hao/websafe-kb
1
0
派生 0
代码 工单 合并请求 1 工作流 软件包 项目 发布 百科 活动

更新: 2531 个文件 - 2026-03-17 21:00:03

浏览代码
这个提交包含在:
hao
2026-03-17 21:00:04 -07:00
父节点 a3edc88834
当前提交 080e55a98c
修改 2531 个文件,包含 135521 行新增3725 行删除
下载 Patch 文件 下载 Diff 文件 展开所有文件 折叠所有文件

239
08-threat-intel/generated/dashboard/profiles.json
查看文件

@@ -11,6 +11,7 @@
"success_criteria": [
"Protected route or action is evaluated with controlled credentials and logged."
],
"success_assertions": [],
"seed_actions": [
{
"kind": "note",
@@ -26,6 +27,8 @@
"browser_assertions": {
"required": false
},
"runner_id": null,
"fixture_path": null,
"allowed_target_types": [
"lab-local",
"lab-public",
@@ -47,6 +50,7 @@
"success_criteria": [
"Deserialization path is confirmed without executing destructive gadget chains."
],
"success_assertions": [],
"seed_actions": [
{
"kind": "note",
@@ -62,6 +66,8 @@
"browser_assertions": {
"required": false
},
"runner_id": null,
"fixture_path": null,
"allowed_target_types": [
"lab-local",
"lab-public",
@@ -83,6 +89,7 @@
"success_criteria": [
"Upload acceptance or bypass path is demonstrated with reversible test artifacts."
],
"success_assertions": [],
"seed_actions": [
{
"kind": "note",
@@ -98,6 +105,8 @@
"browser_assertions": {
"required": true
},
"runner_id": null,
"fixture_path": null,
"allowed_target_types": [
"lab-local",
"lab-public",
@@ -119,6 +128,7 @@
"success_criteria": [
"Misconfiguration indicator is captured with HTTP or server evidence."
],
"success_assertions": [],
"seed_actions": [
{
"kind": "note",
@@ -144,6 +154,8 @@
"browser_assertions": {
"required": false
},
"runner_id": null,
"fixture_path": null,
"allowed_target_types": [
"lab-local",
"lab-public",
@@ -165,6 +177,7 @@
"success_criteria": [
"Marker file outside intended root becomes reachable or denial path is confirmed."
],
"success_assertions": [],
"seed_actions": [
{
"kind": "note",
@@ -180,6 +193,8 @@
"browser_assertions": {
"required": false
},
"runner_id": null,
"fixture_path": null,
"allowed_target_types": [
"lab-local",
"lab-public",
@@ -201,6 +216,7 @@
"success_criteria": [
"Extension-specific attack path is demonstrated or blocked with artifact evidence."
],
"success_assertions": [],
"seed_actions": [
{
"kind": "note",
@@ -216,6 +232,8 @@
"browser_assertions": {
"required": true
},
"runner_id": null,
"fixture_path": null,
"allowed_target_types": [
"lab-local",
"lab-public",
@@ -237,6 +255,7 @@
"success_criteria": [
"Header trust discrepancy is captured with upstream/downstream logs."
],
"success_assertions": [],
"seed_actions": [
{
"kind": "note",
@@ -252,6 +271,8 @@
"browser_assertions": {
"required": false
},
"runner_id": null,
"fixture_path": null,
"allowed_target_types": [
"lab-local",
"lab-public",
@@ -273,6 +294,7 @@
"success_criteria": [
"Proxy and backend parse disagreement is captured in evidence."
],
"success_assertions": [],
"seed_actions": [
{
"kind": "note",
@@ -288,6 +310,8 @@
"browser_assertions": {
"required": false
},
"runner_id": null,
"fixture_path": null,
"allowed_target_types": [
"lab-local",
"lab-public",
@@ -309,6 +333,7 @@
"success_criteria": [
"Cookie, storage or fixation issue is captured with browser and header evidence."
],
"success_assertions": [],
"seed_actions": [
{
"kind": "note",
@@ -334,6 +359,8 @@
"browser_assertions": {
"required": true
},
"runner_id": null,
"fixture_path": null,
"allowed_target_types": [
"lab-local",
"lab-public",
@@ -355,6 +382,7 @@
"success_criteria": [
"Time-based or error-based probe lands with non-destructive evidence."
],
"success_assertions": [],
"seed_actions": [
{
"kind": "note",
@@ -380,6 +408,8 @@
"browser_assertions": {
"required": false
},
"runner_id": null,
"fixture_path": null,
"allowed_target_types": [
"lab-local",
"lab-public",
@@ -401,6 +431,7 @@
"success_criteria": [
"Request sink receives expected callback without crossing authorization boundaries."
],
"success_assertions": [],
"seed_actions": [
{
"kind": "note",
@@ -416,6 +447,8 @@
"browser_assertions": {
"required": false
},
"runner_id": null,
"fixture_path": null,
"allowed_target_types": [
"lab-local",
"lab-public",
@@ -437,6 +470,7 @@
"success_criteria": [
"Template evaluation path is proven with harmless marker output."
