import logging
from typing import Dict, Any, List
import re
logger = logging.getLogger("ContextAnalyzer")
class ContextAnalyzer:
"""
Analyzes raw reconnaissance data to identify 'High Value' targets and anomalies.
This replaces blind scanning with intelligent targeting.
"""
def analyze_urls(self, urls: List[str]) -> Dict[str, Any]:
"""
Analyzes a list of URLs to find high-probability targets for manual/MCP testing.
"""
interesting = {
"potential_idors": [],
"debug_endpoints": [],
"upload_points": [],
"api_endpoints": [],
"sensitive_params": []
}
# Regex patterns for interesting things
patterns = {
"idor": r"(user_?id|account|profile|order|invoice|ticket)[=_/][0-9]+",
"debug": r"(dev|test|stage|admin|debug|actuator|metrics|trace)",
"upload": r"(upload|import|profile_image|avatar)",
"api": r"(/api/v[0-9]|/graphql|/swagger)",
"sensitive": r"(token|key|secret|auth|session|sign)"
}
for url in urls:
for key, pattern in patterns.items():
if re.search(pattern, url, re.IGNORECASE):
# Classify specific findings
if key == "idor": interesting["potential_idors"].append(url)
elif key == "debug": interesting["debug_endpoints"].append(url)
elif key == "upload": interesting["upload_points"].append(url)
elif key == "api": interesting["api_endpoints"].append(url)
elif key == "sensitive": interesting["sensitive_params"].append(url)
# Priority calculation
priority_score = (
len(interesting["debug_endpoints"]) * 3 +
len(interesting["sensitive_params"]) * 2 +
len(interesting["potential_idors"])
)
return {
"summary": f"Analyzed {len(urls)} URLs. Priority Score: {priority_score}",
"leads": interesting,
"recommendation": self._get_recommendation(interesting)
}
def _get_recommendation(self, findings: Dict) -> str:
if findings["debug_endpoints"]:
return "CRITICAL: Debug endpoints found. Use 'smart_vuln_scan' on these immediately for RCE/Info Disclosure."
if findings["upload_points"]:
return "HIGH: Upload points detected. Use 'smart_fuzzer' with polyglots to test for unrestricted upload/XSS."
if findings["potential_idors"]:
return "MEDIUM: IDOR candidates. Manual review required: create two accounts and swap IDs."
return "LOW: No obvious quick wins. Proceed with deep fuzzing."
