func (s *SecuritySchemeValues) WithDefault(defaultValue interface{}) *... method GetDefault (line 25) | func (s *SecuritySchemeValues) GetDefault() interface{} { method Get (line 29) | func (s *SecuritySchemeValues) Get(key string) interface{} { method Set (line 36) | func (s *SecuritySchemeValues) Set(key string, value interface{}) { function NewSecuritySchemeValues (line 8) | func NewSecuritySchemeValues(values map[string]interface{}) *SecuritySch... function NewEmptySecuritySchemeValues (line 15) | func NewEmptySecuritySchemeValues() *SecuritySchemeValues { FILE: openapi/security_scheme_values_test.go function TestNewSecuritySchemeValues (line 10) | func TestNewSecuritySchemeValues(t *testing.T) { function TestNewEmptySecuritySchemeValues (line 21) | func TestNewEmptySecuritySchemeValues(t *testing.T) { function TestSecuritySchemeValues_WithDefault (line 29) | func TestSecuritySchemeValues_WithDefault(t *testing.T) { function TestSecuritySchemeValues_GetDefault (line 36) | func TestSecuritySchemeValues_GetDefault(t *testing.T) { function TestSecuritySchemeValues_Get (line 43) | func TestSecuritySchemeValues_Get(t *testing.T) { function TestSecuritySchemeValues_Get_WhenNotExist (line 51) | func TestSecuritySchemeValues_Get_WhenNotExist(t *testing.T) { function TestSecuritySchemeValues_Set (line 58) | func TestSecuritySchemeValues_Set(t *testing.T) { FILE: openapi/validate.go method Validate (line 8) | func (openapi *OpenAPI) Validate(ctx context.Context) error { FILE: openapi/validate_test.go function TestValidate (line 11) | func TestValidate(t *testing.T) { function TestValidateWithoutServers (line 22) | func TestValidateWithoutServers(t *testing.T) { function TestValidateWithInvalidBaseUrl (line 34) | func TestValidateWithInvalidBaseUrl(t *testing.T) { FILE: report/capec.go type CAPEC (line 3) | type CAPEC constant CAPEC_31_Manipulating_HTTP_Cookies (line 6) | CAPEC_31_Manipulating_HTTP_Cookies CAPEC = "CAPEC-31: Accessing/Intercep... FILE: report/curl_report.go type CurlReport (line 9) | type CurlReport struct method AddReport (line 40) | func (cr *CurlReport) AddReport(r *ScanReport) { function NewCurlReport (line 21) | func NewCurlReport(method string, url string, data interface{}, header h... FILE: report/curl_report_test.go function TestNewCurlReport (line 15) | func TestNewCurlReport(t *testing.T) { function Test_CurlReport_AddReport (line 40) | func Test_CurlReport_AddReport(t *testing.T) { function TestAddReport_WhenScanReportHasNoFailedIssueReport (line 69) | func TestAddReport_WhenScanReportHasNoFailedIssueReport(t *testing.T) { FILE: report/cwe.go type CWE (line 3) | type CWE constant CWE_16_Configuration (line 6) | CWE_16_Configuration CWE = "CWE-16: Configuration" constant CWE_287_Improper_Authentication (line 8) | CWE_287_Improper_Authentication CWE = "CWE-287: Imprope... constant CWE_345_Insufficient_Verification_Authenticity (line 9) | CWE_345_Insufficient_Verification_Authenticity CWE = "CWE-345: Insuffi... constant CWE_489_Active_Debug_Code (line 10) | CWE_489_Active_Debug_Code CWE = "CWE-489: Active ... constant CWE_613_Insufficient_Session_Expiration (line 11) | CWE_613_Insufficient_Session_Expiration CWE = "CWE-613: Insuffi... constant CWE_614_Sensitive_Cookie_Without_Secure_Flag (line 12) | CWE_614_Sensitive_Cookie_Without_Secure_Flag CWE = "CWE-614: Sensiti... constant CWE_942_Overly_Permissive_CORS_Policy (line 13) | CWE_942_Overly_Permissive_CORS_Policy CWE = "CWE-942: Permiss... constant CWE_1004_Sensitive_Cookie_Without_Http_Only (line 14) | CWE_1004_Sensitive_Cookie_Without_Http_Only CWE = "CWE-1004: Sensit... constant CWE_1021_Improper_Restriction_Rendered_UI (line 15) | CWE_1021_Improper_Restriction_Rendered_UI CWE = "CWE-1021: Improp... constant CWE_1275_Sensitive_Cookie_With_Improper_SameSite (line 16) | CWE_1275_Sensitive_Cookie_With_Improper_SameSite CWE = "CWE-1275: Sensit... FILE: report/graphql_report.go type GraphQLOperationReport (line 5) | type GraphQLOperationReport struct function NewGraphQLOperationReport (line 13) | func NewGraphQLOperationReport() GraphQLOperationReport { type GraphQLOperationsMethods (line 21) | type GraphQLOperationsMethods type GraphQLReport (line 22) | type GraphQLReport struct method AddReport (line 41) | func (gr *GraphQLReport) AddReport(r *ScanReport) { function NewGraphQLReport (line 29) | func NewGraphQLReport(url string, securitySchemes []*auth.SecurityScheme... FILE: report/issue.go type Classifications (line 3) | type Classifications struct type CVSS (line 9) | type CVSS struct type Issue (line 15) | type Issue struct FILE: report/issue_report.go type IssueReportStatus (line 15) | type IssueReportStatus method String (line 17) | func (vrs IssueReportStatus) String() string { constant IssueReportStatusPassed (line 22) | IssueReportStatusPassed IssueReportStatus = "passed" constant IssueReportStatusFailed (line 23) | IssueReportStatusFailed IssueReportStatus = "failed" constant IssueReportStatusSkipped (line 24) | IssueReportStatusSkipped IssueReportStatus = "skipped" constant IssueReportStatusNone (line 25) | IssueReportStatusNone IssueReportStatus = "none" type IssueScanReport (line 35) | type IssueScanReport struct method GetStatus (line 47) | func (issueScanReport *IssueScanReport) GetStatus() scan.IssueScanAtte... method HasFailed (line 51) | func (issueScanReport *IssueScanReport) HasFailed() bool { method HasPassed (line 55) | func (issueScanReport *IssueScanReport) HasPassed() bool { function NewIssueScanReport (line 40) | func NewIssueScanReport(id string, status *scan.IssueScanAttemptStatus) ... type IssueReport (line 59) | type IssueReport struct method WithOperation (line 88) | func (vr *IssueReport) WithOperation(operation *operation.Operation) *... method WithSecurityScheme (line 93) | func (vr *IssueReport) WithSecurityScheme(securityScheme *auth.Securit... method WithStatus (line 98) | func (vr *IssueReport) WithStatus(status IssueReportStatus) *IssueRepo... method WithBooleanStatus (line 107) | func (vr *IssueReport) WithBooleanStatus(status bool) *IssueReport { method Fail (line 114) | func (vr *IssueReport) Fail() *IssueReport { method HasFailed (line 118) | func (vr *IssueReport) HasFailed() bool { method Pass (line 122) | func (vr *IssueReport) Pass() *IssueReport { method HasPassed (line 126) | func (vr *IssueReport) HasPassed() bool { method Skip (line 130) | func (vr *IssueReport) Skip() *IssueReport { method HasBeenSkipped (line 134) | func (vr *IssueReport) HasBeenSkipped() bool { method IsInfoRiskSeverity (line 138) | func (vr *IssueReport) IsInfoRiskSeverity() bool { method IsLowRiskSeverity (line 142) | func (vr *IssueReport) IsLowRiskSeverity() bool { method IsMediumRiskSeverity (line 146) | func (vr *IssueReport) IsMediumRiskSeverity() bool { method IsHighRiskSeverity (line 150) | func (vr *IssueReport) IsHighRiskSeverity() bool { method IsCriticalRiskSeverity (line 154) | func (vr *IssueReport) IsCriticalRiskSeverity() bool { method WithScanAttempt (line 158) | func (vr *IssueReport) WithScanAttempt(attempt *scan.IssueScanAttempt)... method AddScanAttempt (line 162) | func (vr *IssueReport) AddScanAttempt(attempt *scan.IssueScanAttempt) ... method String (line 167) | func (vr *IssueReport) String() string { method SeverityLevelString (line 171) | func (vr *IssueReport) SeverityLevelString() string { method Clone (line 188) | func (vr *IssueReport) Clone() *IssueReport { constant otelIssueIdAttribute (line 71) | otelIssueIdAttribute = attribute.Key("issue_id") constant otelIssueReportStatusAttribute (line 72) | otelIssueReportStatusAttribute = attribute.Key("issue_report_status") function NewIssueReport (line 75) | func NewIssueReport(issue Issue) *IssueReport { FILE: report/issue_report_test.go function TestNewIssueScanReport (line 15) | func TestNewIssueScanReport(t *testing.T) { function TestIssueScanReport_GetStatus (line 24) | func TestIssueScanReport_GetStatus(t *testing.T) { function TestIssueScanReport_HasFailed (line 32) | func TestIssueScanReport_HasFailed(t *testing.T) { function TestIssueScanReport_HasPassed (line 40) | func TestIssueScanReport_HasPassed(t *testing.T) { function TestNewIssueReport (line 48) | func TestNewIssueReport(t *testing.T) { function TestIssueReport_WithOperation (line 64) | func TestIssueReport_WithOperation(t *testing.T) { function TestIssueReport_WithSecurityScheme (line 80) | func TestIssueReport_WithSecurityScheme(t *testing.T) { function TestIssueReport_WithStatus (line 97) | func TestIssueReport_WithStatus(t *testing.T) { function TestIssueReport_WithBooleanStatus_WhenFalse (line 111) | func TestIssueReport_WithBooleanStatus_WhenFalse(t *testing.T) { function TestIssueReport_WithBooleanStatus_WhenTrue (line 125) | func TestIssueReport_WithBooleanStatus_WhenTrue(t *testing.T) { function TestIssueReport_Fail (line 139) | func TestIssueReport_Fail(t *testing.T) { function TestIssueReport_HasFailed (line 153) | func TestIssueReport_HasFailed(t *testing.T) { function TestIssueReport_Pass (line 167) | func TestIssueReport_Pass(t *testing.T) { function TestIssueReport_HasPassed (line 181) | func TestIssueReport_HasPassed(t *testing.T) { function TestIssueReport_Skip (line 195) | func TestIssueReport_Skip(t *testing.T) { function TestIssueReport_HasBeenSkipped (line 209) | func TestIssueReport_HasBeenSkipped(t *testing.T) { function TestIssueReport_IsInfoRiskSeverity (line 223) | func TestIssueReport_IsInfoRiskSeverity(t *testing.T) { function TestIssueReport_IsLowRiskSeverity (line 232) | func TestIssueReport_IsLowRiskSeverity(t *testing.T) { function TestIssueReport_IsMediumRiskSeverity (line 241) | func TestIssueReport_IsMediumRiskSeverity(t *testing.T) { function TestIssueReport_IsHighRiskSeverity (line 250) | func TestIssueReport_IsHighRiskSeverity(t *testing.T) { function TestIssueReport_IsCriticalRiskSeverity (line 259) | func TestIssueReport_IsCriticalRiskSeverity(t *testing.T) { function TestIssueReport_WithScanAttempt (line 268) | func TestIssueReport_WithScanAttempt(t *testing.T) { function TestIssueReport_AddScanAttempt (line 288) | func TestIssueReport_AddScanAttempt(t *testing.T) { function TestIssueReport_String (line 308) | func TestIssueReport_String(t *testing.T) { function TestIssueReport_SeverityLevelString (line 320) | func TestIssueReport_SeverityLevelString(t *testing.T) { function TestIssueReport_Clone (line 346) | func TestIssueReport_Clone(t *testing.T) { FILE: report/openapi_report.go function findOperationByMethodAndPath (line 8) | func findOperationByMethodAndPath(operations operation.Operations, metho... type OpenAPIReportOperation (line 18) | type OpenAPIReportOperation struct function NewOpenAPIReportOperation (line 27) | func NewOpenAPIReportOperation(operation *openapi3.Operation, requestOpe... type OpenAPIReportMethods (line 43) | type OpenAPIReportMethods type OpenAPIReportPaths (line 44) | type OpenAPIReportPaths type OpenAPIReport (line 45) | type OpenAPIReport struct method AddReport (line 77) | func (or *OpenAPIReport) AddReport(r *ScanReport) { function NewOpenAPIReport (line 49) | func NewOpenAPIReport(doc *openapi3.T, operations operation.Operations) ... FILE: report/openapi_report_test.go function TestNewOpenAPIReportOperation (line 12) | func TestNewOpenAPIReportOperation(t *testing.T) { function TestNewOpenAPIReport (line 28) | func TestNewOpenAPIReport(t *testing.T) { function Test_OpenAPIReport_AddReport (line 42) | func Test_OpenAPIReport_AddReport(t *testing.T) { function Test_OpenAPIReport_AddReport_NoFailedIssue (line 65) | func Test_OpenAPIReport_AddReport_NoFailedIssue(t *testing.T) { FILE: report/options_report.go type OptionsReport (line 3) | type OptionsReport struct function NewOptionsReport (line 5) | func NewOptionsReport() OptionsReport { FILE: report/owasp.go type OWASP (line 3) | type OWASP constant OWASP_2023_BOLA (line 6) | OWASP_2023_BOLA OWASP = "API1:2023 Broken Obj... constant OWASP_2023_BrokenAuthentication (line 7) | OWASP_2023_BrokenAuthentication OWASP = "API2:2023 Broken Aut... constant OWASP_2023_BOPL (line 8) | OWASP_2023_BOPL OWASP = "API3:2023 Broken Obj... constant OWASP_2023_UnrestrictedResourceConsumption (line 9) | OWASP_2023_UnrestrictedResourceConsumption OWASP = "API4:2023 Unrestrict... constant OWASP_2023_BFLA (line 10) | OWASP_2023_BFLA OWASP = "API5:2023 Broken Fun... constant OWASP_2023_UnrestrictedAccessBusiness (line 11) | OWASP_2023_UnrestrictedAccessBusiness OWASP = "API6:2023 Unrestrict... constant OWASP_2023_SSRF (line 12) | OWASP_2023_SSRF OWASP = "API7:2023 Server Sid... constant OWASP_2023_SecurityMisconfiguration (line 13) | OWASP_2023_SecurityMisconfiguration OWASP = "API8:2023 Security M... constant OWASP_2023_ImproperInventory (line 14) | OWASP_2023_ImproperInventory OWASP = "API9:2023 Improper I... constant OWASP_2023_UnsafeConsumption (line 15) | OWASP_2023_UnsafeConsumption OWASP = "API10:2023 Unsafe Co... FILE: report/report.go type OperationSecurityScheme (line 16) | type OperationSecurityScheme struct function NewOperationSecurityScheme (line 25) | func NewOperationSecurityScheme(securityScheme *auth.SecurityScheme) Ope... type ScanReportRequest (line 41) | type ScanReportRequest struct type ScanReportResponse (line 50) | type ScanReportResponse struct type ScanReportScan (line 57) | type ScanReportScan struct type ScanReportOperation (line 64) | type ScanReportOperation struct type ScanReport (line 68) | type ScanReport struct method Start (line 123) | func (r *ScanReport) Start() *ScanReport { method End (line 128) | func (r *ScanReport) End() *ScanReport { method WithData (line 134) | func (r *ScanReport) WithData(data interface{}) *ScanReport { method GetData (line 139) | func (r *ScanReport) GetData() interface{} { method HasData (line 143) | func (r *ScanReport) HasData() bool { method AddScanAttempt (line 147) | func (r *ScanReport) AddScanAttempt(attempt *scan.IssueScanAttempt) *S... method GetScanAttempts (line 192) | func (r *ScanReport) GetScanAttempts() []ScanReportScan { method AddIssueReport (line 196) | func (r *ScanReport) AddIssueReport(vr *IssueReport) *ScanReport { method GetIssueReports (line 205) | func (r *ScanReport) GetIssueReports() []*IssueReport { method GetErrors (line 209) | func (r *ScanReport) GetErrors() []error { method GetFailedIssueReports (line 219) | func (r *ScanReport) GetFailedIssueReports() []*IssueReport { method HasFailedIssueReport (line 229) | func (r *ScanReport) HasFailedIssueReport() bool { constant otelName (line 87) | otelName = "github.com/cerberauth/vulnapi/report" constant otelScanReportIdAttribute (line 89) | otelScanReportIdAttribute = attribute.Key("id") function NewScanReport (line 92) | func NewScanReport(id string, name string, operation *operation.Operatio... FILE: report/report_test.go function TestNewOperationSecurityScheme (line 18) | func TestNewOperationSecurityScheme(t *testing.T) { function TestNewScanReport (line 60) | func TestNewScanReport(t *testing.T) { function TestScanReport_Start (line 69) | func TestScanReport_Start(t *testing.T) { function TestScanReport_End (line 78) | func TestScanReport_End(t *testing.T) { function TestScanReport_WithData (line 87) | func TestScanReport_WithData(t *testing.T) { function TestScanReport_GetData (line 97) | func TestScanReport_GetData(t *testing.T) { function TestScanReport_HasData (line 107) | func TestScanReport_HasData(t *testing.T) { function TestScanReport_AddScanAttempt (line 119) | func TestScanReport_AddScanAttempt(t *testing.T) { function TestScanReport_AddIssueReport (line 143) | func TestScanReport_AddIssueReport(t *testing.T) { function TestScanReport_HasFailedIssueReport (line 152) | func TestScanReport_HasFailedIssueReport(t *testing.T) { function TestScanReport_HasOnlyFailedIssueReport (line 165) | func TestScanReport_HasOnlyFailedIssueReport(t *testing.T) { function TestScanReport_HasOnlyPassedIssueReport (line 178) | func TestScanReport_HasOnlyPassedIssueReport(t *testing.T) { function TestScanReport_GetErrors (line 191) | func TestScanReport_GetErrors(t *testing.T) { function TestMarshalJSON (line 203) | func TestMarshalJSON(t *testing.T) { function TestScanReport_GetIssueReports (line 218) | func TestScanReport_GetIssueReports(t *testing.T) { FILE: report/reporter.go constant reporterSchema (line 11) | reporterSchema = "https://schemas.cerberauth.com/vulnapi/draft/2024-10/r... type Reporter (line 13) | type Reporter struct method AddReport (line 62) | func (rr *Reporter) AddReport(r *ScanReport) { method GetScanReports (line 74) | func (rr *Reporter) GetScanReports() []*ScanReport { method GetScanReportByID (line 78) | func (rr *Reporter) GetScanReportByID(id string) *ScanReport { method GetReportsByIssueStatus (line 88) | func (rr *Reporter) GetReportsByIssueStatus(status IssueReportStatus) ... method GetErrors (line 102) | func (rr *Reporter) GetErrors() []error { method HasIssue (line 111) | func (rr *Reporter) HasIssue() bool { method GetIssueReports (line 121) | func (rr *Reporter) GetIssueReports() []*IssueReport { method GetFailedIssueReports (line 129) | func (rr *Reporter) GetFailedIssueReports() []*IssueReport { method HasHighRiskOrHigherSeverityIssue (line 137) | func (rr *Reporter) HasHighRiskOrHigherSeverityIssue() bool { method HasHigherThanSeverityThresholdIssue (line 147) | func (rr *Reporter) HasHigherThanSeverityThresholdIssue(threshold floa... function NewReporter (line 23) | func NewReporter() *Reporter { function NewReporterWithCurl (line 32) | func NewReporterWithCurl(method string, url string, data interface{}, he... function NewReporterWithOpenAPIDoc (line 42) | func NewReporterWithOpenAPIDoc(openapi *openapi3.T, operations operation... function NewReporterWithGraphQL (line 52) | func NewReporterWithGraphQL(url string, securitySchemes []*auth.Security... FILE: report/reporter_test.go function TestNewReporterWithCurl (line 15) | func TestNewReporterWithCurl(t *testing.T) { function TestNewReporterWithCurl_AddReport (line 48) | func TestNewReporterWithCurl_AddReport(t *testing.T) { function TestNewReporterWithOpenAPIDoc (line 76) | func TestNewReporterWithOpenAPIDoc(t *testing.T) { function TestReporterWithOpenAPIDoc_AddReport (line 88) | func TestReporterWithOpenAPIDoc_AddReport(t *testing.T) { function TestReporter_NoHasHighRiskOrHigherSeverityVulnerability_WhenNoReport (line 110) | func TestReporter_NoHasHighRiskOrHigherSeverityVulnerability_WhenNoRepor... function TestReporter_NoHasVulnerability_WhenNoFailedReport (line 115) | func TestReporter_NoHasVulnerability_WhenNoFailedReport(t *testing.T) { function TestReporter_HasVulnerability_WhenFailedReport (line 129) | func TestReporter_HasVulnerability_WhenFailedReport(t *testing.T) { function TestReporters_HasHighRiskOrHigherSeverityVulnerability_WhenLowRiskReport (line 143) | func TestReporters_HasHighRiskOrHigherSeverityVulnerability_WhenLowRiskR... function TestReporters_HasHighRiskOrHigherSeverityVulnerability_WhenHighRiskReport (line 160) | func TestReporters_HasHighRiskOrHigherSeverityVulnerability_WhenHighRisk... function TestReporters_HasHighRiskOrHigherSeverityVulnerability_WhenCriticalRiskReport (line 177) | func TestReporters_HasHighRiskOrHigherSeverityVulnerability_WhenCritical... function TestReporter_HasHigherThanSeverityThresholdIssue_WhenNoReports (line 194) | func TestReporter_HasHigherThanSeverityThresholdIssue_WhenNoReports(t *t... function TestReporter_HasHigherThanSeverityThresholdIssue_WhenBelowThreshold (line 199) | func TestReporter_HasHigherThanSeverityThresholdIssue_WhenBelowThreshold... function TestReporter_HasHigherThanSeverityThresholdIssue_WhenAtThreshold (line 216) | func TestReporter_HasHigherThanSeverityThresholdIssue_WhenAtThreshold(t ... function TestReporter_HasHigherThanSeverityThresholdIssue_WhenAboveThreshold (line 233) | func TestReporter_HasHigherThanSeverityThresholdIssue_WhenAboveThreshold... function TestReporter_GetReportsByIssueStatus_NoReports (line 250) | func TestReporter_GetReportsByIssueStatus_NoReports(t *testing.T) { function TestReporter_GetReportsByIssueStatus_NoMatchingStatus (line 256) | func TestReporter_GetReportsByIssueStatus_NoMatchingStatus(t *testing.T) { function TestReporter_GetReportsByIssueStatus_MatchingStatus (line 271) | func TestReporter_GetReportsByIssueStatus_MatchingStatus(t *testing.T) { function TestReporter_GetReportsByIssueStatus_MultipleReports (line 288) | func TestReporter_GetReportsByIssueStatus_MultipleReports(t *testing.T) { function TestReporter_GetIssueReports_NoReports (line 314) | func TestReporter_GetIssueReports_NoReports(t *testing.T) { function TestReporter_GetIssueReports_SingleReport (line 320) | func TestReporter_GetIssueReports_SingleReport(t *testing.T) { function TestReporter_GetIssueReports_MultipleReports (line 337) | func TestReporter_GetIssueReports_MultipleReports(t *testing.T) { function TestReporter_GetScanReportByID_NoReports (line 363) | func TestReporter_GetScanReportByID_NoReports(t *testing.T) { function TestReporter_GetScanReportByID_SingleReport (line 369) | func TestReporter_GetScanReportByID_SingleReport(t *testing.T) { function TestReporter_GetScanReportByID_MultipleReports (line 380) | func