Code quality improvement

Author: hahwul

cmd/payload.go

@@ -3,10 +3,10 @@ package cmd
 import (
 	"strconv"
 
+	"github.com/hahwul/dalfox/v2/pkg/generating"
 	"github.com/hahwul/dalfox/v2/pkg/optimization"
 	"github.com/hahwul/dalfox/v2/pkg/printing"
 	"github.com/hahwul/dalfox/v2/pkg/scanning"
-	"github.com/hahwul/dalfox/v2/pkg/generating"
 	"github.com/spf13/cobra"
 )
 
@@ -16,6 +16,7 @@ var remotePayloadbox, remotePortswigger bool
 var entityGF, entityEventHandler, entityUsefulTags, entitySpecialChars bool
 var urlEncode bool
 
+// Object is Type of PayloadObject
 type Object struct {
 	Use      bool
 	Name     string

cmd/root.go

@@ -33,6 +33,7 @@ var rootCmd = &cobra.Command{
 	},
 }
 
+// Execute is run rootCmd
 func Execute() {
 	if err := rootCmd.Execute(); err != nil {
 		fmt.Println(err)

pkg/generating/bulk.go

@@ -1,8 +1,8 @@
 package generating
 
 import (
-	"strings"
 	"strconv"
+	"strings"
 
 	"github.com/hahwul/dalfox/v2/pkg/scanning"
 )
@@ -11,35 +11,36 @@ type objectPayload struct {
 	Listener func() ([]string, int)
 }
 
-func GenerateBulkPayload() ([]string, int){
-		var result []string
-		size := 0
-		var objs []objectPayload
-		seq := 0
-		outSeq := 0
-		_=outSeq
-		objs = append(objs, objectPayload{Listener: scanning.GetPortswiggerPayload})
-		objs = append(objs, objectPayload{Listener: scanning.GetCommonPayload})
-		objs = append(objs, objectPayload{Listener: scanning.GetHTMLPayload})
-		objs = append(objs, objectPayload{Listener: scanning.GetInJsPayload})
-		objs = append(objs, objectPayload{Listener: scanning.GetAttrPayload})
-		for _, obj := range objs {
-			lst,_ := obj.Listener()
-			nlst, outSeq := setPayloadVauleForBulk(lst, seq)
-			seq = outSeq
-			for i,v := range nlst {
-				size = size + i
-				result = append(result, v)
-			}
+// GenerateBulkPayload is func of Make Bulk Payload
+func GenerateBulkPayload() ([]string, int) {
+	var result []string
+	size := 0
+	var objs []objectPayload
+	seq := 0
+	outSeq := 0
+	_ = outSeq
+	objs = append(objs, objectPayload{Listener: scanning.GetPortswiggerPayload})
+	objs = append(objs, objectPayload{Listener: scanning.GetCommonPayload})
+	objs = append(objs, objectPayload{Listener: scanning.GetHTMLPayload})
+	objs = append(objs, objectPayload{Listener: scanning.GetInJsPayload})
+	objs = append(objs, objectPayload{Listener: scanning.GetAttrPayload})
+	for _, obj := range objs {
+		lst, _ := obj.Listener()
+		nlst, outSeq := setPayloadVauleForBulk(lst, seq)
+		seq = outSeq
+		for i, v := range nlst {
+			size = size + i
+			result = append(result, v)
 		}
+	}
 	return result, size
 }
 
 // setPayloadVauleForBulk is change alert/prompt/conrifm value using sequence
 func setPayloadVauleForBulk(payloads []string, inSeq int) ([]string, int) {
 	var result []string
 	seq := inSeq
-	for _,payload := range payloads {
+	for _, payload := range payloads {
 		temp := strings.ReplaceAll(payload, "alert(1)", "alert(DALFOX_ALERT_VALUE)")
 		temp = strings.ReplaceAll(temp, "alert(document.domain)", "alert(DALFOX_ALERT_VALUE)")
 		temp = strings.ReplaceAll(temp, "\\u0061lert(1)", "\\u0061lert(DALFOX_ALERT_VALUE)")

pkg/model/param.go

@@ -1,5 +1,6 @@
 package model
 
+// Param is type of Paramters (Parameter analysis output)
 type Param struct {
 	Type    string
 	Key     string

pkg/optimization/inspectionParam.go

@@ -4,6 +4,7 @@ import (
 	"github.com/hahwul/dalfox/v2/pkg/model"
 )
 
+// CheckInspectionParam is Checking Inspection
 func CheckInspectionParam(options model.Options, k string) bool {
 	if len(options.UniqParam) > 0 {
 		for _, selectedParam := range options.UniqParam {

pkg/printing/multispin.go

@@ -4,6 +4,7 @@ import (
 	spinner "github.com/briandowns/spinner"
 )
 
