https://github.com/makspll/pathfinder
Endpoint discovery tool for .NET core and .NET Framework web projects
https://github.com/makspll/pathfinder
dotnet dotnet-core dotnet-framework dotnet-web endpoint route-discovery security-tools static-analysis web
Last synced: about 2 months ago
JSON representation
Endpoint discovery tool for .NET core and .NET Framework web projects
- Host: GitHub
- URL: https://github.com/makspll/pathfinder
- Owner: makspll
- License: mit
- Created: 2024-09-07T19:03:24.000Z (about 1 year ago)
- Default Branch: main
- Last Pushed: 2024-11-12T18:09:33.000Z (11 months ago)
- Last Synced: 2024-12-16T16:58:34.114Z (10 months ago)
- Topics: dotnet, dotnet-core, dotnet-framework, dotnet-web, endpoint, route-discovery, security-tools, static-analysis, web
- Language: C#
- Homepage:
- Size: 1.56 MB
- Stars: 3
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# Pathfinder
Finds and outputs all API routes found in a .NET assembly in textual or JSON format.
## Features
- Attribute based routing
- Conventional routing (templates + defaults have to be specified in a config file)
- .NET core support
- .NET framework support
- JSON and Text output
- Configurable backing lib for projects with custom routing mechanisms
- Customizable template based report generation (see [report for assemblies in /test_assemblies](https://makspll.github.io/Pathfinder/))
# Installation
## Prerequisites
- .NET 7 or later installed (only for running CLI, not in your project)
## CLI
- `dotnet tool install -g Makspll.Pathfinder`
# Usage
Run `pathfinder help` to see all available arguments
## Analysis
You can find all available routes in your assemblies using the `analyze` command:
```
pathfinder analyze **/bin/**/yourdllname.dll
```
## Report
You can also generate a report based on the analysis using the `report` command:
```
pathfinder report **/bin/**/yourdllname.dll
```
# Configuration
## Config file
The program is configured via `pathfinder.json` files found in your project. If the file is not found you can specify a path via the `-c` flag.
Currently the file needs to specify all your conventional routing configuration (anything that isn't attribute based).
### .NET framework
In .NET framework projects, you will need to specify whether each of your routes is an MVC or API route. This is done by adding a `Type` field to each route in the config file.
Note MVC conventional routes are normally found in `App_Start/RouteConfig.cs` while WebApi controllers are found in `App_Start/WebApiConfig.cs` the `System.Web.Http` namespace corresponds to WebApi controllers while the `System.Web.Mvc` namespace corresponds to MVC ones.
```json
{
"ConventionalRoutes": [
{
"Template": "conventionalprefix/{controller}/{action}",
"Type": "MVC"
},
{
"Template": "conventionalprefix2/{controller}",
"Defaults": {
"action": "DefaultAction"
},
"Type": "MVC"
},
{
"Template": "conventionalwithnoactionspecs",
"Defaults": {
"controller": "DefaultConventional",
"action": "DefaultAction"
},
"Type": "MVC"
},
{
"Template": "apiconventionalprefix/{controller}/{action}",
"Type": "API"
},
{
"Template": "apiconventionalprefix2/{controller}",
"Defaults": {
"action": "DefaultAction"
},
"Type": "API"
},
{
"Template": "apiconventionalwithnoactionspecs",
"Defaults": {
"controller": "ApiDefaultConventionalApi",
"action": "DefaultAction"
},
"Type": "API"
}
]
}
```
### .NET core
.NET core does not make such a distinction, you shouldn't specify the type of controller:
```json
{
"ConventionalRoutes": [
{
"Template": "conventionalprefix/{controller}/{action}"
},
{
"Template": "conventionalprefix2/{controller}",
"Defaults": {
"action": "DefaultAction"
}
},
{
"Template": "conventionalwithnoactionspecs",
"Defaults": {
"controller": "DefaultConventional",
"action": "DefaultAction"
}
}
]
}
```