kitty.model.low_level.field module

This module is the “Heart” of the data model. It contains all the basic building blocks for a Template. Each “field” type is a discrete component in the full Template.

class kitty.model.low_level.field.BaseField(value, encoder=<kitty.model.low_level.encoder.BitsEncoder object>, fuzzable=True, name=None)[source]

Bases: kitty.core.kitty_object.KittyObject

Basic type for all fields and containers, it contains the common logic. This class should never be used directly.

__init__(value, encoder=<kitty.model.low_level.encoder.BitsEncoder object>, fuzzable=True, name=None)[source]
Parameters:
  • value – default value
  • encoder (BaseEncoder) – encoder for the field
  • fuzzable – is field fuzzable (default: True)
  • name – name of the object (default: None)
copy()[source]
Returns:a copy of the field
get_field_by_name(name)[source]
Parameters:name – name of field to get
Raises:KittyException if no direct subfield with this name
get_info()[source]
Return type:dictionary
Returns:field information
get_rendered_fields(ctx=None)[source]
Returns:ordered list of the fields that will be rendered
get_structure()[source]
hash()[source]
Return type:int
Returns:hash of the field
is_default()[source]

Checks if the field is in its default form

Returns:True if field is in default form
mutate()[source]

Mutate the field

Return type:boolean
Returns:True if field the mutated
num_mutations()[source]
Returns:number of mutation in this field
render(ctx=None)[source]

Render the current value of the field

Return type:Bits
Returns:rendered value
reset()[source]

Reset the field to its default state

resolve_absolute_name(name)[source]

Resolve a field from an absolute name. An absolute name is just like unix absolute path, starts with ‘/’ and each name component is separated by ‘/’.

Parameters:name – absolute name, e.g. “/container/subcontainer/field”
Returns:field with this absolute name
Raises:KittyException if field could not be resolved
resolve_field(field)[source]

Resolve a field from name

Parameters:field – name of the field to resolve
Return type:BaseField
Returns:the resolved field
Raises:KittyException if field could not be resolved
scan_for_field(field_name)[source]

Scan for field field with given name

Parameters:field_name – field name to look for
Returns:None
set_current_value(value)[source]

Sets the current value of the field

Parameters:value – value to set
Returns:rendered value
set_offset(offset)[source]
Parameters:offset – absolute offset of this field (in bits)
skip(count)[source]

Skip up to [count] cases, default behavior is to just mutate [count] times

Count:number of cases to skip
Return type:int
Returns:number of cases skipped
kitty.model.low_level.field.BitField(value, length, signed=False, min_value=None, max_value=None, encoder=<kitty.model.low_level.encoder.BitFieldBinEncoder object>, fuzzable=True, name=None, full_range=False)[source]

Returns an instance of some BitField class .. note:

Since BitField is frequently used in binary format, multiple aliases were created for it. See aliases.py for more details.
class kitty.model.low_level.field.Delimiter(value, max_size=None, encoder=<kitty.model.low_level.encoder.StrEncoder object>, fuzzable=True, name=None)[source]

Bases: kitty.model.low_level.field.String

Represent a text delimiter, the mutations target common delimiter-related vulnerabilities

__init__(value, max_size=None, encoder=<kitty.model.low_level.encoder.StrEncoder object>, fuzzable=True, name=None)[source]
Parameters:
  • value (str) – default value
  • max_size – maximal size of the string before encoding (default: None)
  • encoder (StrEncoder) – encoder for the field (default: ENC_STR_DEFAULT)
  • fuzzable – is field fuzzable (default: True)
  • name – name of the object (default: None)
Example:
Delimiter('=', max_size=30, encoder=ENC_STR_BASE64)
lib = None
class kitty.model.low_level.field.Dynamic(key, default_value, length=None, encoder=<kitty.model.low_level.encoder.StrEncoder object>, fuzzable=False, name=None)[source]

Bases: kitty.model.low_level.field.BaseField

A field that gets its value from the fuzzer at runtime

__init__(key, default_value, length=None, encoder=<kitty.model.low_level.encoder.StrEncoder object>, fuzzable=False, name=None)[source]
Parameters:
  • key (str) – key for the data in the session_data dictionary
  • default_value (str) – default value of the field
  • length – length of the field in bytes. must be set if fuzzable=True (default: None)
  • encoder (StrEncoder) – encoder for the field (default: ENC_STR_DEFAULT)
  • fuzzable – is field fuzzable (default: False)
  • name – name of the object (default: None)
Examples:
Dynamic(key='session id', default_value='')
Dynamic(key='session id', default_value='', length=4, fuzzable=True)
hash()[source]
Return type:int
Returns:hash of the field
is_default()[source]

Checks if the field is in its default form

Returns:True if field is in default form
render(ctx=None)[source]
set_session_data(session_data)[source]
skip(count)[source]
class kitty.model.low_level.field.Float(value, encoder=<kitty.model.low_level.encoder.FloatBinEncoder object>, fuzzable=True, name=None)[source]

Bases: kitty.model.low_level.field._LibraryField

Represent a floating point number. The mutations target edge cases and invalid floating point numbers.

