Namespace Kuestenlogik.Bowire.Security
Classes
- AttackJsonPathClause
Operator-bag for the BodyJsonPath leaf. Path selects values; one of Exists, EqualsValue, Matches, or AnyValueMatches specifies what counts as a match.
- AttackPredicate
Predicate-tree node for the vulnerability-template DSL. Each instance is either a leaf (one of the response-property checks set on this node) or a composite (one of AllOf / AnyOf / Not set on this node).
- AttackPredicateEvaluator
Stateless walker that evaluates an AttackPredicate against an AttackProbeResponse. Returns true when the predicate matches — i.e. when the target is vulnerable according to the template.
- AttackProbeResponse
Captured response context that AttackPredicateEvaluator walks an AttackPredicate against. Transport-agnostic: the HTTP scanner populates Status from the HTTP status code; future gRPC / SignalR / WebSocket transports map their own status concepts onto the same integer (gRPC: 0..16 status codes, SignalR: 200 for invocation OK / specific code on hub error, …).
- AttackVulnerability
Identifying + classification metadata for a vulnerability template. Attached to a BowireRecording via its
Vulnerabilityfield when the recording is being used as a security-test probe rather than as a mock-server fixture.
- FuzzExecutor
Server-side runtime for the schema-aware fuzzer. Shared between the
bowire fuzzCLI subcommand and the/api/security/fuzzHTTP endpoint that the workbench's right-click "Fuzz this field" menu calls into. Stateless; payload wordlists + per-category response heuristics live as static data so neither consumer pays for instance state.
- FuzzExecutorRequest
Input bundle for RunAsync(FuzzExecutorRequest, CancellationToken).
- FuzzResultRow
One row of the fuzz result — per-payload outcome.
- FuzzRunResult
Aggregate result of one fuzz run.
Enums
- FuzzOutcome
Per-payload outcome bucket.