Skip to main content

wafrift_grammar/
lib.rs

1//! wafrift-grammar — Grammar-aware payload mutation engine.
2//!
3//! Understands the semantics of SQL, XSS, CMD, LDAP, SSRF,
4//! path traversal, and template injection payloads. Generates
5//! semantically equivalent variants that bypass regex-based WAF rules.
6//!
7//! # Examples
8//!
9//! Classify a payload to its injection family, then mutate it
10//! into semantically-equivalent variants:
11//!
12//! ```
13//! use wafrift_grammar::{PayloadType, classify, mutate};
14//!
15//! let p = "' OR 1=1 --";
16//! assert_eq!(classify(p), PayloadType::Sql);
17//!
18//! let variants = mutate(p, 5);
19//! assert!(!variants.is_empty(), "SQL payload must yield mutations");
20//! assert!(variants.len() <= 5, "max_mutations is honoured");
21//! ```
22//!
23//! Force a specific grammar to mutate against (useful when the
24//! classifier is ambiguous):
25//!
26//! ```
27//! use wafrift_grammar::{PayloadType, mutate_as};
28//!
29//! let xss = mutate_as("<script>alert(1)</script>", PayloadType::Xss, 3);
30//! assert!(!xss.is_empty());
31//! assert!(xss.len() <= 3);
32//! ```
33
34pub mod grammar;
35
36// Re-export the grammar module's public API at crate root.
37pub use grammar::{GrammarMutation, PayloadType, classify, mutate, mutate_as};