■ ■ ■ ■ ■ ■
plugin/src/main/java/com/google/tsunami/plugin/payload/README.md
1 | | - | \# payload_definitions.yaml |
| 1 | + | # Tsunami Payload Generation Framework |
| 2 | + | |
| 3 | + | This is the code for Tsunami's payload generation framework, an optional library |
| 4 | + | for detectors which automatically selects the best payload for a given |
| 5 | + | vulnerability, taking out the guesswork when writing a new detector, reducing |
| 6 | + | false positives, and standardizing payloads across detectors. It is also the |
| 7 | + | interface for using the |
| 8 | + | [Tsunami Callback Server](https://github.com/google/tsunami-security-scanner-callback-server). |
| 9 | + | |
| 10 | + | Detectors targeting remote code executions (RCE) and server-side request forgery |
| 11 | + | (SSRF) vulnerabilities are ideal candidates for using the payload framework. |
| 12 | + | |
| 13 | + | For an example of how to use the framework, see |
| 14 | + | [the example plugin](https://github.com/google/tsunami-security-scanner-plugins/tree/master/examples/example_payload_framework_vuln_detector). |
2 | 15 | | |
3 | | - | `payload_definitions.yaml` defines the payloads used in the payload generation |
4 | | - | framework. See the schema definition in payload_generator.proto. |
| 16 | + | ## payload_definitions.yaml |
| 17 | + | |
| 18 | + | [payload_definitions.yaml](https://github.com/google/tsunami-security-scanner/blob/master/plugin/src/main/resources/com/google/tsunami/plugin/payload/payload_definitions.yaml) |
| 19 | + | defines the actual payloads used in the payload generation framework. See the |
| 20 | + | schema definition in |
| 21 | + | [payload_generator.proto](https://github.com/google/tsunami-security-scanner/blob/master/proto/payload_generator.proto). |
| 22 | + | When adding a new payload definition, make sure to add |
| 23 | + | [test cases](https://github.com/google/tsunami-security-scanner/blob/master/plugin/src/test/java/com/google/tsunami/plugin/payload/PayloadGeneratorTest.java). |
5 | 24 | | |