All Downloads are FREE. Search and download functionalities are using the official Maven repository.

burp.IScanIssue Maven / Gradle / Ivy

There is a newer version: 2.3
Show newest version
package burp;

/*
 * @(#)IScanIssue.java
 *
 * Copyright PortSwigger Ltd. All rights reserved.
 *
 * This code may be used to extend the functionality of Burp Suite Free Edition
 * and Burp Suite Professional, provided that this usage does not violate the
 * license terms for those products.
 */
/**
 * This interface is used to retrieve details of Scanner issues. Extensions can
 * obtain details of issues by registering an IScannerListener or
 * by calling IBurpExtenderCallbacks.getScanIssues(). Extensions
 * can also add custom Scanner issues by registering an
 * IScannerCheck or calling
 * IBurpExtenderCallbacks.addScanIssue(), and providing their own
 * implementations of this interface. Note that issue descriptions and other
 * text generated by extensions are subject to an HTML whitelist that allows
 * only formatting tags and simple hyperlinks.
 */
public interface IScanIssue
{

    /**
     * This method returns the URL for which the issue was generated.
     *
     * @return The URL for which the issue was generated.
     */
    java.net.URL getUrl();

    /**
     * This method returns the name of the issue type.
     *
     * @return The name of the issue type (e.g. "SQL injection").
     */
    String getIssueName();

    /**
     * This method returns a numeric identifier of the issue type. See the Burp
     * Scanner help documentation for a listing of all the issue types.
     *
     * @return A numeric identifier of the issue type.
     */
    int getIssueType();

    /**
     * This method returns the issue severity level.
     *
     * @return The issue severity level. Expected values are "High", "Medium",
     * "Low", "Information" or "False positive".
     *
     */
    String getSeverity();

    /**
     * This method returns the issue confidence level.
     *
     * @return The issue confidence level. Expected values are "Certain", "Firm"
     * or "Tentative".
     */
    String getConfidence();

    /**
     * This method returns a background description for this type of issue.
     *
     * @return A background description for this type of issue, or
     * null if none applies. A limited set of HTML tags may be
     * used.
     */
    String getIssueBackground();

    /**
     * This method returns a background description of the remediation for this
     * type of issue.
     *
     * @return A background description of the remediation for this type of
     * issue, or null if none applies. A limited set of HTML tags
     * may be used.
     */
    String getRemediationBackground();

    /**
     * This method returns detailed information about this specific instance of
     * the issue.
     *
     * @return Detailed information about this specific instance of the issue,
     * or null if none applies. A limited set of HTML tags may be
     * used.
     */
    String getIssueDetail();

    /**
     * This method returns detailed information about the remediation for this
     * specific instance of the issue.
     *
     * @return Detailed information about the remediation for this specific
     * instance of the issue, or null if none applies. A limited
     * set of HTML tags may be used.
     */
    String getRemediationDetail();

    /**
     * This method returns the HTTP messages on the basis of which the issue was
     * generated.
     *
     * @return The HTTP messages on the basis of which the issue was generated.
     * Note: The items in this array should be instances of
     * IHttpRequestResponseWithMarkers if applicable, so that
     * details of the relevant portions of the request and response messages are
     * available.
     */
    IHttpRequestResponse[] getHttpMessages();

    /**
     * This method returns the HTTP service for which the issue was generated.
     *
     * @return The HTTP service for which the issue was generated.
     */
    IHttpService getHttpService();

}




© 2015 - 2024 Weber Informatics LLC | Privacy Policy