Miroslav Stampar
|
93b296e02c
|
few bug fixes (NTLM credential parsing was wrong), some switch reordering (few Misc to General), implemented --check-waf switch (irony is that this will also be called highly experimental/unstable while other things will be called "major/turbo/super bug fix/implementation")
|
2011-07-06 05:44:47 +00:00 |
|
Miroslav Stampar
|
b8ffcf9495
|
few fixes here and there and multi-core processing for dictionary based hash attack
|
2011-07-04 19:58:41 +00:00 |
|
Miroslav Stampar
|
eaa2a4202f
|
changing to: --crawl=CRAWLDEPTH
|
2011-06-24 05:40:03 +00:00 |
|
Miroslav Stampar
|
29314f425e
|
minor fix
|
2011-06-20 13:42:31 +00:00 |
|
Miroslav Stampar
|
07e2c72943
|
adding Beautifulsoup (BSD) into extras; adding --crawl to options
|
2011-06-20 11:32:30 +00:00 |
|
Miroslav Stampar
|
a0129dcbcb
|
this is confusing for normal users (i've just get a mail where dude thinks that he needs to use tamper script because of this :)
|
2011-06-17 16:52:39 +00:00 |
|
Miroslav Stampar
|
6b1d5a0ab8
|
minor fix
|
2011-06-16 14:11:30 +00:00 |
|
Miroslav Stampar
|
4d51fa8155
|
minor update planned for a long time (in case of heuristic test was positive warn the user properly at the end if program fails)
|
2011-06-15 17:37:28 +00:00 |
|
Miroslav Stampar
|
71093b1cad
|
adding one more user friendly message
|
2011-06-09 09:58:42 +00:00 |
|
Bernardo Damele
|
70cac24909
|
Cosmetics
|
2011-06-08 15:31:27 +00:00 |
|
Bernardo Damele
|
cce3208b35
|
Cleanup
|
2011-06-08 14:15:34 +00:00 |
|
Miroslav Stampar
|
b7088440c2
|
better sentence
|
2011-05-30 22:47:17 +00:00 |
|
Miroslav Stampar
|
a8b58afdb2
|
minor update
|
2011-05-27 08:21:02 +00:00 |
|
Miroslav Stampar
|
48f52d7697
|
minor beautification
|
2011-05-27 08:16:14 +00:00 |
|
Miroslav Stampar
|
5d56e89cf5
|
minor update
|
2011-05-26 21:08:46 +00:00 |
|
Miroslav Stampar
|
06108b6da6
|
minor update related to the last commit
|
2011-05-26 20:58:24 +00:00 |
|
Miroslav Stampar
|
4f46a5ab63
|
minor usability enhancement regarding warning for --text-only switch
|
2011-05-26 20:48:18 +00:00 |
|
Miroslav Stampar
|
a1fd2898a0
|
added friendly tip message for url encoding GET and POST payloads
|
2011-05-25 11:10:52 +00:00 |
|
Miroslav Stampar
|
bec2c04671
|
helping dummy users
|
2011-05-24 17:15:25 +00:00 |
|
Miroslav Stampar
|
faa74cd2bc
|
introducing results file for multiple target mode
|
2011-05-15 22:21:38 +00:00 |
|
Miroslav Stampar
|
120b0d756e
|
unfix
|
2011-05-10 21:33:06 +00:00 |
|
Miroslav Stampar
|
deae534ee7
|
minor refactoring
|
2011-05-10 20:44:36 +00:00 |
|
Bernardo Damele
|
8179fd63c0
|
Minor fix
|
2011-05-07 23:48:03 +00:00 |
|
Bernardo Damele
|
1151af52bb
|
More fix for save/resume of --technique
|
2011-05-07 21:08:14 +00:00 |
|
Bernardo Damele
|
2d8408c885
|
More fix for --technique resume
|
2011-05-05 16:38:46 +00:00 |
|
Bernardo Damele
|
955dbc85e7
|
Minor variable rename
|
2011-04-30 15:29:59 +00:00 |
|
Bernardo Damele
|
f56d135438
|
Minor code restyling
|
