code clean up

config/config.go

@@ -38,9 +38,7 @@ type yamlConfig struct {
 }
 
 func createExampleYAML() error {
-
    _, err := os.Stat("init.yaml")
-
    if os.IsNotExist(err) {
       err := ioutil.WriteFile("init.yaml", []byte(defaultYAMLContent), 0644)
       if err != nil {
@@ -68,7 +66,6 @@ func ReadConfigYaml() (yamlConfig){
    }
 
    config := yamlConfig{}
-
    err = yaml.Unmarshal(yamlFile,&config)
 
    if err != nil {

csv/csvUtils.go

@@ -12,7 +12,6 @@ import (
 
 var CSVHeader = []string{"URL","HTTP Method","Burp Response Status Code", "Burp Response Content Length"}
 
-
 func PopulateCSVHeaders(authHeadersLen int,cmdOpt *cmdOptions.CmdOpt) []string{
    if cmdOpt.IsRequestBody{
       CSVHeader = append(CSVHeader,"Burp Request Body")
@@ -38,18 +37,15 @@ func PopulateCSVHeaders(authHeadersLen int,cmdOpt *cmdOptions.CmdOpt) []string{
    }
 
    CSVHeader = append(CSVHeader,"Result")
-
    return CSVHeader
 }
 
 
 func escapeCSVString(s string) string {
-
    s = strings.ReplaceAll(s,"\"", "'")
    s = strings.ReplaceAll(s,"\n", "\\n")
    s = strings.ReplaceAll(s,"\r", "\\r")
    s = strings.ReplaceAll(s,"\t", "\\t")
-
    return s
 }
 
@@ -64,7 +60,6 @@ func printFormattedString(csvfileWriter *os.File,str string) {
 }
 
 func DoCSV(csvfileWriter *os.File,res map[string]map[int]http.HttpResult,authHeadersLen int, cmdOptions *cmdOptions.CmdOpt){
-
    for _, value := range res { 
 
       isBypassed := ""
@@ -75,7 +70,6 @@ func DoCSV(csvfileWriter *os.File,res map[string]map[int]http.HttpResult,authHea
       if cmdOptions.IsRequestBody{
          printFormattedString(csvfileWriter,value[0].RequestBody)
       }
-
       if cmdOptions.IsResponseBody{
          printFormattedString(csvfileWriter,burpResponse)
       }
@@ -86,11 +80,9 @@ func DoCSV(csvfileWriter *os.File,res map[string]map[int]http.HttpResult,authHea
          if cmdOptions.IsResponseBody{
             printFormattedString(csvfileWriter,value[i].Body)
          }
-
          if strconv.Itoa(len(burpResponse)) == value[i].Size{
             isBypassed = "Bypassed"
          }
-
          if i != 0{
             if (value[i].Size == value[i-1].Size) && (value[i].Size != strconv.Itoa(len(burpResponse))){
                isBypassed = "Sus"

go.mod

@@ -3,17 +3,17 @@ module github.com/karma9874/AuthInspector
 go 1.21.0
 
 require (
-	github.com/Jeffail/gabs v1.4.0 // indirect
+	github.com/cheggaaa/pb/v3 v3.1.4
+	github.com/google/uuid v1.4.0
+	gopkg.in/yaml.v3 v3.0.1
+)
+
+require (
 	github.com/VividCortex/ewma v1.2.0 // indirect
-	github.com/cheggaaa/pb v1.0.29 // indirect
-	github.com/cheggaaa/pb/v3 v3.1.4 // indirect
 	github.com/fatih/color v1.15.0 // indirect
-	github.com/google/uuid v1.4.0 // indirect
 	github.com/mattn/go-colorable v0.1.13 // indirect
 	github.com/mattn/go-isatty v0.0.19 // indirect
 	github.com/mattn/go-runewidth v0.0.14 // indirect
 	github.com/rivo/uniseg v0.2.0 // indirect
 	golang.org/x/sys v0.6.0 // indirect
-	gopkg.in/yaml.v2 v2.4.0 // indirect
-	gopkg.in/yaml.v3 v3.0.1 // indirect
 )

