Miroslav Stampar
|
4ea9d3b884
|
Replacing generic concatenation || with CONCAT (far better choice)
|
2016-09-29 13:35:16 +02:00 |
|
Miroslav Stampar
|
3409953538
|
Revisiting default level 1 payloads (MySQL stacked queries are as frequent as double rainbows)
|
2016-09-29 12:59:51 +02:00 |
|
Miroslav Stampar
|
3b3ab072e6
|
Adding short option(s) for setting verbosity (e.g. -vvv)
|
2016-09-29 11:19:25 +02:00 |
|
Miroslav Stampar
|
fef407e09c
|
Making HTTP requests up to 20% smaller (fine tuning the request headers)
|
2016-09-29 10:44:00 +02:00 |
|
Miroslav Stampar
|
5afccce3c6
|
Minor patch
|
2016-09-28 16:56:47 +02:00 |
|
Miroslav Stampar
|
e439095593
|
Bug fix for MySQL's --os-pwn
|
2016-09-28 15:39:34 +02:00 |
|
Miroslav Stampar
|
e77126e847
|
Removing obsolete functionality
|
2016-09-28 15:00:26 +02:00 |
|
Miroslav Stampar
|
3ef01f0e31
|
Minor update
|
2016-09-28 14:48:33 +02:00 |
|
Miroslav Stampar
|
d36b5c0a4b
|
Adding time-based blind (heavy query) payloads for Informix (Issue #552)
|
2016-09-28 10:30:09 +02:00 |
|
Miroslav Stampar
|
e5a758bdf4
|
Fixes #2192
|
2016-09-28 09:55:14 +02:00 |
|
Miroslav Stampar
|
617509869d
|
Minor patch for Informix --parse-errors
|
2016-09-27 14:58:10 +02:00 |
|
Miroslav Stampar
|
5079c42788
|
Adding Informix parameter replacement payloads (Issue #552)
|
2016-09-27 14:39:17 +02:00 |
|
Miroslav Stampar
|
bc7ab01066
|
Bug fix for generic parameter replacement (CASE)
|
2016-09-27 14:29:18 +02:00 |
|
Miroslav Stampar
|
212c1ec1f2
|
Couple of fixes and some testing stuff
|
2016-09-27 14:03:59 +02:00 |
|
Miroslav Stampar
|
381deb68ff
|
Implementation for an Issue #2137
|
2016-09-27 13:26:11 +02:00 |
|
Miroslav Stampar
|
ba0facb5eb
|
Removal of unused imports
|
2016-09-27 11:23:31 +02:00 |
|
Miroslav Stampar
|
7151df16f6
|
Adding extra validation step in case of boolean-based blind (e.g. if unexpected 500 occurs)
|
2016-09-27 11:21:12 +02:00 |
|
Miroslav Stampar
|
8994bf2dba
|
Further dealing with time-based SQLi (Issue #1973)
|
2016-09-27 10:32:22 +02:00 |
|
Miroslav Stampar
|
09617c8243
|
Introducing extra validation property in case of time-based SQLi (HTTP code) - Issue #1973
|
2016-09-27 10:20:36 +02:00 |
|
Miroslav Stampar
|
556b4d289e
|
Minor cosmetic patch (removing multiple same content '...appears...' messages)
|
2016-09-26 17:02:40 +02:00 |
|
Miroslav Stampar
|
978f56ad10
|
One more commit for #552 (--passwords)
|
2016-09-26 16:38:03 +02:00 |
|
Miroslav Stampar
|
aa0b97b562
|
Support for Informix --roles/--privileges (Issue #552)
|
2016-09-26 14:20:04 +02:00 |
|
Miroslav Stampar
|
df645d7d3d
|
Update for column types (Issue #552)
|
2016-09-23 18:03:31 +02:00 |
|
Miroslav Stampar
|
035137ef4e
|
Bug fix in detection engine (abstract URI header sometimes caused problems - e.g. when automatic --string used)
|
2016-09-23 17:38:14 +02:00 |
|
Miroslav Stampar
|
484d9a4825
|
Implementation of --dump for Informix (Issue #552)
|
2016-09-23 17:21:48 +02:00 |
|
Miroslav Stampar
|
65c305cff0
|
Fixes #2174
|
2016-09-23 15:41:12 +02:00 |
|
Miroslav Stampar
|
9a5fc5ccf4
|
New auxiliary (extra) file (for administration purposes)
|
2016-09-23 13:57:18 +02:00 |
|
Miroslav Stampar
|
51a1973224
|
Stripping PostgreSQL .so files for size issues (Issue #2173)
|
2016-09-23 13:52:57 +02:00 |
|
Miroslav Stampar
|
2f2a63334a
|
Minor cleanup
|
2016-09-23 13:39:27 +02:00 |
|
Miroslav Stampar
|
23afeb4c7a
|
Fixes #2176
|
2016-09-23 13:37:44 +02:00 |
|
Miroslav Stampar
|
b387fb219d
|
Fixes #2175
|
2016-09-23 12:45:06 +02:00 |
|
Miroslav Stampar
|
1b48ff223d
|
Adding initial support for Informix (Issue #552)
|
2016-09-23 12:33:27 +02:00 |
|
Miroslav Stampar
|
640e605412
|
More CTF friendly (common column and table name flag :)
|
2016-09-23 12:31:28 +02:00 |
|
Miroslav Stampar
|
e10bb42597
|
Minor tweak
|
2016-09-22 10:22:48 +02:00 |
|
Miroslav Stampar
|
9902018cab
|
Implementation for an Issue #2172
|
2016-09-21 15:45:55 +02:00 |
|
Miroslav Stampar
|
56a918c408
|
Minor refactoring
|
2016-09-20 10:03:00 +02:00 |
|
Miroslav Stampar
|
bcd62ecc5b
|
Minor optimization (avoiding unnecessary deepcopies)
|
2016-09-20 09:56:08 +02:00 |
|
Miroslav Stampar
|
e519484230
|
Patching live-testing
|
2016-09-19 15:51:28 +02:00 |
|
Miroslav Stampar
|
a2c8f1deb1
|
Update PgSQL fingerprinting payloads
|
2016-09-19 14:23:51 +02:00 |
|
Miroslav Stampar
|
12dc53f687
|
Minor update
|
2016-09-19 13:54:06 +02:00 |
|
Miroslav Stampar
|
b3b5bd267d
|
Adding new tamper script (on request from @MilanGabor)
|
2016-09-15 17:59:01 +02:00 |
|
Miroslav Stampar
|
921a53e314
|
Patch for counter in --smoke-test
|
2016-09-09 14:59:22 +02:00 |
|
Miroslav Stampar
|
32dd4a938c
|
Minor patch of message
|
2016-09-09 11:37:16 +02:00 |
|
Miroslav Stampar
|
9930f1b55b
|
Speed optimization(s)
|
2016-09-09 11:06:38 +02:00 |
|
Miroslav Stampar
|
8581d9e2ca
|
Minor improvement of SELECT_FROM_TABLE_REGEX
|
2016-09-09 09:45:48 +02:00 |
|
Miroslav Stampar
|
1a613ed9a8
|
Minor update
|
2016-09-08 14:08:14 +02:00 |
|
Miroslav Stampar
|
78e398d9c4
|
Fixes #2136
|
2016-09-06 15:03:17 +02:00 |
|
Miroslav Stampar
|
e3c3c2c185
|
Fixes #2148
|
2016-09-06 14:25:29 +02:00 |
|
Miroslav Stampar
|
4e36bbaff9
|
Update related to the last commit
|
2016-09-04 03:09:28 +02:00 |
|
Miroslav Stampar
|
603e9739ae
|
Fixes #2146
|
2016-09-04 01:33:52 +02:00 |
|
Miroslav Stampar
|
6b91b7b7fa
|
Minor cosmetics
|
2016-09-02 16:10:11 +02:00 |
|
Miroslav Stampar
|
2e62fda57d
|
Minor update
|
2016-09-02 15:55:33 +02:00 |
|
Miroslav Stampar
|
5ad27264a2
|
Patches #2143
|
2016-09-02 15:52:07 +02:00 |
|
Miroslav Stampar
|
c4d8cab50c
|
Version string bug fix
|
2016-09-02 14:25:56 +02:00 |
|
Miroslav Stampar
|
577e346774
|
Fixes #2144
|
2016-09-02 14:20:17 +02:00 |
|
Miroslav Stampar
|
375abd50ee
|
Minor update for #2134
|
2016-08-30 12:36:32 +02:00 |
|
Miroslav Stampar
|
4a815ab56f
|
Patch for an Issue #1250
|
2016-08-27 23:54:09 +02:00 |
|
Miroslav Stampar
|
6564adc984
|
Minor patch for buffered write into checksum.md5
|
2016-08-27 23:34:12 +02:00 |
|
Miroslav Stampar
|
ad5b8017f5
|
Minor refactoring
|
2016-08-26 12:28:35 +02:00 |
|
Miroslav Stampar
|
72e5a79288
|
Fixes #2106
|
2016-08-19 11:07:42 +02:00 |
|
Miroslav Stampar
|
63f4b3462f
|
Fixes #2105
|
2016-08-15 18:35:04 +02:00 |
|
Miroslav Stampar
|
a45a90df94
|
Adding new WAF script (Yunsuo)
|
2016-08-12 14:32:03 +02:00 |
|
Miroslav Stampar
|
ec1ac81e0a
|
Minor refactoring
|
2016-08-08 16:08:16 +02:00 |
|
Miroslav Stampar
|
6ba46bf7cf
|
Update for #2086 (lowercasing only the command)
|
2016-08-08 15:55:39 +02:00 |
|
Miroslav Stampar
|
b92fc840fe
|
Adding pypi script to the repository
|
2016-08-02 13:21:05 +02:00 |
|
Miroslav Stampar
|
ef79bbf7d2
|
Minor patch
|
2016-08-02 12:38:57 +02:00 |
|
Miroslav Stampar
|
fba1199cd2
|
Minor consistency update
|
2016-08-02 12:05:39 +02:00 |
|
Miroslav Stampar
|
4022a68523
|
Removing last debug commit
|
2016-08-02 12:01:49 +02:00 |
|
Miroslav Stampar
|
67bc3ed359
|
Trying out the last commit
|
2016-08-02 12:01:02 +02:00 |
|
Miroslav Stampar
|
a0ddd99087
|
Minor update for automatic PyPI packaging
|
2016-08-02 12:00:21 +02:00 |
|
Miroslav Stampar
|
2a7ef58c9f
|
Minor refactoring
|
2016-08-02 11:55:11 +02:00 |
|
Miroslav Stampar
|
35010006a1
|
Some cosmetic changes
|
2016-08-02 11:50:42 +02:00 |
|
Miroslav Stampar
|
acfe788c95
|
Preparing for #1250
|
2016-08-02 00:17:59 +02:00 |
|
Miroslav Stampar
|
5ccb73a1ee
|
Minor patch for Python3 check
|
2016-07-29 15:30:59 +02:00 |
|
Miroslav Stampar
|
6ac5b6b759
|
Minor refactoring
|
2016-07-28 17:04:15 +02:00 |
|
Miroslav Stampar
|
d82f20abc4
|
Fixes #2068
|
2016-07-28 17:02:27 +02:00 |
|
Miroslav Stampar
|
10eafa35fd
|
Adding CloudFlare CAPTCHA warning
|
2016-07-23 23:02:15 +02:00 |
|
Miroslav Stampar
|
9105f259cd
|
Fixes #2060 (ParseError has been added in Python 2.7)
|
2016-07-23 15:27:25 +02:00 |
|
Miroslav Stampar
|
7cca56edfa
|
Fixes #2052
|
2016-07-21 09:38:52 +02:00 |
|
Miroslav Stampar
|
e21d751834
|
Fixes #2049
|
2016-07-20 20:04:44 +02:00 |
|
Miroslav Stampar
|
ebb73b71fa
|
Fixes #2045
|
2016-07-20 16:49:27 +02:00 |
|
Miroslav Stampar
