API === Class ``ExploitBuilder`` ------------------------ ``selenium_oxide.exploit_builder.ExploitBuilder`` The ExploitBuilder, the bread and butter of Selenium Oxide. ``ExploitBuilder(protocol, hostname, **options)`` Parameters: * protocol (str): The protocol to use (either "http" or "https" in most cases) * hostname (str): The hostname of the application to access * \*\*options Options: * stealth (bool): Whether or not to engage stealth mode (Default: False) * browser (str): Which browser to use ("firefox" or "chrome", default: "firefox") * use_proxy (bool): Whether or not to use a proxy (Default: False) * proxy_address (str): Which proxy address to use (Default: "127.0.0.1:8080") Methods ####### Methods for ``selenium_oxide.exploit_builder.ExploitBuilder`` ``api`` ~~~~~~~ ``api(self, req_method: Callable, endpoint: str, api_protocol: str = None, api_hostname: str = None, **kwargs)`` Wrapper for Python's Requests library, enabling automatic proxy usage and cookie sharing when interfacing with APIs. kwargs supports same options as Requests. Parameters: * req_method (Callable): requests function to use (requests.get, requests.posts, etc.) * endpoint (str): the API endpoint to request * api_protocol (str): the protocol to use for the API. Effectively defaults to the same protocol used in the ExploitBuilder * api_hostname (str): the hostname to use for the API. Effectively defaults to the same hostname used in the ExploitBuilder * \*\*kwargs: interoperable with Python Requests (e.g. headers parameter will be passed into the requests call) Returns: requests.Response ``api_get`` ~~~~~~~~~~~ ``api_get(self, endpoint: str, api_protocol: str = None, api_hostname: str = None, **kwargs)`` Wrapper for ExploitBuilder.api(requests.get, ...). Parameters: * endpoint (str): the API endpoint to request * api_protocol (str): the protocol to use for the API. Effectively defaults to the same protocol used in the ExploitBuilder * api_hostname (str): the hostname to use for the API. Effectively defaults to the same hostname used in the ExploitBuilder * \*\*kwargs: interoperable with Python Requests (e.g. headers parameter will be passed into the requests call) Returns: requests.Response ``api_post`` ~~~~~~~~~~~~ ``api_post(self, endpoint: str, api_protocol: str = None, api_hostname: str = None, **kwargs)`` Wrapper for ExploitBuilder.api(requests.post, ...). Parameters: * endpoint (str): the API endpoint to request * api_protocol (str): the protocol to use for the API. Effectively defaults to the same protocol used in the ExploitBuilder * api_hostname (str): the hostname to use for the API. Effectively defaults to the same hostname used in the ExploitBuilder * \*\*kwargs: interoperable with Python Requests (e.g. headers parameter will be passed into the requests call) Returns: requests.Response ``api_put`` ~~~~~~~~~~~ ``api_put(self, endpoint: str, api_protocol: str = None, api_hostname: str = None, **kwargs)`` Wrapper for ExploitBuilder.api(requests.put, ...). Parameters: * endpoint (str): the API endpoint to request * api_protocol (str): the protocol to use for the API. Effectively defaults to the same protocol used in the ExploitBuilder * api_hostname (str): the hostname to use for the API. Effectively defaults to the same hostname used in the ExploitBuilder * \*\*kwargs: interoperable with Python Requests (e.g. headers parameter will be passed into the requests call) Returns: requests.Response ``api_delete`` ~~~~~~~~~~~~~~ ``api_delete(self, endpoint: str, api_protocol: str = None, api_hostname: str = None, **kwargs)`` Wrapper for ExploitBuilder.api(requests.delete, ...). Parameters: * endpoint (str): the API endpoint to request * api_protocol (str): the protocol to use for the API. Effectively defaults to the same protocol used in the ExploitBuilder * api_hostname (str): the hostname to use for the API. Effectively defaults to the same hostname used in the ExploitBuilder * \*\*kwargs: interoperable with Python Requests (e.g. headers parameter will be passed into the requests call) Returns: requests.Response ``click`` ~~~~~~~~~~~~~~~~ ``click(self, button: str, by: SelectBy = SelectBy.XPATH)`` Clicks an element. Parameters: * button (str): The selector for the element to click * by (SelectBy): The selector type to use (default: SelectBy.XPATH) Returns: ``exploit_builder.ExploitBuilder`` ``click_by_class`` ~~~~~~~~~~~~~~~~~~~~~~~~~ ``click_by_class(self, button_class: str)`` Clicks an element based on CSS class name. Parameters: * button_class (str): The element class name Returns: ``exploit_builder.ExploitBuilder`` ``click_by_id`` ~~~~~~~~~~~~~~~~~~~~~~ ``click_by_id(self, button_id: str)`` Clicks an element based on HTML ID. Parameters: * button_id (str): The element HTML ID Returns: ``exploit_builder.ExploitBuilder`` ``click_by_xpath`` ~~~~~~~~~~~~~~~~~~~~~~~~~ ``click_by_xpath(self, xpath: str)`` Clicks an element based on XPath. Parameters: * xpath (str): The element XPath Returns: ``exploit_builder.ExploitBuilder`` ``dump_cookies`` ~~~~~~~~~~~~~~~~~~~~~~~ ``dump_cookies(self)`` Dumps the cookies into the terminal. Returns: ``exploit_builder.ExploitBuilder`` ``execute_script`` ~~~~~~~~~~~~~~~~~~ ``execute_script(self, script, *args)`` Wrapper for Selenium's webdriver.execute_script(). Parameters: script (str): The JavaScript to execute Returns: Any: the return value of the JavaScript ``get`` ~~~~~~~~~~~~~~ ``get(self, endpoint: str)`` Makes a GET request to the specified endpoint in the browser. Parameters: * endpoint (str): The endpoint to which the browser navigates Returns: ``exploit_builder.ExploitBuilder`` ``get_contents`` ~~~~~~~~~~~~~~~~~~~~~~~ ``get_contents(self, field: str, by: SelectBy = SelectBy.XPATH)`` Get the contents of a specified field. Parameters: * field (str): The selector to extract text from * by (SelectBy): The type of selector to use (default: SelectBy.XPATH) Returns: str: The text in the given field ``get_contents_by_id`` ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ``get_contents_by_id(self, field: str)`` Get the contents of a specified field, based on the HTML ID Parameters: * field (str): The HTML ID to extract text from Returns: str: The text in the given field ``get_contents_by_class`` ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ``get_contents_by_class(self, field: str)`` Get the contents of a specified field, based on the CSS class name Parameters: * field (str): The CSS class name to extract text from Returns: str: The text in the given field ``get_contents_by_xpath`` ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ``get_contents_by_xpath(self, xpath: str)`` Get the contents of a specified field, based on the XPath Parameters: * xpath (str): The XPath to extract text from Returns: str: The text in the given field ``get_cookie_by_name`` ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ``get_cookie_by_name(self, name: str)`` Gets a browser cookie by its name. Parameters: * name (str): The name of the cookie Returns: Optional(dict): The cookie, or None ``get_cookies`` ~~~~~~~~~~~~~~~~~~~~~~ ``get_cookies(self)`` Get all cookies in the browser for the current page. Returns: list(dict): A list of cookies in the browser ``login`` ~~~~~~~~~~~~~~~~ ``login(self, endpoint: str, username: str, password: str, username_xpath: str, password_xpath: str, submit_xpath: str)`` Performs a full login process for a given endpoint. Convenience function. Parameters: * endpoint (str): The location of the login page * username (str): The username to use * password (str): The password to use * username_xpath (str): The XPath of the username field * password_xpath (str): The XPath of the password field * submit_xpath (str): The XPath of the submit button Returns: ``exploit_builder.ExploitBuilder`` ``send_enter`` ~~~~~~~~~~~~~~~~~~~~~ ``send_enter(self, field: str, by: SelectBy = SelectBy.XPATH)`` Simulates sending the enter key to a particular element. Parameters: * field (str): The selector of the field * by (SelectBy): The selector type to use (default: SelectBy.XPATH) Returns: ``exploit_builder.ExploitBuilder`` ``send_enter_by_class`` ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ``send_enter_by_class(self, field: str)`` Simulates sending the enter key to a particular element selected by CSS class