parlov 0.2.0

HTTP oracle detection tool — systematic probing for RFC-compliant information leakage.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61

# parlov

HTTP oracle detection tool — systematic probing for RFC-compliant information leakage.

HTTP servers that faithfully implement RFC 9110 often leak protected internal state through deterministic differences in status codes. parlov detects those differential signals, classifies their severity, and reports whether an application is vulnerable to oracle-based enumeration.

```bash
cargo install parlov
```

## usage

```bash
# GET existence check
parlov existence \
  --target "https://api.example.com/users/{id}" \
  --baseline-id "1001" \
  --method GET

# POST registration enumeration
parlov existence \
  --target "https://api.example.com/register" \
  --baseline-id "alice@corp.com" \
  --method POST \
  --body '{"email": "{id}", "password": "test123"}'

# HEAD — lightweight, no response body
parlov existence \
  --target "https://api.example.com/users/{id}/avatar" \
  --baseline-id "1001" \
  --method HEAD

# with auth header
parlov existence \
  --target "https://api.example.com/projects/{id}" \
  --baseline-id "proj-abc" \
  --method GET \
  --header "Authorization: Bearer eyJhbG..."
```

## options

| Flag | Description |
|------|-------------|
| `--target` | URL template with `{id}` placeholder |
| `--baseline-id` | Resource ID known to exist |
| `--probe-id` | Resource ID to test (defaults to random UUIDv4) |
| `--method` | HTTP method (defaults to GET) |
| `--header` | Request header in `Name: Value` format (repeatable) |
| `--body` | Body template with `{id}` placeholder |

## exit codes

| Code | Meaning |
|------|---------|
| 0 | Success |
| 1 | Runtime error |

## license

MIT OR Apache-2.0