Spaces:
Runtime error
Runtime error
| """ | |
| Example: scanning a custom target with module-level access. | |
| This example shows how to use individual modules instead of the full pipeline. | |
| Useful for: | |
| * Re-running the analyzer with different signatures | |
| * Re-training the ML classifier with new hyperparameters | |
| * Generating mutated payloads without scanning | |
| Run | |
| --- | |
| :: | |
| python examples/custom_target.py | |
| """ | |
| from intelliscan.modules.analyzer import Analyzer | |
| from intelliscan.modules.classifier import MLClassifier | |
| from intelliscan.modules.payload_gen import PayloadGenerator | |
| def example_signature_analysis(): | |
| """Analyze raw injection results without re-scanning.""" | |
| raw_results = [ | |
| { | |
| "target_url": "http://test.example/sqli", | |
| "method": "GET", | |
| "vuln_type": "sqli", | |
| "param": "id", | |
| "payload": "' OR 1=1-- ", | |
| "status_code": 200, | |
| "response_len": 4821, | |
| "response_body": "First name: admin Surname: admin", | |
| }, | |
| ] | |
| analyzer = Analyzer(raw_results) | |
| labeled = analyzer.run() | |
| for r in labeled: | |
| print(f"{r.label}: {r.reason}") | |
| def example_payload_mutation(): | |
| """Generate WAF-bypass variants of a payload.""" | |
| gen = PayloadGenerator() | |
| base = "' OR 1=1-- " | |
| variants = gen.generate(base, vuln_type="sqli") | |
| print(f"\nBase payload: {base!r}") | |
| print(f"Generated {len(variants)} variants:\n") | |
| for v in variants[:10]: | |
| print(f" {v!r}") | |
| def example_train_classifier(): | |
| """Train the Random Forest on a JSON dataset.""" | |
| # Toy dataset: 8 vulnerable, 8 not vulnerable | |
| dataset = [] | |
| for _ in range(8): | |
| dataset.append( | |
| { | |
| "vuln_type": "sqli", | |
| "payload": "' OR 1=1-- ", | |
| "status_code": 200, | |
| "response_len": 5000, | |
| "response_body": "First name: a", | |
| "label": "VULNERABLE", | |
| } | |
| ) | |
| dataset.append( | |
| { | |
| "vuln_type": "sqli", | |
| "payload": "x", | |
| "status_code": 200, | |
| "response_len": 1000, | |
| "response_body": "no dump here", | |
| "label": "NOT_VULNERABLE", | |
| } | |
| ) | |
| clf = MLClassifier() | |
| report = clf.train(dataset) | |
| print(report.summary()) | |
| # Test prediction on a new instance | |
| test = { | |
| "vuln_type": "sqli", | |
| "payload": "' UNION SELECT user(),db()-- ", | |
| "status_code": 200, | |
| "response_len": 5500, | |
| "response_body": "First name: x", | |
| } | |
| label, proba = clf.predict(test) | |
| print(f"\nPrediction: {label} (confidence: {proba:.2f})") | |
| if __name__ == "__main__": | |
| print("--- Signature analysis ---") | |
| example_signature_analysis() | |
| print("\n--- Payload mutation ---") | |
| example_payload_mutation() | |
| print("\n--- ML training ---") | |
| example_train_classifier() | |