Struct FindingBuilder 

pub struct FindingBuilder { /* private fields */ }

Builder for constructing findings with a fluent API.

Required fields are set in Finding::builder. Optional fields are added via chained methods.

Implementations

impl FindingBuilder

pub fn title(self, title: impl Into<String>) -> Self

Set the finding title.

Examples found in repository

examples/serialize_json.rs (line 9)

fn main() {
    let finding = Finding::builder("my-scanner", "192.168.1.100", Severity::Critical)
        .title("Default Credentials")
        .detail("Admin interface uses admin:admin")
        .tag("auth")
        .build();

    let json = serde_json::to_string_pretty(&finding).expect("Failed to serialize");
    println!("Serialized Finding:\n{}", json);
}

examples/basic.rs (line 5)

fn main() {
    let finding = Finding::builder("basic-scanner", "https://example.com", Severity::High)
        .title("Potential command injection")
        .detail("Untrusted input reaches shell execution")
        .tag("rce")
        .evidence(secfinding::Evidence::http_status(500).unwrap())
        .build()
        .unwrap();

    println!("{finding}");

    let json = serde_json::to_string_pretty(&finding).unwrap();
    println!("{json}");
}

pub fn detail(self, detail: impl Into<String>) -> Self

Set the finding detail/description.

Examples found in repository

examples/serialize_json.rs (line 10)

fn main() {
    let finding = Finding::builder("my-scanner", "192.168.1.100", Severity::Critical)
        .title("Default Credentials")
        .detail("Admin interface uses admin:admin")
        .tag("auth")
        .build();

    let json = serde_json::to_string_pretty(&finding).expect("Failed to serialize");
    println!("Serialized Finding:\n{}", json);
}

examples/basic.rs (line 6)

fn main() {
    let finding = Finding::builder("basic-scanner", "https://example.com", Severity::High)
        .title("Potential command injection")
        .detail("Untrusted input reaches shell execution")
        .tag("rce")
        .evidence(secfinding::Evidence::http_status(500).unwrap())
        .build()
        .unwrap();

    println!("{finding}");

    let json = serde_json::to_string_pretty(&finding).unwrap();
    println!("{json}");
}

pub fn kind(self, kind: FindingKind) -> Self

Set the finding kind.

pub fn evidence(self, ev: Evidence) -> Self

Add a piece of evidence.

Examples found in repository

examples/basic.rs (line 8)

fn main() {
    let finding = Finding::builder("basic-scanner", "https://example.com", Severity::High)
        .title("Potential command injection")
        .detail("Untrusted input reaches shell execution")
        .tag("rce")
        .evidence(secfinding::Evidence::http_status(500).unwrap())
        .build()
        .unwrap();

    println!("{finding}");

    let json = serde_json::to_string_pretty(&finding).unwrap();
    println!("{json}");
}

pub fn tag(self, tag: impl Into<String>) -> Self

Add a tag.

Examples found in repository

examples/serialize_json.rs (line 11)

fn main() {
    let finding = Finding::builder("my-scanner", "192.168.1.100", Severity::Critical)
        .title("Default Credentials")
        .detail("Admin interface uses admin:admin")
        .tag("auth")
        .build();

    let json = serde_json::to_string_pretty(&finding).expect("Failed to serialize");
    println!("Serialized Finding:\n{}", json);
}

examples/basic.rs (line 7)

fn main() {
    let finding = Finding::builder("basic-scanner", "https://example.com", Severity::High)
        .title("Potential command injection")
        .detail("Untrusted input reaches shell execution")
        .tag("rce")
        .evidence(secfinding::Evidence::http_status(500).unwrap())
        .build()
        .unwrap();

    println!("{finding}");

    let json = serde_json::to_string_pretty(&finding).unwrap();
    println!("{json}");
}

pub fn cve(self, cve: impl Into<String>) -> Self

Add a CVE identifier.

pub fn reference(self, url: impl Into<String>) -> Self

Add a reference URL.

pub fn confidence(self, score: f64) -> Self

Set the confidence score (0.0 to 1.0).

pub fn exploit_hint(self, hint: impl Into<String>) -> Self

Set a ready-to-run exploit/PoC command.

pub fn matched_value(self, value: impl Into<String>) -> Self

Add a matched value (payload, string, etc.).

pub fn build(self) -> Result<Finding, &'static str>

Build the finding.

Examples found in repository

examples/serialize_json.rs (line 12)

fn main() {
    let finding = Finding::builder("my-scanner", "192.168.1.100", Severity::Critical)
        .title("Default Credentials")
        .detail("Admin interface uses admin:admin")
        .tag("auth")
        .build();

    let json = serde_json::to_string_pretty(&finding).expect("Failed to serialize");
    println!("Serialized Finding:\n{}", json);
}

examples/basic.rs (line 9)

fn main() {
    let finding = Finding::builder("basic-scanner", "https://example.com", Severity::High)
        .title("Potential command injection")
        .detail("Untrusted input reaches shell execution")
        .tag("rce")
        .evidence(secfinding::Evidence::http_status(500).unwrap())
        .build()
        .unwrap();

    println!("{finding}");

    let json = serde_json::to_string_pretty(&finding).unwrap();
    println!("{json}");
}

Trait Implementations

impl Clone for FindingBuilder

fn clone(&self) -> FindingBuilder

Returns a duplicate of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl Debug for FindingBuilder

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl PartialEq for FindingBuilder

fn eq(&self, other: &FindingBuilder) -> bool

Tests for self and other values to be equal, and is used by ==.

fn ne(&self, other: &Rhs) -> bool

Tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.

impl StructuralPartialEq for FindingBuilder