Miroslav Stampar
|
eb08c8d752
|
Another update for an Issue #352
|
2013-03-13 19:42:22 +01:00 |
|
Miroslav Stampar
|
2f43c3eb9b
|
Minor fix (digest live test case) and some refactoring
|
2013-03-12 21:16:44 +01:00 |
|
Miroslav Stampar
|
65306f1ac1
|
Update for an Issue #352
|
2013-03-12 20:10:32 +01:00 |
|
Miroslav Stampar
|
db0a1e58b9
|
Update for an Issue #352
|
2013-03-11 14:58:05 +01:00 |
|
Miroslav Stampar
|
d6fc10092f
|
Minor refactoring
|
2013-03-11 13:31:50 +01:00 |
|
Miroslav Stampar
|
84a5bdb9cf
|
Trivial cosmetics
|
2013-03-09 19:41:24 +01:00 |
|
Miroslav Stampar
|
79d6a0e9c9
|
Using binary data in dummy mode
|
2013-03-09 19:40:24 +01:00 |
|
Miroslav Stampar
|
1e731f87a4
|
Patch for an Issue #419 (Authentication header is now properly being cached - no more one reauth per each request)
|
2013-03-09 19:33:04 +01:00 |
|
Miroslav Stampar
|
8e6692d793
|
Minor fix (for JSON values with :)
|
2013-03-05 20:12:24 +01:00 |
|
Miroslav Stampar
|
e9b86350f1
|
Patch for an Issue #403
|
2013-03-05 18:32:31 +01:00 |
|
Miroslav Stampar
|
62980d7d5a
|
Automatically decoding url encoded data in response
|
2013-03-05 17:32:10 +01:00 |
|
Miroslav Stampar
|
9e49d8c68f
|
Adding support for SHA2 hash functions
|
2013-03-05 11:04:46 +01:00 |
|
Miroslav Stampar
|
2ada9e9b84
|
Patch for an Issue Issue #416
|
2013-03-04 18:05:40 +01:00 |
|
Miroslav Stampar
|
084cfc797a
|
Fix for an Issue #415
|
2013-03-02 09:55:12 +01:00 |
|
Martin Bjerregaard Jepsen
|
d7a77c79ad
|
Fixed incorrect call to checkBooleanExpression when testing for false positives
|
2013-03-01 22:51:34 +01:00 |
|
stamparm
|
3a3f9c5ea1
|
Trivial commit related to the last one
|
2013-03-01 12:09:03 +01:00 |
|
stamparm
|
55f33da85a
|
Fix for invalid logical test cases
|
2013-03-01 12:04:49 +01:00 |
|
stamparm
|
440b484bf6
|
Minor update (one more just in case dummy request in false positive check for time-based injections - when DBMS could be unresponsive a bit due to previous heavy-queries)
|
2013-03-01 10:59:04 +01:00 |
|
Miroslav Stampar
|
e42350ddce
|
Minor style update
|
2013-02-28 20:28:34 +01:00 |
|
Miroslav Stampar
|
0e89cc62a2
|
Adding a hidden switch --dummy used for dummy runs (getPage() returns random data) - usefull for testing purposes for skipping connections
|
2013-02-28 20:20:08 +01:00 |
|
stamparm
|
9ef79df23d
|
Cleaning up cases with Set-Cookie (conf.cj is handling it automatically; also, default redirector needed to be patched)
|
2013-02-28 13:51:08 +01:00 |
|
stamparm
|
be50192d8d
|
Refactoring WAF scripts
|
2013-02-26 15:54:50 +01:00 |
|
stamparm
|
e5835dc74f
|
Update for WAF scripts
|
2013-02-26 15:30:11 +01:00 |
|
stamparm
|
17fa0f568c
|
Minor patch for an Issue #404
|
2013-02-26 12:55:09 +01:00 |
|
stamparm
|
ecbcd4afe6
|
Minor update
|
2013-02-26 12:55:09 +01:00 |
|
stamparm
|
af4762ace2
|
Minor style update
|
2013-02-26 11:16:09 +01:00 |
|
stamparm
|
f6b43b4b13
|
Minor update for an Issue #290
|
2013-02-26 11:08:06 +01:00 |
|
stamparm
|
e5e39bc682
|
Fix for an Issue #410
|
2013-02-25 11:07:30 +01:00 |
|
stamparm
|
6fbd902265
|
Minor refactoring (Issue #411)
|
2013-02-25 10:44:04 +01:00 |
|
stamparm
|
7127869ede
|
Minor bug fix (live test specific verbosity should be valid only inside of it)
|
2013-02-22 17:26:48 +01:00 |
|
stamparm
|
68ce51bfd4
|
Changing from warn to info for no WAF found
|
2013-02-22 12:15:38 +01:00 |
|
stamparm
|
ad471368f5
|
Fixing a display bug (cases where messages are just appended after the readInput line in batch mode) introduced with b472d9809a
|
2013-02-22 11:42:09 +01:00 |
|
stamparm
|
0bbbfc2eac
|
Adding a small warning message (related to the Issue #407)
|
2013-02-22 11:12:41 +01:00 |
|
stamparm
|
42cbd94fa4
|
Better update regarding 6acb2480b8
|
2013-02-22 10:49:45 +01:00 |
|
stamparm
|
44a46d2b10
|
Fix for an Issue #409
|
2013-02-22 10:18:22 +01:00 |
|
Miroslav Stampar
|
6acb2480b8
|
Adding WAF script for SecureIIS
|
2013-02-21 21:34:26 +01:00 |
|
Miroslav Stampar
|
229e4e167b
|
Minor cosmetics
|
2013-02-21 21:06:31 +01:00 |
|
stamparm
|
3a8c0cd3a2
|
Minor style update
|
2013-02-21 14:52:56 +01:00 |
|
stamparm
|
29ba43ee6c
|
Unhidding switch '--identify-waf' (Issue #290)
|
2013-02-21 14:48:19 +01:00 |
|
stamparm
|
08f0670aca
|
Minor refactoring for an Issue #290
|
2013-02-21 14:39:22 +01:00 |
|
stamparm
|
8e49872d7c
|
Finalizing implementation for an Issue #290
|
2013-02-21 14:33:12 +01:00 |
|
stamparm
|
6b2981ef4e
|
Update for an Issue #290 (adding tamper-like scripts into (new) directory waf)
|
2013-02-21 11:14:57 +01:00 |
|
stamparm
|
69063947b6
|
Debug message should go with logging.DEBUG
|
2013-02-19 09:46:51 +01:00 |
|
Bernardo Damele
|
d7247a51ee
|
do not prompt constantly if the page is not found
|
2013-02-18 18:08:20 +00:00 |
|
Miroslav Stampar
|
7f293afe74
|
Proper escaping for SQL identificators in Oracle (also, revert for 9b5f33560b )
|
2013-02-18 15:18:53 +01:00 |
|
Miroslav Stampar
|
5c099efccc
|
Fix for an Issue #401
|
2013-02-18 11:38:18 +01:00 |
|
Miroslav Stampar
|
9b5f33560b
|
Oracle is too specific (only column names can be enclosed) - removing it
|
2013-02-15 17:36:58 +01:00 |
|
Miroslav Stampar
|
bf82506c1b
|
Oracle can't enclose table names with double quotations
|
2013-02-15 17:36:58 +01:00 |
|
Miroslav Stampar
|
1b3d749488
|
Proper fix related to the last commit/revert
|
2013-02-15 17:36:58 +01:00 |
|
Miroslav Stampar
|
5a793cbc7c
|
Minor revert
|
2013-02-15 17:36:58 +01:00 |
|