go.sum

@@ -1,38 +1,24 @@
-github.com/Jeffail/gabs v1.4.0 h1://5fYRRTq1edjfIrQGvdkcd22pkYUrHZ5YC/H2GJVAo=
-github.com/Jeffail/gabs v1.4.0/go.mod h1:6xMvQMK4k33lb7GUUpaAPh6nKMmemQeg5d4gn7/bOXc=
 github.com/VividCortex/ewma v1.2.0 h1:f58SaIzcDXrSy3kWaHNvuJgJ3Nmz59Zji6XoJR/q1ow=
 github.com/VividCortex/ewma v1.2.0/go.mod h1:nz4BbCtbLyFDeC9SUHbtcT5644juEuWfUAUnGx7j5l4=
-github.com/cheggaaa/pb v1.0.29 h1:FckUN5ngEk2LpvuG0fw1GEFx6LtyY2pWI/Z2QgCnEYo=
-github.com/cheggaaa/pb v1.0.29/go.mod h1:W40334L7FMC5JKWldsTWbdGjLo0RxUKK73K+TuPxX30=
 github.com/cheggaaa/pb/v3 v3.1.4 h1:DN8j4TVVdKu3WxVwcRKu0sG00IIU6FewoABZzXbRQeo=
 github.com/cheggaaa/pb/v3 v3.1.4/go.mod h1:6wVjILNBaXMs8c21qRiaUM8BR82erfgau1DQ4iUXmSA=
-github.com/fatih/color v1.9.0/go.mod h1:eQcE1qtQxscV5RaZvpXrrb8Drkc3/DdQ+uUYCNjL+zU=
 github.com/fatih/color v1.15.0 h1:kOqh6YHBtK8aywxGerMG2Eq3H6Qgoqeo13Bk2Mv/nBs=
 github.com/fatih/color v1.15.0/go.mod h1:0h5ZqXfHYED7Bhv2ZJamyIOUej9KtShiJESRwBDUSsw=
 github.com/google/uuid v1.4.0 h1:MtMxsa51/r9yyhkyLsVeVt0B+BGQZzpQiTQ4eHZ8bc4=
 github.com/google/uuid v1.4.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
-github.com/mattn/go-colorable v0.1.4/go.mod h1:U0ppj6V5qS13XJ6of8GYAs25YV2eR4EVcfRqFIhoBtE=
 github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA=
 github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovkB8vQcUbaXHg=
-github.com/mattn/go-isatty v0.0.8/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hdxcsrc5s=
-github.com/mattn/go-isatty v0.0.11/go.mod h1:PhnuNfih5lzO57/f3n+odYbM4JtupLOxQOAqxQCu2WE=
 github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM=
 github.com/mattn/go-isatty v0.0.19 h1:JITubQf0MOLdlGRuRq+jtsDlekdYPia9ZFsB8h/APPA=
 github.com/mattn/go-isatty v0.0.19/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y=
-github.com/mattn/go-runewidth v0.0.4 h1:2BvfKmzob6Bmd4YsL0zygOqfdFnK7GR4QL06Do4/p7Y=
-github.com/mattn/go-runewidth v0.0.4/go.mod h1:LwmH8dsx7+W8Uxz3IHJYH5QSwggIsqBzpuz5H//U1FU=
 github.com/mattn/go-runewidth v0.0.14 h1:+xnbZSEeDbOIg5/mE6JF0w6n9duR1l3/WmbinWVwUuU=
 github.com/mattn/go-runewidth v0.0.14/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh153qUoGf23w=
 github.com/rivo/uniseg v0.2.0 h1:S1pD9weZBuJdFmowNwbpi7BJ8TNftyUImj/0WQi72jY=
 github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc=
-golang.org/x/sys v0.0.0-20190222072716-a9d3bda3a223/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
-golang.org/x/sys v0.0.0-20191026070338-33540a1f6037 h1:YyJpGZS1sBuBCzLAR1VEpK193GlqGZbnPFnPV/5Rsb4=
-golang.org/x/sys v0.0.0-20191026070338-33540a1f6037/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.6.0 h1:MVltZSvRTcU2ljQOhs94SXPftV6DCNnZViHeQps87pQ=
 golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
-gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY=
-gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ=
 gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
 gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=

http/httpClient.go

@@ -31,11 +31,7 @@ func MakeRequest(opt HTTPClient,c chan map[string]map[int]HttpResult,wg *sync.Wa
    defer wg.Done()
 
    retValue := make(map[string]map[int]HttpResult)
-
-   // log.Printf("Testing for %s %s\n", opt.Method, opt.URL)
-
    var errorStr = "" 
-   //fmt.Println(opt.URL,opt.Body)
    req, _ := http.NewRequest(opt.Method,opt.URL,bytes.NewBuffer([]byte(opt.Body)))
 
