![Raider logo](https://raiderauth.com/images/logo/logo.png)
# Quick links
- [Website](https://raiderauth.com/).
- [OWASP page](https://owasp.org/www-project-raider/).
- [Documentation](https://docs.raiderauth.com/en/latest/).
- [Installation](https://docs.raiderauth.com/en/latest/overview/install.html).
- [FAQ](https://docs.raiderauth.com/en/latest/overview/faq.html).
- [Getting started](https://docs.raiderauth.com/en/latest/tutorials/getting_started.html).
- [Architecture](https://docs.raiderauth.com/en/latest/case_studies/architecture.html).
- [Discussions](https://github.com/OWASP/raider/discussions).
- [Issues](https://github.com/OWASP/raider/issues).
- [Twitter](@raiderauth).
- [Fediverse](@raiderauth@infosec.exchange).
# What is Raider
OWASP Raider was developed with the goal to improve web authentication
testing. By now it has evolved and can be used for all kinds of
stateful HTTP processes. It abstracts the client-server information
exchange as a finite state machine. Each step comprises one request
with inputs, one response with outputs, arbitrary actions to do on the
response, and conditional links to other stages. Thus, a graph-like
structure is created. Raider allows you to simulate complex systems
while allowing you to control each piece of data you get in and out of
the system.
# Graph-like architecture
Raider defines a DSL to describe the information flow between the
client and the server for HTTP processes. Each step of the process is
described by a Flow, which contains the Request with inputs, Response
with outputs, and arbitrary actions including links to other Flows:
![Flows](https://raiderauth.com/images/illustrations/raider_flows.png)
Chaining several Flows together can be used to simulate any stateful
HTTP process. FlowGraphs indicate the starting point. They can be
placed on any Flow. A FlowGraphs runs all Flows in the link until
Success/Failure is returned or if there are no more links.
![Flows and FlowGraphs](https://raiderauth.com/images/illustrations/graph.png)
# Configuration
Raider's configuration is inspired by Emacs. Hylang is used, which is
LISP on top of Python. LISP is used because of its "Code is Data, Data
is Code" property. With the magic of LISP macros generating
configuration automatically becomes easy. Flexibility is in its DNA,
meaning it can be infinitely extended with actual code.
You can use it for example to create, store, reproduce, and share
proof-of-concepts easily for HTTP attacks. With Raider you can also
search through your Projects, filter by hyfile, Flows, FlowGraphs,
etc... Then you run either just one step, or a chain of steps, so you
can automate and run tests on any HTTP process.
![Example hylang configuration](https://raiderauth.com/images/illustrations/config.png)
# Command line interface
You can use it for example to create, store, reproduce, and share
proof-of-concepts easily for HTTP attacks. With Raider you can also
search through your Projects, filter by hyfile, Flows, FlowGraphs,
etc... Then you run either just one step, or a chain of steps, so you
can automate and run tests on any HTTP process.
You can also search through your Projects, filter by hyfile, Flows,
FlowGraphs, etc… Then you run either just one step, or a chain of
steps, so you can automate and run tests the HTTP process.
Raw data
{
"_id": null,
"home_page": "https://raiderauth.com/",
"name": "raider",
"maintainer": "",
"docs_url": null,
"requires_python": ">=3.8,<3.11",
"maintainer_email": "",
"keywords": "authentication,authorization,finite-state-machine,fsm,hy,hylang,lisp,owasp,python,raider,raiderauth,security",
"author": "Daniel Neagaru",
"author_email": "daniel@digeex.de",
"download_url": "https://files.pythonhosted.org/packages/f9/42/be61844549b0596edbf6e56f622c0a7715b47b4b9c369b8791ad61f88fdd/raider-0.3.3.tar.gz",
"platform": null,