name. Parameters: * field (str): The CSS Class name of the field to send enter in Returns: ``exploit_builder.ExploitBuilder`` ``send_enter_by_id`` ~~~~~~~~~~~~~~~~~~~~~~~~~~~ ``send_enter_by_id(self, field: str)`` Simulates sending the enter key to a particular element selected by HTML ID. Parameters: * field (str): The HTML ID of the field to send enter in Returns: ``exploit_builder.ExploitBuilder`` ``send_enter_by_xpath`` ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ``send_enter_by_xpath(self, xpath: str)`` Simulates sending the enter key to a particular element selected by XPath. Parameters: * field (str): The XPath of the field to send enter in Returns: ``exploit_builder.ExploitBuilder`` ``set_cookie`` ~~~~~~~~~~~~~~~~~~~~~ ``set_cookie(self, name: str, value: str, path: str = "/", secure: bool = False)`` Set a cookie in the browser. Parameters: * name (str): The name of the cookie * value (str): The cookie's value * path (str): The path to which the cookie belongs * secure (bool): Whether or not the cookie has the Secure attribute Returns: ``exploit_builder.ExploitBuilder`` ``type_entry`` ~~~~~~~~~~~~~~~~~~~~~ ``type_entry(self, field: str, entry: str, by: SelectBy = SelectBy.XPATH)`` Send text to a particular field. Parameters: * field (str): The selector of the field * entry (str): The text to enter into the field * by (SelectBy): The selector type to use (default: SelectBy.XPATH) Returns: ``exploit_builder.ExploitBuilder`` ``type_by_class`` ~~~~~~~~~~~~~~~~~~~~~~~~ ``type_by_class(self, field: str, entry: str)`` Send text to a particular field selected by CSS class name. Parameters: * field (str): The CSS class name of the field * entry (str): The text to enter into the field Returns: ``exploit_builder.ExploitBuilder`` ``type_by_id`` ~~~~~~~~~~~~~~~~~~~~~ ``type_by_id(self, field: str, entry: str)`` Send text to a particular field selected by HTML ID. Parameters: * field (str): The HTML ID of the field * entry (str): The text to enter into the field Returns: ``exploit_builder.ExploitBuilder`` ``type_by_xpath`` ~~~~~~~~~~~~~~~~~~~~~~~~ ``type_by_xpath(self, field: str, entry: str)`` Send text to a particular field selected by XPath. Parameters: * field (str): The XPath of the field * entry (str): The text to enter into the field Returns: ``exploit_builder.ExploitBuilder`` ``wait_for_alert`` ~~~~~~~~~~~~~~~~~~~~~~~~~ ``wait_for_stealth(self, entry: str = "")`` Waits for an alert to fire, looking for an optional marker. Parameters: * timeout (int): The amount of time to wait for an alert * marker (Optional[str]): A known marker, used to detect XSS attacks Returns: bool: whether or not the alert fired ``wait_for_stealth`` ~~~~~~~~~~~~~~~~~~~~~~~~~~~ ``wait_for_alert(self, timeout: int = 3, marker: Optional[str] = None)`` Waits for a period of time based on the length of the entry. Parameters: * entry (str): The entry to scale by Returns: ``exploit_builder.ExploitBuilder`` Class ``SelectBy`` ------------------ ``selenium_oxide.exploit_builder.SelectBy`` A wrapper for Selenium's By enum. Literally only changes the name to avoid confusion with Selenium. Class ``SeO2User`` ------------------------ ``selenium_oxide.user_generator.SeO2User`` Generates an individual user for use with Selenium Oxide. Uses Faker. ``SeO2User(self, gen: Faker = None, locale: str = "en_US", **data)`` Parameters: * gen (faker.Faker): a Faker generator to use for the user. Defaults to an individually made generator. * locale (str): a locale to use for Faker. Defaults to "en_US". * \*\*data All provided data is optional and overrides Faker profile generation. Data: * name (str): The user's name * sex (str): The user's sex (usually "M" or "F") determines name gender in lieu of a provided name. Feel free to put "X" for a nonbinary name * username (str): The user's username * email (str): The user's email * address (str): The user's address * birthdate (datetime.date): The user's date of birth Methods ####### Methods for ``selenium_oxide.user_generator.SeO2User`` ``get_generator`` ~~~~~~~~~~~~~~~~~ ``get_generator(self)`` Getter method for the user's generator. Returns: ``faker.Faker``