Added hex encoding support in matchers

v2/pkg/operators/matchers/compile.go

@@ -1,6 +1,7 @@
 package matchers
 
 import (
+	"encoding/hex"
 	"fmt"
 	"regexp"
 
@@ -12,6 +13,16 @@ import (
 func (m *Matcher) CompileMatchers() error {
 	var ok bool
 
+	// Support hexadecimal encoding for matchers too.
+	switch m.Encoding {
+	case "hex":
+		for i, word := range m.Words {
+			if decoded, err := hex.DecodeString(word); err == nil && len(decoded) > 0 {
+				m.Words[i] = string(decoded)
+			}
+		}
+	}
+
 	// Setup the matcher type
 	m.matcherType, ok = MatcherTypes[m.Type]
 	if !ok {

v2/pkg/operators/matchers/match_test.go

@@ -28,3 +28,12 @@ func TestORCondition(t *testing.T) {
 	matched = m.MatchWords("c")
 	require.False(t, matched, "Could match invalid OR condition")
 }
+
+func TestHexEncoding(t *testing.T) {
+	m := &Matcher{Encoding: "hex", Type: "word", Part: "body", Words: []string{"50494e47"}}
+	err := m.CompileMatchers()
+	require.Nil(t, err, "could not compile matcher")
+
+	matched := m.MatchWords("PING")
+	require.True(t, matched, "Could not match valid Hex condition")
+}

v2/pkg/operators/matchers/matchers.go

@@ -36,6 +36,8 @@ type Matcher struct {
 	Binary []string `yaml:"binary,omitempty"`
 	// DSL are the dsl queries
 	DSL []string `yaml:"dsl,omitempty"`
+	// Encoding specifies the encoding for the word content if any.
+	Encoding string `yaml:"encoding,omitempty"`
 
 	// cached data for the compiled matcher
 	condition     ConditionType

v2/pkg/protocols/headless/engine/http_client.go

@@ -31,9 +31,5 @@ func newhttpClient(options *types.Options) (*http.Client, error) {
 			InsecureSkipVerify: true,
 		},
 	}
-
-	return &http.Client{
-		Transport: transport,
-		Timeout:   time.Duration(options.Timeout*3) * time.Second,
-	}, nil
+	return &http.Client{Transport: transport, Timeout: time.Duration(options.Timeout*3) * time.Second}, nil
 }