Skip to main content

Config

api_scanner::config

Struct Config

pub struct Config {Show 23 fields
    pub max_endpoints: usize,
    pub concurrency: usize,
    pub toggles: ScannerToggles,
    pub politeness: PolitenessConfig,
    pub waf_evasion: WafEvasionConfig,
    pub default_headers: Vec<(String, String)>,
    pub cookies: Vec<(String, String)>,
    pub proxy: Option<String>,
    pub danger_accept_invalid_certs: bool,
    pub active_checks: bool,
    pub dry_run: bool,
    pub stream_findings: bool,
    pub baseline_path: Option<PathBuf>,
    pub session_file: Option<PathBuf>,
    pub auth_bearer: Option<String>,
    pub auth_basic: Option<String>,
    pub auth_flow: Option<PathBuf>,
    pub auth_flow_b: Option<PathBuf>,
    pub unauth_strip_headers: Vec<String>,
    pub per_host_clients: bool,
    pub adaptive_concurrency: bool,
    pub no_discovery: bool,
    pub quiet: bool,
}

Expand description

Top-level configuration produced by CLI arg parsing in main.rs.

Fields§

§max_endpoints: usize

Maximum number of URLs to scan. usize::MAX means unlimited.

§concurrency: usize

Number of URLs scanned concurrently (semaphore width).

§toggles: ScannerToggles

Per-scanner enable / disable switches.

§politeness: PolitenessConfig

Rate-limiting / retry knobs.

§waf_evasion: WafEvasionConfig

WAF-evasion settings.

§default_headers: Vec<(String, String)>

Default headers applied to every request.

§cookies: Vec<(String, String)>

Cookies applied to every request.

§proxy: Option<String>

Optional HTTP/HTTPS proxy URL.

§danger_accept_invalid_certs: bool

Accept invalid TLS certificates (dangerous).

§active_checks: bool

Enable active (potentially invasive) checks.

§dry_run: bool

Do not send active-check mutation requests; emit informational “would test” findings.

§stream_findings: bool

Enable streaming NDJSON findings (reports while scan is running).

§baseline_path: Option<PathBuf>

Optional baseline NDJSON file for diffing (suppress known findings).

§session_file: Option<PathBuf>

Optional session cookie file (JSON) to load/save.

§auth_bearer: Option<String>

Optional auth helpers.

§auth_basic: Option<String>§auth_flow: Option<PathBuf>

Optional auth flow descriptor (loaded from –auth-flow file).

§auth_flow_b: Option<PathBuf>

Second credential set for cross-user IDOR checks (–auth-flow-b).

§unauth_strip_headers: Vec<String>

Additional auth-like headers to strip for unauthenticated probes.

§per_host_clients: bool

Enable per-host HTTP client pools.

§adaptive_concurrency: bool

Enable adaptive concurrency.

§no_discovery: bool

Skip endpoint discovery and scan only provided seed URLs.

§quiet: bool

Suppress verbose progress output.

Trait Implementations§

impl Clone for Config

fn clone(&self) -> Config

Returns a duplicate of the value. Read more

1.0.0 · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more

impl Debug for Config

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more

Auto Trait Implementations§

impl Freeze for Config

impl RefUnwindSafe for Config

impl Send for Config

impl Sync for Config

impl Unpin for Config

impl UnsafeUnpin for Config

impl UnwindSafe for Config

Blanket Implementations§

impl<T> Any for T
where T: 'static + ?Sized,

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more

impl<T> Borrow<T> for T
where T: ?Sized,

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more

impl<T> BorrowMut<T> for T
where T: ?Sized,

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more

impl<T> CloneToUninit for T
where T: Clone,

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)

Performs copy-assignment from self to dest. Read more

impl<T> From<T> for T

fn from(t: T) -> T

Returns the argument unchanged.

impl<T> Instrument for T

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more

impl<T, U> Into<U> for T
where U: From<T>,

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

impl<T> PolicyExt for T
where T: ?Sized,

fn and<P, B, E>(self, other: P) -> And<T, P>
where T: Policy<B, E>, P: Policy<B, E>,

Create a new Policy that returns Action::Follow only if self and other return Action::Follow. Read more

fn or<P, B, E>(self, other: P) -> Or<T, P>
where T: Policy<B, E>, P: Policy<B, E>,

Create a new Policy that returns Action::Follow if either self or other returns Action::Follow. Read more

impl<T> Same for T

type Output = T

Should always be Self

impl<T> ToOwned for T
where T: Clone,

type Owned = T

The resulting type after obtaining ownership.

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more

impl<T, U> TryFrom<U> for T
where U: Into<T>,

type Error = Infallible

The type returned in the event of a conversion error.

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

fn vzip(self) -> V

impl<T> WithSubscriber for T

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more