C# Module Interface Reference

This section describes interfaces that a C# attack module should implement.

Interface ICSAoduleFactory

A C# attack module should implement a class named CSAoduleFactory (it will be loaded by AppSpider by name) which should be derived from the following interface:

public interface ICSAoduleFactory

{

bool CreateModule(Guid moduleGuid, out``ICSAodule module);

}

Method	Description
CreateModule	This function is invoked to create an instance of the Attack Module. Parameters: moduleGuid - GUID of the module. This parameter is used by the class factory to decide which module to instantiates if the DLL implements multiple Attack Modules. module [out, retval] - output parameter initialized with the module reference Return value: True - if operation was successful False - if operation failed

Method

Description

CreateModule

This function is invoked to create an instance of the Attack Module.
Parameters:

moduleGuid - GUID of the module. This parameter is used by the class factory to decide which module to instantiates if the DLL implements multiple Attack Modules.
module [out, retval] - output parameter initialized with the module reference

Return value:

True - if operation was successful
False - if operation failed

Interface ICSAodule

Every Attack Module should implement the following interface:

public interface ICSAodule

{

void Load(uint moduleRunnerId);

void InitForScan();

void UninitForScan();

void InitForAttackConfig();

void UninitForAttackConfig();

void InitForCrawlResult();

void UninitForCrawlResult();

void InitForAttackPoint();

void UninitForAttackPoint();

bool AttackPointIsRelevant();

uint CalculateNumberOfAttacks();

bool RunAttack(uint attackIndex);

void RunPassiveAnalysis();

}

Method	Description
Load	This function is invoked immediately after a module is created by ICSAoduleFactory::CreateModule. The purpose of this function in to bind a C# Attack Module object to a ModuleRunner object. Parameters: moduleRunnerId - identifier of the module runner that was created by AppSpider for this instance of the module. The module should connect to the module runner object by creating a ModuleRunner COM class and passing moduleRunnerId to that class.
InitForScan	Not invoked, reserved for future versions
UninitForScan	Not invoked, reserved for future versions
InitForAttackConfig	Not invoked, reserved for future versions
UninitForAttackConfig	Not invoked, reserved for future versions
InitForCrawlResult	Not invoked, reserved for future versions
UninitForCrawlResult	Not invoked, reserved for future versions
InitForAttackPoint	Not invoked, reserved for future versions
UninitForAttackPoint	Not invoked, reserved for future versions
AttackPointIsRelevant	Not invoked, reserved for future versions
CalculateNumberOfAttacks	Calculates number of attacks for a given Attack Point and Attack Configuration. If the module is not interested in a given Attack Point it should return zero.
RunAttack	This function is invoked to run an active attack. Parameters: 'attackIndex' is a zero-based index based on the number returned by function CalculateNumberOfAttack. If CalculateNumberOfAttacks returns 3, RunAttack will be invoked three times with attack indices 0, 1 and 2. Return value: true: AppSpider should re-run the attack false: there is no need to re-run the attack
RunPassiveAnalysis	This function is invoked to run passive analysis on the response.

Did this page help you?

Custom Attack Module API

Module Configuration File Reference

Integrations

Jenkins Continuous Integration with AppSpider