1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
//! wafrift-strategy — Evasion strategy pipeline.
//!
//! The orchestrator that wires all WAF Rift modules into a coherent
//! evasion flow: request → detect → grammar → encoding →
//! content-type → smuggling → fingerprint → result.
//!
//! Maintains per-host adaptive state (`HostState`), promotes proven-winner
//! techniques into a rotation pool, evicts winners that get blocked, and
//! restarts full discovery when all winners are exhausted. Per-WAF state
//! persists to `~/.wafrift/genomes/<waf>.json` across sessions.
//! Also integrates MCTS (`mcts_bridge`) and ML-WAF evasion (`ml_evasion`).
//!
//! # Examples
//!
//! Per-host adaptation: the strategy keeps a [`HostState`] for each
//! target. As blocks pile up the engine escalates encoding choices;
//! once a technique consistently bypasses, it gets promoted to a
//! "proven winner" and the engine rotates through the winner pool
//! instead of re-discovering from scratch.
//!
//! ```
//! use wafrift_strategy::HostState;
//! use wafrift_types::technique::Technique;
//!
//! let mut state = HostState::default();
//! assert!(!state.waf_confirmed);
//! assert_eq!(state.blocks, 0);
//!
//! // Three confirmed blocks — strategy now knows escalation is needed.
//! state.record_block();
//! state.record_block();
//! state.record_block();
//! assert_eq!(state.blocks, 3);
//! assert!(state.needs_evasion());
//!
//! // After a single technique succeeds, last_success is populated and
//! // the per-technique success rate gets tracked for future rotation.
//! state.record_success(Technique::HeaderObfuscation("uppercase".into()));
//! assert!(state.last_success.is_some());
//! ```
/// Drift-aware evasion window detection (#115).
/// CUSUM-based sequential change-point detector for WAF regime shifts.
/// MCTS bridge for intelligent evasion trajectory optimization.
/// ML-WAF evasion routing (#129): decision-based boundary attack for learned
/// classifiers (AWS Bot Control, Cloudflare Bot Management, Akamai Bot Manager).
/// WAF-specific evasion presets loaded from TOML rules.
pub use ;
pub use HostState;
pub use LearningCache;
pub use ;
pub use ;
pub use plan_pipelines;
pub use *;
/// Plugin bridge — integrates external TOML/WASM tampers from wafrift-plugin-api
/// into the evasion pipeline alongside built-in tampers.