|
1ca633ae64
|
Fixes #2031
|
2016-07-17 23:30:40 +02:00 |
|
Miroslav Stampar
|
3e22cbfed7
|
Minor update
|
2016-07-17 00:34:14 +02:00 |
|
Miroslav Stampar
|
c7f615f707
|
Renaming payload files (consistency with the rest of the project)
|
2016-07-17 00:21:16 +02:00 |
|
Miroslav Stampar
|
b83ee92cd1
|
Minor modification
|
2016-07-17 00:09:09 +02:00 |
|
Miroslav Stampar
|
571d669a09
|
Minor modification
|
2016-07-17 00:07:58 +02:00 |
|
Miroslav Stampar
|
e485531b71
|
Adding integrity checks in case of unhandled exceptions
|
2016-07-17 00:04:30 +02:00 |
|
Miroslav Stampar
|
7427b554e3
|
Adding support for integrity checks
|
2016-07-16 23:25:13 +02:00 |
|
Miroslav Stampar
|
1a818ceccd
|
Adding error message regarding #2030
|
2016-07-16 22:47:16 +02:00 |
|
Miroslav Stampar
|
7fea8d608e
|
Fixes #2028
|
2016-07-16 22:42:15 +02:00 |
|
Miroslav Stampar
|
1e6191e3b1
|
Fixes #2026
|
2016-07-16 15:51:09 +02:00 |
|
Miroslav Stampar
|
c10b2825d7
|
Patch for --os-shell against Windows/MySQL where resulting \r caused trouble
|
2016-07-15 11:56:51 +02:00 |
|
Miroslav Stampar
|
c200b2cb19
|
Another fix (related to the last commit)
|
2016-07-15 11:45:59 +02:00 |
|
Miroslav Stampar
|
071f4c8a2b
|
Bug fix (reported privately) - better parsing of file paths (especially for Windows cases)
|
2016-07-15 11:13:47 +02:00 |
|
Miroslav Stampar
|
5097a2c79e
|
Less timeout error messages (because of server dropping of non-active connections)
|
2016-07-15 00:33:33 +02:00 |
|
Miroslav Stampar
|
bce9db1af5
|
Adding support for --columns too (Issue #2025)
|
2016-07-15 00:10:41 +02:00 |
|
Miroslav Stampar
|
ca67456dbe
|
Removing a debugging leftover (Issue #2025)
|
2016-07-14 23:39:44 +02:00 |
|
Miroslav Stampar
|
6df4d73b09
|
Implementation for an Issue #2025
|
2016-07-14 23:18:28 +02:00 |
|
Miroslav Stampar
|
2aaa486f7a
|
Minor code style update
|
2016-07-13 14:09:33 +02:00 |
|
Miroslav Stampar
|
47ba7d4705
|
Minor update
|
2016-07-07 10:37:00 +02:00 |
|
Miroslav Stampar
|
2e42afea6f
|
Update of sucury WAF script
|
2016-07-06 23:43:21 +02:00 |
|
Miroslav Stampar
|
292a28131d
|
Minor updates
|
2016-07-06 23:43:10 +02:00 |
|
Miroslav Stampar
|
2e775fbb75
|
(e.g.) ASPx MsSQL Chinese exception messages don't start with 'Exception: string'
|
2016-07-06 14:06:18 +02:00 |
|
Miroslav Stampar
|
e1d7641b8a
|
Good for different generic OleDB-alike connectors
|
2016-07-06 13:48:35 +02:00 |
|
Miroslav Stampar
|
6b0951d1ee
|
Switching default Tor type to SOCKS5 (various bundles are discontinued)
|
2016-07-06 13:30:46 +02:00 |
|
Miroslav Stampar
|
db1fc621b5
|
Update for SonicWALL WAF script; lesser false positives with ModSecurity WAF script
|
2016-07-06 13:19:51 +02:00 |
|
Miroslav Stampar
|
9351756c36
|
Minor update of format exception strings
|
2016-07-05 16:02:34 +02:00 |
|
Miroslav Stampar
|
63b645c64c
|
Removing a debugging leftover
|
2016-07-05 09:32:30 +02:00 |
|
Miroslav Stampar
|
7ad49f4185
|
Less problematic regexes for MsSQL errors
|
2016-07-05 09:32:08 +02:00 |
|
Miroslav Stampar
|
d9315830f9
|
Less problematic regex for MsSQL errors
|
2016-07-05 09:20:04 +02:00 |
|
Miroslav Stampar
|
2e2c62b6a7
|
More error regexes
|
2016-07-04 17:24:17 +02:00 |
|
Miroslav Stampar
|
53289b0234
|
Some more Informix error regexes
|
2016-07-04 10:03:36 +02:00 |
|
Miroslav Stampar
|
dd082ef79d
|
Minor update (new error regex for Informix)
|
2016-07-04 09:49:18 +02:00 |
|
Miroslav Stampar
|
2c968f9a35
|
Closes #2007
|
2016-07-04 09:12:30 +02:00 |
|
Miroslav Stampar
|
74d0315fef
|
Update related to the last commit
|
2016-07-03 02:14:23 +02:00 |
|
Miroslav Stampar
|
ae98159130
|
Automatic monthly tagging
|
2016-07-03 02:03:30 +02:00 |
|
Miroslav Stampar
|
3a9e36c52b
|
Reintroducing stacked queries removed in 79d08906a4 (good for WAF bypass)
|
2016-07-03 02:03:30 +02:00 |
|
Miroslav Stampar
|
cb43c03712
|
Definite patch for MemoryError(s) (fixes #1991)
|
2016-06-30 14:57:56 +02:00 |
|
Miroslav Stampar
|
65a0f15f69
|
Minor update (error regex for PHP's sqlsrv module)
|
2016-06-28 15:13:37 +02:00 |
|
Miroslav Stampar
|
98b77d32cc
|
Minor update
|
2016-06-27 11:16:41 +02:00 |
|
Miroslav Stampar
|
86a3569ccb
|
New WAF script (SonicWALL)
|
2016-06-26 16:42:05 +02:00 |
|
Miroslav Stampar
|
17fca351d3
|
Minor update
|
2016-06-26 16:26:13 +02:00 |
|
Miroslav Stampar
|
2614e7bec1
|
Minor update
|
2016-06-26 16:23:39 +02:00 |
|
Miroslav Stampar
|
832c6e806f
|
Revert of last commit
|
2016-06-26 15:59:35 +02:00 |
|
Miroslav Stampar
|
7b334b0808
|
'Conversion failed' happens in regular SQLi on MsSQL
|
2016-06-26 15:57:11 +02:00 |
|
Miroslav Stampar
|
aa9151785e
|
Minor update
|
2016-06-26 15:37:30 +02:00 |
|
Miroslav Stampar
|
6bdef1b7da
|
Minor update
|
2016-06-26 01:46:49 +02:00 |
|
Miroslav Stampar
|
8b4367d354
|
Revert of last commit
|
2016-06-26 01:42:21 +02:00 |
|
Miroslav Stampar
|
0a9d69a7d0
|
Minor patch
|
2016-06-26 01:10:47 +02:00 |
|
Miroslav Stampar
|
a4b60dc00f
|
New error regex for MsSQL
|
2016-06-26 00:40:54 +02:00 |
|
Miroslav Stampar
|
f91ae32284
|
Minor update (to not confuse S3 vs Cloudfront)
|
2016-06-24 13:39:13 +02:00 |
|
Miroslav Stampar
|
53fc9d6720
|
Fixes #1990
|
2016-06-24 13:31:19 +02:00 |
|
Miroslav Stampar
|
0b31568306
|
Minor update
|
2016-06-24 13:28:08 +02:00 |
|
Miroslav Stampar
|
e9407cf791
|
Cleaning some garbage boundaries (it doesn't make any sense to use %00 as prefix)
|
2016-06-23 22:57:59 +02:00 |
|
Miroslav Stampar
|
0175acd028
|
Bug fix (in some cases lack of warning message for SQLi appearing)
|
2016-06-23 17:52:37 +02:00 |
|
Miroslav Stampar
|
733a32de32
|
Minor patch
|
2016-06-23 12:09:51 +02:00 |
|
Miroslav Stampar
|
1b863ecf93
|
Far better detection of SecureIIS (WAF)
|
2016-06-23 12:03:05 +02:00 |
|
Miroslav Stampar
|
ec06037335
|
Update of bigip waf script
|
2016-06-23 11:41:49 +02:00 |
|
Miroslav Stampar
|
0cdb62a1b5
|
Adding new waf script (armor)
|
2016-06-23 11:15:31 +02:00 |
|
Miroslav Stampar
|
99454198b8
|
Minor refactoring
|
2016-06-20 10:01:57 +02:00 |
|
Miroslav Stampar
|
dd6287ace8
|
Fixes #1972
|
2016-06-20 09:59:50 +02:00 |
|
Miroslav Stampar
|
786460e3b4
|
Minor just in case patch
|
2016-06-19 17:44:47 +02:00 |
|
Miroslav Stampar
|
419cf979f1
|
Showing again the 'shutting down at ...' message
|
2016-06-19 17:17:01 +02:00 |
|
Miroslav Stampar
|
30be875304
|
Patch for an Issue #1968
|
2016-06-18 01:21:57 +02:00 |
|
Miroslav Stampar
|
7d011bc811
|
Fixes #1964
|
2016-06-17 17:07:44 +02:00 |
|
Miroslav Stampar
|
b2c4a3b247
|
Fixes #1960
|
2016-06-17 16:54:23 +02:00 |
|
Miroslav Stampar
|
9d9592a69b
|
Fixes #1963
|
2016-06-17 16:51:23 +02:00 |
|
Miroslav Stampar
|
cb42294a7e
|
Minor message update
|
2016-06-15 07:57:10 +02:00 |
|
Miroslav Stampar
|
146762c109
|
Minor update
|
2016-06-15 07:54:47 +02:00 |
|
Miroslav Stampar
|
494b9d1586
|
Fixes #1943
|
2016-06-13 15:30:38 +02:00 |
|
Miroslav Stampar
|
2e95fdb52d
|
Fixes #1947
|
2016-06-13 14:50:44 +02:00 |
|
Miroslav Stampar
|
46736cac7b
|
Fixes #1931
|
2016-06-10 18:41:41 +02:00 |
|
Miroslav Stampar
|
041213f22d
|
Fixes #1935
|
2016-06-10 18:18:48 +02:00 |
|
Miroslav Stampar
|
8ca45c5678
|
Fixes #1936
|
2016-06-10 18:02:24 +02:00 |
|
Miroslav Stampar
|
c6eec8db97
|
Fixes #1938
|
2016-06-10 17:52:22 +02:00 |
|
Miroslav Stampar
|
98fdc493f4
|
Proper patch for #1923 (Fixes #1940, #1941)
|
2016-06-10 17:42:11 +02:00 |
|
Miroslav Stampar
|
91372bff87
|
Fixes #1932
|
2016-06-08 08:20:54 +02:00 |
|
Miroslav Stampar
|
7fb9db42a7
|
Performing a backup of old dump file (Issue #841)
|
2016-06-05 12:37:19 +02:00 |
|
Miroslav Stampar
|
82382957f9
|
Minor refactoring
|
2016-06-05 12:25:42 +02:00 |
|
Miroslav Stampar
|
f034122bd0
|
Fixes #1920
|
2016-06-05 12:14:01 +02:00 |
|
Miroslav Stampar
|
0df2456f34
|
Fixes #1923
|
2016-06-03 16:06:29 +02:00 |
|
Miroslav Stampar
|
78fdb27a0b
|
More improvements
|
2016-06-03 15:51:52 +02:00 |
|
Miroslav Stampar
|
350baf0a0a
|
Minor update
|
2016-06-03 14:29:32 +02:00 |
|
Miroslav Stampar
|
9886b646eb
|
Proper update regarding the last commit
|
2016-06-03 14:18:28 +02:00 |
|
Miroslav Stampar
|
c5197b99a0
|
Minor patch and minor improvement
