Class AttackPredicateEvaluator
- Namespace
- Kuestenlogik.Bowire.Security
- Assembly
- Kuestenlogik.Bowire.dll
Stateless walker that evaluates an AttackPredicate against an AttackProbeResponse. Returns true when the predicate matches — i.e. when the target is vulnerable according to the template.
public static class AttackPredicateEvaluator- Inheritance
-
AttackPredicateEvaluator
- Inherited Members
Remarks
All operators on a single node implicit-AND-combine. The composite
operators (allOf / anyOf / not) recurse. An
empty predicate (no operators set) matches by definition — treated
as "no condition specified, so trivially true". Templates that
supply no AttackPredicate at all should never reach
this evaluator; the scanner subcommand guards against that.
JSONPath evaluation supports the same subset the JS-side
bowireResolveJsonPath in the workbench supports:
$, $.foo, $.foo.bar, $.foo[0],
$.foo[*], $.foo[*].bar. Wildcards return every match;
the operators interpret "any value matches" / "all match" / "exists"
over the wildcard expansion.
Methods
Evaluate(AttackPredicate, AttackProbeResponse)
Evaluate the predicate against the response. Returns true when the response indicates the target is vulnerable; false otherwise.
public static bool Evaluate(AttackPredicate predicate, AttackProbeResponse response)Parameters
predicateAttackPredicateresponseAttackProbeResponse