],
"success_assertions": [],
"seed_actions": [
{
"kind": "note",
@@ -452,6 +486,8 @@
"browser_assertions": {
"required": false
},
"runner_id": null,
"fixture_path": null,
"allowed_target_types": [
"lab-local",
"lab-public",
@@ -473,6 +509,7 @@
"success_criteria": [
"Browser evidence confirms payload reflection or DOM sink execution path."
],
"success_assertions": [],
"seed_actions": [
{
"kind": "note",
@@ -501,6 +538,8 @@
"required": true,
"strategy": "reflect-or-render"
},
"runner_id": null,
"fixture_path": null,
"allowed_target_types": [
"lab-local",
"lab-public",
@@ -522,6 +561,16 @@
"success_criteria": [
"Controlled guest request reaches the protected admin route inside the fixture."
],
"success_assertions": [
{
"name": "baseline-ok",
"type": "baseline-ok"
},
{
"name": "runner-success",
"type": "runner-success"
}
],
"seed_actions": [
{
"kind": "note",
@@ -537,6 +586,8 @@
"browser_assertions": {
"required": false
},
"runner_id": "gitea.authz-bypass",
"fixture_path": "/Users/x/websafe/00-environments/templates/fixtures/gitea/authz-bypass",
"allowed_target_types": [
"lab-local"
],
@@ -556,6 +607,20 @@
"success_criteria": [
"Inert upload marker is accepted and listed on the proof page."
],
"success_assertions": [
{
"name": "baseline-ok",
"type": "baseline-ok"
},
{
"name": "runner-success",
"type": "runner-success"
},
{
"name": "browser-present",
"type": "browser-present"
}
],
"seed_actions": [
{
"kind": "note",
@@ -571,6 +636,8 @@
"browser_assertions": {
"required": true
},
"runner_id": "gitea.file-upload",
"fixture_path": "/Users/x/websafe/00-environments/templates/fixtures/gitea/file-upload",
"allowed_target_types": [
"lab-local"
],
@@ -590,6 +657,20 @@
"success_criteria": [
"Local fixture proves trusted proxy headers cross the admin boundary."
],
"success_assertions": [
{
"name": "baseline-ok",
"type": "baseline-ok"
},
{
"name": "runner-success",
"type": "runner-success"
},
{
"name": "browser-present",
"type": "browser-present"
}
],
"seed_actions": [
{
"kind": "note",
@@ -605,6 +686,8 @@
"browser_assertions": {
"required": true
},
"runner_id": "gitea.proxy-boundary",
"fixture_path": "/Users/x/websafe/00-environments/templates/fixtures/gitea/proxy-boundary",
"allowed_target_types": [
"lab-local"
],
@@ -624,6 +707,16 @@
"success_criteria": [
"Server-side callback reaches the local sink and is recorded in proof output."
],
"success_assertions": [
{
"name": "baseline-ok",
"type": "baseline-ok"
},
{
"name": "runner-success",
"type": "runner-success"
}
],
"seed_actions": [
{
"kind": "note",
@@ -639,6 +732,8 @@
"browser_assertions": {
"required": false
},
"runner_id": "gitea.ssrf",
"fixture_path": "/Users/x/websafe/00-environments/templates/fixtures/gitea/ssrf",
"allowed_target_types": [
"lab-local"
],
@@ -658,6 +753,20 @@
"success_criteria": [
"Browser proof page renders the stored XSS marker after the controlled payload."
],
"success_assertions": [
{
"name": "baseline-ok",
"type": "baseline-ok"
},
{
"name": "runner-success",
"type": "runner-success"
},
{
"name": "browser-present",
"type": "browser-present"
}
],
"seed_actions": [
{
"kind": "note",
@@ -673,6 +782,8 @@
"browser_assertions": {
"required": true
},
"runner_id": "gitea.xss",
"fixture_path": "/Users/x/websafe/00-environments/templates/fixtures/gitea/xss",
"allowed_target_types": [
"lab-local"
],
@@ -692,6 +803,16 @@
"success_criteria": [
"Protected route is reachable only after the controlled bypass proof step."
],
"success_assertions": [
{
"name": "baseline-ok",
"type": "baseline-ok"
},
{
"name": "runner-success",
"type": "runner-success"
}
],
"seed_actions": [
{
"kind": "note",
@@ -707,6 +828,8 @@
"browser_assertions": {
"required": false
},
"runner_id": "nextjs.authz-bypass",
"fixture_path": "/Users/x/websafe/00-environments/templates/fixtures/nextjs/authz-bypass",
"allowed_target_types": [
"lab-local"
],
@@ -726,6 +849,16 @@
"success_criteria": [
"Inert decoded object marker is present without executing a gadget chain."