"description": "![Raider logo](https://raiderauth.com/images/logo/logo.png)\n\n# Quick links\n\n- [Website](https://raiderauth.com/).\n- [OWASP page](https://owasp.org/www-project-raider/).\n- [Documentation](https://docs.raiderauth.com/en/latest/).\n- [Installation](https://docs.raiderauth.com/en/latest/overview/install.html).\n- [FAQ](https://docs.raiderauth.com/en/latest/overview/faq.html).\n- [Getting started](https://docs.raiderauth.com/en/latest/tutorials/getting_started.html).\n- [Architecture](https://docs.raiderauth.com/en/latest/case_studies/architecture.html).\n- [Discussions](https://github.com/OWASP/raider/discussions).\n- [Issues](https://github.com/OWASP/raider/issues).\n- [Twitter](@raiderauth).\n- [Fediverse](@raiderauth@infosec.exchange).\n\n# What is Raider\n\nOWASP Raider was developed with the goal to improve web authentication\ntesting. By now it has evolved and can be used for all kinds of\nstateful HTTP processes. It abstracts the client-server information\nexchange as a finite state machine. Each step comprises one request\nwith inputs, one response with outputs, arbitrary actions to do on the\nresponse, and conditional links to other stages. Thus, a graph-like\nstructure is created. Raider allows you to simulate complex systems\nwhile allowing you to control each piece of data you get in and out of\nthe system.\n\n# Graph-like architecture\n\nRaider defines a DSL to describe the information flow between the\nclient and the server for HTTP processes. Each step of the process is\ndescribed by a Flow, which contains the Request with inputs, Response\nwith outputs, and arbitrary actions including links to other Flows:\n\n![Flows](https://raiderauth.com/images/illustrations/raider_flows.png)\n\nChaining several Flows together can be used to simulate any stateful\nHTTP process. FlowGraphs indicate the starting point. They can be\nplaced on any Flow. A FlowGraphs runs all Flows in the link until\nSuccess/Failure is returned or if there are no more links.\n\n![Flows and FlowGraphs](https://raiderauth.com/images/illustrations/graph.png)\n\n# Configuration\n\nRaider's configuration is inspired by Emacs. Hylang is used, which is\nLISP on top of Python. LISP is used because of its \"Code is Data, Data\nis Code\" property. With the magic of LISP macros generating\nconfiguration automatically becomes easy. Flexibility is in its DNA,\nmeaning it can be infinitely extended with actual code. \nYou can use it for example to create, store, reproduce, and share\nproof-of-concepts easily for HTTP attacks. With Raider you can also\nsearch through your Projects, filter by hyfile, Flows, FlowGraphs,\netc... Then you run either just one step, or a chain of steps, so you\ncan automate and run tests on any HTTP process.\n\n\n![Example hylang configuration](https://raiderauth.com/images/illustrations/config.png)\n\n\n# Command line interface\n\nYou can use it for example to create, store, reproduce, and share\nproof-of-concepts easily for HTTP attacks. With Raider you can also\nsearch through your Projects, filter by hyfile, Flows, FlowGraphs,\netc... Then you run either just one step, or a chain of steps, so you\ncan automate and run tests on any HTTP process.\n\nYou can also search through your Projects, filter by hyfile, Flows,\nFlowGraphs, etc\u2026 Then you run either just one step, or a chain of\nsteps, so you can automate and run tests the HTTP process.\n",
"bugtrack_url": null,
"license": "GPL-3.0-or-later",
"summary": "OWASP Raider: a novel framework for manipulating the HTTP processes of persistent sessions.",
"version": "0.3.3",
"split_keywords": [
"authentication",
"authorization",
"finite-state-machine",
"fsm",
"hy",
"hylang",
"lisp",
"owasp",
"python",
"raider",
"raiderauth",
"security"
],
"urls": [
{
"comment_text": "",
"digests": {
"md5": "e24a80c4f093c47d26f93aed9b240e1e",
"sha256": "fe6e329ee00bee07c63f186d7b085eda598d3c9d32580a0450948abcefdcb578"
},
"downloads": -1,
"filename": "raider-0.3.3-py3-none-any.whl",
"has_sig": false,
"md5_digest": "e24a80c4f093c47d26f93aed9b240e1e",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": ">=3.8,<3.11",
"size": 96606,
"upload_time": "2022-12-27T16:58:53",
"upload_time_iso_8601": "2022-12-27T16:58:53.428502Z",
"url": "https://files.pythonhosted.org/packages/bd/02/a1933b7cec999e5db7eb5729fc56bc612233d8fcfb6a233c36cfbfc72180/raider-0.3.3-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"md5": "77e789507ac2b7ae63038adfe24ae88b",
"sha256": "81fd8055692d8860578f2e54b1e42e1285cfc71e60cb56ef5d8a71e468ed55af"
},
"downloads": -1,
"filename": "raider-0.3.3.tar.gz",
"has_sig": false,
"md5_digest": "77e789507ac2b7ae63038adfe24ae88b",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.8,<3.11",
"size": 11381318,
"upload_time": "2022-12-27T16:58:58",
"upload_time_iso_8601": "2022-12-27T16:58:58.434343Z",
"url": "https://files.pythonhosted.org/packages/f9/42/be61844549b0596edbf6e56f622c0a7715b47b4b9c369b8791ad61f88fdd/raider-0.3.3.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2022-12-27 16:58:58",
"github": false,
"gitlab": false,
"bitbucket": false,
"lcname": "raider"
}