|
2016-06-03 13:59:32 +02:00 |
|
Miroslav Stampar
|
cc313280af
|
Payload that never ever worked (now fixed)
|
2016-06-03 13:16:00 +02:00 |
|
Miroslav Stampar
|
f06ff42c58
|
This never worked. Not sure who incorporated it (WAITFOR DELAY can't go to SELECT/CASE)
|
2016-06-03 10:42:57 +02:00 |
|
Miroslav Stampar
|
4bc1cf4518
|
Vastly better patch for MsSQL payloads
|
2016-06-03 10:29:04 +02:00 |
|
Miroslav Stampar
|
0e65043c84
|
Minor adjustment
|
2016-06-03 09:48:49 +02:00 |
|
Miroslav Stampar
|
d7d565415a
|
Patch for MySQL fingerprinting
|
2016-06-03 02:31:31 +02:00 |
|
Miroslav Stampar
|
0986ec8948
|
Update for Oracle fingerprinting
|
2016-06-03 02:27:59 +02:00 |
|
Miroslav Stampar
|
50bced511f
|
Adding support for fingerprinting MsSQL 2014 and 2016
|
2016-06-03 02:24:19 +02:00 |
|
Miroslav Stampar
|
e275e8c0b0
|
Fixes #1921
|
2016-06-03 02:02:11 +02:00 |
|
Miroslav Stampar
|
77dea38ac1
|
Fixes #1918
|
2016-06-03 00:37:18 +02:00 |
|
Miroslav Stampar
|
7dc2ec5fd8
|
Minor touch
|
2016-06-01 20:42:09 +02:00 |
|
Miroslav Stampar
|
4bf2e3b139
|
Minor update
|
2016-06-01 20:37:05 +02:00 |
|
Miroslav Stampar
|
8114c14755
|
Removing leftover
|
2016-06-01 16:32:22 +02:00 |
|
Miroslav Stampar
|
ec8cf6aadc
|
Adding support for detecting CAPTCHA
|
2016-06-01 15:48:04 +02:00 |
|
Miroslav Stampar
|
d326965966
|
Reordering MySQL's error-based payloads (BIGINT and EXP have crazy bigger chunk lenghts)
|
2016-06-01 14:12:22 +02:00 |
|
Miroslav Stampar
|
030df0353d
|
Removing ugly legacy code (e.g. showing MySQL 5.0 when it is e.g. '5.7.8')
|
2016-06-01 13:47:20 +02:00 |
|
Miroslav Stampar
|
5038d7a70a
|
Removing ugly boolean check results (0 or 1) in output of UNION and ERROR SQLi
|
2016-06-01 13:39:40 +02:00 |
|
Miroslav Stampar
|
f0b8fbb7fd
|
Implemented support for JSON_KEYS error-based SQLi (and tons of fixes for MySQL 'ORDER BY,GROUP BY' payloads)
|
2016-06-01 13:23:41 +02:00 |
|
Miroslav Stampar
|
5810c2b199
|
Minor patch
|
2016-06-01 11:30:27 +02:00 |
|
Miroslav Stampar
|
77f0b5dfa8
|
Fixes #1919
|
2016-06-01 10:56:42 +02:00 |
|
Miroslav Stampar
|
b0ea74dc63
|
Minor warning message update
|
2016-06-01 10:53:32 +02:00 |
|
Miroslav Stampar
|
0c07c8942c
|
Automatic monthly tagging
|
2016-06-01 10:44:08 +02:00 |
|
Miroslav Stampar
|
7d1bdb35ca
|
Update of parsed versions
|
2016-06-01 10:44:08 +02:00 |
|
Miroslav Stampar
|
e823889819
|
Update for JSP exceptions
|
2016-05-31 15:35:10 +02:00 |
|
Miroslav Stampar
|
680aedaefc
|
Adding option --tmp-dir
|
2016-05-31 14:55:56 +02:00 |
|
Miroslav Stampar
|
afdca09ced
|
Minor patches (proper user warnings in case of output directory permissions)
|
2016-05-31 14:05:35 +02:00 |
|
Miroslav Stampar
|
ac89ee71c3
|
Minor improvement
|
2016-05-31 13:29:43 +02:00 |
|
Miroslav Stampar
|
af7c8cff92
|
Bug fix (previously removing temporary directory even if it is needed afterwards)
|
2016-05-31 13:21:08 +02:00 |
|
Miroslav Stampar
|
26d4dec5fb
|
Minor refactoring
|
2016-05-31 13:02:26 +02:00 |
|
Miroslav Stampar
|
cf31d12528
|
Adding support for python's cgitb tracebacks
|
2016-05-31 12:33:56 +02:00 |
|
Miroslav Stampar
|
b4c730f8c0
|
Minor refactoring
|
2016-05-31 12:23:59 +02:00 |
|
Miroslav Stampar
|
fba1720b31
|
Minor patch
|
2016-05-31 11:16:13 +02:00 |
|
Miroslav Stampar
|
9fad72f28b
|
Adding support for MsAccess usage of parsed FROM table names (e.g. in case of ColdFusion)
|
2016-05-31 11:08:23 +02:00 |
|
Miroslav Stampar
|
1782bf8e64
|
Adding support for parsing ODBC/JDBC error messages
|
2016-05-31 10:49:34 +02:00 |
|
Miroslav Stampar
|
2d59a10515
|
Better patch than last commit
|
2016-05-31 10:25:01 +02:00 |
|
Miroslav Stampar
|
21a25c4f00
|
Bug for fix comments in case of MsAccess
|
2016-05-31 10:24:13 +02:00 |
|
Miroslav Stampar
|
6b5c16c22c
|
Minor update for ColdFusion error messages
|
2016-05-31 09:54:14 +02:00 |
|
Miroslav Stampar
|
2c6621c26a
|
Minor upgrade for WAF/IDS/IPS detection
|
2016-05-31 09:49:50 +02:00 |
|
Miroslav Stampar
|
f0500b1d2f
|
Minor update for ColdFusion path regexes
|
2016-05-31 09:35:58 +02:00 |
|
Miroslav Stampar
|
6a033bb58c
|
Minor update for ColdFusion type casting
|
2016-05-31 09:31:32 +02:00 |
|
Miroslav Stampar
|
2fa4b22645
|
Patch for URL encoding cookie values (asking the user to choose)
|
2016-05-30 17:47:08 +02:00 |
|
Miroslav Stampar
|
229d3a7dd0
|
Patch for cases when error page looks more like original, than the False one does
|
2016-05-30 16:46:23 +02:00 |
|
Miroslav Stampar
|
b965e5bf1c
|
Minor refactoring
|
2016-05-30 16:06:39 +02:00 |
|
Miroslav Stampar
|
3bd74c5351
|
Minor patch
|
2016-05-30 15:20:21 +02:00 |
|
Miroslav Stampar
|
55624ec1a2
|
Minor message update
|
2016-05-30 14:40:22 +02:00 |
|
Miroslav Stampar
|
6885afe8c3
|
Minor update for requestvalidationmode.py waf script
|
2016-05-30 14:26:55 +02:00 |
|
Miroslav Stampar
|
acc1277246
|
Minor update
|
2016-05-30 14:13:57 +02:00 |
|
Miroslav Stampar
|
935cb9c8cb
|
Patch for a custom header cookie urlencoding
|
2016-05-30 14:09:53 +02:00 |
|
Miroslav Stampar
|
17a4ddad63
|
Fixes #1916
|
2016-05-30 13:10:25 +02:00 |
|
Miroslav Stampar
|
5264671f5b
|
Dump formatting patch for MsAccess
|
2016-05-30 12:03:33 +02:00 |
|
Miroslav Stampar
|
b4ebbae354
|
New payload(s)
|
2016-05-30 11:25:24 +02:00 |
|
Miroslav Stampar
|
510197c39e
|
Minor text update
|
2016-05-30 10:52:30 +02:00 |
|
Miroslav Stampar
|
b6a4bd91fe
|
Minor text update
|
2016-05-30 10:51:35 +02:00 |
|
Miroslav Stampar
|
83b82a5e98
|
Bug fix (wrong handler used in case of DBMS resolution)
|
2016-05-30 10:32:49 +02:00 |
|
Miroslav Stampar
|
0b1efc0759
|
Minor update (for newer versions of MsSQL)
|
2016-05-30 01:38:34 +02:00 |
|
Miroslav Stampar
|
2b506d744d
|
Minor update
|
2016-05-30 01:29:40 +02:00 |
|
Miroslav Stampar
|
79d08906a4
|
Cleaning some redundant payload(s)
|
2016-05-27 23:59:48 +02:00 |
|
Miroslav Stampar
|
6327063bd0
|
Minor patch
|
2016-05-27 16:43:01 +02:00 |
|
Miroslav Stampar
|
69fd900108
|
Adding waf script for detection of generic/unknown
|
2016-05-27 16:34:41 +02:00 |
|
Miroslav Stampar
|
f9d01f682b
|
Cloudflare has tons of HTTP error codes while detecting SQLi
|
2016-05-27 15:58:16 +02:00 |
|
Miroslav Stampar
|
d7d3db415b
|
Minor update
|
2016-05-27 15:32:30 +02:00 |
|
Miroslav Stampar
|
31850e4544
|
Minor bug fixes
|
2016-05-27 13:58:18 +02:00 |
|
Miroslav Stampar
|
de9f23939f
|
Major bug fix in WAF/IDS/IPS detection (question 'do you want..to try to detect backend WAF/IPS/IDS' never worked)
|
2016-05-27 13:41:03 +02:00 |
|
Miroslav Stampar
|
154ed2c4e2
|
Minor patch
|
2016-05-27 13:33:14 +02:00 |
|
Miroslav Stampar
|
89dfe4e1ac
|
Adding wallarm WAF script (and couple of other WAF script updates)
|
2016-05-27 11:58:18 +02:00 |
|
Miroslav Stampar
|
b41b07ddd8
|
Updates for 360 and jiasule WAF scripts
|
2016-05-27 11:02:05 +02:00 |
|
Miroslav Stampar
|
e36fc02282
|
Adding sophos WAF script
|
2016-05-27 10:17:42 +02:00 |
|
Miroslav Stampar
|
49b41c1eca
|
Minor update for cloudflare waf script
|
2016-05-27 09:43:54 +02:00 |
|
Miroslav Stampar
|
4cd9fdb7df
|
Minor update for F5 waf script
|
2016-05-27 09:27:45 +02:00 |
|
Miroslav Stampar
|
5aab2d8fb5
|
Update for Akamai Kona WAF script
|
2016-05-27 09:22:39 +02:00 |
|
Miroslav Stampar
|
210b65c02d
|
Couple of fixes for --identify-waf
|
2016-05-27 02:24:59 +02:00 |
|
Miroslav Stampar
|
7a2ac23f0b
|
Adding new waf script (sitelock)
|
2016-05-27 02:13:01 +02:00 |
|
Miroslav Stampar
|
e435fb2e9e
|
Adding new waf script (comodo)
|
2016-05-27 01:23:20 +02:00 |
|
Miroslav Stampar
|
6892c94595
|
Minor update
|
2016-05-27 01:10:37 +02:00 |
|
Miroslav Stampar
|
831c960216
|
Update for an Issue #1899
|
2016-05-26 16:47:38 +02:00 |
|
Miroslav Stampar
|
43af2a4aee
|
Fixes #1899
|
2016-05-26 16:08:59 +02:00 |
|
Miroslav Stampar
|
1de6996c26
|
Fixes #1893
|
2016-05-25 15:43:39 +02:00 |
|
Miroslav Stampar
|
304f2ed308
|
Minor language patch
|
2016-05-25 15:32:17 +02:00 |
|
Miroslav Stampar
|
148b35da4f
|
Better extraction of absolute file paths
|
2016-05-25 15:29:25 +02:00 |
|
Miroslav Stampar
|
3865b3a398
|