TestReporter_GetScanReportByID_MultipleReports(t *testing.T) { function TestReporter_GetScanReportByID_NonexistentID (line 397) | func TestReporter_GetScanReportByID_NonexistentID(t *testing.T) { FILE: scan/broken_authentication/authentication_bypass/authentication_bypass.go constant AcceptsUnauthenticatedOperationScanID (line 11) | AcceptsUnauthenticatedOperationScanID = "generic.accept_unauthenticate... constant AcceptsUnauthenticatedOperationScanName (line 12) | AcceptsUnauthenticatedOperationScanName = "Accept Unauthenticated Operat... function ScanHandler (line 30) | func ScanHandler(op *operation.Operation, securityScheme *auth.SecurityS... FILE: scan/broken_authentication/authentication_bypass/authentication_bypass_test.go function TestAuthenticationByPassScanHandler_Skipped_WhenNoAuthSecurityScheme (line 16) | func TestAuthenticationByPassScanHandler_Skipped_WhenNoAuthSecuritySchem... function TestAuthenticationByPassScanHandler_Failed_WhenAuthIsByPassed (line 26) | func TestAuthenticationByPassScanHandler_Failed_WhenAuthIsByPassed(t *te... function TestAuthenticationByPassScanHandler_Passed_WhenAuthIsNotByPassed (line 42) | func TestAuthenticationByPassScanHandler_Passed_WhenAuthIsNotByPassed(t ... FILE: scan/broken_authentication/jwt/alg_none/alg_none.go type AlgNoneData (line 14) | type AlgNoneData struct constant AlgNoneJwtScanID (line 19) | AlgNoneJwtScanID = "jwt.alg_none" constant AlgNoneJwtScanName (line 20) | AlgNoneJwtScanName = "JWT None Algorithm" function ShouldBeScanned (line 40) | func ShouldBeScanned(securityScheme *auth.SecurityScheme) bool { function ScanHandler (line 51) | func ScanHandler(op *operation.Operation, securityScheme *auth.SecurityS... function scanWithAlg (line 102) | func scanWithAlg(method jwtlib.SigningMethod, valueWriter *editor.TokenE... FILE: scan/broken_authentication/jwt/alg_none/alg_none_test.go function TestAlgNoneJwtScanHandler_WithoutSecurityScheme (line 16) | func TestAlgNoneJwtScanHandler_WithoutSecurityScheme(t *testing.T) { function TestAlgNoneJwtScanHandler_Skipped_WhenNoJWT (line 31) | func TestAlgNoneJwtScanHandler_Skipped_WhenNoJWT(t *testing.T) { function TestAlgNoneJwtScanHandler_Passed_WhenUnauthorizedResponse (line 48) | func TestAlgNoneJwtScanHandler_Passed_WhenUnauthorizedResponse(t *testin... function TestAlgNoneJwtScanHandler_Failed_WhenValidValueUseNoneAlg (line 65) | func TestAlgNoneJwtScanHandler_Failed_WhenValidValueUseNoneAlg(t *testin... function TestAlgNoneJwtScanHandler_Failed_WhenOKResponse (line 77) | func TestAlgNoneJwtScanHandler_Failed_WhenOKResponse(t *testing.T) { function TestAlgNoneJwtScanHandler_Failed_WhenOKResponseAndAlgNone (line 97) | func TestAlgNoneJwtScanHandler_Failed_WhenOKResponseAndAlgNone(t *testin... FILE: scan/broken_authentication/jwt/alg_none/methods.go type signingMethodNone (line 3) | type signingMethodNone struct method SetAlg (line 7) | func (m *signingMethodNone) SetAlg(alg string) { method Alg (line 11) | func (m *signingMethodNone) Alg() string { method Verify (line 14) | func (m *signingMethodNone) Verify(signingString string, sig []byte, k... method Sign (line 17) | func (m *signingMethodNone) Sign(signingString string, key interface{}... FILE: scan/broken_authentication/jwt/blank_secret/blank_secret.go constant BlankSecretVulnerabilityScanID (line 12) | BlankSecretVulnerabilityScanID = "jwt.blank_secret" constant BlankSecretVulnerabilityScanName (line 13) | BlankSecretVulnerabilityScanName = "JWT Blank Secret" function ShouldBeScanned (line 33) | func ShouldBeScanned(securityScheme *auth.SecurityScheme) bool { function ScanHandler (line 37) | func ScanHandler(op *operation.Operation, securityScheme *auth.SecurityS... FILE: scan/broken_authentication/jwt/blank_secret/blank_secret_test.go function TestBlankSecretScanHandler_WithoutSecurityScheme (line 16) | func TestBlankSecretScanHandler_WithoutSecurityScheme(t *testing.T) { function TestBlankSecretScanHandler_Skipped_WhenNoJWT (line 26) | func TestBlankSecretScanHandler_Skipped_WhenNoJWT(t *testing.T) { function TestBlankSecretScanHandler_Passed_WhenUnauthorizedResponse (line 42) | func TestBlankSecretScanHandler_Passed_WhenUnauthorizedResponse(t *testi... function TestBlankSecretScanHandler_Failed_WhenOKResponse (line 59) | func TestBlankSecretScanHandler_Failed_WhenOKResponse(t *testing.T) { FILE: scan/broken_authentication/jwt/kid_injection/kid_injection.go constant KidInjectionScanID (line 12) | KidInjectionScanID = "jwt.kid_injection" constant KidInjectionScanName (line 13) | KidInjectionScanName = "JWT KID Injection" type KidInjectionType (line 16) | type KidInjectionType constant KidInjectionTypeSQLInjection (line 19) | KidInjectionTypeSQLInjection KidInjectionType = "sql_injection" constant KidInjectionTypePathTraversal (line 20) | KidInjectionTypePathTraversal KidInjectionType = "path_traversal" type KidInjectionData (line 23) | type KidInjectionData struct function ShouldBeScanned (line 44) | func ShouldBeScanned(securityScheme *auth.SecurityScheme) bool { function ScanHandler (line 48) | func ScanHandler(op *operation.Operation, securityScheme *auth.SecurityS... FILE: scan/broken_authentication/jwt/kid_injection/kid_injection_test.go function TestKidInjectionScanHandler_WithoutSecurityScheme (line 16) | func TestKidInjectionScanHandler_WithoutSecurityScheme(t *testing.T) { function TestKidInjectionScanHandler_Skipped_WhenNoJWT (line 26) | func TestKidInjectionScanHandler_Skipped_WhenNoJWT(t *testing.T) { function TestKidInjectionScanHandler_Passed_WhenUnauthorizedResponse (line 42) | func TestKidInjectionScanHandler_Passed_WhenUnauthorizedResponse(t *test... function TestKidInjectionScanHandler_Failed_WhenSQLInjectionOKResponse (line 59) | func TestKidInjectionScanHandler_Failed_WhenSQLInjectionOKResponse(t *te... function TestKidInjectionScanHandler_Failed_WhenPathTraversalOKResponse (line 79) | func TestKidInjectionScanHandler_Failed_WhenPathTraversalOKResponse(t *t... FILE: scan/broken_authentication/jwt/not_verified/not_verified.go constant NotVerifiedJwtScanID (line 12) | NotVerifiedJwtScanID = "jwt.not_verified" constant NotVerifiedJwtScanName (line 13) | NotVerifiedJwtScanName = "JWT Not Verified" function ShouldBeScanned (line 32) | func ShouldBeScanned(securityScheme *auth.SecurityScheme) bool { function ScanHandler (line 36) | func ScanHandler(op *operation.Operation, securityScheme *auth.SecurityS... FILE: scan/broken_authentication/jwt/not_verified/not_verified_test.go function TestNotVerifiedScanHandler_WithoutSecurityScheme (line 16) | func TestNotVerifiedScanHandler_WithoutSecurityScheme(t *testing.T) { function TestNotVerifiedScanHandler_Skipped_WhenNoJWTAndUnauthorizedResponse (line 26) | func TestNotVerifiedScanHandler_Skipped_WhenNoJWTAndUnauthorizedResponse... function TestNotVerifiedScanHandler_Failed_WhenUnauthorizedThenOK (line 36) | func TestNotVerifiedScanHandler_Failed_WhenUnauthorizedThenOK(t *testing... function TestNotVerifiedScanHandler_Skipped_WhenOKFirstRequest (line 58) | func TestNotVerifiedScanHandler_Skipped_WhenOKFirstRequest(t *testing.T) { function