WuYanBo
/
CodeReview
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
CodeReview/backend/app/services/agent/knowledge/vulnerabilities/__init__.py

82 lines
1.7 KiB
Python
Raw Blame History

"""
漏洞类型知识模块
包含各种漏洞类型的专业知识
"""
from .injection import SQL_INJECTION, NOSQL_INJECTION, COMMAND_INJECTION, CODE_INJECTION
from .xss import XSS_REFLECTED, XSS_STORED, XSS_DOM
from .auth import AUTH_BYPASS, IDOR, BROKEN_ACCESS_CONTROL
from .crypto import WEAK_CRYPTO, HARDCODED_SECRETS
from .ssrf import SSRF
from .deserialization import INSECURE_DESERIALIZATION
from .path_traversal import PATH_TRAVERSAL
from .xxe import XXE
from .race_condition import RACE_CONDITION
from .csrf import CSRF
from .business_logic import BUSINESS_LOGIC, RATE_LIMITING
from .open_redirect import OPEN_REDIRECT
# 所有漏洞知识文档
ALL_VULNERABILITY_DOCS = [
# 注入类
SQL_INJECTION,
NOSQL_INJECTION,
COMMAND_INJECTION,
CODE_INJECTION,
# XSS类
XSS_REFLECTED,
XSS_STORED,
XSS_DOM,
# 认证授权类
AUTH_BYPASS,
IDOR,
BROKEN_ACCESS_CONTROL,
# 加密类
WEAK_CRYPTO,
HARDCODED_SECRETS,
# 请求伪造
CSRF,
SSRF,
# 其他
INSECURE_DESERIALIZATION,
PATH_TRAVERSAL,
XXE,
RACE_CONDITION,
BUSINESS_LOGIC,
RATE_LIMITING,
OPEN_REDIRECT,
]
__all__ = [
"ALL_VULNERABILITY_DOCS",
# 注入类
"SQL_INJECTION",
"NOSQL_INJECTION",
"COMMAND_INJECTION",
"CODE_INJECTION",
# XSS类
"XSS_REFLECTED",
"XSS_STORED",
"XSS_DOM",
# 认证授权类
"AUTH_BYPASS",
"IDOR",
"BROKEN_ACCESS_CONTROL",
# 加密类
"WEAK_CRYPTO",
"HARDCODED_SECRETS",
# 请求伪造
"CSRF",
"SSRF",
# 其他
"INSECURE_DESERIALIZATION",
"PATH_TRAVERSAL",
"XXE",
"RACE_CONDITION",
"BUSINESS_LOGIC",
"RATE_LIMITING",
"OPEN_REDIRECT",
]
Reference in New Issue View Git Blame Copy Permalink