__init__(value, encoder=<kitty.model.low_level.encoder.FloatBinEncoder object>, fuzzable=True, name=None)[source]
Parameters:
  • value (float) – default value
  • encoder (FloatEncoder) – encoder for the field (default: ENC_FLT_DEFAULT)
  • fuzzable – is field fuzzable (default: True)
  • name – name of the object (default: None)
Example:
Float(0.3)
lib = None
class kitty.model.low_level.field.Group(values, encoder=<kitty.model.low_level.encoder.StrEncoder object>, fuzzable=True, name=None)[source]

Bases: kitty.model.low_level.field._LibraryField

A field with fixed set of possible mutations

__init__(values, encoder=<kitty.model.low_level.encoder.StrEncoder object>, fuzzable=True, name=None)[source]
Parameters:
  • values (list of strings) – possible values for the field
  • encoder (StrEncoder) – encoder for the field (default: ENC_STR_DEFAULT)
  • fuzzable – is field fuzzable (default: True)
  • name – name of the object (default: None)
Example:

This field will generate exactly 3 mutations: ‘GET’, ‘PUT’ and ‘POST’

Group(['GET', 'PUT', 'POST'], name='http methods')
hash()[source]
Return type:int
Returns:hash of the field
lib = None
class kitty.model.low_level.field.RandomBits(value, min_length, max_length, unused_bits=0, seed=1235, num_mutations=25, step=None, encoder=<kitty.model.low_level.encoder.BitsEncoder object>, fuzzable=True, name=None)[source]

Bases: kitty.model.low_level.field.BaseField

A random sequence of bits. The length of the sequence is between min_length and max_length, and decided either randomally (if step is None) or starts from min_length and inreased by step bits (if step has a value).

__init__(value, min_length, max_length, unused_bits=0, seed=1235, num_mutations=25, step=None, encoder=<kitty.model.low_level.encoder.BitsEncoder object>, fuzzable=True, name=None)[source]
Parameters:
  • value (str) – default value, the last unsused_bits will be removed from the value
  • min_length – minimal length of the field (in bits)
  • max_length – maximal length of the field (in bits)
  • unused_bits – how many bits from the value are not used (default: 0)
  • seed – seed for the random number generator, to allow consistency between runs (default: 1235)
  • num_mutations – number of mutations to perform (if step is None) (default:25)
  • step (int) – step between lengths of each mutation (default: None)
  • encoder (BitsEncoder) – encoder for the field (default: ENC_BITS_DEFAULT)
  • fuzzable – is field fuzzable (default: True)
  • name – name of the object (default: None)
Examples:
RandomBits(value='1234', min_length=0, max_length=75, unused_bits=0, step=15)
RandomBits(value='1234', min_length=0, max_length=75, unused_bits=3, num_mutations=80)
hash()[source]
Return type:int
Returns:hash of the field
reset()[source]
class kitty.model.low_level.field.RandomBytes(value, min_length, max_length, seed=1234, num_mutations=25, step=None, encoder=<kitty.model.low_level.encoder.StrEncoder object>, fuzzable=True, name=None)[source]

Bases: kitty.model.low_level.field.BaseField

A random sequence of bytes The length of the sequence is between min_length and max_length, and decided either randomally (if step is None) or starts from min_length and inreased by step bytes (if step has a value).

__init__(value, min_length, max_length, seed=1234, num_mutations=25, step=None, encoder=<kitty.model.low_level.encoder.StrEncoder object>, fuzzable=True, name=None)[source]
Parameters:
  • value (str) – default value
  • min_length – minimal length of the field (in bytes)
  • max_length – maximal length of the field (in bytes)
  • seed – seed for the random number generator, to allow consistency between runs (default: 1234)
  • num_mutations – number of mutations to perform (if step is None) (default:25)
  • step (int) – step between lengths of each mutation (default: None)
  • encoder (StrEncoder) – encoder for the field (default: ENC_STR_DEFAULT)
  • fuzzable – is field fuzzable (default: True)
  • name – name of the object (default: None)
Examples:
RandomBytes(value='1234', min_length=0, max_length=75, step=15)
RandomBytes(value='1234', min_length=0, max_length=75, num_mutations=80)
hash()[source]
Return type:int
Returns:hash of the field
reset()[source]
class kitty.model.low_level.field.Static(value, encoder=<kitty.model.low_level.encoder.StrEncoder object>, name=None)[source]

Bases: kitty.model.low_level.field.BaseField

A static field does not mutate. It is used for constant parts of the model

__init__(value, encoder=<kitty.model.low_level.encoder.StrEncoder object>, name=None)[source]
Parameters:
  • value (str) – default value
  • encoder (StrEncoder) – encoder for the field (default: ENC_STR_DEFAULT)
  • name – name of the object (default: None)
Example:
Static('this will never change')
class kitty.model.low_level.field.String(value, max_size=None, encoder=<kitty.model.low_level.encoder.StrEncoder object>, fuzzable=True, name=None)[source]

Bases: kitty.model.low_level.field._LibraryField

Represent a string, the mutation target common string-related vulnerabilities

__init__(value, max_size=None, encoder=<kitty.model.low_level.encoder.StrEncoder object>, fuzzable=True, name=None)[source]
Parameters:
  • value (str) – default value
  • max_size – maximal size of the string before encoding (default: None)
  • encoder (StrEncoder) – encoder for the field
  • fuzzable – is field fuzzable (default: True)
  • name – name of the object (default: None)
Example:
String('this is the default value', max_size=5)
hash()[source]
Return type:int
Returns:hash of the field
lib = None
kitty.model.low_level.field.gen_power_list(val, min_power=0, max_power=10, mutation_desc='')[source]