    req.Header["User-Agent"] = []string{opt.DefaultUserAgent}
@@ -67,12 +63,10 @@ func MakeRequest(opt HTTPClient,c chan map[string]map[int]HttpResult,wg *sync.Wa
    if req_err != nil {
       errorStr = "timedOut"
       if cmdOptions.IsVerbose{log.Printf("[Failed] %s %s - Request Failed. Status Code: %d, Size: %d bytes\n", opt.Method, opt.URL, resp.StatusCode,0)}
-      //log.Printf("Goroutine for %s %s finished\n", opt.Method, opt.URL)
       retValue[uid] = map[int]HttpResult{
             idx: {
                 URL:         opt.URL,
                 Method:      opt.Method,
-                //Header:      nil,
                 StatusCode:  errorStr,
                 Size:        "\"\"",
                 Body:        "",
@@ -89,17 +83,14 @@ func MakeRequest(opt HTTPClient,c chan map[string]map[int]HttpResult,wg *sync.Wa
    }
 
    body,body_err := ioutil.ReadAll(resp.Body)
-   //fmt.Println(string(body))
    if body_err != nil {
       body = []byte("Error on response")
    }
    if cmdOptions.IsVerbose{log.Printf("[Success] %s %s - Request completed. Status Code: %d, Size: %d bytes\n", opt.Method, opt.URL, resp.StatusCode, len(body))}
-   //log.Printf("Goroutine for %s %s finished\n", opt.Method, opt.URL)
    retValue[uid] = map[int]HttpResult{
         idx: {
             URL:         opt.URL,
             Method:      opt.Method,
-            //Header:      resp.Header,
             StatusCode:  strconv.Itoa(resp.StatusCode),
             Size:        strconv.Itoa(len(body)),
             Body:        string(body),
@@ -110,7 +101,6 @@ func MakeRequest(opt HTTPClient,c chan map[string]map[int]HttpResult,wg *sync.Wa
             BurpItem:    burpItm,
         },
     }
-
    c <- retValue
 
    return
@@ -120,7 +110,6 @@ func MakeRequest(opt HTTPClient,c chan map[string]map[int]HttpResult,wg *sync.Wa
 func MakeRequestMultiAuth(postData string,k burp.Item,yamlAuthheaders []map[string]string,globalHeaders []map[string]string,HTTPHeader HTTPHeader,wg *sync.WaitGroup, resQueue chan map[string]map[int]HttpResult,cmdOpts *cmdOptions.CmdOpt,pbar *pb.ProgressBar) {
 
    id := uuid.New()
-   //log.Printf("Testing for %s %s\n", k.Method, k.Url)
    for i := 0; i<len(yamlAuthheaders); i++ {
       header := initHeader(globalHeaders,yamlAuthheaders[i])
       if HTTPHeader.Name != "" && HTTPHeader.Value != ""{

main.go

@@ -31,31 +31,24 @@ func main() {
    flag.IntVar(&cmdOptions.Threads, "threads", 10, "Number of concurrent threads")
    flag.Parse()
 
-
-
    successfulRequests := 0
    errorCount  := 0
-
+   startTime := time.Now()
 
-
    yamlObj := config.ReadConfigYaml()
    xmlData := burp.ReadBurpXML(yamlObj.SourceFileName)
 
    if cmdOptions.MimeType{
       http.GetAllMimeTypes(xmlData.Item)
    }
 
-
-   startTime := time.Now()
-
    totalRequests := http.GetAllReqCount(xmlData.Item,yamlObj.FilterMimeTypes)*len(yamlObj.AuthHeaders)
 
    if !cmdOptions.IsVerbose{
       progressBar = pb.StartNew(totalRequests)   
    }else{
       progressBar = nil
-   }
-
+   }   
 
    if cmdOptions.IsVerbose{
       log.Println("Configurations:")
@@ -109,7 +102,6 @@ func main() {
    fmt.Fprintln(csvfileWriter,strings.Join(csv.PopulateCSVHeaders(len(yamlObj.AuthHeaders),cmdOptions),","))
    csv.DoCSV(csvfileWriter,finalResult,len(yamlObj.AuthHeaders),cmdOptions)
    fmt.Println("\nAuthInspector completed successfully.")
-
    fmt.Println("Output stored in Output.csv")
    elapsedTime := time.Since(startTime)
    fmt.Printf("Summary: Total Requests: %d, Successful Requests: %d, Errors: %d", totalRequests, successfulRequests, errorCount)