ab17a7376a
All checks were successful
CI / Clippy (push) Successful in 4m15s
CI / Security Audit (push) Has been skipped
CI / Tests (push) Has been skipped
CI / Clippy (pull_request) Successful in 4m16s
CI / Security Audit (pull_request) Has been skipped
CI / Tests (pull_request) Has been skipped
CI / Detect Changes (push) Has been skipped
CI / Detect Changes (pull_request) Has been skipped
CI / Deploy Agent (push) Has been skipped
CI / Deploy Dashboard (push) Has been skipped
CI / Deploy Docs (push) Has been skipped
CI / Deploy MCP (push) Has been skipped
CI / Deploy Agent (pull_request) Has been skipped
CI / Deploy Dashboard (pull_request) Has been skipped
CI / Deploy Docs (pull_request) Has been skipped
CI / Deploy MCP (pull_request) Has been skipped
CI / Format (push) Successful in 27s
CI / Format (pull_request) Successful in 3s
Fix dead code warnings, redundant clones, boolean simplification, format-in-format-args, type complexity, and Box::new of Default across compliance-dast, compliance-agent, and compliance-dashboard. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
143 lines
4.2 KiB
Rust
143 lines
4.2 KiB
Rust
pub mod api_fuzzer;
|
|
pub mod auth_bypass;
|
|
pub mod console_log_detector;
|
|
pub mod cookie_analyzer;
|
|
pub mod cors_checker;
|
|
pub mod csp_analyzer;
|
|
pub mod dmarc_checker;
|
|
pub mod dns_checker;
|
|
pub mod openapi_parser;
|
|
pub mod rate_limit_tester;
|
|
pub mod recon;
|
|
pub mod security_headers;
|
|
pub mod sql_injection;
|
|
pub mod ssrf;
|
|
pub mod tls_analyzer;
|
|
pub mod xss;
|
|
|
|
use std::collections::HashMap;
|
|
|
|
use compliance_core::traits::pentest_tool::PentestTool;
|
|
|
|
/// A definition describing a tool for LLM tool_use registration.
|
|
#[derive(Debug, Clone)]
|
|
pub struct ToolDefinition {
|
|
pub name: String,
|
|
pub description: String,
|
|
pub input_schema: serde_json::Value,
|
|
}
|
|
|
|
/// Registry that holds all available pentest tools and provides
|
|
/// look-up by name.
|
|
pub struct ToolRegistry {
|
|
tools: HashMap<String, Box<dyn PentestTool>>,
|
|
}
|
|
|
|
impl Default for ToolRegistry {
|
|
fn default() -> Self {
|
|
Self::new()
|
|
}
|
|
}
|
|
|
|
impl ToolRegistry {
|
|
/// Create a new registry with all built-in tools pre-registered.
|
|
#[allow(clippy::expect_used)]
|
|
pub fn new() -> Self {
|
|
let http = reqwest::Client::builder()
|
|
.danger_accept_invalid_certs(true)
|
|
.timeout(std::time::Duration::from_secs(30))
|
|
.redirect(reqwest::redirect::Policy::limited(5))
|
|
.build()
|
|
.expect("failed to build HTTP client");
|
|
|
|
let mut tools: HashMap<String, Box<dyn PentestTool>> = HashMap::new();
|
|
|
|
// Agent-wrapping tools
|
|
let register = |tools: &mut HashMap<String, Box<dyn PentestTool>>,
|
|
tool: Box<dyn PentestTool>| {
|
|
tools.insert(tool.name().to_string(), tool);
|
|
};
|
|
|
|
register(
|
|
&mut tools,
|
|
Box::new(sql_injection::SqlInjectionTool::new(http.clone())),
|
|
);
|
|
register(&mut tools, Box::new(xss::XssTool::new(http.clone())));
|
|
register(
|
|
&mut tools,
|
|
Box::new(auth_bypass::AuthBypassTool::new(http.clone())),
|
|
);
|
|
register(&mut tools, Box::new(ssrf::SsrfTool::new(http.clone())));
|
|
register(
|
|
&mut tools,
|
|
Box::new(api_fuzzer::ApiFuzzerTool::new(http.clone())),
|
|
);
|
|
|
|
// New infrastructure / analysis tools
|
|
register(&mut tools, Box::<dns_checker::DnsCheckerTool>::default());
|
|
register(
|
|
&mut tools,
|
|
Box::<dmarc_checker::DmarcCheckerTool>::default(),
|
|
);
|
|
register(
|
|
&mut tools,
|
|
Box::new(tls_analyzer::TlsAnalyzerTool::new(http.clone())),
|
|
);
|
|
register(
|
|
&mut tools,
|
|
Box::new(security_headers::SecurityHeadersTool::new(http.clone())),
|
|
);
|
|
register(
|
|
&mut tools,
|
|
Box::new(cookie_analyzer::CookieAnalyzerTool::new(http.clone())),
|
|
);
|
|
register(
|
|
&mut tools,
|
|
Box::new(csp_analyzer::CspAnalyzerTool::new(http.clone())),
|
|
);
|
|
register(
|
|
&mut tools,
|
|
Box::new(rate_limit_tester::RateLimitTesterTool::new(http.clone())),
|
|
);
|
|
register(
|
|
&mut tools,
|
|
Box::new(console_log_detector::ConsoleLogDetectorTool::new(
|
|
http.clone(),
|
|
)),
|
|
);
|
|
register(
|
|
&mut tools,
|
|
Box::new(cors_checker::CorsCheckerTool::new(http.clone())),
|
|
);
|
|
register(
|
|
&mut tools,
|
|
Box::new(openapi_parser::OpenApiParserTool::new(http.clone())),
|
|
);
|
|
register(&mut tools, Box::new(recon::ReconTool::new(http)));
|
|
|
|
Self { tools }
|
|
}
|
|
|
|
/// Look up a tool by name.
|
|
pub fn get(&self, name: &str) -> Option<&dyn PentestTool> {
|
|
self.tools.get(name).map(|b| b.as_ref())
|
|
}
|
|
|
|
/// Return definitions for every registered tool.
|
|
pub fn all_definitions(&self) -> Vec<ToolDefinition> {
|
|
self.tools
|
|
.values()
|
|
.map(|t| ToolDefinition {
|
|
name: t.name().to_string(),
|
|
description: t.description().to_string(),
|
|
input_schema: t.input_schema(),
|
|
})
|
|
.collect()
|
|
}
|
|
|
|
/// Return the names of all registered tools.
|
|
pub fn list_names(&self) -> Vec<String> {
|
|
self.tools.keys().cloned().collect()
|
|
}
|
|
}
|