xarf-rs 0.1.4

XARF v4 (eXtended Abuse Reporting Format) parser, validator, and generator with v3 compatibility
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41

{
	"xarf_version": "4.2.0",
	"report_id": "458017ee-b2ab-4944-a7c1-07add95f11fe",
	"timestamp": "2025-01-20T12:00:00Z",
	"reporter": {
		"org": "Web Application Firewall",
		"contact": "security@example.com",
		"domain": "example.com"
	},
	"sender": {
		"org": "Web Application Firewall",
		"contact": "security@example.com",
		"domain": "example.com"
	},
	"source_identifier": "192.0.2.45",
	"category": "connection",
	"type": "sql_injection",
	"destination_ip": "198.51.100.10",
	"destination_port": 443,
	"protocol": "tcp",
	"http_method": "GET",
	"target_url": "https://example.com/products.php?id=1",
	"injection_point": "query_parameter",
	"payload_sample": "1' OR '1'='1",
	"attack_technique": "union_based",
	"attempts_count": 15,
	"first_seen": "2025-01-20T11:45:00Z",
	"last_seen": "2025-01-20T12:00:00Z",
	"evidence": [
		{
			"content_type": "text/plain",
			"description": "WAF log entry",
			"payload": "V0FGIG1vZyBlbnRyeQ==",
			"hash": "sha256:abc123def456abc123def456abc123def456abc123def456abc123def456abc123"
		}
	],
	"tags": [
		"attack:sql_injection",
		"technique:union_based"
	]
}