Expand description
Shapash — A deterministic, auditable forward-chaining rule engine
Shapash orchestrates rules; HEL (external crate) evaluates expressions.
§Rule File Format
Rules are defined in TOML .rule files with the following structure:
[[rule]]
id = "dangerous-taint-flow"
description = "Dangerous taint flow from network to unsafe sink"
condition = "TaintFlow.sink == \"strcpy\"" # Inline HEL expression
score = 75
justification = "strcpy is unsafe with untrusted input"
[[rule]]
id = "complex-check"
description = "Complex security check"
condition_file = "conditions/nx-check.hel" # External HEL file
score = 85
justification = "NX bit should be enabled"Structs§
- Binary
Info - Binary metadata fact
- Fact
SetResolver - Adapter that implements HelResolver over a
HashSet<Fact> - Function
Call - Function call observation
- Heuristic
Engine - Forward-chaining rule engine with pluggable scoring
- Heuristic
Report - Report generated after rule evaluation
- Heuristic
Rule - A heuristic rule with metadata and condition expression
- Import
Info - Import/symbol fact
- Memory
Operation - Memory operation observation
- Rule
Evaluation Trace - Trace of a single rule evaluation
- Section
Info - Section information fact
- Security
Flags - Security flags fact
- Simple
SumClamp Scorer - Simple sum-and-clamp scorer (default OSS implementation)
- SymQuery
Request - Symbolic execution query request
- SymQuery
Result - Symbolic execution query result
- Taint
Flow - Taint flow analysis result
- Triggered
Rule Info - Information about a triggered rule
Enums§
- Confidence
Level - Error
- Fact
- A fact in the rule evaluation system
- Rule
Evaluation Result - Result of evaluating a single rule
- Value
- Runtime value type for HEL evaluation
Traits§
- HelResolver
- Resolver interface for host integration
- Scoring
Model - Pluggable scoring model trait