Minor improvement in case of technique E (when waiting for large entry - lots of chunks)
|
2016-05-25 12:50:53 +02:00 |
|
Miroslav Stampar
|
d6bcbbae1d
|
Minor patch for E technique to be more compatible with output of U technique
|
2016-05-25 12:42:15 +02:00 |
|
Miroslav Stampar
|
04b3aefc5d
|
Patch for special character output in U and E techniques
|
2016-05-25 12:24:36 +02:00 |
|
Miroslav Stampar
|
a5f8cae599
|
Fixes #1892
|
2016-05-24 17:58:35 +02:00 |
|
Miroslav Stampar
|
29c3037512
|
Better asciinema recording (shorter width)
|
2016-05-24 17:26:10 +02:00 |
|
Miroslav Stampar
|
d0d7d3a205
|
Update of location of a sample run
|
2016-05-24 17:12:44 +02:00 |
|
Miroslav Stampar
|
7ce36ea1b6
|
Removal of unused imports
|
2016-05-24 16:40:44 +02:00 |
|
Miroslav Stampar
|
6f97f4796b
|
Fixes #1891
|
2016-05-24 16:34:07 +02:00 |
|
Miroslav Stampar
|
39fe96009f
|
Minor improvement (related to the last commit)
|
2016-05-24 16:20:39 +02:00 |
|
Miroslav Stampar
|
b475a38895
|
Better ORDER BY detection
|
2016-05-24 15:46:06 +02:00 |
|
Miroslav Stampar
|
42de887b05
|
Language update
|
2016-05-24 15:18:19 +02:00 |
|
Miroslav Stampar
|
28576bf08e
|
Minor output update
|
2016-05-24 15:08:04 +02:00 |
|
Miroslav Stampar
|
c395958dff
|
Fixes #1888
|
2016-05-24 14:55:19 +02:00 |
|
Miroslav Stampar
|
798b539eec
|
Minor update
|
2016-05-24 14:50:56 +02:00 |
|
Miroslav Stampar
|
70cf8edc75
|
Fixes #1887
|
2016-05-24 14:17:00 +02:00 |
|
Miroslav Stampar
|
a81ea88eb0
|
Fixes #1889
|
2016-05-24 13:59:34 +02:00 |
|
Miroslav Stampar
|
023dda26fc
|
Minor update for --os-shell directories
|
2016-05-24 12:53:21 +02:00 |
|
Miroslav Stampar
|
3e76895155
|
Minor update
|
2016-05-24 12:30:01 +02:00 |
|
Miroslav Stampar
|
2c1bd7f034
|
Update for an Issue #1531 (MySQL quirk with international letters)
|
2016-05-24 12:01:02 +02:00 |
|
Miroslav Stampar
|
f7cae68378
|
More formal language
|
2016-05-22 21:44:17 +02:00 |
|
Miroslav Stampar
|
f6ff1a115a
|
Better (automatic) picking of a --string candidate (especially in case of international pages)
|
2016-05-22 21:29:08 +02:00 |
|
Miroslav Stampar
|
32ee586e2a
|
Minor language update
|
2016-05-22 14:30:32 +02:00 |
|
Miroslav Stampar
|
b9e5655e3c
|
Proper naming
|
2016-05-22 14:26:36 +02:00 |
|
Miroslav Stampar
|
6623c3f877
|
Pesky bug fix (nobody noticed :)
|
2016-05-22 14:22:31 +02:00 |
|
Miroslav Stampar
|
30a4173249
|
I like users which don't know the difference between detection and identification
|
2016-05-22 12:40:23 +02:00 |
|
Miroslav Stampar
|
dbbe4c6ddd
|
Fixes #1884
|
2016-05-22 11:44:21 +02:00 |
|
Miroslav Stampar
|
633e4dfe48
|
Fixes #1886
|
2016-05-22 11:37:27 +02:00 |
|
Miroslav Stampar
|
5e8b105677
|
Fixes #1880
|
2016-05-19 19:46:12 +02:00 |
|
Miroslav Stampar
|
414dd96bbd
|
Minor update (warning on negative integer values provided)
|
2016-05-19 18:04:25 +02:00 |
|
Miroslav Stampar
|
e857c2a88a
|
Update for an Issue #1879
|
2016-05-19 13:50:31 +02:00 |
|
Miroslav Stampar
|
e7aaea2b8e
|
Update for an Issue #1826
|
2016-05-17 14:10:49 +02:00 |
|
Miroslav Stampar
|
63d7cd607e
|
Minor patch (for late threading issues)
|
2016-05-17 13:54:42 +02:00 |
|
Miroslav Stampar
|
d886b08dd9
|
Update for an Issue #1826
|
2016-05-17 13:45:03 +02:00 |
|
Miroslav Stampar
|
72f3185ae7
|
Fixes #1878
|
2016-05-17 10:47:17 +02:00 |
|
Miroslav Stampar
|
03be9f9b65
|
Minor removal of blank lines
|
2016-05-17 10:43:16 +02:00 |
|
Miroslav Stampar
|
d9d0865c13
|
Another patch for an Issue #1874
|
2016-05-16 17:09:05 +02:00 |
|
Miroslav Stampar
|
e3f54bc226
|
Minor patch for #1874
|
2016-05-16 16:53:28 +02:00 |
|
Miroslav Stampar
|
9662f4a56a
|
Minor update
|
2016-05-16 16:47:29 +02:00 |
|
Miroslav Stampar
|
fea5cc8579
|
Minor patch
|
2016-05-16 15:37:49 +02:00 |
|
Miroslav Stampar
|
94091cd0e9
|
Fixes #1871
|
2016-05-15 09:37:45 +02:00 |
|
Miroslav Stampar
|
cc9f4b6102
|
Minor refactoring for MariaDB
|
2016-05-14 15:05:50 +02:00 |
|
Miroslav Stampar
|
cd7c99c752
|
Minor revert (it was not necessary - caused other problems)
|
2016-05-14 14:48:17 +02:00 |
|
Miroslav Stampar
|
75478c1181
|
Fixes #1868
|
2016-05-14 14:18:34 +02:00 |
|
Miroslav Stampar
|
ad0ca69579
|
Fixes #1865
|
2016-05-13 15:14:56 +02:00 |
|
Miroslav Stampar
|
2d801b7122
|
Minor patch for an Issue #1861
|
2016-05-12 17:16:55 +02:00 |
|
Miroslav Stampar
|
1e07269fe3
|
Patch for an Issue #1860
|
2016-05-12 16:42:12 +02:00 |
|
Miroslav Stampar
|
3b74e99576
|
Minor update (support for MariaDB)
|
2016-05-11 15:47:35 +02:00 |
|
Miroslav Stampar
|
439fff684e
|
Minor update (MSSQL CONCAT payload)
|
2016-05-11 09:42:54 +02:00 |
|
Miroslav Stampar
|
72cf06119c
|
Patch for an Issue #1852
|
2016-05-10 09:55:03 +02:00 |
|
Miroslav Stampar
|
808068d70a
|
Minor update
|
2016-05-10 09:19:59 +02:00 |
|
Miroslav Stampar
|
f09072b2b6
|
Fixes #1853
|
2016-05-09 13:13:02 +02:00 |
|
Miroslav Stampar
|
be9381abc5
|
Implements #1845
|
2016-05-06 13:06:59 +02:00 |
|
Miroslav Stampar
|
5d09f7b85f
|
Fixes #1822
|
2016-05-06 10:32:16 +02:00 |
|
Miroslav Stampar
|
8bbfee7591
|
Cleaning a leftover from be26392057
|
2016-05-06 10:30:58 +02:00 |
|
Miroslav Stampar
|
be26392057
|
Update for an Issue #1846
|
2016-05-06 10:23:57 +02:00 |
|
Miroslav Stampar
|
263730f4ee
|
Fixes #1840
|
2016-05-04 13:23:59 +02:00 |
|
Miroslav Stampar
|
5d7e1782d9
|
Fixes #1839
|
2016-05-04 11:14:42 +02:00 |
|
Miroslav Stampar
|
e27f590c2c
|
Fixes #1838
|
2016-05-04 11:11:58 +02:00 |
|
Miroslav Stampar
|
7afe655561
|
Another minor update for #1836
|
2016-05-03 12:52:46 +02:00 |
|
Miroslav Stampar
|
3bf08290a4
|
Update for an Issue #1836
|
2016-05-03 12:37:10 +02:00 |
|
Miroslav Stampar
|
34c2172391
|
Fixes #1837
|
2016-05-03 11:38:47 +02:00 |
|
Miroslav Stampar
|
48044f7a46
|
Minor update of IDS_WAF_CHECK_PAYLOAD
|
2016-05-03 00:19:19 +02:00 |
|
Miroslav Stampar
|
04e666182f
|
Minor update of FORMAT_EXCEPTION_STRINGS
|
2016-05-02 23:44:43 +02:00 |
|
Miroslav Stampar
|
c797129956
|
Fixes #1833
|
2016-05-02 11:10:12 +02:00 |
|
Miroslav Stampar
|
6928dae956
|
Minor patch
|
2016-05-02 10:45:50 +02:00 |
|
Miroslav Stampar
|
6db3bcbb51
|
Minor update for UrlScan
|
2016-05-02 10:12:19 +02:00 |
|
Miroslav Stampar
|
d7f0b3566d
|
Automatic monthly tagging
|
2016-05-02 10:06:30 +02:00 |
|
Miroslav Stampar
|
0c67a90cc0
|
Minor bug fix
|
2016-05-02 10:06:30 +02:00 |
|
Miroslav Stampar
|
f06e498fb0
|
Implementation for an Issue #1826
|
2016-04-29 14:19:32 +02:00 |
|
Miroslav Stampar
|
ad612bf9e4
|
Patch for Windows banner display
|
2016-04-29 00:51:20 +02:00 |
|
Miroslav Stampar
|
9dd5cd8eb6
|
Removing CloudFlare check
|
2016-04-29 00:17:07 +02:00 |
|
Miroslav Stampar
|
5ed3cdc819
|
Minor update
|
2016-04-22 10:54:55 +02:00 |
|
Miroslav Stampar
|
0c5965c7b8
|
Minor patches
|
2016-04-19 13:13:37 +02:00 |
|
Miroslav Stampar
|
aa21550712
|
Minor patch for integer casting heuristics (circumvent auto-casting by DBMS itself)
|
2016-04-15 13:47:19 +02:00 |
|
Miroslav Stampar
|
66061e8c5f
|
Fixes #1811
|
2016-04-15 12:04:54 +02:00 |
|
Miroslav Stampar
|
c4b74c2e01
|
Fixes #1810
|
2016-04-12 22:37:14 +02:00 |
|
Miroslav Stampar
|
55b23e78ee
|
Fixes #1809
|
2016-04-12 22:10:26 +02:00 |
|
Miroslav Stampar
|
a9526bda92
|
Minor patch
|
2016-04-11 22:38:44 +02:00 |
|
Miroslav Stampar
|
0901da3f83
|
Update for an Issue #1807
|
2016-04-11 09:43:50 +02:00 |
|
Miroslav Stampar
|
8004652f7b
|
Some more optimization
|
2016-04-08 15:30:25 +02:00 |
|
Miroslav Stampar
|
c9b410c97f
|
Minor update
|
2016-04-08 14:59:52 +02:00 |
|
Miroslav Stampar
|
814d710320
|
Minor speed up
|
2016-04-08 14:41:34 +02:00 |
|
Miroslav Stampar
|
38fcc5a35a
|
Update for pre-WHERE payloads
|
2016-04-08 13:19:42 +02:00 |
|
Miroslav Stampar
|
674d516f3e
|
Minor patch
|
2016-04-08 11:40:09 +02:00 |
|
Miroslav Stampar
|
8ceb4907a5
|
Another update for Issue #1800
|
2016-04-08 11:37:38 +02:00 |
|
Miroslav Stampar
|
ce3749622a
|
Minor revisit of payload boundaries (Issue #1800)
|
2016-04-08 11:28:17 +02:00 |
|
Miroslav Stampar
|
bcfae99701
|
Adding new WAF script
|
2016-04-08 10:32:18 +02:00 |
|
Miroslav Stampar
|
44c1c2c6f0
|
Minor update (reported via email)
|
2016-04-06 11:43:53 +02:00 |