+// DrawSpinner is drawing spinner
 func DrawSpinner(s *spinner.Spinner, t map[string]int, pointer int) {
 	s.Suffix = "  Running..."
 }

pkg/scanning/headless.go

@@ -10,6 +10,7 @@ import (
 	"github.com/hahwul/dalfox/v2/pkg/model"
 )
 
+// CheckXSSWithHeadless is XSS Testing with headless browser
 func CheckXSSWithHeadless(url string, options model.Options) bool {
 	// create chrome instance
 	check := false
@@ -30,30 +31,30 @@ func CheckXSSWithHeadless(url string, options model.Options) bool {
 				cancel()
 			} else {
 				go func() {
-					chromedp.Run(ctx,page.HandleJavaScriptDialog(true),)
+					chromedp.Run(ctx, page.HandleJavaScriptDialog(true))
 				}()
 			}
 		}
 	})
-	
+
 	/*
-	var headers map[string]interface{}
+		var headers map[string]interface{}
 
 
-	if options.Header != "" {
-		h := strings.Split(options.Header, ": ")
-		if len(h) > 1 {
-			headers[h[0]] = h[1]
+		if options.Header != "" {
+			h := strings.Split(options.Header, ": ")
+			if len(h) > 1 {
+				headers[h[0]] = h[1]
+			}
 		}
-	}
 
-	if options.Cookie != "" {
-		headers["Cookie"] = options.Cookie
-	}
+		if options.Cookie != "" {
+			headers["Cookie"] = options.Cookie
+		}
 
-	if options.UserAgent != "" {
-		headers["User-Agent"] = options.UserAgent
-	}
+		if options.UserAgent != "" {
+			headers["User-Agent"] = options.UserAgent
+		}
 	*/
 
 	/*
@@ -64,7 +65,7 @@ func CheckXSSWithHeadless(url string, options model.Options) bool {
 			&res,
 		))
 	*/
-	
+
 	err := chromedp.Run(ctx,
 		chromedp.Navigate(url),
 		// wait for footer element is visible (ie, page is loaded)

pkg/scanning/parameterAnlaysis.go

@@ -400,6 +400,7 @@ func ParameterAnalysis(target string, options model.Options, rl *rateLimiter) ma
 	return params
 }
 
+// GetPType is Get Parameter Type
 func GetPType(av string) string {
 	if strings.Contains(av, "PTYPE: URL") {
 		return "-URL"

pkg/scanning/payload.go

@@ -8,6 +8,7 @@ import (
 	"strings"
 )
 
+// Asset is type of Assets
 type Asset struct {
 	Line string
 	Size string

pkg/scanning/poc.go

@@ -8,6 +8,7 @@ import (
 	"github.com/hahwul/dalfox/v2/pkg/model"
 )
 
+// MakePoC is making poc codes
 func MakePoC(poc string, req *http.Request, options model.Options) string {
 	if options.PoCType == "http-request" {
 		requestDump, err := httputil.DumpRequestOut(req, true)

pkg/scanning/scan.go

@@ -209,7 +209,6 @@ func Scan(target string, options model.Options, sid string) (model.Result, error
 			}
 		}
 	}
-
 	for k, v := range options.PathReflection {
 		if len(parsedURL.Path) == 0 {
 			str := options.AuroraObject.Yellow("dalfoxpathtest").String()
@@ -256,7 +255,6 @@ func Scan(target string, options model.Options, sid string) (model.Result, error
 				// Injected pattern
 				injectedPoint := strings.Split(v, "/")
 				injectedPoint = injectedPoint[1:]
-
 				for _, ip := range injectedPoint {
 					var arr []string
 					if strings.Contains(ip, "inJS") {

pkg/scanning/sendReq.go

@@ -332,7 +332,6 @@ func SendReq(req *http.Request, payload string, options model.Options) (string,
 			rLog.WithField("data2", "vrs").Debug(false)
 			return str, resp, false, false, nil
 		}
-	} else {
-		return "", resp, false, false, err
 	}
+	return "", resp, false, false, err
 }

pkg/scanning/staticAnlaysis.go

@@ -40,7 +40,7 @@ func StaticAnalysis(target string, options model.Options, rl *rateLimiter) (map[
 	paths := strings.Split(target, "/")
 
 	// case of https://domain/ + @
-	for idx, _ := range paths {
+	for idx := range paths {
 		if idx > 2 {
 			id := idx - 3
 			_ = id

pkg/scanning/waf.go

@@ -5,6 +5,7 @@ import (
 	"regexp"
 )
 
+// WAFPattern is type of WAF Patterns
 type WAFPattern struct {
 	Name   string
 	Body   string

pkg/server/server.go

@@ -10,7 +10,7 @@ import (
 	_ "github.com/hahwul/dalfox/v2/pkg/server/docs"
 	"github.com/labstack/echo/v4"
 	"github.com/labstack/echo/v4/middleware"
-	"github.com/swaggo/echo-swagger"
+	echoSwagger "github.com/swaggo/echo-swagger"
 	"github.com/tylerb/graceful"
 )