Miroslav Stampar
|
58002c5057
|
Minor cosmetics
|
2015-07-23 09:55:59 +02:00 |
|
Miroslav Stampar
|
cece2cb12d
|
Minor cosmetics
|
2015-07-23 00:42:29 +02:00 |
|
Miroslav Stampar
|
358651b19c
|
Fixes #1313
|
2015-07-23 00:41:03 +02:00 |
|
Miroslav Stampar
|
75ed5f767c
|
Fixes #1309
|
2015-07-20 17:03:20 +02:00 |
|
Miroslav Stampar
|
2afb5687f6
|
Fixes #1307
|
2015-07-20 15:47:27 +02:00 |
|
Miroslav Stampar
|
21e8182ac6
|
Fixes #1305
|
2015-07-18 17:01:34 +02:00 |
|
Miroslav Stampar
|
a7c4400cc9
|
Fixes #1304
|
2015-07-17 14:20:51 +02:00 |
|
Miroslav Stampar
|
00f190fc92
|
Fixes #1303
|
2015-07-17 10:14:35 +02:00 |
|
Miroslav Stampar
|
49212ec920
|
Fixes #1302
|
2015-07-17 09:56:24 +02:00 |
|
Miroslav Stampar
|
1aafe85a3a
|
Fixes #1299
|
2015-07-15 11:15:06 +02:00 |
|
Miroslav Stampar
|
fdc8e664df
|
Updating --beep functionality (ML request)
|
2015-07-13 23:55:46 +02:00 |
|
Miroslav Stampar
|
16f8e4c8ba
|
Removing unused imports
|
2015-07-12 12:25:02 +02:00 |
|
Miroslav Stampar
|
a20da7a677
|
Patch for automatic reporting (GitHub has robots)
|
2015-07-12 12:05:19 +02:00 |
|
Miroslav Stampar
|
fa303ef8b1
|
Minor update
|
2015-07-10 16:39:18 +02:00 |
|
Miroslav Stampar
|
10f8c6a0b6
|
Introducing --offline switch (to perform session only lookups)
|
2015-07-10 16:10:24 +02:00 |
|
Miroslav Stampar
|
9bdbdc136f
|
Minor cosmetics update
|
2015-07-10 11:33:12 +02:00 |
|
Miroslav Stampar
|
0ba264bfa0
|
Minor patch
|
2015-07-10 09:51:11 +02:00 |
|
Miroslav Stampar
|
4baaa4a5ad
|
Minor improvement
|
2015-07-10 09:24:14 +02:00 |
|
Miroslav Stampar
|
9ff115ce71
|
Minor patch
|
2015-07-10 01:33:53 +02:00 |
|
Miroslav Stampar
|
02470ea683
|
Further decreasing number of testing payloads
|
2015-07-10 01:19:46 +02:00 |
|
Miroslav Stampar
|
48b627f3ff
|
Prevent double tests (e.g. in same final tests where suffix is cut by the comment)
|
2015-07-10 00:54:02 +02:00 |
|
Miroslav Stampar
|
ca2f63c672
|
Test speed up in case of boolean based blind
|
2015-07-10 00:37:59 +02:00 |
|
Miroslav Stampar
|
3a5cc98976
|
-Z is/are a pseudo-option (just like -H) expanded during the run
|
2015-07-07 09:27:18 +02:00 |
|
Miroslav Stampar
|
2080fcaa37
|
Fixes #1293
|
2015-07-07 09:24:16 +02:00 |
|
Miroslav Stampar
|
f488377001
|
Fixes #1293
|
2015-07-07 08:47:07 +02:00 |
|
Miroslav Stampar
|
6a1b3895f9
|
Patch for an Issue #1285
|
2015-07-06 11:50:59 +02:00 |
|
Miroslav Stampar
|
96327b6701
|
Fixes #1290
|
2015-07-05 01:47:01 +02:00 |
|
Miroslav Stampar
|
166dc98e81
|
Minor patch
|
2015-07-05 00:03:29 +02:00 |
|
Miroslav Stampar
|
1f71d809d4
|
Fixes #1288
|
2015-07-03 08:55:33 +02:00 |
|
Miroslav Stampar
|
7b95a2d80d
|
Patch for an Issue #1280
|
2015-06-29 10:05:16 +02:00 |
|
Miroslav Stampar
|
8b63ee9bc3
|
Minor update for #1281
|
2015-06-29 01:12:14 +02:00 |
|
Miroslav Stampar
|
97244f5e5e
|
Fixes #1279
|
2015-06-29 00:20:35 +02:00 |
|
Miroslav Stampar
|
b212321c07
|
Fixes #1278
|
2015-06-26 10:30:53 +02:00 |
|
Miroslav Stampar
|
b02be9674f
|
Fixes #1277
|
2015-06-26 10:11:34 +02:00 |
|
Miroslav Stampar
|
7d418af274
|
Fix for a bug reported privately by email
|
2015-06-22 16:28:35 +02:00 |
|
Miroslav Stampar
|
9e5ef094a3
|
Closes #1270
|
2015-06-16 22:20:21 +02:00 |
|
Miroslav Stampar
|
e4b23c9beb
|
Minor fix regarding POST redirects (ML)
|