|
Miroslav Stampar
|
ac08db82b2
|
Including one more error regex (based on testasp[.]vulnweb[.]com)
|
2016-04-04 16:14:30 +02:00 |
|
Miroslav Stampar
|
305bfd9d30
|
Implements #1763
|
2016-04-04 13:50:10 +02:00 |
|
Miroslav Stampar
|
f9aaec7b4a
|
Minor patch (binary extensions)
|
2016-04-04 12:43:53 +02:00 |
|
Miroslav Stampar
|
d881a92ee7
|
Automatic monthly tagging
|
2016-04-04 12:38:37 +02:00 |
|
Miroslav Stampar
|
60ada89347
|
Trying once again
|
2016-04-04 12:38:37 +02:00 |
|
Miroslav Stampar
|
171bfa33a7
|
Automatic monthly tagging
|
2016-04-04 12:34:19 +02:00 |
|
Miroslav Stampar
|
acaef90c7b
|
Minor tuning of auto tagging
|
2016-04-04 12:34:19 +02:00 |
|
Miroslav Stampar
|
31d7021d4c
|
Fixes #1794
|
2016-04-04 12:25:07 +02:00 |
|
Miroslav Stampar
|
e83d8f6143
|
Updating colorama (Issue #1784)
|
2016-03-30 15:11:34 +02:00 |
|
Miroslav Stampar
|
ad3b766b65
|
Adding in-table name boundaries
|
2016-03-26 09:39:28 +01:00 |
|
Miroslav Stampar
|
074fbbcea5
|
Implementation for an Issue #1776
|
2016-03-23 15:45:49 +01:00 |
|
Miroslav Stampar
|
5b0d5970cc
|
Another patch related to the #1773
|
2016-03-23 10:33:32 +01:00 |
|
Miroslav Stampar
|
6c2f9859be
|
Potential patch for #1773
|
2016-03-23 10:26:22 +01:00 |
|
Miroslav Stampar
|
d496d99943
|
Fixes #1774
|
2016-03-22 13:24:54 +01:00 |
|
Miroslav Stampar
|
d20e9febf2
|
Fixes #1770
|
2016-03-19 17:40:05 +01:00 |
|
Miroslav Stampar
|
d76ee8f534
|
Further update for #1765
|
2016-03-17 17:06:11 +01:00 |
|
Miroslav Stampar
|
5b88e3e1ad
|
Minor update of version comment
|
2016-03-17 16:38:39 +01:00 |
|
Miroslav Stampar
|
a68848faf7
|
(Auto) adjusting micro version (to current month)
|
2016-03-17 16:31:34 +01:00 |
|
Miroslav Stampar
|
a4f21399e7
|
Fixes #1760
|
2016-03-17 16:23:28 +01:00 |
|
Miroslav Stampar
|
e03b2df58f
|
Fixes #1761
|
2016-03-14 17:21:35 +01:00 |
|
Miroslav Stampar
|
252eb97198
|
Patch related to the #1755
|
2016-03-12 19:28:28 +01:00 |
|
Miroslav Stampar
|
67ae620182
|
Another patch related to the #1752
|
2016-03-12 15:04:19 +01:00 |
|
Miroslav Stampar
|
13366aeb48
|
Fixes #1752
|
2016-03-12 12:26:30 +01:00 |
|
Miroslav Stampar
|
e1ce16144a
|
Fixes #1753
|
2016-03-10 15:42:01 +01:00 |
|
Miroslav Stampar
|
3307918389
|
Fixes #1750
|
2016-03-10 14:48:05 +01:00 |
|
Miroslav Stampar
|
c50849707f
|
Fixes #1748
|
2016-03-08 14:35:16 +01:00 |
|
Miroslav Stampar
|
06296bd251
|
Fixes #1743
|
2016-03-06 20:04:45 +01:00 |
|
Miroslav Stampar
|
0f6e529fb9
|
Fixes #1745
|
2016-03-06 12:14:20 +01:00 |
|
Miroslav Stampar
|
242800c085
|
Minor update related to the #1740
|
2016-03-01 15:40:34 +01:00 |
|
Miroslav Stampar
|
679f0cf772
|
Fixes #1738
|
2016-03-01 15:36:00 +01:00 |
|
Miroslav Stampar
|
1b5a4651a9
|
Trivial refactoring
|
2016-03-01 14:48:53 +01:00 |
|
Miroslav Stampar
|
05fa7eb7c6
|
Minor update
|
2016-03-01 11:56:56 +01:00 |
|
Miroslav Stampar
|
336169e181
|
Update of version display
|
2016-02-29 08:12:38 +01:00 |
|
Miroslav Stampar
|
b2bc3d49fd
|
Minor update
|
2016-02-29 00:52:46 +01:00 |
|
Miroslav Stampar
|
71aa7deefe
|
Minor beautification
|
2016-02-29 00:49:45 +01:00 |
|
Miroslav Stampar
|
cf5ae507c8
|
Minor update of READMEs
|
2016-02-29 00:44:08 +01:00 |
|
Miroslav Stampar
|
4898a2c332
|
Dummy commit
|
2016-02-29 00:30:37 +01:00 |
|
Miroslav Stampar
|
151dcee32e
|
Minor update
|
2016-02-29 00:23:59 +01:00 |
|
Miroslav Stampar
|
73f1155847
|
Adding new shutils file
|
2016-02-29 00:20:58 +01:00 |
|
Miroslav Stampar
|
adfcb1ad67
|
Adjusting version number
|
2016-02-27 15:59:52 +01:00 |
|
Miroslav Stampar
|
ee0439cf11
|
Update for #1678
|
2016-01-27 10:03:30 +01:00 |
|
Miroslav Stampar
|
c6c5a937f9
|
Minor style update
|
2016-01-21 10:17:17 +01:00 |
|
Miroslav Stampar
|
574b3a79aa
|
Adding support for detection of CloudFlare responses
|
2016-01-21 10:16:23 +01:00 |
|
Miroslav Stampar
|
8d42a93fdc
|
Fixes #1665
|
2016-01-16 08:13:56 +01:00 |
|
Miroslav Stampar
|
59695af101
|
Minor improvement of heuristic checks
|
2016-01-14 22:21:47 +01:00 |
|
Miroslav Stampar
|
4c1fc095d8
|
Adding heuristic check for FI vulnerability
|
2016-01-14 09:59:13 +01:00 |
|
Miroslav Stampar
|
6b40e0aa8c
|
Minor style update (nongit-version)
|
2016-01-10 02:08:23 +01:00 |
|
Miroslav Stampar
|
5908964db4
|
Another (better) patch for #1636
|
2016-01-09 17:32:19 +01:00 |
|
Miroslav Stampar
|
d0d676ccce
|
Update of copyright string
|
2016-01-06 00:06:12 +01:00 |
|
Miroslav Stampar
|
dc7f2a71d2
|
Minor refactoring
|
2015-12-12 23:48:30 +01:00 |
|
Miroslav Stampar
|
663c976a3b
|
Fixes #1600
|
2015-12-09 19:53:48 +01:00 |
|
Miroslav Stampar
|
1c5c937507
|
Minor update
|
2015-12-09 10:14:13 +01:00 |
|
Miroslav Stampar
|
5020269f50
|
Adding extra mark into non-git checkouts
|
2015-11-24 09:38:28 +01:00 |
|
Miroslav Stampar
|
527dcce08d
|
Better alternative (on Linux getctime() is the time of the last metadata change)
|
2015-11-24 09:25:11 +01:00 |
|
Miroslav Stampar
|
19f6eb234b
|
Revert of #58e049a60d250b881af60091215c75daa3f5c01a (I can imagine couple of things that could go wrong)
|
2015-11-17 08:52:24 +01:00 |
|
Miroslav Stampar
|
58e049a60d
|
More generic approach for number of pre-open sockets (Issue #1540)
|
2015-11-17 02:45:27 +01:00 |
|
Miroslav Stampar
|
41b8dfab86
|
Implementation for an Issue #1540
|
2015-11-16 23:46:10 +01:00 |
|
Miroslav Stampar
|
4335ae8330
|
Patching previous commit
|
2015-11-16 16:59:54 +01:00 |
|
Miroslav Stampar
|
94639d11a3
|
Another update related to the #1539
|
2015-11-16 15:33:05 +01:00 |
|
Miroslav Stampar
|
5593bf2fee
|
Another patch related to #1539 (simplifying unicode bad chars and preventing double encoding of safe chars)
|
2015-11-16 15:02:30 +01:00 |
|
Miroslav Stampar
|
42649005c2
|
Lots of fixes and refactoring in search department
|
2015-11-08 16:37:46 +01:00 |
|
Miroslav Stampar
|
fbec463b49
|
Adding new bold patterns
|
2015-10-22 15:44:08 +02:00 |
|
Miroslav Stampar
|
80aca35dd1
|
Removing #1450
|
2015-10-13 15:00:59 +02:00 |
|
Miroslav Stampar
|
9641e84dd9
|
Bug fixes for HSQLDB
|
2015-10-09 16:52:13 +02:00 |
|
Miroslav Stampar
|
551b7e4b45
|
Patch for an Issue #1450
|
2015-10-06 13:23:01 +02:00 |
|
Miroslav Stampar
|
56f0b811a6
|
Minor patch
|
2015-09-21 13:23:56 +02:00 |
|
Miroslav Stampar
|
265a78b455
|
Fixes #1379
|
2015-08-31 14:27:47 +02:00 |
|
Miroslav Stampar
|
d70215ad6c
|
Fixes #1237
|
2015-08-31 10:24:05 +02:00 |
|
Miroslav Stampar
|
a33b0454cd
|
Implementation for an Issue #1360
|
2015-08-26 15:26:16 +02:00 |
|
Miroslav Stampar
|
b010fda695
|
Switch --save becomes an option (taking file path where to save config file)
|
2015-08-14 22:49:32 +02:00 |
|
Miroslav Stampar
|
2c1cde0f59
|
Minor fix (reported over ML - ignore saving of conf.saveCmdline)
|
2015-08-13 17:21:36 +02:00 |
|
Miroslav Stampar
|
b6ea2fdb07
|
Fixes #1170
|
2015-07-24 14:56:45 +02:00 |
|
Miroslav Stampar
|
16f8e4c8ba
|
Removing unused imports
|
2015-07-12 12:25:02 +02:00 |
|
Miroslav Stampar
|
a20da7a677
|
Patch for automatic reporting (GitHub has robots)
|
2015-07-12 12:05:19 +02:00 |
|
Miroslav Stampar
|
fa303ef8b1
|
Minor update
|
2015-07-10 16:39:18 +02:00 |
|
Miroslav Stampar
|
9e5ef094a3
|
Closes #1270
|
2015-06-16 22:20:21 +02:00 |
|
Miroslav Stampar
|
5ee7fd785a
|
Fixes #1235
|
2015-05-01 00:48:08 +02:00 |
|
Miroslav Stampar
|
5dfd3ef1e4
|
Another update
|
2015-03-26 12:25:32 +01:00 |
|
Miroslav Stampar
|
3be7a447a5
|
Update
|
2015-03-26 12:22:49 +01:00 |
|
Miroslav Stampar
|
e35c7fbb7a
|
Fixes #1172
|
2015-02-22 13:41:54 +01:00 |
|
Bernardo Damele
|
388c0dfd77
|
trivial layout fix
|
2015-02-21 12:57:49 +00:00 |
|
Miroslav Stampar
|
fd632e5ada
|
Update for unhandled exception mechanism (BADA)
|
2015-01-26 09:09:38 +01:00 |
|
Miroslav Stampar
|
2655b078d0
|
Patch for an Issue #1127
|
2015-01-22 08:52:15 +01:00 |
|
Miroslav Stampar
|
06ff8b3a16
|
Patch for an Issue #1105
|
2015-01-13 10:33:51 +01:00 |
|
Miroslav Stampar
|
8e03f4db0f
|
Patch for an Issue #1062
|
2015-01-09 15:33:53 +01:00 |
|
Miroslav Stampar
|
c4c4ac13fe
|
Better patch for an Issue #1095
|
2015-01-07 09:21:02 +01:00 |
|
Miroslav Stampar
|
2030311d50
|
