[FEATURE] Add audit logging functionality #771
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR adds an audit log which writes every request and response, along with the config, to a JSON lines formatted log file (https://jsonlines.org/). The audit log is not affected by filter logic, and can be used to log everything sent/received by FFUF regardless of what the user specifies as a matcher/filter.
The JSON lines format was chosen so requests/responses can be written as they're sent/received. This avoids memory pressure and ensures immediate audit logging that isn't lost if FFUF crashes.
The audit logging feature has the following use cases:
The audit logging output also enables future functionality where the audit log can be re-read by FFUF. Such as replaying the audit log to refine matcher/filters without sending all the fuzz-run requests again, and sending requests to replay proxies after the fact. This is going to require some more development and is still on my to-do list.
Fixes: #759
Example of the output below:
The filter didn't match on any responses; however, the
foo.json
audit log has complete requests/responses and config: