Skip to main content

case_swap

redstr

Function case_swap 

Source 
pub fn case_swap(input: &str) -> String
Expand description

Swaps case randomly for WAF and filter bypass testing.

Each alphabetic character has a 50% chance of having its case inverted. This creates unpredictable case patterns while maintaining readability, making it ideal for evading case-sensitive security filters.

§Use Cases

  • Red Team: Bypass WAF rules that look for specific case patterns
  • SQL Injection: Evade detection with queries like SeLeCt * FrOm users
  • XSS Testing: Bypass filters with <ScRiPt>alert(1)</ScRiPt>
  • Blue Team: Test if security controls properly normalize case

§Examples

use redstr::case_swap;

// SQL injection with case variations
let result = case_swap("SELECT * FROM users");
// Example output: "SeLeCt * FrOm users" or "sElEcT * fRoM users"
assert_ne!(result, "SELECT * FROM users");

// XSS payload obfuscation
let xss = case_swap("<script>alert(1)</script>");
// Example output: "<ScRiPt>alert(1)</ScRiPt>"