Merge branch 'add-headers' of github.com:edoardottt/pphack into add-headers

Author: edoardottt

.github/release.yml

@@ -0,0 +1,17 @@
+changelog:
+  exclude:
+    authors:
+      - dependabot
+  categories:
+    - title: 🎉 New Features
+      labels:
+        - "Type: Enhancement"
+    - title: 🐞 Bug Fixes
+      labels:
+        - "Type: Bug" 
+    - title: 🔨 Maintenance
+      labels:
+        - "Type: Maintenance" 
+    - title: Other Changes
+      labels:
+        - "*"

.github/workflows/golangci-lint.yml

@@ -24,7 +24,7 @@ jobs:
         uses: golangci/golangci-lint-action@v3
         with:
           # Optional: version of golangci-lint to use in form of v1.2 or v1.2.3 or `latest` to use the latest version
-          version: v1.61.0
+          version: v1.61
           args: --timeout=5m
 
           # Optional: working directory, useful for monorepos

.github/workflows/release-binary.yml

@@ -0,0 +1,31 @@
+name: 🎉 Release Binary
+
+on:
+  push:
+    tags:
+      - '*'
+  workflow_dispatch:
+
+jobs:
+  release:
+    runs-on: ubuntu-latest
+    steps:
+      - name: "Check out code"
+        uses: actions/checkout@v3
+        with: 
+          fetch-depth: 0
+
+      - name: "Set up Go"
+        uses: actions/setup-go@v4
+        with: 
+          go-version: 1.23.x
+
+      - name: "Create release on GitHub"
+        timeout-minutes: 10
+        uses: goreleaser/goreleaser-action@v4
+        with: 
+          args: "release --clean"
+          version: latest
+          workdir: .
+        env: 
+          GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}"

.github/workflows/release-test.yml

@@ -0,0 +1,28 @@
+name: 🔨 Release Test
+
+on:
+  pull_request:
+    paths:
+      - '**.go'
+      - '**.mod'
+  workflow_dispatch:
+
+jobs:
+  release-test:
+    runs-on: ubuntu-latest
+    steps:
+      - name: "Check out code"
+        uses: actions/checkout@v3
+        with: 
+          fetch-depth: 0
+
+      - name: Set up Go
+        uses: actions/setup-go@v4
+        with:
+          go-version: 1.23.x
+      
+      - name: release test
+        uses: goreleaser/goreleaser-action@v4
+        with:
+          args: "release --clean --snapshot"
+          version: latest

.golangci.yml

@@ -33,7 +33,6 @@ linters:
     - staticcheck
     - stylecheck
     - testpackage
-    - typecheck
     - unconvert
     - unparam
     - unused

.goreleaser.yaml

@@ -0,0 +1,41 @@
+release:
+  header: |
+    ## pphack {{ .Tag }} 🥳
+    *The Most Advanced Client-Side Prototype Pollution Scanner*
+
+  footer: |
+      If you encounter a problem, just open an [issue](https://github.com/edoardottt/pphack/issues)
+
+before:
+  hooks:
+    - go mod tidy
+
+builds:
+  - env:
+      - CGO_ENABLED=0
+    goos:
+      - linux
+      - windows
+      - darwin
+    goarch:
+      - amd64
+      - 386
+      - arm
+      - arm64
+    ignore:
+      - goos: darwin
+        goarch: '386'
+      - goos: windows
+        goarch: 'arm'
+      - goos: windows
+        goarch: 'arm64'
+    binary: '{{ .ProjectName }}'
+    main: ./cmd/pphack/
+
+archives:
+- format: zip
+  name_template: '{{ .ProjectName }}_{{ .Version }}_{{ if eq .Os "darwin" }}macOS{{ else }}{{ .Os }}{{ end }}_{{ .Arch }}'
+
+checksum:
+  algorithm: sha256
+

README.md

@@ -45,6 +45,8 @@ Install 📡
 go install github.com/edoardottt/pphack/cmd/pphack@latest
 ```
 
+pphack relies on [`chromedp`](https://github.com/chromedp/chromedp), so you need a Chrome or Chromium browser.
+
 Get Started 🎉
 ----------
 
@@ -75,6 +77,7 @@ OUTPUT:
    -o, -output string  File to write output results
    -v, -verbose        Verbose output
    -s, -silent         Silent output. Print only results
+   -j, -json           JSON output
 ```
 
 Examples 💡
@@ -124,4 +127,4 @@ License 📝
 -------
 
 This repository is under [MIT License](https://github.com/edoardottt/pphack/blob/main/LICENSE).  
-[edoardoottavianelli.it](https://www.edoardoottavianelli.it) to contact me.
+[edoardottt.com](https://edoardottt.com/) to contact me.

pkg/input/flags.go

@@ -41,6 +41,7 @@ type Options struct {
 	RateLimit   int
 	Silent      bool
 	Verbose     bool
+	JSON        bool
 }
 
 func (options *Options) configureOutput() {
@@ -89,6 +90,7 @@ func ParseOptions() *Options {
 		flagSet.StringVarP(&options.FileOutput, "output", "o", "", `File to write output results`),
 		flagSet.BoolVarP(&options.Verbose, "verbose", "v", false, `Verbose output`),
 		flagSet.BoolVarP(&options.Silent, "silent", "s", false, `Silent output. Print only results`),
+		flagSet.BoolVarP(&options.JSON, "json", "j", false, `JSON output`),
 	)
 
 	if help() || noArgs() {

pkg/output/banner.go

@@ -11,7 +11,7 @@ import "github.com/projectdiscovery/gologger"
 var printed = false
 
 const (
-	Version = "v0.1.0"
+	Version = "v0.0.5"
 	banner  = `                 __               __  
     ____  ____  / /_  ____ ______/ /__
    / __ \/ __ \/ __ \/ __ ` + "`" + `/ ___/ //_/

pkg/output/json.go

@@ -0,0 +1,32 @@
+/*
+pphack - The Most Advanced Client-Side Prototype Pollution Scanner
+
+This repository is under MIT License https://github.com/edoardottt/pphack/blob/main/LICENSE
+*/
+
+package output
+
+import "encoding/json"
+
+// JSONData.
+type JSONData struct {
+	URL          string `json:"URL,omitempty"`
+	JSEvaluation string `json:"JSEvaluation,omitempty"`
+	Error        string `json:"Error,omitempty"`
+}
+
+// FormatJSON returns the input as JSON string.
+func FormatJSON(url, jsEval, e string) ([]byte, error) {
+	input := &JSONData{
+		URL:          url,
+		JSEvaluation: jsEval,
+		Error:        e,
+	}
+
+	jsonOutput, err := json.Marshal(input)
+	if err != nil {
+		return nil, err
+	}
+
+	return jsonOutput, nil
+}