Documentation for -mdc and -fdc options

[noraj]

For example, I wanted to display only URL where the response content matched a regexp. Sow I searched how to do that.

-mr, -match-regex string[] regex or list of regex to match on output url (cli, file) is a fake friend, it matches on katana output not the HTTP response output, I'm not sure if this one is confusing or if it's just me. Because I'm used to ffuf and on ffuf -mr matches on HTTP response content.

Anyway, I had to look into the issues to find that to do that I have to use -mdc. The help message says: -mdc, -match-condition string match response with dsl based condition. Right, what's the dsl? Maybe I try the README. CTRL+F on the README on -match-conditio pointed me to https://github.com/projectdiscovery/katana#advance-filtering. By reading the katana README, it seems I could use some status_code or contains but without much explanation and those are just a few examples.

At the end of the section there is a link to the dsl project (https://github.com/projectdiscovery/dsl), for sure I'll find all I need there? No. The DSL README does not mention status_code even only once, for contains it just tell me Verifies if a string contains a substring but I have no idea of the field/variable I could use for the string, like endpoint which is the only example listed on katana README.

After reading the documentation of both katana and the dsl I had still no clue on how to match based on body content.

To find some clues, I had to search content in the issue tracker, and I looked into closed issues: https://github.com/projectdiscovery/katana/issues?q=is%3Aissue+content+is%3Aclosed.

I found this one from last week #725 where the user was using 'contains(body, "dummy")'. It's how I learn how to do it.

So I feel either katana or dsl project lack of documentation about how to use the dsl for katana, like an exhaustive list of all fields that can be used inside contains() or and exhaustive list of methods that can be used in katana (status_code is undocumented on dsl project and is mentioned in katana README, are there others like this one ?).

[dogancanbakir]

This discussion closed automatically due to inactivity. Feel free to reopen or start new if still relevant.