Patch for an Issue #1095
|
2015-01-07 02:04:10 +01:00 |
|
Miroslav Stampar
|
45bdefd29b
|
Update of copyright
|
2015-01-06 15:02:16 +01:00 |
|
Miroslav Stampar
|
3d5ca1b25a
|
Minor update
|
2015-01-06 14:36:51 +01:00 |
|
Miroslav Stampar
|
6fc41ca940
|
Heuristically checking for WAF/IDS/IPS by default
|
2015-01-06 14:01:47 +01:00 |
|
Miroslav Stampar
|
c474c16b4a
|
Removing ML email address
|
2015-01-06 12:30:49 +01:00 |
|
Miroslav Stampar
|
e383df8e29
|
Patch for an Issue #1073
|
2014-12-30 09:16:50 +00:00 |
|
Miroslav Stampar
|
4f122ee008
|
Bug fix regarding a problem reported by user @blink2014
|
2014-12-20 00:23:31 +01:00 |
|
Miroslav Stampar
|
17db587e2c
|
Adding some friendly warning messages (regarding blocking)
|
2014-12-03 10:06:21 +01:00 |
|
Miroslav Stampar
|
f71a65a9a0
|
Patch for an Issue #979
|
2014-12-01 00:29:25 +01:00 |
|
Miroslav Stampar
|
05d5342f20
|
Update and patch for an Issue #2
|
2014-11-17 11:50:05 +01:00 |
|
Miroslav Stampar
|
a91fb4149b
|
Minor update (using lower frequency alphabet for kb.chars)
|
2014-11-05 10:56:30 +01:00 |
|
Miroslav Stampar
|
6f45596f28
|
Minor style update
|
2014-11-03 23:48:44 +01:00 |
|
Miroslav Stampar
|
19aed90ae5
|
Implementation for an Issue #874
|
2014-10-27 00:37:46 +01:00 |
|
Miroslav Stampar
|
01f4b76817
|
Minor update for the Issue #2
|
2014-10-23 14:03:44 +02:00 |
|
Miroslav Stampar
|
7143e61619
|
Minor update
|
2014-10-23 14:00:53 +02:00 |
|
Miroslav Stampar
|
60f2764c3d
|
Minor style update
|
2014-10-22 13:53:18 +02:00 |
|
Miroslav Stampar
|
f94ac8c69d
|
Second patch related to the Issue #846
|
2014-10-09 15:21:26 +02:00 |
|
Miroslav Stampar
|
2de12ef4a2
|
Potential fix for an Issue #843
|
2014-10-05 00:20:42 +02:00 |
|
Miroslav Stampar
|
fdef53aa67
|
Minor update of unhandled exception message
|
2014-10-01 14:23:45 +02:00 |
|
Miroslav Stampar
|
a2b059123a
|
Minor update of format exception strings
|
2014-10-01 14:12:30 +02:00 |
|
Miroslav Stampar
|
8c9014c39f
|
Adding a dummy (auxiliary) XSS check
|
2014-10-01 13:31:48 +02:00 |
|
Miroslav Stampar
|
7278af01ee
|
Implementation for an Issue #832
|
2014-09-16 14:12:43 +02:00 |
|
Miroslav Stampar
|
177fc0376d
|
Minor fix for HSQLDB
|
2014-08-30 21:37:38 +02:00 |
|
Miroslav Stampar
|
1a9a331422
|
Bug fix (proper extending of tests when dbms is known)
|
2014-08-30 21:34:23 +02:00 |
|
Miroslav Stampar
|
dcaad75a1e
|
Fix for an Issue #794
|
2014-08-22 15:08:05 +02:00 |
|
Miroslav Stampar
|
2ce3ccac46
|
Patch for an Issue #797 (switching to greedy because of performance; it shouldn't be a problem because it was a single line replacement in the first place)
|
2014-08-22 13:06:53 +02:00 |
|
Miroslav Stampar
|
c5b71cff10
|
Some filtering
|
2014-08-21 01:12:44 +02:00 |
|
Miroslav Stampar
|
0296081692
|
Minor refactoring
|
2014-08-20 23:42:40 +02:00 |
|
Miroslav Stampar
|
f51ea20bbd
|
Minor style update
|
2014-08-20 22:50:00 +02:00 |
|
Miroslav Stampar
|
e0216771ed
|
Minor update
|
2014-08-20 15:23:07 +02:00 |
|
Miroslav Stampar
|
c97782cfed
|
Minor update of banner
|
2014-08-20 15:10:21 +02:00 |
|
Miroslav Stampar
|
07f881e711
|
Minor fix
|
2014-08-20 14:02:04 +02:00 |
|
Miroslav Stampar
|
5a05271097
|
Minor fix
|
2014-08-19 22:34:07 +02:00 |
|
Miroslav Stampar
|
b0465a6a76
|
Adding a revision scheme for nongit checkouts
|
2014-08-19 22:32:16 +02:00 |
|
Miroslav Stampar
|
cd92de1702
|
Adding colorful banner
|
2014-08-19 22:19:22 +02:00 |
|
Miroslav Stampar
|
7d578d395f
|
Minor update for Apache on Windows
|
2014-08-16 16:01:18 +02:00 |
|
Miroslav Stampar
|
a8b4b96cd9
|
Extending list for brute forcing doc root
|
2014-08-16 15:16:03 +02:00 |
|
hydhyd
|
e7ffe92d8c
|
Update settings.py
Modified BRUTE_DOC_PREFIXES to include "/srv/www" used by default in OpenSUSE.
|
2014-08-06 12:59:18 +04:00 |
|
Bernardo Damele
|
018748f52e
|
increase the timeout for the Metasploit session initialization to 5 minutes, better on slow speed connections
|
2014-07-01 00:34:09 +01:00 |
|
Miroslav Stampar
|
0f10cdfa4c
|
Minor update
|
2014-05-29 09:24:09 +02:00 |
|
Miroslav Stampar
|
2a55f75f86
|
Using a more generic XML recognition regex
|
2014-04-30 21:25:45 +02:00 |
|
Miroslav Stampar
|
ae8b1fe89c
|
Implementation for an Issue #678
|
2014-04-25 09:17:10 +02:00 |
|
Miroslav Stampar
|
15f92c4197
|
Bug fix (port was not being used properly with Burp exported history)
|
2014-04-03 09:46:37 +02:00 |
|
Miroslav Stampar
|
f6e1d9e026
|
Fix for an Issue #650
|
2014-03-24 10:46:23 +01:00 |
|
Miroslav Stampar
|
39ab3b9149
|
Minor fix for meta refresh
|
2014-03-20 13:13:47 +01:00 |
|
Miroslav Stampar
|
56d76e6bfd
|
Updating list of extensions to exclude from crawling
|
2014-03-14 21:34:16 +01:00 |
|
Miroslav Stampar
|
490d51258e
|
Raising number of minimum time responses (15 is statistically too low)
|
2014-03-03 20:49:58 +01:00 |
|
Miroslav Stampar
|
6369a38ebc
|
Adding support for JSON-like data with single quote
|
2014-02-26 08:56:17 +01:00 |
|
Miroslav Stampar
|
465f968be6
|
Minor cosmetic update
|
2014-02-26 08:41:23 +01:00 |
|
Miroslav Stampar
|
8521265526
|
Minor fix
|
2014-02-07 14:40:43 +01:00 |
|
Bernardo Damele
|
43a4e85749
|
updated copyright
|
2014-01-13 17:24:49 +00:00 |
|
Miroslav Stampar
|
7718edac9b
|
Fix for an Issue #570
|
2013-12-27 09:40:33 +01:00 |
|
Miroslav Stampar
|
bf3fbb0ae0
|
Ignore Google analytics cookies
|
2013-12-04 09:56:37 +01:00 |
|
Miroslav Stampar
|
7054586e8a
|
Update for an Issue #565 (more work TBD - DuckDuckGo has some kind of IP blocking mechanism)
|
2013-11-25 20:57:07 +01:00 |
|
Miroslav Stampar
|
0a4512e9ae
|
Implementation for an Issue #557
|
2013-11-08 09:23:38 +01:00 |
|
Miroslav Stampar
|
e197720def
|
Fix for an Issue #546
|
2013-10-19 20:54:52 +02:00 |
|
Miroslav Stampar
|
777d999e71
|
Minor update
|
2013-10-18 15:39:46 +02:00 |
|
Miroslav Stampar
|
6ff2b931ff
|
Another patch for an Issue #545
|
2013-10-17 23:42:51 +02:00 |
|
Miroslav Stampar
|
304c9822bd
|
Patch for an Issue #545
|
2013-10-17 16:38:07 +02:00 |
|
Miroslav Stampar
|
5b8d631dc0
|
Minor update
|
2013-10-16 11:48:00 +02:00 |
|
Miroslav Stampar
|
04dbee3bec
|
Update for a more generic JSON recognition regex
|
2013-10-16 11:39:04 +02:00 |
|
Miroslav Stampar
|
bc19f40d09
|
Minor update
|
2013-08-22 10:44:21 +02:00 |
|
Miroslav Stampar
|
6cc0cf3702
|
Minor comment update
|
2013-08-20 18:36:31 +02:00 |
|
Miroslav Stampar
|
1088011bf0
|
Adding new binary file formats for excluding in crawling
|
2013-08-02 23:07:13 +02:00 |
|
stamparm
|
be5ce760b6
|
Fix for an Issue #485 (failing back to single-thread mode if over some bisection length)
|
2013-07-09 10:24:48 +02:00 |
|
stamparm
|
f7d15cb465
|
Official naming is HSQLDB (and/or HyperSQL)
|
2013-07-01 11:57:47 +02:00 |
|
Meatballs
|
7b6cc3d183
|
Add hsql settings
|
2013-06-24 14:38:44 +01:00 |
|
Miroslav Stampar
|
cdb434805a
|
Using alpha character as a boundary in union/error techniques (instead of ':') to support wider range of (output filtering) cases
|
2013-06-10 22:14:45 +02:00 |
|
Miroslav Stampar
|
351c70b390
|
Locale module screws string.letters, etc. in some cases (e.g. IDLE run)
|
2013-06-01 14:06:58 +02:00 |
|
stamparm
|
fc57b7565d
|
Implementation for an Issue #432
|
2013-05-09 14:26:29 +02:00 |
|
stamparm
|
46557198a5
|
Minor update of doc root names
|
2013-04-29 11:29:59 +02:00 |
|
stamparm
|
10fbeaed7b
|
Code refactoring
|
2013-04-15 11:49:11 +02:00 |
|
Miroslav Stampar
|
0b449bb1d9
|
Fix for an Issue #433
|
2013-04-10 19:33:31 +02:00 |
|
stamparm
|
8c9da95343
|
Style and consistency update (url -> URL)
|
2013-04-09 11:48:42 +02:00 |
|
stamparm
|
e1ffdde532
|
Little cleaning a mess with url encoding and post hint types
|
2013-03-27 13:39:27 +01:00 |
|
Miroslav Stampar
|
8acf033715
|
Code refactoring
|
2013-03-19 19:24:14 +01:00 |
|
Miroslav Stampar
|
2ada9e9b84
|
Patch for an Issue Issue #416
|
2013-03-04 18:05:40 +01:00 |
|
Miroslav Stampar
|
0e89cc62a2
|
Adding a hidden switch --dummy used for dummy runs (getPage() returns random data) - usefull for testing purposes for skipping connections
|
2013-02-28 20:20:08 +01:00 |
|
stamparm
|
be50192d8d
|
Refactoring WAF scripts