TestNotVerifiedScanHandler_Failed_WhenUnauthorizedThenUnauthorized (line 80) | func TestNotVerifiedScanHandler_Failed_WhenUnauthorizedThenUnauthorized(... FILE: scan/broken_authentication/jwt/null_signature/null_signature.go constant NullSignatureScanID (line 12) | NullSignatureScanID = "jwt.null_signature" constant NullSignatureScanName (line 13) | NullSignatureScanName = "JWT Null Signature" function ShouldBeScanned (line 33) | func ShouldBeScanned(securityScheme *auth.SecurityScheme) bool { function ScanHandler (line 37) | func ScanHandler(op *operation.Operation, securityScheme *auth.SecurityS... FILE: scan/broken_authentication/jwt/null_signature/null_signature_test.go function TestNullSignatureScanHandler_WithoutSecurityScheme (line 16) | func TestNullSignatureScanHandler_WithoutSecurityScheme(t *testing.T) { function TestNullSignatureScanHandler_Skipped_WhenNoJWT (line 26) | func TestNullSignatureScanHandler_Skipped_WhenNoJWT(t *testing.T) { function TestNullSignatureScanHandler_Passed_WhenUnauthorizedResponse (line 42) | func TestNullSignatureScanHandler_Passed_WhenUnauthorizedResponse(t *tes... function TestNullSignatureScanHandler_Failed_WhenOKResponse (line 59) | func TestNullSignatureScanHandler_Failed_WhenOKResponse(t *testing.T) { FILE: scan/broken_authentication/jwt/weak_secret/weak_secret.go type WeakSecretData (line 11) | type WeakSecretData struct constant WeakSecretVulnerabilityScanID (line 16) | WeakSecretVulnerabilityScanID = "jwt.weak_secret" constant WeakSecretVulnerabilityScanName (line 17) | WeakSecretVulnerabilityScanName = "JWT Weak Secret" function ShouldBeScanned (line 37) | func ShouldBeScanned(securityScheme *auth.SecurityScheme) bool { constant jwtSecretDictionarySeclistUrl (line 53) | jwtSecretDictionarySeclistUrl = "https://raw.githubusercontent.com/cerbe... function ScanHandler (line 55) | func ScanHandler(op *operation.Operation, securityScheme *auth.SecurityS... function bruteForceSecret (line 92) | func bruteForceSecret(currentToken string, jwtSecretDictionary []string,... FILE: scan/broken_authentication/jwt/weak_secret/weak_secret_test.go function TestWeakHMACSecretScanHandler_WithoutSecurityScheme (line 14) | func TestWeakHMACSecretScanHandler_WithoutSecurityScheme(t *testing.T) { function TestWeakHMACSecretScanHandler_WithJWTUsingOtherAlg (line 24) | func TestWeakHMACSecretScanHandler_WithJWTUsingOtherAlg(t *testing.T) { function TestWeakHMACSecretScanHandler_WithoutJWT (line 35) | func TestWeakHMACSecretScanHandler_WithoutJWT(t *testing.T) { function TestWeakHMACSecretScanHandler_Failed_WithWeakJWT (line 45) | func TestWeakHMACSecretScanHandler_Failed_WithWeakJWT(t *testing.T) { function TestWeakHMACSecretScanHandler_Failed_WithExpiredJWTSignedWithWeakSecret (line 59) | func TestWeakHMACSecretScanHandler_Failed_WithExpiredJWTSignedWithWeakSe... function TestWeakHMACSecretScanHandler_Passed_WithStrongerJWT (line 73) | func TestWeakHMACSecretScanHandler_Passed_WithStrongerJWT(t *testing.T) { function TestWeakHMACSecretScanHandler_Failed_WithUnorderedClaims (line 85) | func TestWeakHMACSecretScanHandler_Failed_WithUnorderedClaims(t *testing... FILE: scan/discover/accept_unauthenticated/accept_unauthenticated_operation.go constant NoAuthOperationScanID (line 10) | NoAuthOperationScanID = "discover.accept_unauthenticated" constant NoAuthOperationScanName (line 11) | NoAuthOperationScanName = "Accept Unauthenticated Operation" function ScanHandler (line 29) | func ScanHandler(op *operation.Operation, securityScheme *auth.SecurityS... FILE: scan/discover/accept_unauthenticated/accept_unauthenticated_operation_test.go function TestAcceptUnauthenticatedScanHandler_Failed_WhenNoAuthSecurityScheme (line 14) | func TestAcceptUnauthenticatedScanHandler_Failed_WhenNoAuthSecuritySchem... function TestCheckNoAuthOperationScanHandler_Passed_WhenAuthConfigured (line 24) | func TestCheckNoAuthOperationScanHandler_Passed_WhenAuthConfigured(t *te... FILE: scan/discover/discoverable_graphql/discoverable_graphql.go constant DiscoverableGraphQLPathScanID (line 11) | DiscoverableGraphQLPathScanID = "discover.graphql" constant DiscoverableGraphQLPathScanName (line 12) | DiscoverableGraphQLPathScanName = "Discoverable GraphQL Path" function ScanHandler (line 34) | func ScanHandler(op *operation.Operation, securityScheme *auth.SecurityS... FILE: scan/discover/discoverable_graphql/discoverable_graphql_test.go function TestDiscoverableScanner_Passed_WhenNoDiscoverableGraphqlPathFound (line 16) | func TestDiscoverableScanner_Passed_WhenNoDiscoverableGraphqlPathFound(t... function TestDiscoverableScanner_Failed_WhenOneGraphQLPathFound (line 34) | func TestDiscoverableScanner_Failed_WhenOneGraphQLPathFound(t *testing.T) { FILE: scan/discover/discoverable_openapi/discoverable_openapi.go constant DiscoverableOpenAPIScanID (line 11) | DiscoverableOpenAPIScanID = "discover.discoverable_openapi" constant DiscoverableOpenAPIScanName (line 12) | DiscoverableOpenAPIScanName = "Discoverable OpenAPI" function ScanHandler (line 34) | func ScanHandler(op *operation.Operation, securityScheme *auth.SecurityS... FILE: scan/discover/discoverable_openapi/discoverable_openapi_test.go function TestDiscoverableScanner_Passed_WhenNoDiscoverableGraphqlPathFound (line 16) | func TestDiscoverableScanner_Passed_WhenNoDiscoverableGraphqlPathFound(t... function TestDiscoverableScanner_Failed_WhenOneOpenAPIFound (line 34) | func TestDiscoverableScanner_Failed_WhenOneOpenAPIFound(t *testing.T) { FILE: scan/discover/exposed_files/exposed_files.go constant DiscoverableFilesScanID (line 11) | DiscoverableFilesScanID = "discover.exposed_files" constant DiscoverableFilesScanName (line 12) | DiscoverableFilesScanName = "Discoverable exposed files" function ScanHandler (line 34) | func ScanHandler(op *operation.Operation, securityScheme *auth.SecurityS... FILE: scan/discover/exposed_files/exposed_files_test.go function TestDiscoverableScanner_Passed_WhenNoDiscoverableGraphqlPathFound (line 16) | func TestDiscoverableScanner_Passed_WhenNoDiscoverableGraphqlPathFound(t... function TestDiscoverableScanner_Failed_WhenOneGraphQLPathFound (line 34) | func TestDiscoverableScanner_Failed_WhenOneGraphQLPathFound(t *testing.T) { FILE: scan/discover/fingerprint/fingerprint.go constant DiscoverFingerPrintScanID (line 12) | DiscoverFingerPrintScanID = "discover.server_signature" constant DiscoverFingerPrintScanName (line 13) | DiscoverFingerPrintScanName = "Server Signature Discovery" type FingerPrintApp (line 16) | type FingerPrintApp struct type FingerPrintData (line 21) | type FingerPrintData struct function appendIfMissing (line 52) | func appendIfMissing(slice []FingerPrintApp, app FingerPrintApp) []Finge... function ScanHandler (line 61) | func ScanHandler(op *operation.Operation, securityScheme *auth.SecurityS... FILE: scan/discover/fingerprint/fingerprint_test.go function TestCheckSignatureHeader_Failed_WithServerSignatureHeader (line 16) | func TestCheckSignatureHeader_Failed_WithServerSignatureHeader(t *testin... function TestCheckSignatureHeader_Failed_WithOSSignatureHeader (line 37) | func TestCheckSignatureHeader_Failed_WithOSSignatureHeader(t *testing.T) { function TestCheckSignatureHeader_Failed_WithHostingSignatureHeader (line 58) | func TestCheckSignatureHeader_Failed_WithHostingSignatureHeader(t *testi... function TestCheckSignatureHeader_Failed_WithAuthenticationSignatureHeader (line 79) | func TestCheckSignatureHeader_Failed_WithAuthenticationSignatureHeader(t... function TestCheckSignatureHeader_Failed_WithCDNSignatureHeader (line 100) | func TestCheckSignatureHeader_Failed_WithCDNSignatureHeader(t *testing.T) { function TestCheckSignatureHeader_Failed_WithLanguageSignatureHeader (line 121) | func TestCheckSignatureHeader_Failed_WithLanguageSignatureHeader(t *test... function TestCheckSignatureHeader_Failed_WithFrameworkSignatureHeader (line 142) | func TestCheckSignatureHeader_Failed_WithFrameworkSignatureHeader(t *tes... function TestCheckSignatureHeader_Passed_WithoutDuplicate (line 165) | func TestCheckSignatureHeader_Passed_WithoutDuplicate(t *testing.T) { function TestCheckSignatureHeader_Passed_WithoutSignatureHeader (line 184) | func TestCheckSignatureHeader_Passed_WithoutSignatureHeader(t *testing.T) { FILE: scan/discover/healthcheck/healthcheck.go constant DiscoverableHealthCheckScanID (line 11) | DiscoverableHealthCheckScanID = "discover.healthcheck" constant DiscoverableHealthCheckScanName (line 12) | DiscoverableHealthCheckScanName = "Discoverable healthcheck endpoint" function ScanHandler (line 32) | func ScanHandler(op *operation.Operation, securityScheme *auth.SecurityS... FILE: scan/discover/healthcheck/healthcheck_test.go function TestDiscoverableScanner_Passed_WhenNoDiscoverableHealthCheckEndpointFound (line 16) | func TestDiscoverableScanner_Passed_WhenNoDiscoverableHealthCheckEndpoin... function TestDiscoverableScanner_Failed_WhenOneHealthCheckEndpointFound (line 34) | func TestDiscoverableScanner_Failed_WhenOneHealthCheckEndpointFound(t *t... FILE: scan/discover/utils.go type DiscoverData (line 15) | type DiscoverData function ExtractBaseURL (line 19) | func ExtractBaseURL(inputURL *url.URL) *url.URL { function ScanURLs (line 26) | func ScanURLs(scanUrls []string, op *operation.Operation, securityScheme... function DownloadAndScanURLs (line 92) | func DownloadAndScanURLs(name string, seclistUrl string, r *report.ScanR... FILE: scan/discover/utils_test.go function TestExtractBaseURL (line 17) | func TestExtractBaseURL(t *testing.T) { function TestDownloadAndScanURLs_Failed_WhenNotFoundSeclist (line 45) | func TestDownloadAndScanURLs_Failed_WhenNotFoundSeclist(t *testing.T) { function TestDownloadAndScanURLs_Passed_WhenNotFoundURLs (line 65) | func TestDownloadAndScanURLs_Passed_WhenNotFoundURLs(t *testing.T) { function TestDownloadAndScanURLs_Failed_WhenFoundExposedURLs (line 97) | func TestDownloadAndScanURLs_Failed_WhenFoundExposedURLs(t *testing.T) { FILE: scan/discover/well-known/well_known.go constant DiscoverableWellKnownScanID (line 11) | DiscoverableWellKnownScanID = "discover.well-known" constant DiscoverableWellKnownScanName (line 12) | DiscoverableWellKnownScanName = "Discoverable well-known path" function ScanHandler (line 32) | func ScanHandler(op *operation.Operation, securityScheme *auth.SecurityS... FILE: scan/discover/well-known/well_known_test.go function TestDiscoverableScanner_Passed_WhenNoDiscoverableWellKnownPathFound (line 16) | func TestDiscoverableScanner_Passed_WhenNoDiscoverableWellKnownPathFound... function TestDiscoverableScanner_Failed_WhenOneWellKnownPathFound (line 34) | func TestDiscoverableScanner_Failed_WhenOneWellKnownPathFound(t *testing... FILE: scan/graphql/introspection_enabled/introspection_enabled.go constant GraphqlIntrospectionScanID (line 16) | GraphqlIntrospectionScanID = "graphql.introspection_enabled" constant GraphqlIntrospectionScanName (line 17) | GraphqlIntrospectionScanName = "GraphQL Introspection Enabled" constant graphqlQuery (line 36) | graphqlQuery = `query{__schema{queryType{name}}}` function newPostGraphqlIntrospectionRequest (line 38) | func newPostGraphqlIntrospectionRequest(client *request.Client, endpoint... function newGetGraphqlIntrospectionRequest (line 49) | func newGetGraphqlIntrospectionRequest(client *request.Client, endpoint ... function ScanHandler (line 63) | func ScanHandler(op *operation.Operation, securityScheme *auth.SecurityS... FILE: scan/graphql/introspection_enabled/introspection_enabled_test.go function TestGraphqlIntrospectionScanHandler_Failed_WhenRespondHTTPStatusIsOK (line 16) | func TestGraphqlIntrospectionScanHandler_Failed_WhenRespondHTTPStatusIsO... function TestGraphqlIntrospectionScanHandler_Failed_WhenRespond_GETMethodOnly_HTTPStatusIsOK (line 33) | func TestGraphqlIntrospectionScanHandler_Failed_WhenRespond_GETMethodOnl... function TestGraphqlIntrospectionScanHandler_Passed_WhenBadRequestStatus (line 50) | func TestGraphqlIntrospectionScanHandler_Passed_WhenBadRequestStatus(t *... function TestGraphqlIntrospectionScanHandler_Passed_WhenOKStatusButNoQuery (line 66) | func TestGraphqlIntrospectionScanHandler_Passed_WhenOKStatusButNoQuery(t... FILE: scan/misconfiguration/http_cookies/http_cookies.go constant HTTPCookiesScanID (line 13) | HTTPCookiesScanID = "misconfiguration.http_cookies" constant HTTPCookiesScanName (line 14) | HTTPCookiesScanName = "HTTP Cookies Misconfiguration" function ScanHandler (line 106) | func ScanHandler(op *operation.Operation, securityScheme *auth.SecurityS... FILE: scan/misconfiguration/http_cookies/http_cookies_test.go function TestHTTPCookiesScanHandler_Skipped_WhenNoCookies (line 17) | func TestHTTPCookiesScanHandler_Skipped_WhenNoCookies(t *testing.T) { function TestHTTPCookiesScanHandler_Passed_WhenNoUnsecurePractices (line 35) | func TestHTTPCookiesScanHandler_Passed_WhenNoUnsecurePractices(t *testin... function TestHTTPCookiesScanHandler_Failed_WhenNotHttpOnly (line 64) | func TestHTTPCookiesScanHandler_Failed_WhenNotHttpOnly(t *testing.T) { function TestHTTPCookiesScanHandlerFailed_WhenNotSecure (line 93) | func TestHTTPCookiesScanHandlerFailed_WhenNotSecure(t *testing.T) { function TestHTTPCookiesScanHandler_Failed_WhenSameSiteNone (line 122) | func TestHTTPCookiesScanHandler_Failed_WhenSameSiteNone(t *testing.T) { function TestHTTPCookiesScanHandler_Failed_WhithoutSameSite (line 151) | func TestHTTPCookiesScanHandler_Failed_WhithoutSameSite(t *testing.T) { function TestHTTPCookiesScanHandler_Failed_WhenExpiresNotSet (line 179) | func TestHTTPCookiesScanHandler_Failed_WhenExpiresNotSet(t *testing.T) { FILE: scan/misconfiguration/http_headers/http_headers.go constant CSPHTTPHeader (line 13) | CSPHTTPHeader = "Content-Security-Policy" constant HSTSHTTPHeader (line 14) | HSTSHTTPHeader = "Strict-Transport-Security" constant CORSOriginHTTPHeader (line 15) | CORSOriginHTTPHeader = "Access-Control-Allow-Origin" constant XContentTypeOptionsHTTPHeader (line 16) | XContentTypeOptionsHTTPHeader = "X-Content-Type-Options" constant XFrameOptionsHTTPHeader (line 17) | XFrameOptionsHTTPHeader = "X-Frame-Options" constant