2011-04-30 13:20:05 +00:00 |
|
Miroslav Stampar
|
7b3b9e6a87
|
it seems that this was indeed not meant to be here
|
2011-04-22 15:07:09 +00:00 |
|
Bernardo Damele
|
eabb5a2ba7
|
More adjustments to the error message when no sql injections are detected
|
2011-04-21 22:04:20 +00:00 |
|
Bernardo Damele
|
6d07dddf60
|
updated doc and minor layout adjustments
|
2011-04-21 21:53:35 +00:00 |
|
Bernardo Damele
|
770b1523ff
|
More verbose output when no SQL injections are detected
|
2011-04-21 21:31:16 +00:00 |
|
Bernardo Damele
|
edc2d75702
|
Cosmetics and major bug fix
|
2011-04-21 21:15:23 +00:00 |
|
Miroslav Stampar
|
0387654166
|
update of copyright string (until year)
|
2011-04-15 12:33:18 +00:00 |
|
Miroslav Stampar
|
21114d1748
|
added IGNORE_PARAMETERS to skip testing of state/session web server parameters
|
2011-04-13 19:01:02 +00:00 |
|
Miroslav Stampar
|
2db2e9b6a2
|
now GET forms are also prone to "do you want to fill with random values"
|
2011-04-11 11:38:41 +00:00 |
|
Bernardo Damele
|
5b21352656
|
cosmeticados ;)
|
2011-04-08 10:39:07 +00:00 |
|
Bernardo Damele
|
05d12790f1
|
closes #219 - unhidden switch --technique and adapted code accordingly (renamed conf.technique to conf.tech to fit properly in the -h help message)
|
2011-04-06 14:41:44 +00:00 |
|
Miroslav Stampar
|
bbd4c128b0
|
minor update related to the last commit
|
2011-04-01 22:19:42 +00:00 |
|
Miroslav Stampar
|
4d78eac938
|
revert of that thingy as requested by Bernardo
|
2011-03-29 10:06:35 +00:00 |
|
Miroslav Stampar
|
e8debbe724
|
minor cosmetics and one minor fix (|= is a nono with None)
|
2011-03-29 06:38:19 +00:00 |
|
Miroslav Stampar
|
86f93713d3
|
fix for a bug reported by m4l1c3 (object of type 'NoneType' has no len()) and minor update
|
2011-03-29 06:25:17 +00:00 |
|
Miroslav Stampar
|
bf0e3c4662
|
improvement for --forms with empty fields
|
2011-03-28 22:48:00 +00:00 |
|
Miroslav Stampar
|
1e22ff45de
|
minor update regarding testing of GET parameters if --data and/or --forms is used
|
2011-03-28 16:14:08 +00:00 |
|
Miroslav Stampar
|
bd75fd26e9
|
implementing a --page-rank switch as requested by l0rda@l0rda.biz
|
2011-03-23 11:57:57 +00:00 |
|
Miroslav Stampar
|
8edc3b3302
|
further update regarding last commit
|
2011-03-03 10:39:04 +00:00 |
|
Miroslav Stampar
|
50d25c3b4d
|
update regarding explicit testing of ua and referer when using -p
|
2011-02-13 21:58:48 +00:00 |
|
Bernardo Damele
|
45a005737d
|
Minor adjustment so that User-Agent and Referer headers are tests only when --level >= 3 and Cookie is tested only when --level >= 2
|
2011-02-13 21:08:42 +00:00 |
|
Miroslav Stampar
|
b56a77e573
|
removing obsolete switches (--threshold, --excl-reg, --excl-str)
|
2011-02-03 15:55:19 +00:00 |
|
Bernardo Damele
|
6761933f75
|
Just.. cosmetics ;)
|
2011-01-31 22:51:14 +00:00 |
|
Miroslav Stampar
|
fa58a9c86b
|
update (now URIs like www.site.com/id82 are automatically treated as possible URI injectable)
|
2011-01-31 20:36:01 +00:00 |
|