./redteamer

Core concepts

Expressions

Expressions

This page explains expressions in the RedTeamer Language.

Types and Values

Expressions generate values. Each value belongs to a specific type. Types define how values are used and transformed.

Types

  • string: Text values, e.g., "BruteForce".
  • filepath: A string that is a filesystem path, e.g., "/etc/shadow".
  • number: Numeric values, e.g., 7, 3.5.
  • bool: Boolean values, true or false.
  • list/tuple: Ordered collections, e.g., ["admin", "guest"].
  • map/object: Key-value pairs, e.g.,
    {
  method   = "SQL Injection",
  severity = 9
}
  • null: No value. Used in conditions or when arguments are skipped.

Literal Expressions

Literal expressions represent fixed values.

var {
  example_string = "Exploit Active"  # Returns: "Exploit Active"
  example_number = 42                # Returns: 42
  example_bool   = false             # Returns: false
}

Accessing Collection Elements

Access elements in collections using indices or keys.

Accessing List Elements

Use an index to access a list or tuple element.

var {
  exploits = ["CVE-2021-1234", "CVE-2021-5678"]
  first_exploit = var.exploits[0]  # Returns: "CVE-2021-1234"
}

Accessing Map Elements

Use keys to access values in a map or object.

var {
  vulnerability_map = {
    CVE2021 = "High",
    CVE2022 = "Medium"
  }
  severity = var.vulnerability_map["CVE2021"]  # Returns: "High"
}

Strings and Templates

RedTeamer supports quoted strings and heredoc strings. Strings allow interpolation and formatting.

Quoted Strings

Quoted strings use " and support escape sequences.

var {
  alert_message = "Vulnerability detected:\nAction required!"
  # Returns: "Vulnerability detected:\nAction required!"
}

Heredoc Strings

Use heredoc strings (<<) for multi-line text with preserved formatting.

var {
  report = <<-EOT
  Vulnerability Report
  ====================
  - Exploit: CVE-2021-1234
  - Severity: High
  EOT
  # Returns the multi-line string above
}

Templates

Templates use ${} for value insertion and %{} for control directives.

var {
  target = "Server1"
  ping_command = "ping ${var.target}"  # Returns: "ping Server1"
}

Escape Sequences

Use escape sequences to insert special characters.

  • \n: Newline
  • \t: Tab
  • \\: Backslash
  • \": Double quote
  • \uNNNN: Unicode character
  • $${ and %%{: Escape interpolation and directive syntax
var {
  multiline_text = "Line 1\nLine 2\tTabbed"
  # Returns: "Line 1\nLine 2\tTabbed"

  escaped_interpolation = "$${not_a_variable}"
  # Returns: "${not_a_variable}"
}

Operators

Arithmetic Operators

Perform calculations:

  • +: Addition
  • -: Subtraction
  • *: Multiplication
  • /: Division
  • %: Modulo
var {
  sum        = 10 + 5   # Returns: 15
  difference = 10 - 5   # Returns: 5
  product    = 10 * 5   # Returns: 50
  quotient   = 10 / 5   # Returns: 2
  remainder  = 10 % 3   # Returns: 1
}

Comparison Operators

Compare values:

  • ==: Equal
  • !=: Not equal
  • <: Less than
  • <=: Less than or equal to
  • >: Greater than
  • >=: Greater than or equal to
var {
  is_greater = 10 > 5  # Returns: true
}

Logical Operators

Evaluate conditions:

  • &&: AND
  • ||: OR
  • !: NOT
var {
  is_secure = var.is_encrypted && !var.is_compromised
  # Returns: true if encrypted and not compromised
}

Function Calls

Use <FUNCTION_NAME>(<ARGUMENTS>) to call a function.

var {
  min_severity = num::min(4, 9)  # Returns: 4
}

Argument Expansion

Some functions accept multiple arguments or lists using ....

var {
  scores       = [2, 3, 4]
  lowest_score = num::min(scores...)  # Returns: 2
}

Conditional Expressions

Use condition ? true_val : false_val to return a value based on a condition.

var {
  access_level = var.is_admin ? "Full Access" : "Restricted Access"
  # Returns: "Full Access" if is_admin is true, otherwise "Restricted Access"
}

For Expressions

Use for to iterate over collections and generate lists or maps.

List Result

var {
  ips = [for ip in var.ip_addresses : "${ip}/32"]
  # Returns a list of CIDR notation IPs
}

Map Result

var {
  email_map = {for user in var.users : user.username => user.email}
  # Returns a map of usernames to emails
}

Filtering Collections

Use if to filter elements.

var {
  active_users = [for user in var.users : user if user.is_active]
  # Returns a list of active users
}

Grouping Results

Use ... to include all attributes for grouped elements.

var {
  users_by_role = { for user in var.users : user.role => user... }
  # Returns a map grouping users by roles
}

Splat Expressions

Use splat expressions ([*]) to extract values from lists of objects.

var {
  usernames = var.logins[*].username  # Returns a list of usernames
}
Previous
Language
Next
Blocks