def __init__(self, name):
self.logger = get_logger(self.__class__.__name__)
self.name = name
self.content_type = ''
self.method = None
self.url = None
self.params = set()
self.data = set()
self.headers = set()
self.path_variables = set()
self.query = set()
self.cookies = set()
self.field_to_param = {
'params': self.params,
'headers': self.headers,
'data': self.data,
'path_variables': self.path_variables,
'cookies': self.cookies,
'query': self.query,
'content_type': self.content_type
}
self.place_to_field = {
'path': self.path_variables,
'query': self.query,
'header': self.headers,
'cookie': self.query,
'body': self.data
}
"""
def __init__(self, auth_headers):
self._last_sent_request = None
self.auth_headers = auth_headers
self.logger = get_logger(self.__class__.__name__)
self.logger.info('Logger initialized')
self.resp_headers = dict()
self.chop_left = True
self.chop_right = True
def __init__(self, api_definition_path=None, api_definition_url=""):
self.logger = get_logger(self.__class__.__name__)
self.api_definition = self._get_api_definition(api_definition_path,
api_definition_url)
self.api_definition_path = api_definition_path
self.api_definition_base_path = self._get_base_path_of_file(
api_definition_path)
self.api_definition_url = api_definition_url
self.additional_api_definition = deepcopy(self.api_definition)
def __init__(self, name, base_url, report_dir, auth_headers,
junit_report_path):
super(ServerTarget, self).__init__(name) # pylint: disable=E1003
super(FuzzerTargetBase, self).__init__(auth_headers) # pylint: disable=E1003
self.logger = get_logger(self.__class__.__name__)
self.base_url = base_url
self.accepted_status_codes = list(range(200, 300)) + list(
range(400, 500))
self.auth_headers = auth_headers
self.report_dir = report_dir
self.junit_report_path = junit_report_path
self.failed_test = list()
self.logger.info('Logger initialized')
self.resp_headers = dict()
def __init__(self, api_definition_url, api_definition_file):
"""
:param api_definition_file: API resources local file
:type api_definition_file: str
:param api_definition_url: URL where the request should be sent
:type api_definition_url: str
"""
super().__init__()
self.templates = set()
self.logger = get_logger(self.__class__.__name__)
self.api_definition_url = api_definition_url
self.api_definition_file = api_definition_file
self.reference_resolver = ResolveReferences(
api_definition_url=api_definition_url,
api_definition_path=api_definition_file)
tmp_api_resources = self.reference_resolver.resolve()
self.json_formatter = JsonSectionAbove(tmp_api_resources)
self.api_resources = self.json_formatter.resolve()
with open(f'resolved.json', 'w') as f:
json.dump(self.api_resources, f, sort_keys=True, indent=2)
def __init__(self,
value,
name,
fuzzable=True,
min_length=20,
max_length=None,
num_mutations=80):
super(BaseField, self).__init__(name=name) # pylint: disable=E1003
self.logger = self.logger = get_logger(self.__class__.__name__)
self.name = name
self.value = value
self.min_length = min_length
self.max_length = max_length if max_length else len(value) * 2
self._num_mutations = num_mutations
self.position = self.init_position()
self._initialized = False
self._default_value = self.to_bits(chr(self.MAX))
self._encoder = ENC_BITS_DEFAULT
self._default_rendered = self._encode_value(self._default_value)
self._hash = None
self._fuzzable = fuzzable
self._need_second_pass = False
self._controlled = False
def __init__(self, api_definition, section_to_up='schema'):
self.logger = get_logger(f'{self.__class__.__name__}-{section_to_up}')
self.api_definition = api_definition
self.section_to_up = section_to_up
def __init__(self):
self.logger = get_logger(self.__class__.__name__)
self.logger.info('Logger initialized')
super(OpenApiServerFuzzer, self).__init__(logger=self.logger)
def __init__(self):
self.logger = self.logger = get_logger(self.__class__.__name__)
