Merge web api testing development#114
Uh oh!
There was an error while loading. Please reload this page.
Conversation
…eb-api-testing # Conflicts: # src/hackingBuddyGPT/usecases/web_api_testing/prompt_engineer.py # src/hackingBuddyGPT/usecases/web_api_testing/simple_openapi_documentation.py # src/hackingBuddyGPT/usecases/web_api_testing/simple_web_api_testing.py # src/hackingBuddyGPT/usecases/web_api_testing/utils/llm_handler.py
…eb-api-testing # Conflicts: # src/hackingBuddyGPT/usecases/web_api_testing/documentation/report_handler.py # src/hackingBuddyGPT/usecases/web_api_testing/prompt_generation/information/pentesting_information.py # src/hackingBuddyGPT/usecases/web_api_testing/prompt_generation/prompt_engineer.py # src/hackingBuddyGPT/usecases/web_api_testing/prompt_generation/prompt_generation_helper.py # src/hackingBuddyGPT/usecases/web_api_testing/prompt_generation/prompts/task_planning/chain_of_thought_prompt.py # src/hackingBuddyGPT/usecases/web_api_testing/response_processing/response_analyzer_with_llm.py # src/hackingBuddyGPT/usecases/web_api_testing/simple_web_api_testing.py # src/hackingBuddyGPT/usecases/web_api_testing/utils/llm_handler.py
Uh oh!
There was an error while loading. Please reload this page.
config/best1050.txt Outdated
There was a problem hiding this comment.
could those be moved into the test-directory or downloaded on startup? not sure if I want to include these in the github repo...
config/credentials.csv Outdated
There was a problem hiding this comment.
could those be moved into the test-directory or downloaded on startup? not sure if I want to include these in the github repo...
There was a problem hiding this comment.
shouldn't this be parsed_information and please add a description (docstring) to the class what it is used for
| ifself.host[-1] !="/": | ||
| ifself.host[-1] !="/"andnotpath.startswith("/"): | ||
| path="/"+path | ||
| resp=self._client.request( |
There was a problem hiding this comment.
I am confused looking at the diff.. now we're not doing this outgoing call anymore? Was it superficial before?
There was a problem hiding this comment.
Pull Request Overview
This PR merges the web API testing use case from development into the main branch, updating response processing, prompt generation, documentation reporting, OpenAPI parsing/conversion, and testing capabilities. Key changes include modifying function signatures and parameters in response analyzers, expanding the prompt engineering logic (chain-of-thought, tree-of-thought, in-context learning), and adding/enhancing modules for OpenAPI parsing, pattern matching, and report generation.
Reviewed Changes
Copilot reviewed 49 out of 49 changed files in this pull request and generated 2 comments.
| File | Description |
|---|---|
| src/hackingBuddyGPT/usecases/web_api_testing/response_processing/response_analyzer_with_llm.py | Updated init and analyze_response signature; added new parameters and recursive processing logic. |
| src/hackingBuddyGPT/usecases/web_api_testing/documentation/parsing/openapi_converter.py | Added new extract_openapi_info method and updated filename conversion logic. |
| Multiple prompt_generation files | Extensive refactoring to support additional prompt strategies and enriched documentation/pentesting steps. |
| Others (report_handler, pattern_matcher, etc.) | Enhancements to PDF report generation, OpenAPI spec handling, and unit test case capabilities. |
| ifstep!=steps[0]: | ||
| current_step=step.get("step") | ||
| prompt_history, raw_response=self.process_step(current_step, prompt_history, "http_request") |
There was a problem hiding this comment.
The recursive call to analyse_response within the analyze_response method may lead to infinite recursion if a proper termination condition is not met. Consider refactoring or adding explicit base-case checks to prevent potential stack overflows.
| prompt_history, raw_response=self.process_step(current_step, prompt_history, "http_request") | |
| prompt_history, raw_response=self.process_step(current_step, prompt_history, "http_request") | |
| # Ensure termination condition to prevent infinite recursion | |
| ifnotstep.get("step") orstep==steps[-1]: # Check if it's the last step | |
| break |
src/hackingBuddyGPT/usecases/web_api_testing/documentation/parsing/openapi_converter.py Outdated Show resolvedHide resolved
Uh oh!
There was an error while loading. Please reload this page.
…sing/openapi_converter.py Co-authored-by: Copilot <[email protected]>
andreashappe merged commit 8d8a72c into developmentUh oh!
There was an error while loading. Please reload this page.
Merged Web API Testing use case in Development