Christ van Willegen
|
80fb2e29cc
|
Fix some spelling errors in help texts (through -> thorough)
|
2015-03-04 13:31:29 +01:00 |
|
Miroslav Stampar
|
3347fc25ca
|
Fixes #1185
|
2015-03-03 15:10:06 +01:00 |
|
Miroslav Stampar
|
3f6c3b40dd
|
Minor update (not overriding user given 'Accept-Encoding' header value)
|
2015-03-03 14:37:36 +01:00 |
|
Bernardo Damele
|
8281fe48e5
|
bug fix: test for boundaries with high levels if the test was extended
|
2015-03-01 11:02:05 +00:00 |
|
Bernardo Damele
|
260643241a
|
prioritized fingerprinted DBMS to error-based and user provided one
|
2015-02-27 14:19:30 +00:00 |
|
Bernardo Damele
|
2f08c8b666
|
bug fix: do not skil heuristic check if previous page (test for dynamicity) had DBMS message. Code cleanup
|
2015-02-27 13:57:28 +00:00 |
|
Miroslav Stampar
|
dde400ab8f
|
More suitable version of 6bcc95a (suggested by user)
|
2015-02-25 10:19:51 +01:00 |
|
Miroslav Stampar
|
6bcc95a20d
|
Restricting evaluated code variable names to Python valid characters ([_0-9a-zA-Z])
|
2015-02-24 15:05:44 +01:00 |
|
Miroslav Stampar
|
e35c7fbb7a
|
Fixes #1172
|
2015-02-22 13:41:54 +01:00 |
|
Bernardo Damele
|
475cc8b24b
|
trivial code cleanup
|
2015-02-21 13:12:30 +00:00 |
|
Bernardo Damele
|
383929c0c2
|
if the user forces the DBMS, then sort the tests accordingly to perform first the DBMS-specific tests, then the others
|
2015-02-21 13:12:03 +00:00 |
|
Bernardo Damele
|
d235ee375b
|
code cleanup
|
2015-02-21 12:59:44 +00:00 |
|
Bernardo Damele
|
8be24d3e9b
|
minor enhancement, prefer intersect() each time DBMS values are comfronted
|
2015-02-21 12:59:27 +00:00 |
|
Bernardo Damele
|
388c0dfd77
|
trivial layout fix
|
2015-02-21 12:57:49 +00:00 |
|
Bernardo Damele
|
52dd92748a
|
rework some of the logic of the detection phase based on identified DBMS along the way
|
2015-02-21 02:23:42 +00:00 |
|
Bernardo Damele
|
4f939b5719
|
avoid false positive message when extensive heuristic check is performed following detection of boolean blind injection detection: do only heuristic DBMS fingerprint for DBMS specific tables
|
2015-02-20 18:36:34 +00:00 |
|
Bernardo Damele
|
1ecb921ba7
|
Consistency in enums
|
2015-02-20 18:31:47 +00:00 |
|
Bernardo Damele
|
214b9360e9
|
Minor fix to check for inline query payloads regardless of previously identified payloads and code cleanup
|
2015-02-20 18:30:42 +00:00 |
|
Bernardo Damele
|
79d4d970a5
|
trivial code cleanup
|
2015-02-20 15:42:28 +00:00 |
|
Bernardo Damele
|
201b605f9b
|
Minor fix and consistency: do not ask to include all tests if level and risk are at the max settings already
|
2015-02-20 10:21:44 +00:00 |
|
Bernardo Damele
|
daa8e0d8c5
|
minor fix
|
2015-02-18 10:13:28 +00:00 |
|
Miroslav Stampar
|
1636088b75
|
Minor update
|
2015-02-16 11:48:53 +01:00 |
|
Bernardo Damele
|
