1use serde::{Deserialize, Serialize};
2use std::collections::HashMap;
3
4#[derive(Debug, Clone, Serialize, Deserialize)]
5pub struct SecurityAnalysisResult {
6 pub domain: String,
7 pub https_available: bool,
8 pub https_redirect: bool,
9 pub waf_detection: WafDetectionResult,
10 pub security_headers: SecurityHeadersResult,
11 pub ssl_analysis: SslAnalysisResult,
12 pub cors_policy: CorsPolicyResult,
13 pub cookie_security: CookieSecurityResult,
14 pub http_methods: HttpMethodsResult,
15 pub server_information: ServerInfoResult,
16 pub vulnerability_scan: VulnScanResult,
17 pub security_score: SecurityScoreResult,
18 pub recommendations: Vec<String>,
19}
20
21#[derive(Debug, Clone, Serialize, Deserialize)]
22pub struct WafMatch {
23 pub provider: String,
24 pub confidence: String,
25 pub detection_methods: Vec<String>,
26 pub score: u32,
27}
28
29#[derive(Debug, Clone, Serialize, Deserialize)]
30pub struct WafDetectionResult {
31 pub detected: bool,
32 #[serde(skip_serializing_if = "Option::is_none")]
33 pub primary_waf: Option<WafMatch>,
34 pub all_detected: Vec<WafMatch>,
35}
36
37#[derive(Debug, Clone, Serialize, Deserialize)]
38pub struct HeaderAnalysis {
39 pub present: bool,
40 pub value: String,
41 pub importance: String,
42 pub security_level: String,
43}
44
45#[derive(Debug, Clone, Serialize, Deserialize)]
46pub struct SecurityHeadersResult {
47 pub headers: HashMap<String, HeaderAnalysis>,
48 pub score: u32,
49 pub missing_critical: Vec<String>,
50 pub missing_high: Vec<String>,
51}
52
53#[derive(Debug, Clone, Serialize, Deserialize)]
54pub struct SslAnalysisResult {
55 pub ssl_available: bool,
56 #[serde(skip_serializing_if = "Option::is_none")]
57 pub protocol_version: Option<String>,
58 #[serde(skip_serializing_if = "Option::is_none")]
59 pub cipher_suite: Option<String>,
60 pub cipher_strength: String,
61 pub overall_grade: String,
62 #[serde(skip_serializing_if = "Option::is_none")]
63 pub subject: Option<String>,
64 #[serde(skip_serializing_if = "Option::is_none")]
65 pub issuer: Option<String>,
66}
67
68#[derive(Debug, Clone, Serialize, Deserialize)]
69pub struct CorsPolicyResult {
70 pub configured: bool,
71 pub headers: HashMap<String, String>,
72 pub issues: Vec<String>,
73 pub security_level: String,
74}
75
76#[derive(Debug, Clone, Serialize, Deserialize)]
77pub struct CookieSecurityResult {
78 pub cookies_present: bool,
79 pub security_issues: Vec<String>,
80 pub security_score: u32,
81}
82
83#[derive(Debug, Clone, Serialize, Deserialize)]
84pub struct HttpMethodsResult {
85 pub methods_detected: bool,
86 pub allowed_methods: Vec<String>,
87 pub dangerous_methods: Vec<String>,
88 pub security_risk: String,
89}
90
91#[derive(Debug, Clone, Serialize, Deserialize)]
92pub struct ServerInfoResult {
93 pub server_headers: HashMap<String, String>,
94 pub information_disclosure: Vec<String>,
95 pub disclosure_count: usize,
96 pub security_level: String,
97}
98
99#[derive(Debug, Clone, Serialize, Deserialize)]
100pub struct VulnerabilityFound {
101 pub vuln_type: String,
102 pub severity: String,
103 pub description: String,
104}
105
106#[derive(Debug, Clone, Serialize, Deserialize)]
107pub struct VulnScanResult {
108 pub vulnerabilities_found: usize,
109 pub vulnerabilities: Vec<VulnerabilityFound>,
110 pub risk_level: String,
111}
112
113#[derive(Debug, Clone, Serialize, Deserialize)]
114pub struct SecurityScoreResult {
115 pub overall_score: u32,
116 pub grade: String,
117 pub risk_level: String,
118 pub score_breakdown: HashMap<String, u32>,
119}
120
121pub async fn analyze_security(
122 _domain: &str,
123 _progress_tx: Option<tokio::sync::mpsc::Sender<crate::ScanProgress>>,
124) -> Result<SecurityAnalysisResult, Box<dyn std::error::Error + Send + Sync>> {
125 Err(crate::error::WebAnalyzerError::UnsupportedPlatform("Mobile integration via native networking is pending implementation.".into()).into())
126}