2015-06-16 12:00:56 +02:00 |
|
Miroslav Stampar
|
04c1d439a7
|
Minor patch for #1260
|
2015-06-05 17:18:21 +02:00 |
|
Miroslav Stampar
|
8d7e915af7
|
Minor patch for #1260
|
2015-06-05 17:02:56 +02:00 |
|
Miroslav Stampar
|
ec87d8ebda
|
Adding a support for SNI (Issue #1256)
|
2015-06-01 10:45:16 +02:00 |
|
Miroslav Stampar
|
341d2a6028
|
Minor fix for (hidden) switch '--dummy'
|
2015-05-29 17:30:02 +02:00 |
|
Miroslav Stampar
|
08caca387b
|
Minor patch of automatic WAF heuristic check
|
2015-05-29 16:01:41 +02:00 |
|
Miroslav Stampar
|
699c965bc0
|
Fixes #1248
|
2015-05-19 18:40:45 +02:00 |
|
Miroslav Stampar
|
17bfda1b9c
|
Adding new switch ('--skip-static')
|
2015-05-18 20:57:15 +02:00 |
|
Miroslav Stampar
|
e8f87bfa41
|
Minor patches related to the #1206
|
2015-05-11 11:01:21 +02:00 |
|
Miroslav Stampar
|
91bc02e3ba
|
Fixes related to the #1206
|
2015-05-11 10:56:10 +02:00 |
|
Miroslav Stampar
|
9010e157e9
|
Conflict fix
|
2015-05-11 10:11:33 +02:00 |
|
Miroslav Stampar
|
5b8df7984c
|
Minor update (for Windows-31j charset)
|
2015-05-09 14:32:55 +02:00 |
|
Miroslav Stampar
|
4b2ff4339a
|
Fixes #1243
|
2015-05-07 12:36:23 +02:00 |
|
Miroslav Stampar
|
18e62fd507
|
Fix for an Issue #1240
|
2015-05-05 14:36:21 +02:00 |
|
Miroslav Stampar
|
84ba3d45c1
|
Patch for an Issue #1238
|
2015-05-04 21:47:10 +02:00 |
|
Miroslav Stampar
|
5ee7fd785a
|
Fixes #1235
|
2015-05-01 00:48:08 +02:00 |
|
Miroslav Stampar
|
03f32ae2b6
|
Merge of an Issue #1227
|
2015-04-22 17:21:55 +02:00 |
|
Miroslav Stampar
|
a94dcf94e9
|
Patch for an Issue #1226đ
|
2015-04-22 16:41:20 +02:00 |
|
Miroslav Stampar
|
bb98894dc1
|
Adding option --safe-req
|
2015-04-22 16:28:54 +02:00 |
|
Miroslav Stampar
|
4ded9a9966
|
Small patch for existing option validation
|
2015-04-22 15:32:14 +02:00 |
|
Miroslav Stampar
|
77c96de4ea
|
Minor patch related to the last commit
|
2015-04-22 10:33:22 +02:00 |
|
Miroslav Stampar
|
95b52a02ec
|
Minor patch for custom injection into HTTP Authorization header
|
2015-04-22 10:28:16 +02:00 |
|
Miroslav Stampar
|
c5138d4696
|
Minor refactoring
|
2015-04-21 00:02:47 +02:00 |
|
Miroslav Stampar
|
349dfbf2ae
|
Adding an option --safe-post
|
2015-04-20 23:55:59 +02:00 |
|
Miroslav Stampar
|
7517db76d1
|
Minor fix for SQLite's schema parsing
|
2015-04-16 18:40:43 +02:00 |
|
Miroslav Stampar
|
dbfa8f1cfc
|
Fix for a bug reported by the user (conf.scheme/conf.hostname/conf.port were None in multiple targets mode)
|
2015-04-14 11:05:17 +02:00 |
|
Miroslav Stampar
|
0e4800f73c
|
Changing default answer for sitemap checking to N
|
2015-04-14 09:30:01 +02:00 |
|
Miroslav Stampar
|
1e7f2d6da2
|
Implements #1215
|
2015-04-06 22:07:22 +02:00 |
|
Miroslav Stampar
|
c35fa63a48
|
Fixes #1212
|
2015-03-30 11:58:09 +02:00 |
|
Miroslav Stampar
|
99c1cc9937
|
Fixes #1208
|
2015-03-26 17:17:46 +01:00 |
|
Miroslav Stampar
|
a19bccc84f
|
Fixes #1205
|
2015-03-26 15:31:29 +01:00 |
|
Miroslav Stampar
|
770cfb6102
|
Removing test print
|
2015-03-26 15:20:54 +01:00 |
|
Miroslav Stampar
|
fc0186e029
|
Minor update
|
2015-03-26 12:39:44 +01:00 |
|
Miroslav Stampar
|
5dfd3ef1e4
|
Another update
|
2015-03-26 12:25:32 +01:00 |
|
Miroslav Stampar
|
3be7a447a5
|
Update
|
2015-03-26 12:22:49 +01:00 |
|
Miroslav Stampar
|
7587528ebd
|
Fixes #1202
|
2015-03-26 11:40:19 +01:00 |