HTTPHeadersScanID (line 21) | HTTPHeadersScanID = "misconfiguration.http_headers" constant HTTPHeadersScanName (line 22) | HTTPHeadersScanName = "HTTP Headers Misconfiguration" function CheckCSPFrameAncestors (line 144) | func CheckCSPFrameAncestors(cspHeader string) bool { function ScanHandler (line 159) | func ScanHandler(op *operation.Operation, securityScheme *auth.SecurityS... FILE: scan/misconfiguration/http_headers/http_headers_test.go function getValidHTTPHeaders (line 16) | func getValidHTTPHeaders(_ *operation.Operation) http.Header { function TestHTTPHeadersScanHandler_Passed (line 27) | func TestHTTPHeadersScanHandler_Passed(t *testing.T) { function TestHTTPHeadersBestPracticesWithoutCSPScanHandler (line 51) | func TestHTTPHeadersBestPracticesWithoutCSPScanHandler(t *testing.T) { function TestHTTPHeadersBestPracticesWithoutFrameAncestorsCSPDirectiveScanHandler (line 70) | func TestHTTPHeadersBestPracticesWithoutFrameAncestorsCSPDirectiveScanHa... function TestHTTPHeadersBestPracticesWithNotNoneFrameAncestorsCSPDirectiveScanHandler (line 89) | func TestHTTPHeadersBestPracticesWithNotNoneFrameAncestorsCSPDirectiveSc... function TestHTTPHeadersBestPracticesWithoutCORSScanHandler (line 108) | func TestHTTPHeadersBestPracticesWithoutCORSScanHandler(t *testing.T) { function TestHTTPHeadersBestPracticesWithPermissiveCORSScanHandler (line 127) | func TestHTTPHeadersBestPracticesWithPermissiveCORSScanHandler(t *testin... function TestHTTPHeadersBestPracticesWithoutHSTSScanHandler (line 146) | func TestHTTPHeadersBestPracticesWithoutHSTSScanHandler(t *testing.T) { function TestHTTPHeadersBestPracticesWithoutXContentTypeOptionsScanHandler (line 165) | func TestHTTPHeadersBestPracticesWithoutXContentTypeOptionsScanHandler(t... function TestHTTPHeadersBestPracticesWithoutXFrameOptionsScanHandler (line 184) | func TestHTTPHeadersBestPracticesWithoutXFrameOptionsScanHandler(t *test... FILE: scan/misconfiguration/http_method_override/http_method_override.go constant HTTPMethodOverrideScanID (line 13) | HTTPMethodOverrideScanID = "misconfiguration.http_method_override" constant HTTPMethodOverrideScanName (line 14) | HTTPMethodOverrideScanName = "HTTP Method Override Misconfiguration" function ScanHandler (line 75) | func ScanHandler(op *operation.Operation, securityScheme *auth.SecurityS... FILE: scan/misconfiguration/http_method_override/http_method_override_test.go function TestHTTPMethodOverrideScanHandler (line 19) | func TestHTTPMethodOverrideScanHandler(t *testing.T) { function TestHTTPMethodOverrideScanHandler_When_Error (line 58) | func TestHTTPMethodOverrideScanHandler_When_Error(t *testing.T) { function TestHTTPMethodOverrideScanHandler_Passed (line 77) | func TestHTTPMethodOverrideScanHandler_Passed(t *testing.T) { function TestHTTPMethodOverrideScanHandler_Failed_With_Header (line 98) | func TestHTTPMethodOverrideScanHandler_Failed_With_Header(t *testing.T) { function TestHTTPMethodOverrideScanHandler_Failed_With_Query_Parameter (line 124) | func TestHTTPMethodOverrideScanHandler_Failed_With_Query_Parameter(t *te... function TestHTTPMethodOverrideScanHandler_Authentication_ByPass_Passed (line 151) | func TestHTTPMethodOverrideScanHandler_Authentication_ByPass_Passed(t *t... function TestHTTPMethodOverrideScanHandler_Authentication_ByPass_Failed (line 182) | func TestHTTPMethodOverrideScanHandler_Authentication_ByPass_Failed(t *t... FILE: scan/misconfiguration/http_trace/http_trace_method.go constant HTTPTraceScanID (line 13) | HTTPTraceScanID = "misconfiguration.http_trace" constant HTTPTraceScanName (line 14) | HTTPTraceScanName = "HTTP TRACE Method Misconfiguration" function ScanHandler (line 34) | func ScanHandler(operation *operation.Operation, securityScheme *auth.Se... FILE: scan/misconfiguration/http_trace/http_trace_method_test.go function TestHTTPTraceMethodScanHandler_Passed_WhenNotOKResponse (line 16) | func TestHTTPTraceMethodScanHandler_Passed_WhenNotOKResponse(t *testing.... function TestHTTPTraceMethodScanHandler_Failed_WhenTraceIsEnabled (line 31) | func TestHTTPTraceMethodScanHandler_Failed_WhenTraceIsEnabled(t *testing... FILE: scan/misconfiguration/http_track/http_track_method.go constant HTTPTrackScanID (line 13) | HTTPTrackScanID = "misconfiguration.http_track" constant HTTPTrackScanName (line 14) | HTTPTrackScanName = "HTTP TRACK Method Misconfiguration" constant TrackMethod (line 34) | TrackMethod = "TRACK" function ScanHandler (line 36) | func ScanHandler(operation *operation.Operation, securityScheme *auth.Se... FILE: scan/misconfiguration/http_track/http_track_method_test.go function TestHTTPTrackMethodScanHandler_Passed_WhenNotOKResponse (line 16) | func TestHTTPTrackMethodScanHandler_Passed_WhenNotOKResponse(t *testing.... function TestHTTPTrackMethodScanHandler_Failed_WhenTrackIsEnabled (line 31) | func TestHTTPTrackMethodScanHandler_Failed_WhenTrackIsEnabled(t *testing... FILE: scan/operation_scan.go type OperationScanHandlerFunc (line 9) | type OperationScanHandlerFunc type OperationScanHandler (line 11) | type OperationScanHandler struct type OperationScan (line 16) | type OperationScan struct function NewOperationScanHandler (line 21) | func NewOperationScanHandler(id string, handler OperationScanHandlerFunc... FILE: scan/operation_scan_test.go function TestNewOperationScanHandler (line 13) | func TestNewOperationScanHandler(t *testing.T) { FILE: scan/scan.go type ScanOptions (line 15) | type ScanOptions struct type Scan (line 21) | type Scan struct method GetOperationsScans (line 72) | func (s *Scan) GetOperationsScans() []OperationScan { method AddOperationScanHandler (line 76) | func (s *Scan) AddOperationScanHandler(handler *OperationScanHandler) ... method AddScanHandler (line 95) | func (s *Scan) AddScanHandler(handler *OperationScanHandler) *Scan { method Execute (line 112) | func (s *Scan) Execute(ctx context.Context, scanCallback func(operatio... method shouldAddScan (line 139) | func (s *Scan) shouldAddScan(scanID string) bool { constant otelName (line 32) | otelName = "github.com/cerberauth/vulnapi/scan" constant otelScanIncludeScansAttribute (line 34) | otelScanIncludeScansAttribute = attribute.Key("include_scans") constant otelScanExcludeScansAttribute (line 35) | otelScanExcludeScansAttribute = attribute.Key("exclude_scans") constant otelScanHandlerIdAttribute (line 36) | otelScanHandlerIdAttribute = attribute.Key("id") function NewScan (line 39) | func NewScan(operations operation.Operations, opts *ScanOptions) (*Scan,... function contains (line 153) | func contains(slice []string, item string) bool { FILE: scan/scan_test.go function TestNewScanWithNoOperations (line 16) | func TestNewScanWithNoOperations(t *testing.T) { function TestNewScan (line 22) | func TestNewScan(t *testing.T) { function TestNewScanWithOptions (line 42) | func TestNewScanWithOptions(t *testing.T) { function TestScanGetOperationsScansWhenEmpty (line 63) | func TestScanGetOperationsScansWhenEmpty(t *testing.T) { function TestScanGetOperationsScans (line 73) | func TestScanGetOperationsScans(t *testing.T) { function