v1.0.1

core/origin/fileInputOrigin/burpFile.go

@@ -11,7 +11,7 @@ import (
 //
 //	@Description: parse data from burpsuite file
 //	@receiver o
-func (o *FileInputOrigin) parseDataFromBurpFile(httpItemQueue chan *origin.TransferItem) {
+func (o *FileInputOrigin) parseDataFromBurpFile() {
 
 	doc := etree.NewDocument()
 
@@ -42,7 +42,7 @@ func (o *FileInputOrigin) parseDataFromBurpFile(httpItemQueue chan *origin.Trans
 		req, resp := RecoverHttpRequest(string(rawRequestBytes), rawUrl, string(rawResponseBytes))
 
 		//transport via channel
-		httpItemQueue <- &origin.TransferItem{
+		origin.TransferItemQueue <- &origin.TransferItem{
 			Req:  req,
 			Resp: resp,
 		}

core/origin/fileInputOrigin/fileInputOrigin.go

@@ -1,7 +1,6 @@
 package fileInputOrigin
 
 import (
-	"APIKiller/core/origin"
 	logger "APIKiller/logger"
 	"bufio"
 	"fmt"
@@ -15,15 +14,15 @@ type FileInputOrigin struct {
 	path string
 }
 
-func (o *FileInputOrigin) LoadOriginRequest(httpItemQueue chan *origin.TransferItem) {
+func (o *FileInputOrigin) LoadOriginRequest() {
 	logger.Infoln("[Load Request] load request from file input origin")
 
 	if stat, _ := os.Stat(o.path); stat.IsDir() {
 		// load origin from target directory
 
 	} else {
 		// load origin from target file[eg. burp file]
-		o.parseDataFromBurpFile(httpItemQueue)
+		o.parseDataFromBurpFile()
 	}
 
 }

core/origin/origin.go

@@ -10,6 +10,8 @@ type TransferItem struct {
 	Https bool
 }
 
+var TransferItemQueue = make(chan *TransferItem)
+
 type Origin interface {
-	LoadOriginRequest(httpItemQueue chan *TransferItem)
+	LoadOriginRequest()
 }

core/origin/realTimeOrigin/realTimeOrigin.go

@@ -17,26 +17,25 @@ import (
 )
 
 type RealTimeOrigin struct {
+	address string
+	port    string
 }
 
-func (r *RealTimeOrigin) LoadOriginRequest(httpItemQueue chan *origin.TransferItem) {
+func (o *RealTimeOrigin) LoadOriginRequest() {
 	logger.Infoln("[Load Request] load request from real time origin")
-	// get config
-	address := viper.GetString("app.origin.realTime.address")
-	port := viper.GetString("app.origin.realTime.port")
-	if address == "" || port == "" {
+	if o.address == "" || o.port == "" {
 		panic("Config error: have not set address or port properly")
 	}
 
 	// start to listen
 	go func() {
-		logger.Infoln(fmt.Sprintf("starting proxy: listen at %s:%s", address, port))
-		l, err := net.Listen("tcp", address+":"+port)
+		logger.Infoln(fmt.Sprintf("starting proxy: listen at %s:%s", o.address, o.port))
+		l, err := net.Listen("tcp", o.address+":"+o.port)
 		if err != nil {
 			panic(err)
 		}
 
-		proxy := proxyN(httpItemQueue)
+		proxy := proxyN()
 		http.Serve(l, proxy)
 	}()
 
@@ -45,15 +44,22 @@ func (r *RealTimeOrigin) LoadOriginRequest(httpItemQueue chan *origin.TransferIt
 func NewRealTimeOrigin() *RealTimeOrigin {
 	logger.Infoln("[Origin] real-time origin")
 
-	return &RealTimeOrigin{}
+	// get config
+	address := viper.GetString("app.origin.realTime.address")
+	port := viper.GetString("app.origin.realTime.port")
+
+	return &RealTimeOrigin{
+		address: address,
+		port:    port,
+	}
 }
 