|
2013-02-26 15:54:50 +01:00 |
|
stamparm
|
e5e39bc682
|
Fix for an Issue #410
|
2013-02-25 11:07:30 +01:00 |
|
stamparm
|
8e49872d7c
|
Finalizing implementation for an Issue #290
|
2013-02-21 14:33:12 +01:00 |
|
Miroslav Stampar
|
368a2fd297
|
Fix for an Issue #393
|
2013-02-14 16:18:16 +01:00 |
|
Bernardo Damele
|
4b9d8ed673
|
reverted a previous commit as not all distributions create a link file /usr/bin/python2 to the Python interpreter
|
2013-02-14 11:32:17 +00:00 |
|
Bernardo Damele
|
a67ef4117f
|
make sure to use Python 2 interpreter when default system Python is version 3
|
2013-02-14 11:25:04 +00:00 |
|
Miroslav Stampar
|
6629233de5
|
Minor update
|
2013-02-14 10:18:40 +01:00 |
|
Miroslav Stampar
|
d78a3e977b
|
Update (allowing regular char * to be inside SOAP/JSON/XML)
|
2013-02-13 12:24:42 +01:00 |
|
Miroslav Stampar
|
72984a578d
|
Update for --load-cookies
|
2013-02-12 12:42:12 +01:00 |
|
Miroslav Stampar
|
c0e59d94a9
|
Better naming
|
2013-02-08 16:28:58 +01:00 |
|
Miroslav Stampar
|
cdfe43560b
|
Update for an Issue #207 (and a potential patch for regression tests)
|
2013-02-08 16:20:48 +01:00 |
|
Miroslav Stampar
|
f4b8a3c1d8
|
Bug fix for boolean (multithreaded Ctrl+C) resumed values
|
2013-02-04 15:49:29 +01:00 |
|
Miroslav Stampar
|
e7b93b5b66
|
Implementation for an Issue #363
|
2013-02-01 17:24:04 +01:00 |
|
Miroslav Stampar
|
bd08ede117
|
Minor fine tuning
|
2013-01-29 21:06:02 +01:00 |
|
Miroslav Stampar
|
c06f94e2c8
|
Fix for an Issue #378
|
2013-01-25 16:38:41 +01:00 |
|
Miroslav Stampar
|
8c84a16cb7
|
Minor style update for an Issue #377
|
2013-01-25 12:52:31 +01:00 |
|
Miroslav Stampar
|
194a9e7b88
|
Implementation for an Issue #377
|
2013-01-25 12:34:57 +01:00 |
|
Miroslav Stampar
|
601eb1e49a
|
Unescaping is renamed to escaping
|
2013-01-18 15:40:37 +01:00 |
|
Bernardo Damele
|
a43202f3c0
|
updated copyright
|
2013-01-18 14:07:51 +00:00 |
|
Miroslav Stampar
|
bcc907ce09
|
Minor update
|
2013-01-18 11:00:21 +01:00 |
|
Miroslav Stampar
|
507f185b69
|
Revert of patch for an Issue #347
|
2013-01-17 18:38:37 +01:00 |
|
Miroslav Stampar
|
f7eda07d92
|
Patch for an Issue #347
|
2013-01-17 15:30:14 +01:00 |
|
Miroslav Stampar
|
51a77d1fe2
|
Minor update for an Issue #8
|
2013-01-17 11:37:45 +01:00 |
|
Bernardo Damele
|
542f6de72e
|
typo fix
|
2013-01-16 01:31:03 +00:00 |
|
Bernardo Damele
|
c51358953a
|
add more Oracle system dbs
|
2013-01-15 14:51:29 +00:00 |
|
Miroslav Stampar
|
934d41dac2
|
Minor style update (PEP8)
|
2013-01-10 15:02:28 +01:00 |
|
Miroslav Stampar
|
ca3d35a878
|
Some PEP8 related style cleaning
|
2013-01-10 13:18:44 +01:00 |
|
Miroslav Stampar
|
25f01a419f
|
Minor style update (for the sake of consistency over the code and our PEP8 adaptation)
|
2013-01-09 15:38:41 +01:00 |
|
Miroslav Stampar
|
648d91d790
|
Distinguishing invalid unicode from safe encoded characters (for proper potential decoding)
|
2012-12-27 22:43:39 +01:00 |
|
Bernardo Damele
|
e9ab33e9dd
|
standalone REST API, code cleanup (#297)
|
2012-12-20 14:35:02 +00:00 |
|
Bernardo Damele
|
61a838bb35
|
added more test cases
|
2012-12-18 15:59:48 +00:00 |
|
Bernardo Damele
|
2926c815bf
|
improved test switch --live-test and minor refactoring
|
2012-12-17 11:29:33 +00:00 |
|
Bernardo Damele
|
a2a71bb37b
|
cleanup from XML-RPC related stuff
|
2012-12-14 13:37:36 +00:00 |
|
Bernardo Damele
|
6e31e87de1
|
added initial support (hidden from -hh and not yet usable) for REST-JSON API
|
2012-12-14 02:49:25 +00:00 |
|
Miroslav Stampar
|
a6448e8768
|
Update for an Issue #287
|
2012-12-12 11:54:59 +01:00 |
|
Miroslav Stampar
|
b9f6fc5f4e
|
First commit (and working one) for an Issue #287 (XML-RPC server)
|
2012-12-11 16:02:06 +01:00 |
|
Miroslav Stampar
|
0cbdaaecfa
|
Revert of 99e9412f74 (because of an Issue #289)
|
2012-12-08 08:53:25 +01:00 |
|
Miroslav Stampar
|
79fca8e9d5
|
Fix for an Issue #268
|
2012-12-03 12:13:59 +01:00 |
|
Miroslav Stampar
|
3b961c2550
|
Update for an Issue #254
|
2012-11-29 15:36:38 +01:00 |
|
Miroslav Stampar
|
753d0f18bf
|
First CSS style added for a HTML table dump format (Issue #254)
|
2012-11-28 12:46:43 +01:00 |
|
Miroslav Stampar
|
cff0c59630
|
Implementation for an Issue #264
|
2012-11-28 11:41:39 +01:00 |
|
Miroslav Stampar
|
87a92ab330
|
Deprecating --replicate (Issue #254)
|
2012-11-28 11:10:57 +01:00 |
|
Miroslav Stampar
|
d37be5f97b
|
Fix for an Issue #248
|
2012-11-14 15:54:24 +01:00 |
|
Miroslav Stampar
|
81ccf28785
|
Minor refactoring
|
2012-10-29 14:08:48 +01:00 |
|
Miroslav Stampar
|
359e734954
|
Minor refactoring
|
2012-10-29 10:48:49 +01:00 |
|
Miroslav Stampar
|
ca427af8b3
|
Minor refactoring/improvement
|
2012-10-28 01:42:08 +02:00 |
|
Miroslav Stampar
|
c1b8226329
|
Massive renaming (proper naming is inband = union & error techniques! - query naming stays as they are/in code things like forgeInbandQuery are renamed to forgeUnionQuery)
|
2012-10-28 00:36:09 +02:00 |
|
Miroslav Stampar
|
8a5844a364
|
Implementation for an Issue #222
|
2012-10-25 13:21:32 +02:00 |
|
Miroslav Stampar
|
d65d9e25cd
|
Implementation for an Issue #2
|
2012-10-19 11:02:14 +02:00 |
|
Miroslav Stampar
|
2cb1b054bb
|
Implementation for an Issue #79
|
2012-10-16 12:32:58 +02:00 |
|
Miroslav Stampar
|
ebc7088f94
|
Implementation for an Issue #128
|
2012-10-05 10:24:09 +02:00 |
|
Miroslav Stampar
|
8865fe69d7
|
Minor cleanup
|
2012-10-04 18:26:07 +02:00 |
|
Miroslav Stampar
|
3764d230be
|
Minor fix for Issue #197 and Issue #49
|
2012-10-04 11:43:37 +02:00 |
|
Miroslav Stampar
|
461e5ebc5f
|
Work for Issue #197 and Issue #49
|
2012-10-04 11:25:44 +02:00 |
|
Miroslav Stampar
|
bcbf0571a5
|
Implementation for an Issue #49
|
2012-10-02 14:23:58 +02:00 |
|
Miroslav Stampar
|
763dc98311
|
Minor refactoring
|
2012-10-02 13:36:15 +02:00 |
|
Miroslav Stampar
|
fccdb824bb
|
Patch for an Issue #193
|
2012-09-25 11:21:39 +02:00 |
|
Miroslav Stampar
|
cea5127ffd
|
Update for an Issue #6
|
2012-09-06 15:51:38 +02:00 |
|
Miroslav Stampar
|
c3d191e626
|
Minor update for an Issue #2
|
2012-09-06 14:13:54 +02:00 |
|
Miroslav Stampar
|
1e238b5a5a
|
Minor update
|
2012-09-06 13:36:34 +02:00 |
|
Miroslav Stampar
|
9674b174ee
|
One more minor update related to last commit
|
2012-08-23 15:37:17 +02:00 |
|
Miroslav Stampar
|
b79247c197
|
Minor update
|
2012-08-23 15:22:14 +02:00 |
|
Miroslav Stampar
|
52351e5d81
|
Update for an Issue #161 (now detecting format error messages too)
|
2012-08-22 15:51:47 +02:00 |
|
Miroslav Stampar
|
01f481c332
|
Minor refactoring of dictionaries
|
2012-08-21 11:19:15 +02:00 |
|
Miroslav Stampar
|
0d8fca30c9
|
Fix for an Issue #59
|
2012-08-16 11:31:43 +02:00 |
|
Miroslav Stampar
|
432b567584
|
Fix for an Issue #141
|
2012-08-08 00:03:58 +02:00 |
|
Miroslav Stampar
|
fec8a5cc9d
|
Fix for an Issue #139
|
2012-08-07 00:50:58 +02:00 |
|
Miroslav Stampar
|
922ea9d1f4
|
Update for Issue #118
|
2012-07-24 15:43:29 +02:00 |
|
Miroslav Stampar
|
a7d1a0c250
|
Implementation for an Issue #117
|
2012-07-23 14:14:22 +02:00 |
|
Bernardo Damele
|
5f876bdbbe
|
minor adjustments
|
2012-07-16 22:50:29 +01:00 |
|
Miroslav Stampar
|
786686da60
|
Minor language update
|
2012-07-13 14:53:42 +02:00 |
|
Miroslav Stampar
|
3c81f74823
|
Minor style update
|
2012-07-13 12:22:37 +02:00 |
|
Miroslav Stampar
|
c5ecc8b8db
|
Closing work on Issue #83
|
2012-07-13 11:23:21 +02:00 |
|
Bernardo Damele
|
162da75a04
|
modified homepage address
|
2012-07-12 18:38:03 +01:00 |
|
Miroslav Stampar
|
569c9214bf
|
Adding support for boldifying important logging messages
|
2012-07-12 16:30:35 +02:00 |
|
Miroslav Stampar
|
65639cdda6
|
First update for Issue #75 (error-based dumping)
|
2012-07-12 14:31:28 +02:00 |
|
Miroslav Stampar
|
c6464b44be
|
Some more refactoring
|
2012-07-11 20:13:23 +02:00 |
|
Miroslav Stampar
|
d7926b8aac
|
Minor refactoring
|
2012-07-11 19:54:21 +02:00 |
|
Bernardo Damele
|
eb7ffb8f91
|
setup for implementing logging colouring - issue #77
|
2012-07-10 02:54:37 +01:00 |
|
Miroslav Stampar
|
3ff28e58b4
|
Update regarding Issue #52
|
2012-07-08 19:24:25 +02:00 |
|
Bernardo Damele
|
4fa6d51d93
