# Grep Options Grep options provide additional controls for how match patterns are evaluated and how responses are filtered before matching. ## ⚙️ Match Modifiers ### 🔄 Negative Match (`NotResponse`) Inverts the match logic — the issue is reported when the pattern is **NOT** found in the response. ```json { "NotResponse": true, "Grep": ["true,,Simple String,Only in Headers,X-Frame-Options"] } ``` **Use cases:** * 🛡️ Detecting missing security headers (HSTS, CSP, X-Frame-Options, X-Content-Type-Options) * 🔒 Detecting missing authentication requirements * ✅ Verifying security controls are in place ### 🔤 Case Sensitive (`CaseSensitive`) Controls whether pattern matching is case-sensitive. ```json { "CaseSensitive": true, "Grep": ["true,,Simple String,,AdminPanel"] } ``` * ✅ `true` — Exact case must match (`AdminPanel` matches, `adminpanel` does not) * 🔀 `false` — Case-insensitive matching (`AdminPanel` and `adminpanel` both match) Default: `false` (case-insensitive) ## 🎯 Response Scope Filters ### 🚫 Exclude HTTP Headers (`ExcludeHTTP`) Excludes HTTP response headers from the match scope — patterns are only matched against the response body. ```json { "ExcludeHTTP": true, "Grep": ["true,,Simple String,,password"] } ``` ### 📋 Only HTTP Headers (`OnlyHTTP`) Restricts matching to HTTP response headers only — the response body is ignored. ```json { "OnlyHTTP": true, "Grep": ["true,,Simple String,,Set-Cookie:"] } ``` > 📝 **Note:** You can also set scope per-pattern using the scope field in the grep entry: `Only in Headers` or `Only in Body`. ## 🔽 Pre-Request Filters These filters are applied **before** the request is sent, allowing you to skip irrelevant requests early and save time. ### 📄 Content-Type Filter (`IsContentType`) Only process responses with a specific Content-Type. ```json { "IsContentType": true, "ContentType": "text/html", "NegativeCT": false } ``` | Field | Description | | --------------- | -------------------------------------------------------------------------- | | `IsContentType` | ✅ Enable Content-Type filtering | | `ContentType` | 📄 The expected Content-Type value (partial match) | | `NegativeCT` | 🔄 `true` = exclude this Content-Type, `false` = require this Content-Type | **📝 Examples:** ✅ Only scan HTML responses: ```json { "IsContentType": true, "ContentType": "text/html", "NegativeCT": false } ``` 🚫 Skip JSON responses: ```json { "IsContentType": true, "ContentType": "application/json", "NegativeCT": true } ``` ### 🔢 Response Code Filter (`IsResponseCode`) Only process responses with a specific HTTP status code. ```json { "IsResponseCode": true, "ResponseCode": "200", "NegativeRC": false } ``` | Field | Description | | ---------------- | ---------------------------------------------------------- | | `IsResponseCode` | ✅ Enable status code filtering | | `ResponseCode` | 🔢 The expected HTTP status code | | `NegativeRC` | 🔄 `true` = exclude this code, `false` = require this code | **📝 Examples:** ✅ Only scan successful responses: ```json { "IsResponseCode": true, "ResponseCode": "200", "NegativeRC": false } ``` 🚫 Skip 404 responses: ```json { "IsResponseCode": true, "ResponseCode": "404", "NegativeRC": true } ``` ### 📁 URL Extension Filter (`isurlextension`) Only process requests with specific URL file extensions. ```json { "isurlextension": true, "urlextension": "php,asp,aspx,jsp", "NegativeUrlExtension": false } ``` | Field | Description | | ---------------------- | ------------------------------------------------------------------------ | | `isurlextension` | ✅ Enable URL extension filtering | | `urlextension` | 📄 Comma-separated list of extensions (without dots) | | `NegativeUrlExtension` | 🔄 `true` = exclude these extensions, `false` = require these extensions | **📝 Examples:** ✅ Only scan PHP and JSP files: ```json { "isurlextension": true, "urlextension": "php,jsp", "NegativeUrlExtension": false } ``` 🚫 Skip static files: ```json { "isurlextension": true, "urlextension": "js,css,png,jpg,gif,svg,woff,woff2", "NegativeUrlExtension": true } ``` ## 🔗 Combining Filters Filters can be combined to precisely target the responses you want to analyze: ```json { "IsContentType": true, "ContentType": "text/html", "NegativeCT": false, "IsResponseCode": true, "ResponseCode": "200", "NegativeRC": false, "isurlextension": true, "urlextension": "js,css,png,jpg", "NegativeUrlExtension": true } ``` This configuration: * ✅ Only processes HTML responses * ✅ Only processes 200 OK responses * 🚫 Skips static file extensions ## 🎯 Grep Scope per Pattern In addition to the global `ExcludeHTTP`/`OnlyHTTP` flags, each grep pattern can specify its own scope: ```json "Grep": [ "true,,Simple String,Only in Headers,Set-Cookie: admin=", "true,OR,Simple String,Only in Body,Welcome Administrator", "true,OR,Simple String,,admin" ] ``` | Scope | Description | | ----------------- | ------------------------------- | | *(empty)* | 🌐 Search entire response | | `Only in Headers` | 📋 Search only in HTTP headers | | `Only in Body` | 📄 Search only in response body | ## ⚡ Filter Evaluation Order Filters are evaluated in this order to maximize performance: 1. 📁 **URL Extension** — Skip requests to static files 2. 🔢 **Response Code** — Skip responses with wrong status codes 3. 📄 **Content-Type** — Skip responses with wrong content types 4. 🔍 **Grep Matching** — Apply match patterns to the filtered response This early filtering pipeline prevents unnecessary processing and reduces scan time. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.bountysecurity.ai/profiles/grep-options.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.