|
ricterz
|
bbfdb02a0e
|
fix mandatorily depend of websocket #1198
|
2015-03-24 22:25:16 +08:00 |
|
ricterz
|
811f5c11c6
|
remove Host header field and add cookie support #1198
|
2015-03-24 18:50:57 +08:00 |
|
ricterz
|
9b5dcbbbb2
|
modified error handle #1198
|
2015-03-24 18:21:50 +08:00 |
|
ricterz
|
78dbe080d7
|
determine whether it's websocket when connect #1198
|
2015-03-24 17:19:37 +08:00 |
|
ricterz
|
50fd6ce7f7
|
add websocket support for parse url #1198
|
2015-03-24 10:30:38 +08:00 |
|
Miroslav Stampar
|
05a496c275
|
Fixes #1196
|
2015-03-20 00:56:52 +01:00 |
|
Miroslav Stampar
|
25b23750e8
|
Bug fix for crawling over non-80 port
|
2015-03-12 11:49:52 +01:00 |
|
Miroslav Stampar
|
adc8ac267d
|
Fixes #1190
|
2015-03-10 09:23:26 +01:00 |
|
Miroslav Stampar
|
9bd41ed99d
|
Fixes #1189
|
2015-03-09 22:02:20 +01:00 |
|
Christ van Willegen
|
80fb2e29cc
|
Fix some spelling errors in help texts (through -> thorough)
|
2015-03-04 13:31:29 +01:00 |
|
Miroslav Stampar
|
3347fc25ca
|
Fixes #1185
|
2015-03-03 15:10:06 +01:00 |
|
Miroslav Stampar
|
3f6c3b40dd
|
Minor update (not overriding user given 'Accept-Encoding' header value)
|
2015-03-03 14:37:36 +01:00 |
|
Bernardo Damele
|
8281fe48e5
|
bug fix: test for boundaries with high levels if the test was extended
|
2015-03-01 11:02:05 +00:00 |
|
Bernardo Damele
|
260643241a
|
prioritized fingerprinted DBMS to error-based and user provided one
|
2015-02-27 14:19:30 +00:00 |
|
Bernardo Damele
|
2f08c8b666
|
bug fix: do not skil heuristic check if previous page (test for dynamicity) had DBMS message. Code cleanup
|
2015-02-27 13:57:28 +00:00 |
|
Miroslav Stampar
|
dde400ab8f
|
More suitable version of 6bcc95a (suggested by user)
|
2015-02-25 10:19:51 +01:00 |
|
Miroslav Stampar
|
6bcc95a20d
|
Restricting evaluated code variable names to Python valid characters ([_0-9a-zA-Z])
|
2015-02-24 15:05:44 +01:00 |
|
Miroslav Stampar
|
e35c7fbb7a
|
Fixes #1172
|
2015-02-22 13:41:54 +01:00 |
|
Bernardo Damele
|
475cc8b24b
|
trivial code cleanup
|
2015-02-21 13:12:30 +00:00 |
|
Bernardo Damele
|
383929c0c2
|
if the user forces the DBMS, then sort the tests accordingly to perform first the DBMS-specific tests, then the others
|
2015-02-21 13:12:03 +00:00 |
|
Bernardo Damele
|
d235ee375b
|
code cleanup
|
2015-02-21 12:59:44 +00:00 |
|
Bernardo Damele
|
8be24d3e9b
|
minor enhancement, prefer intersect() each time DBMS values are comfronted
|
2015-02-21 12:59:27 +00:00 |
|
Bernardo Damele
|
388c0dfd77
|
trivial layout fix
|
2015-02-21 12:57:49 +00:00 |
|
Bernardo Damele
|
52dd92748a
|
rework some of the logic of the detection phase based on identified DBMS along the way
|
2015-02-21 02:23:42 +00:00 |
|
Bernardo Damele
|
4f939b5719
|
avoid false positive message when extensive heuristic check is performed following detection of boolean blind injection detection: do only heuristic DBMS fingerprint for DBMS specific tables
|
2015-02-20 18:36:34 +00:00 |
|
Bernardo Damele
|
1ecb921ba7
|
Consistency in enums
|
2015-02-20 18:31:47 +00:00 |
|
Bernardo Damele
|
214b9360e9
|
Minor fix to check for inline query payloads regardless of previously identified payloads and code cleanup
|
2015-02-20 18:30:42 +00:00 |
|
Bernardo Damele
|
79d4d970a5
|
trivial code cleanup
|
2015-02-20 15:42:28 +00:00 |
|