],
"success_assertions": [
{
"name": "baseline-ok",
"type": "baseline-ok"
},
{
"name": "runner-success",
"type": "runner-success"
}
],
"seed_actions": [
{
"kind": "note",
@@ -741,6 +874,8 @@
"browser_assertions": {
"required": false
},
"runner_id": "nextjs.deserialization",
"fixture_path": "/Users/x/websafe/00-environments/templates/fixtures/nextjs/deserialization",
"allowed_target_types": [
"lab-local"
],
@@ -760,6 +895,20 @@
"success_criteria": [
"Middleware trust-boundary proof is visible on the browser proof page."
],
"success_assertions": [
{
"name": "baseline-ok",
"type": "baseline-ok"
},
{
"name": "runner-success",
"type": "runner-success"
},
{
"name": "browser-present",
"type": "browser-present"
}
],
"seed_actions": [
{
"kind": "note",
@@ -775,6 +924,8 @@
"browser_assertions": {
"required": true
},
"runner_id": "nextjs.proxy-boundary",
"fixture_path": "/Users/x/websafe/00-environments/templates/fixtures/nextjs/proxy-boundary",
"allowed_target_types": [
"lab-local"
],
@@ -794,6 +945,16 @@
"success_criteria": [
"Local sink callback is observed from the server-side fetch path."
],
"success_assertions": [
{
"name": "baseline-ok",
"type": "baseline-ok"
},
{
"name": "runner-success",
"type": "runner-success"
}
],
"seed_actions": [
{
"kind": "note",
@@ -809,6 +970,8 @@
"browser_assertions": {
"required": false
},
"runner_id": "nextjs.ssrf",
"fixture_path": "/Users/x/websafe/00-environments/templates/fixtures/nextjs/ssrf",
"allowed_target_types": [
"lab-local"
],
@@ -828,6 +991,20 @@
"success_criteria": [
"Browser proof page shows the XSS execution marker after the controlled payload."
],
"success_assertions": [
{
"name": "baseline-ok",
"type": "baseline-ok"
},
{
"name": "runner-success",
"type": "runner-success"
},
{
"name": "browser-present",
"type": "browser-present"
}
],
"seed_actions": [
{
"kind": "note",
@@ -843,6 +1020,8 @@
"browser_assertions": {
"required": true
},
"runner_id": "nextjs.xss",
"fixture_path": "/Users/x/websafe/00-environments/templates/fixtures/nextjs/xss",
"allowed_target_types": [
"lab-local"
],
@@ -862,6 +1041,16 @@
"success_criteria": [
"SSRF proof endpoint confirms only local sink callbacks were performed."
],
"success_assertions": [
{
"name": "baseline-ok",
"type": "baseline-ok"
},
{
"name": "runner-success",
"type": "runner-success"
}
],
"seed_actions": [
{
"kind": "note",
@@ -877,6 +1066,8 @@
"browser_assertions": {
"required": false
},
"runner_id": "undici.ssrf",
"fixture_path": "/Users/x/websafe/00-environments/templates/fixtures/undici/ssrf",
"allowed_target_types": [
"lab-local"
],
@@ -896,6 +1087,20 @@
"success_criteria": [
"Uploaded inert marker is shown on the browser proof page."
],
"success_assertions": [
{
"name": "baseline-ok",
"type": "baseline-ok"
},
{
"name": "runner-success",
"type": "runner-success"
},
{
"name": "browser-present",
"type": "browser-present"
}
],
"seed_actions": [
{
"kind": "note",
@@ -911,6 +1116,8 @@
"browser_assertions": {
"required": true
},
"runner_id": "vite.file-upload",
"fixture_path": "/Users/x/websafe/00-environments/templates/fixtures/vite/file-upload",
"allowed_target_types": [
"lab-local"
],
@@ -930,6 +1137,20 @@
"success_criteria": [
"Proxy boundary proof banner is visible in the captured browser evidence."
],
"success_assertions": [
{
"name": "baseline-ok",
"type": "baseline-ok"
},
{
"name": "runner-success",
"type": "runner-success"
},
{
"name": "browser-present",
"type": "browser-present"
}
],
"seed_actions": [
{
"kind": "note",
@@ -945,6 +1166,8 @@
"browser_assertions": {
"required": true
},
"runner_id": "vite.proxy-boundary",
"fixture_path": "/Users/x/websafe/00-environments/templates/fixtures/vite/proxy-boundary",
"allowed_target_types": [
"lab-local"
],
@@ -964,6 +1187,20 @@
"success_criteria": [
"Browser proof page shows the controlled XSS marker after attack."
],
"success_assertions": [
{
"name": "baseline-ok",
"type": "baseline-ok"
},
{
"name": "runner-success",
"type": "runner-success"
},
{
"name": "browser-present",
"type": "browser-present"
}
],
"seed_actions": [
{
"kind": "note",
@@ -979,6 +1216,8 @@
"browser_assertions": {
"required": true
},
"runner_id": "vite.xss",
"fixture_path": "/Users/x/websafe/00-environments/templates/fixtures/vite/xss",
"allowed_target_types": [
"lab-local"
],