parlov-elicit

Elicitation engine for parlov. Given a target endpoint and operator context, generates a plan of ProbeSpecs designed to trigger specific server-side differentials that reveal resource existence.

Overview

The engine codifies the elicitation playbook as 17 composable strategies. Each strategy targets a different layer of the HTTP pipeline — content negotiation, conditional headers, auth, payload validation, rate limiting — and produces probe definitions that the binary feeds into its execution loops.

Usage

use parlov_elicit::{generate_plan, RiskLevel, ScanContext};
use http::HeaderMap;

let ctx = ScanContext {
    target: "https://api.example.com/users/{id}".to_string(),
    baseline_id: "1001".to_string(),
    probe_id: "9999".to_string(),
    headers: HeaderMap::new(),
    max_risk: RiskLevel::Safe,
    known_duplicate: None,
    state_field: None,
    alt_credential: None,
};

let plan = generate_plan(&ctx);
// plan contains ProbeSpec::Pair, ::Burst, and ::HeaderDiff items
// ready for dispatch by the binary's scan pipeline

Strategies

Design

• Pure computation — no I/O, no async. The binary owns the async boundary.
• Strategy as trait — adding a strategy is one file + one registry line.
• ProbeSpec variants drive dispatch in the binary: Pair → adaptive loop, Burst → volume loop, HeaderDiff → single-request header comparison.
• RiskLevel uses Ord — generate_plan filters with risk() <= ctx.max_risk.