Keyboard shortcuts

Press or to navigate between chapters

Press S or / to search in the book

Press ? to show this help

Press Esc to hide this help

The MRPF API

The MRPF API allows clients to programmatically interact with the MRPF platform. It provides endpoints managing recon data like targets, domains and wordlists, as well as triggering tasks.

Current State

At the moment the code is still running on MPF Python codebase, with a DocumentDB backend. I would love to get this into rust for better performance and alreaady have some of the models defined in mrpf_models.

Some things I want to work on:

  • Revisit the templating engine for rust. Think about how to represent things, our wordlist probably need to work better with bytes and then have methods to change things to utf-8/16/etc where applicable
  • Move away from DocumentDB to PostgreSQL. This will give me back the triggers for timestamps that I very much like. Also, DynamoDB for at least transparency records was just to costly so lets get back to the drawing board

Ideas and Future Work

Had some insights?

For my MRPF API, I think I might be too quickly trying to push everything in full predefined structs. However, when reading and writing data, I often only want to have a subset:

  • list all active fqdns of a target id

hmm, is it true? Is this the only real example I've found?

Ok, lets think about the write queries:

  • tcp syn scan needs to append ports to an existing ip address
  • SNI scanner needs to create new fqdn objects and services (ip/port that the sni was found on)
  • Http scanner needs to update the WebApp content hash
  • CrtSh needs to create fqdn objects
  • DNS resolver needs to update fqdn objects, create new ones found through PTR, or update zones with their NS and SOA records

All these things can be done with my current task/job manager BUT are these actually not better to run continuously? Scans with larger amount of data can better bypass rate limits due to more randomization. Easier to alert when a new domain has been found?