crash.software
Projects
Pull Requests
Issues
Builds
tsunami-security-scanner
Code
Files
Commits
Branches
Tags
Pull Requests
Code Comments
Code Compare
Issues
Builds
Statistics
Child Projects
cra.sh
RESTful API
Projects STRLCPY tsunami-security-scanner Files
🤬
32fc4b0c
ROOT /
plugin /
src /
main /
java /
com /
google /
tsunami /
plugin /
payload /
README.md
24 lines | ISO-8859-1 | 1 KB

Tsunami Payload Generation Framework

This is the code for Tsunami's payload generation framework, an optional library for detectors which automatically selects the best payload for a given vulnerability, taking out the guesswork when writing a new detector, reducing false positives, and standardizing payloads across detectors. It is also the interface for using the Tsunami Callback Server.

Detectors targeting remote code executions (RCE) and server-side request forgery (SSRF) vulnerabilities are ideal candidates for using the payload framework.

For an example of how to use the framework, see the example plugin.

payload_definitions.yaml

payload_definitions.yaml defines the actual payloads used in the payload generation framework. See the schema definition in payload_generator.proto. When adding a new payload definition, make sure to add test cases.

Please wait...
Page is in error, reload to recover