# Feature Request: WebSocket (WSS) Vulnerability Analyzer
## Overview
Almost all automated DAST scanners and OSINT tools communicate purely over HTTP/HTTPS. However, real-time applications (trading platforms, chat apps, live dashboards) use WebSockets (`ws://` and `wss://`). WebSockets are stateful, persistent connections that standard scanners completely ignore.
We need a module capable of upgrading an HTTP connection to WSS and performing security assessments over the socket stream.
## Implementation Requirements
1. **New Module**: Create `src/websocket_analyzer.rs`.
2. **Connection Upgrading**:
- Use a crate like `tokio-tungstenite` to establish WebSocket connections.
- Extract JWTs or Session Cookies from the HTTP handshake and pass them into the WebSocket upgrade request.
3. **Cross-Site WebSocket Hijacking (CSWSH)**:
- Attempt to connect to the WSS endpoint without providing an `Origin` header, or providing an `Origin: evil.com` header, to see if the server validates cross-origin socket connections.
4. **Message Fuzzing**:
- Capture the first few JSON messages sent by the server.
- Mutate the JSON payload structure (injecting SQLi or XSS payloads into the values) and push them back over the socket to observe backend crashes or anomalous behavior.
## Why is this Pro-Level?
WebSocket security is a massive blind spot for 95% of automated scanners. Being able to natively hook into WSS connections, validate origin checks, and fuzz binary/text frames elevates the engine to the bleeding edge of application security testing.