blst-security / cherrybomb

Stop half-done APIs! Cherrybomb is a CLI tool that helps you avoid undefined user behaviour by auditing your API specifications, validating them and running API security tests.

https://www.blstsecurity.com/cherrybomb

Apache License 2.0

1.08k stars 78 forks source link

Exlude include #114

Closed DeliciousBounty closed 11 months ago

DeliciousBounty commented 1 year ago

Hey removed unused folder, PR for exclude passive and active checks.

78 Now we can disable some specific active scan or even use the profile "Passive" to run only passive ones.

Looking for feedback :)

DeliciousBounty commented 1 year ago

The main change is in cherrybomb-engine.lib.rs . The purpose is to exclude some passive and active checks, you can see in the merge_passive_checks and run_partial_passive_profile