|
improved issues link
|
2012-07-05 16:26:50 +01:00 |
|
Miroslav Stampar
|
c3c1b9e957
|
Minor restyling
|
2012-07-04 20:28:18 +02:00 |
|
Bernardo Damele
|
793fa464e3
|
website url fix
|
2012-07-03 13:14:39 +01:00 |
|
Miroslav Stampar
|
481b46a004
|
Restyling output for Issue #52
|
2012-07-03 13:06:52 +02:00 |
|
Miroslav Stampar
|
3af1532700
|
Implementation for Issue #54
|
2012-07-03 12:09:18 +02:00 |
|
Miroslav Stampar
|
8eefe4b71f
|
Getting back revision number - displayed like in GitHub commits (Issue #52)
|
2012-07-02 13:01:20 +02:00 |
|
Miroslav Stampar
|
21d9ae0a2c
|
some more refactoring
|
2012-07-01 01:19:54 +02:00 |
|
Miroslav Stampar
|
2a72fcce2b
|
Fix for Issue #42
|
2012-06-28 13:55:30 +02:00 |
|
jekil
|
c39e5a85ba
|
Removed $id$ tags
|
2012-06-27 20:56:43 +02:00 |
|
Miroslav Stampar
|
452ef202ae
|
minor fixes
|
2012-06-17 22:48:23 +00:00 |
|
Miroslav Stampar
|
b9f6943a42
|
minor update
|
2012-06-17 21:23:12 +00:00 |
|
Miroslav Stampar
|
06be7bbb18
|
few just in case fixes (unarrayizeValue in dumpTable entries) and and some refactoring (unique is now not done for every union case but only if detected that there are duplicates in union test)
|
2012-06-15 20:41:53 +00:00 |
|
Miroslav Stampar
|
058a9c59a2
|
fix for a bug noticed in a multi target run (log files weren't saved properly - removed buffering as it didn't produce any noticeable results)
|
2012-06-05 22:40:55 +00:00 |
|
Miroslav Stampar
|
d335ec0c34
|
turning back on time auto-adjustment mechanism (if turned off) after a threshold run of valid chars
|
2012-05-26 07:00:26 +00:00 |
|
Miroslav Stampar
|
37f2709197
|
making a generic solution for all "Generic comment"/MsAccess cases (it's the only DBMS which doesn't accept --, hence replacing generic comment with %00 for it)
|
2012-05-09 09:08:23 +00:00 |
|
Miroslav Stampar
|
efd27d7ade
|
minor renaming
|
2012-04-17 08:41:19 +00:00 |
|
Miroslav Stampar
|
627bfc589f
|
some more updates in reflective removal mechanism
|
2012-04-11 21:26:00 +00:00 |
|
Miroslav Stampar
|
01bd5d0ab2
|
some more updates for reflective mechanism
|
2012-04-11 10:41:33 +00:00 |
|
Miroslav Stampar
|
9c2f244d47
|
minor fix
|
2012-04-10 22:20:53 +00:00 |
|
Miroslav Stampar
|
119eec3598
|
improving "boolean detection" by automatic recognition of convenient --string candidate
|
2012-04-10 21:48:34 +00:00 |
|
Miroslav Stampar
|
b2afa87e48
|
reading page responses in chunks, trimming unnecessary content (especially for large table dumps in full inband cases)
|
2012-04-06 08:42:36 +00:00 |
|
Bernardo Damele
|
d106fb5184
|
layout adjustments
|
2012-04-04 12:27:24 +00:00 |
|
Miroslav Stampar
|
1cd3c3f7af
|
further update of DNS data retrieval mechanism through SQLi
|
2012-04-02 14:05:30 +00:00 |
|
Miroslav Stampar
|
772ead8d03
|
fixed support for error-based injection on MySQL 4.1 (help table a needs more than 2 items inside); also, fixed some border issues with reflective values
|
2012-03-29 12:44:20 +00:00 |
|
Miroslav Stampar
|
9433bbe26d
|
memory optimization for reflective removal mechanism (there was no need for \n\r in the first place as there was no re.S flag used - also, one re.sub "flags <-> count" bug fixed)
|
2012-03-28 19:27:12 +00:00 |
|
Miroslav Stampar
|
a8c9a47092
|
redirect logic rewritten from scratch
|
2012-03-15 11:10:58 +00:00 |
|
Miroslav Stampar
|
ca0d068575
|
distinguishing NULL from BLANK
|
2012-03-14 13:52:23 +00:00 |
|
Miroslav Stampar
|
e827f41cdb
|
using pickle HIGHEST_PROTOCOL just in case
|
2012-03-13 09:35:37 +00:00 |
|
Miroslav Stampar
|
cda8815634
|
introducing safe deprecation mechanism for HashDB versioning
|
2012-03-12 22:55:57 +00:00 |
|
Miroslav Stampar
|
b3bd4144f5
|
removing of unused imports together with some general code refactoring
|
2012-02-22 10:40:11 +00:00 |
|
Miroslav Stampar
|
bc4dd7c0dd
|
fix for -g
|
2012-02-20 10:02:19 +00:00 |
|
Miroslav Stampar
|
aee269cc14
|
gazillion changes, nothing will work, muhahaha
|
2012-02-17 14:22:48 +00:00 |
|
Miroslav Stampar
|
dcf7277a0f
|
some more refactorings
|
2012-02-16 14:42:28 +00:00 |
|
Miroslav Stampar
|
bcf9fc6c6f
|
minor refactoring
|
2012-02-16 09:32:47 +00:00 |
|
Miroslav Stampar
|
23cc8b6974
|
minor fix for special cases when parameter value contains html encoded characters
|
2012-02-14 14:08:10 +00:00 |
|
Miroslav Stampar
|
2b05ded9c3
|
just a makeup
|
2012-02-07 12:05:23 +00:00 |
|
Miroslav Stampar
|
f7bf1fbe94
|
upgrade/fixes for direct DBMS access
|
2012-02-07 10:46:55 +00:00 |
|
Bernardo Damele
|
c0f4b4632d
|
Minor fix
|
2012-02-02 12:55:39 +00:00 |
|
Miroslav Stampar
|
f2857e38ba
|
minor update
|
2012-01-30 10:19:03 +00:00 |
|
Bernardo Damele
|
7e560eec1f
|
Minor fix
|
2012-01-13 12:54:45 +00:00 |
|
Miroslav Stampar
|
95f89ab63a
|
updating copyright date
|
2012-01-11 14:59:46 +00:00 |
|
Miroslav Stampar
|
2b5e429dc2
|
one more level of defense against user himself
|
2012-01-07 17:16:14 +00:00 |
|
Miroslav Stampar
|
759465bde5
|
minor fix
|
2012-01-06 00:06:38 +00:00 |
|
Miroslav Stampar
|
37d78ffe01
|
minor optimization
|
2011-12-28 15:59:30 +00:00 |
|
Miroslav Stampar
|
dda979a15a
|
minor refactoring
|
2011-12-27 12:31:29 +00:00 |
|
Miroslav Stampar
|
c20546dcaa
|
minor refactoring
|
2011-12-26 12:24:39 +00:00 |
|
Miroslav Stampar
|
89d2c7c042
|
minor update
|
2011-12-22 20:54:20 +00:00 |
|
Miroslav Stampar
|
abb401879c
|
minor update
|
2011-12-22 20:42:57 +00:00 |
|
Miroslav Stampar
|
087e29d272
|
minor update
|
2011-12-22 20:14:56 +00:00 |
|
Miroslav Stampar
|
094129a656
|
minor optimization
|
2011-12-22 15:42:21 +00:00 |
|
Miroslav Stampar
|
9f68e54fff
|
minor cleanup
|
2011-12-22 10:59:28 +00:00 |
|
Miroslav Stampar
|
526aacb640
|
code cleanup
|
2011-12-21 22:59:23 +00:00 |
|
Miroslav Stampar
|
81bd9a201b
|
minor refactoring
|
2011-12-21 11:50:49 +00:00 |
|
Miroslav Stampar
|
95cd9e2af3
|
adding support for scanning Host header values (-p host)
|
2011-12-20 12:52:41 +00:00 |
|
Miroslav Stampar
|
364113441b
|
adding (for now) hidden switch --tor-http (utilizing Tor proxy bundles)
|
2011-12-14 10:19:45 +00:00 |
|
Bernardo Damele
|
8fe72d87a8
|
minor bug fix for mysql -d --file-read
|
2011-12-06 10:57:23 +00:00 |
|
Miroslav Stampar
|
71c46f50aa
|
adding option --csv-del
|
2011-11-30 17:39:41 +00:00 |
|
Miroslav Stampar
|
02bd9a54f3
|
minor update
|
2011-11-30 17:19:21 +00:00 |
|
Miroslav Stampar
|
885b432808
|
minor update
|
2011-11-23 21:39:53 +00:00 |
|
Miroslav Stampar
|
2e10de8921
|
minor update
|
2011-11-22 12:18:24 +00:00 |
|
Miroslav Stampar
|
ac041399f0
|
minor patch
|
2011-11-22 11:04:43 +00:00 |
|
Miroslav Stampar
|
9697e80013
|
some more optimizations
|
2011-11-22 10:54:29 +00:00 |
|
Miroslav Stampar
|
eee03871d7
|
minor refactoring
|
2011-11-21 21:31:08 +00:00 |
|
Miroslav Stampar
|
440b7efe55
|
minor optimization
|
2011-11-20 20:14:47 +00:00 |
|
Miroslav Stampar
|
e1a92d59de
|
implementing WordPress phpass hash cracking routine
|
2011-11-20 19:10:46 +00:00 |
|
Miroslav Stampar
|
f1979936c8
|
minor update
|
2011-11-18 15:32:33 +00:00 |
|
Miroslav Stampar
|
d735582536
|
major speed improvement of hash cracking
|
2011-11-02 06:53:43 +00:00 |
|
Miroslav Stampar
|
7ce3af68fc
|
fixing support for parsing BURP logs
|
2011-10-27 17:31:34 +00:00 |
|
Miroslav Stampar
|
d64c0af461
|
minor update
|
2011-10-26 14:31:00 +00:00 |
|
Miroslav Stampar
|
86b4a3562f
|
added switch --check-tor
|
2011-10-25 17:37:43 +00:00 |
|
Miroslav Stampar
|
c1486ed4be
|
adding usage of non-encoded/decoded post data (if data is recognized to be already encoded) by user request
|
2011-10-25 09:53:44 +00:00 |
|
Miroslav Stampar
|
323aa7bf2f
|
minor update
|
2011-10-09 21:21:41 +00:00 |
|
Miroslav Stampar
|
e0f521cf9d
|
minor update regarding --randomize
|
2011-08-29 13:08:25 +00:00 |
|
Bernardo Damele
|
9361e633f4
|
Minor bug fix - some applications do really set cookies like param="value" with double-quotes
|
2011-08-16 09:21:01 +00:00 |
|
Miroslav Stampar
|
7cc5743c5d
|
minor adjustment of a time based char retrievals (no more infinite increasing of timeSec value for problematic characters)
|
2011-08-16 06:50:20 +00:00 |
|