e17d212c23
|
bug fix introduced with 863d5a6281
|
2015-02-15 20:07:52 +00:00 |
|
Bernardo Damele
|
32ab52b8ca
|
code refactoring: split boundaries and payloads XML files
|
2015-02-15 16:31:35 +00:00 |
|
Bernardo Damele
|
863d5a6281
|
--test-filter now ignores values of --risk and --level
|
2015-02-15 16:28:37 +00:00 |
|
Miroslav Stampar
|
2e5c11e427
|
Closes #1163
|
2015-02-13 10:59:03 +01:00 |
|
Miroslav Stampar
|
247384858e
|
Patch for an Issue #1159 (undo commit with single-quotes problem on windows)
|
2015-02-04 16:21:21 +01:00 |
|
Miroslav Stampar
|
38011743bb
|
Patch for an Issue #1157
|
2015-02-04 15:01:19 +01:00 |
|
Miroslav Stampar
|
eecc0b924b
|
Patch for an Issue #1148
|
2015-02-03 10:06:00 +01:00 |
|
Miroslav Stampar
|
2af2aef43e
|
Minor patch for masking sensitive information (when formation -u=... is used)
|
2015-02-03 09:48:05 +01:00 |
|
Miroslav Stampar
|
59f0da369d
|
Patch for a bug reported via ML (Accept header ignored in --headers)
|
2015-02-02 22:07:16 +01:00 |
|
Miroslav Stampar
|
8b135e45bd
|
Patch for an Issue #1147
|
2015-02-02 22:05:31 +01:00 |
|
Miroslav Stampar
|
bf1c08a8a6
|
Bug fix
|
2015-01-30 22:43:40 +01:00 |
|
Miroslav Stampar
|
2e9bf47703
|
Heuristic check for WAF/IDS/IPS is now prone to tamper functions (Issue #1145)
|
2015-01-30 22:12:35 +01:00 |
|
Miroslav Stampar
|
9e90e357cf
|
Patch for an Issue #1146
|
2015-01-30 21:59:03 +01:00 |
|
Miroslav Stampar
|
9563e429d3
|
Removal of fun code
|
2015-01-30 21:49:22 +01:00 |
|
Miroslav Stampar
|
9f679a952f
|
Minor update
|
2015-01-29 10:44:36 +01:00 |
|
Miroslav Stampar
|
024c500d8e
|
Minor fix
|
2015-01-28 00:54:39 +01:00 |
|
Miroslav Stampar
|
5400bb2c95
|
Patch for an Issue #1142
|
2015-01-28 00:52:40 +01:00 |
|
Miroslav Stampar
|
fd632e5ada
|
Update for unhandled exception mechanism (BADA)
|
2015-01-26 09:09:38 +01:00 |
|
Miroslav Stampar
|
eb548959b3
|
Minor update
|
2015-01-26 08:59:10 +01:00 |
|
Miroslav Stampar
|
f0eac38ab4
|
Minor fix
|
2015-01-26 08:48:37 +01:00 |
|
Miroslav Stampar
|
32bf2dbe6d
|
Patch for an Issue #1133
|
2015-01-23 23:00:28 +01:00 |
|
Miroslav Stampar
|
779db7cbc3
|
Minor enhancement
|
2015-01-22 09:17:45 +01:00 |
|
Miroslav Stampar
|
b7cfaa6ca5
|
Minor style update
|
2015-01-22 08:55:37 +01:00 |
|
Miroslav Stampar
|
2655b078d0
|
Patch for an Issue #1127
|
2015-01-22 08:52:15 +01:00 |
|
Miroslav Stampar
|
02b3eb941f
|
Patch for an Issue #1124
|
2015-01-21 09:26:30 +01:00 |
|
Miroslav Stampar
|
cd743ab098
|
Minor update
|
2015-01-21 09:12:12 +01:00 |
|
Miroslav Stampar
|
9f4a32ca2b
|
Automatically checking for sitemap existence in case of --crawl
|
2015-01-20 10:03:35 +01:00 |
|
Miroslav Stampar
|
a603002acd
|
Adding a choice to automatically turn on --identify-waf if protection has been detected
|
2015-01-20 09:38:18 +01:00 |
|