 // proxyN
 //
 //	@Description: Get httpItem objects through goproxy project
 //	@param httpItemQueue
 //	@return *goproxy.ProxyHttpServer
-func proxyN(httpItemQueue chan *origin.TransferItem) *goproxy.ProxyHttpServer {
+func proxyN() *goproxy.ProxyHttpServer {
 	proxy := goproxy.NewProxyHttpServer()
 
 	setCA(caCert, caKey) //defined in this file
@@ -88,7 +94,7 @@ func proxyN(httpItemQueue chan *origin.TransferItem) *goproxy.ProxyHttpServer {
 		response := ahttp.ResponseClone(ctx.Resp, request)
 
 		// transport ctx.Req via channel
-		httpItemQueue <- &origin.TransferItem{
+		origin.TransferItemQueue <- &origin.TransferItem{
 			Req:  request,
 			Resp: response,
 		}

main.go

@@ -55,30 +55,23 @@ func main() {
 		go backend.NewAPIServer()
 	}
 
-	// create a httpItem channel
-	httpItemQueue := make(chan *origin.TransferItem)
-
 	// load request from different origins
 	go func() {
 		if cmd.FileInput != "" {
 			//inputOrigin := fileInputOrigin.NewFileInputOrigin("C:\\Users\\Lenovo\\Desktop\\src.txt")
 			inputOrigin := fileInputOrigin.NewFileInputOrigin(cmd.FileInput)
-			inputOrigin.LoadOriginRequest(httpItemQueue)
+			inputOrigin.LoadOriginRequest()
 		} else {
 			inputOrigin := realTimeOrigin.NewRealTimeOrigin()
-			inputOrigin.LoadOriginRequest(httpItemQueue)
+			inputOrigin.LoadOriginRequest()
 		}
 	}()
 
 	// goroutine control
 	limit := make(chan int, cmd.Thread)
 
 	for {
-		httpItem := <-httpItemQueue
-
-		// transform io.Reader
-		httpItem.Req.Body = aio.TransformReadCloser(httpItem.Req.Body)
-		httpItem.Resp.Body = aio.TransformReadCloser(httpItem.Resp.Body)
+		httpItem := <-origin.TransferItemQueue
 
 		// filter requests
 		flag := true // true -pass false -block
@@ -94,6 +87,10 @@ func main() {
 			continue
 		}
 
+		// transform io.Reader
+		httpItem.Req.Body = aio.TransformReadCloser(httpItem.Req.Body)
+		httpItem.Resp.Body = aio.TransformReadCloser(httpItem.Resp.Body)
+
 		go func() {
 			limit <- 1
 

web/backend/web.go

@@ -100,7 +100,7 @@ func (s *APIServer) list(c *gin.Context) {
 
 	items := make([]data.DataItemStr, 1024)
 
-	s.db.Where("vuln_type not like ?", "%"+module.AsyncDetectVulnTypeSeperator+"%").Order("domain").Order("url").Find(&items)
+	s.db.Where("vuln_type not like ?", "%"+module.AsyncDetectVulnTypeSeperator+"%").Order("domain").Order("url").Find(&items).Limit(128)
 
 	// recover http item string from id
 	for i, item := range items {

web/frontend/index.html

@@ -79,7 +79,12 @@ <h1 class="panel-title">APIKiller Panel</h1>
     <tr v-for="(paramItem, index) in items" :key="paramItem.Id + index">
       <td v-for="config in fromlistConfigs" :key="config.name">
         <template v-if="config.type === 'text'">
-          {{ paramItem[config.name] }}
+          <template v-if="config.name !== 'ReportTime'">
+            {{ paramItem[config.name] }}
+          </template>
+          <template v-if="config.name === 'ReportTime'">
+            {{ getFormattedTime(paramItem[config.name]) }}
+          </template>
         </template>
         <template v-if="config.type === 'checkbox'">
           <input