TestScanExecuteWithNoHandlers (line 86) | func TestScanExecuteWithNoHandlers(t *testing.T) { function TestScanExecuteWithHandler (line 98) | func TestScanExecuteWithHandler(t *testing.T) { function TestScanExecuteWithIncludeScans (line 115) | func TestScanExecuteWithIncludeScans(t *testing.T) { function TestScanExecuteWithEmptyStringIncludeScans (line 134) | func TestScanExecuteWithEmptyStringIncludeScans(t *testing.T) { function TestScanExecuteWithMatchStringIncludeScans (line 153) | func TestScanExecuteWithMatchStringIncludeScans(t *testing.T) { function TestScanExecuteWithWrongMatchStringIncludeScans (line 172) | func TestScanExecuteWithWrongMatchStringIncludeScans(t *testing.T) { function TestScanExecuteWithExcludeScans (line 190) | func TestScanExecuteWithExcludeScans(t *testing.T) { function TestScanExecuteWithMatchStringExcludeScans (line 208) | func TestScanExecuteWithMatchStringExcludeScans(t *testing.T) { function TestScanExecuteWithWrongMatchStringExcludeScans (line 226) | func TestScanExecuteWithWrongMatchStringExcludeScans(t *testing.T) { FILE: scenario/discover_api.go function NewDiscoverAPIScan (line 18) | func NewDiscoverAPIScan(method string, u *url.URL, client *request.Clien... FILE: scenario/discover_api_test.go function TestNewDiscoverScan (line 14) | func TestNewDiscoverScan(t *testing.T) { function TestNewDiscoverScanWithoutURLProto (line 28) | func TestNewDiscoverScanWithoutURLProto(t *testing.T) { function TestNewDiscoverScanWhenNotReachable (line 43) | func TestNewDiscoverScanWhenNotReachable(t *testing.T) { FILE: scenario/discover_domain.go function searchByCommonHostnames (line 19) | func searchByCommonHostnames(domain string) []string { function searchByLookupIP (line 44) | func searchByLookupIP(rootDomain string) ([]string, error) { function getAllFQDNs (line 80) | func getAllFQDNs(domain string) []string { function testFqdnReachable (line 98) | func testFqdnReachable(fqdn string, client *request.Client) (*operation.... function NewDiscoverDomainsScan (line 120) | func NewDiscoverDomainsScan(rootDomain string, client *request.Client, o... FILE: scenario/graphql.go function NewGraphQLScan (line 16) | func NewGraphQLScan(u *url.URL, client *request.Client, opts *scan.ScanO... FILE: scenario/graphql_test.go function TestNewGraphQLScan (line 16) | func TestNewGraphQLScan(t *testing.T) { function TestNewGraphQLScanWithoutURLProto (line 31) | func TestNewGraphQLScanWithoutURLProto(t *testing.T) { function TestNewGraphQLScanWhenNotReachable (line 47) | func TestNewGraphQLScanWhenNotReachable(t *testing.T) { function TestNewGraphQLScanWithUpperCaseAuthorizationHeader (line 56) | func TestNewGraphQLScanWithUpperCaseAuthorizationHeader(t *testing.T) { function TestNewGraphQLScanWithUpperCaseAuthorizationAndLowerCaseBearerHeader (line 78) | func TestNewGraphQLScanWithUpperCaseAuthorizationAndLowerCaseBearerHeade... function TestNewGraphQLScanWithLowerCaseAuthorizationHeader (line 98) | func TestNewGraphQLScanWithLowerCaseAuthorizationHeader(t *testing.T) { FILE: scenario/openapi.go function NewOpenAPIScan (line 12) | func NewOpenAPIScan(ctx context.Context, openapi *openapi.OpenAPI, secur... FILE: scenario/openapi_test.go function TestMain (line 20) | func TestMain(m *testing.M) { function TestNewOpenAPIScanWithHttpBearer (line 45) | func TestNewOpenAPIScanWithHttpBearer(t *testing.T) { function TestNewOpenAPIScanWithJWTHttpBearer (line 61) | func TestNewOpenAPIScanWithJWTHttpBearer(t *testing.T) { function TestNewOpenAPIScanWithMultipleOperations (line 78) | func TestNewOpenAPIScanWithMultipleOperations(t *testing.T) { function TestNewOpenAPIScanWithoutParamsExample (line 97) | func TestNewOpenAPIScanWithoutParamsExample(t *testing.T) { FILE: scenario/scans.go function WithAllCommonScans (line 21) | func WithAllCommonScans(s *scan.Scan) *scan.Scan { FILE: scenario/url.go function NewURLScan (line 15) | func NewURLScan(method string, u *url.URL, data string, client *request.... FILE: scenario/url_test.go function TestNewURLScan (line 16) | func TestNewURLScan(t *testing.T) { function TestNewURLScanWithUpperCaseAuthorizationHeader (line 31) | func TestNewURLScanWithUpperCaseAuthorizationHeader(t *testing.T) { function TestNewURLScanWithUpperCaseAuthorizationAndLowerCaseBearerHeader (line 53) | func TestNewURLScanWithUpperCaseAuthorizationAndLowerCaseBearerHeader(t ... function TestNewURLScanWithLowerCaseAuthorizationHeader (line 73) | func TestNewURLScanWithLowerCaseAuthorizationHeader(t *testing.T) { function TestNewURLScanWithAPIKeyInHeader (line 93) | func TestNewURLScanWithAPIKeyInHeader(t *testing.T) { function TestNewURLScanWithHTTPBasic (line 139) | func TestNewURLScanWithHTTPBasic(t *testing.T) { FILE: scenario/utils.go constant bearerPrefix (line 13) | bearerPrefix = auth.BearerPrefix + " " constant basicPrefix (line 14) | basicPrefix = auth.BasicPrefix + " " function detectAuthorizationHeader (line 18) | func detectAuthorizationHeader(header http.Header) string { function getBearerToken (line 30) | func getBearerToken(authHeader string) string { function getHttpBasicAuthUser (line 43) | func getHttpBasicAuthUser(authHeader string) string { function detectAPIKeyHeader (line 56) | func detectAPIKeyHeader(header http.Header) (string, string) { function decodeBasicAuth (line 68) | func decodeBasicAuth(encodedUser string) (string, string) { function detectSecurityScheme (line 82) | func detectSecurityScheme(header http.Header) (*auth.SecurityScheme, err... function addDefaultProtocolWhenMissing (line 102) | func addDefaultProtocolWhenMissing(u *url.URL) *url.URL { FILE: seclist/seclist.go type SecList (line 19) | type SecList struct method loadFile (line 54) | func (s *SecList) loadFile(file fs.File) error { method loadFromEmbeddedFile (line 68) | func (s *SecList) loadFromEmbeddedFile(filepath string) error { method loadFromTmpFile (line 86) | func (s *SecList) loadFromTmpFile(filepath string) error { method DownloadFromURL (line 96) | func (s *SecList) DownloadFromURL(url string) error { function fileNameFromURL (line 24) | func fileNameFromURL(url string) string { function hasSecList (line 28) | func hasSecList(name string) bool { function NewSecList (line 33) | func NewSecList(name string) *SecList { function NewSecListFromURL (line 40) | func NewSecListFromURL(name, url string) (*SecList, error) { function NewSecListFromEmbeddedFile (line 77) | func NewSecListFromEmbeddedFile(name, filename string) (*SecList, error) { FILE: seclist/seclist_test.go function TestNewSecListFromURL (line 12) | func TestNewSecListFromURL(t *testing.T) { function TestNewSecListFromURLWhenResponseNotOk (line 29) | func TestNewSecListFromURLWhenResponseNotOk(t *testing.T) { function TestNewSecListFromURLWhenEmbeddedFileExists (line 40) | func TestNewSecListFromURLWhenEmbeddedFileExists(t *testing.T) { FILE: vulnapi.rb class Vulnapi (line 5) | class Vulnapi < Formula method install (line 16) | def install method install (line 24) | def install method install (line 34) | def install method install (line 41) | def install