Class AttackPredicate

Namespace

Kuestenlogik.Bowire.Security

Assembly

Kuestenlogik.Bowire.dll

Predicate-tree node for the vulnerability-template DSL. Each instance is either a leaf (one of the response-property checks set on this node) or a composite (one of AllOf / AnyOf / Not set on this node).

public sealed class AttackPredicate

Inheritance

object

AttackPredicate

Inherited Members

object.GetType()

object.ToString()

object.Equals(object)

object.Equals(object, object)

object.ReferenceEquals(object, object)

object.GetHashCode()

Remarks

The DSL is intentionally flat: a single class with every operator as an optional property, validated at evaluation time. JSON serialization shape matches the ADR (docs/architecture/security-testing.md — Predicate operators section) byte-for-byte so templates round-trip cleanly between disk, the wire, and the in-memory model.

A node may set ONE composite operator and any number of leaf operators — leaf operators on the same node are implicit-AND-combined. Mixing composites at one node (e.g. allOf + anyOf on the same object) is undefined and the evaluator processes them in declaration order via implicit AND.

Constructors

AttackPredicate()

public AttackPredicate()

Properties

AllOf

All sub-predicates must match.

[JsonPropertyName("allOf")]
public IList<AttackPredicate>? AllOf { get; init; }

Property Value

IList<AttackPredicate>

AnyOf

At least one sub-predicate must match.

[JsonPropertyName("anyOf")]
public IList<AttackPredicate>? AnyOf { get; init; }

Property Value

IList<AttackPredicate>

BodyContains

Response body (as UTF-8 text) contains the literal substring.

[JsonPropertyName("bodyContains")]
public string? BodyContains { get; set; }

Property Value

string

BodyJsonPath

JSONPath-shaped clause on the parsed response body — at least one match must exist / equal / regex-match per the operator inside the clause. See AttackJsonPathClause.

[JsonPropertyName("bodyJsonPath")]
public AttackJsonPathClause? BodyJsonPath { get; set; }

Property Value

AttackJsonPathClause

BodyMatches

Response body matches the regex (RE2-style; .NET regex by default).

[JsonPropertyName("bodyMatches")]
public string? BodyMatches { get; set; }

Property Value

string

HeaderEquals

Named headers exist with the given value. Header-name match is case-insensitive.

[JsonPropertyName("headerEquals")]
public IDictionary<string, string>? HeaderEquals { get; init; }

Property Value

IDictionary<string, string>

HeaderExists

Named headers are present (any value). Case-insensitive.

[JsonPropertyName("headerExists")]
public IList<string>? HeaderExists { get; init; }

Property Value

IList<string>

HeaderMissing

Named headers are NOT present in the response. Case-insensitive. Useful for missing-security-header checks.

[JsonPropertyName("headerMissing")]
public IList<string>? HeaderMissing { get; init; }

Property Value

IList<string>

LatencyMsAtLeast

Round-trip latency is at least N milliseconds. Used for blind-SQL / timing-oracle templates that probe a deliberately-slow injection ('; SELECT pg_sleep(5); --) and assert the response is delayed.

[JsonPropertyName("latencyMsAtLeast")]
public int? LatencyMsAtLeast { get; set; }

Property Value

int?

Not

The sub-predicate must NOT match.

[JsonPropertyName("not")]
public AttackPredicate? Not { get; set; }

Property Value

AttackPredicate

Status

HTTP status code equals.

[JsonPropertyName("status")]
public int? Status { get; set; }

Property Value

int?

StatusIn

HTTP status code is one of these values.

[JsonPropertyName("statusIn")]
public IList<int>? StatusIn { get; init; }

Property Value

IList<int>