Commit graph

31 commits

Author SHA1 Message Date
ekultek
cadc40b81a patches an issue where the XSS scan fails if it does not have a protocol (issue #314) 2017-12-19 10:01:04 -06:00
ekultek
b16a9c184a getting rid of the '...' at the end of the output string, got sick of typing it os now it won't be there anymore 2017-12-07 07:27:20 -06:00
ekultek
4e0945b842 patches an issue where any connection problem (timeout, disconnect, etc) would cause a unexpected exception (issue #239). also patches an issue where XSS was stuck in a loop (issue #240). added two new plugin detection scripts 2017-12-06 17:14:13 -06:00
ekultek
d79296e4cc colored output fix, error was not red, is now 2017-12-06 09:35:31 -06:00
ekultek
c382c010fc patch for an issue where it would fail again if the encoding is still messed up, also patch for an issue with the protocol, will now auto assign http if it isn't present (issue #225 and issue #226) 2017-12-04 14:37:07 -06:00
ekultek
151d44beff patch for an issue where the status code was in the wrong place issue #219 2017-12-02 11:23:48 -06:00
ekultek
30ffde95c3 created a get_page function that does the requests for me, this way I'm not calling requests.get over and over again 2017-12-02 11:06:16 -06:00
ekultek
ccd0f4920b patch for an issue where a timeout would cause an error (issue #) 2017-12-02 10:27:13 -06:00
ekultek
54dd5d47f5 the gaierror has been taken care of once and for all, if it fails it's not going to try and find the IP address (issue #215), fixes and issue with chunked encoding errors, about 99% of the time when you try to request again it will work, so that's what we're gonna do (issue #214) 2017-12-02 07:31:02 -06:00
ekultek
ade2d5f82c added new headers to search for, patches issue #207, patches issue #211, also patches issue #212 2017-12-01 16:19:26 -06:00
ekultek
5de72f5d33 fixes a bunch of connection bugs including issue #191, also fixes some issues with WAF identification 2017-11-30 13:23:18 -06:00
ekultek
ddf46c6bbe minor edits to some of the attacks, also created an interactive pause that you will be able to skip or exit from 2017-11-25 19:59:09 -06:00
ekultek
52af437fe4 moved shutdown, startup, and prompt to lib.core.common due to how much they are used 2017-11-20 14:27:08 -06:00
ekultek
fd4c89ffb8 created a common.py file and drafted write_to_log_file into it, also created an HTTP_HEADER class that will be used instead of repeating myself, fixed everything accordingly 2017-11-20 11:43:27 -06:00
ekultek
55b1285809 multiple tamper scripts now implemented (issue #149), checks if the status code is a 404 before saying it's XSS vulnerable (issue #147) 2017-11-14 11:46:14 -06:00
ekultek
f2cad88415 initial push for issue #142, created a few WAF scripts to detect, will also save the fingerprint of the WAF script if the protection is declared to be generic 2017-11-12 19:13:00 -06:00
ekultek
17c5771eac minor adjustments to the coding style, nothing that will cause any problems 2017-11-11 10:43:50 -06:00
ekultek
33ac2f961a same as admin panel, full batch functionaility has been implemented 2017-11-10 10:59:16 -06:00
ekultek
0151d26449 fixed some circular importing issues 2017-11-09 08:25:46 -06:00
ekultek
65744104f3 minor tweak to output colors, when run in batch will not prompt if you want to save the URL's, will just delete them 2017-11-08 20:02:51 -06:00
ekultek
9b623cf8e0 edited the file paths to reflect the new direcetories 2017-11-04 09:10:58 -05:00
ekultek
a909ac6c74 updating some doc strings, will be updating them more in time. just wanted to go ahead and start on them for now 2017-10-16 10:03:35 -05:00
ekultek
80d9565585 files edited to reflect the move of the settings, errors, and tamper scripts folders 2017-10-10 17:01:13 -05:00
ekultek
d813942c55 created three new tamper scripts and added warnings to other ones 2017-10-02 12:10:34 -05:00
ekultek
f38ec5f65f adding support for python 3 (issue #7) if you find any issues with python3 please make an issue there 2017-09-29 14:28:53 -05:00
ekultek
024e660853 created a tamper script for URL encoding, created tamper warnings, minor update to search.py, bumped version number 2017-09-29 10:21:26 -05:00
ekultek
9de772204e creating tamper scripts for the XSS payloads 2017-09-28 11:16:48 -05:00
ekultek
83e0a5a436 updates to the XSS scanner, will successfully output if possible sqli is present or not, and only display the information once 2017-09-27 18:02:55 -05:00
ekultek
166e918223 patched the XSS scanner, should work better now 2017-09-27 10:35:39 -05:00
ekultek
90d3798a93 created an XSS scanner for issue #8 2017-09-26 12:56:35 -05:00
ekultek
6875605c98 patch for issue #2 install xvfb if it isn't there, also added it to the README requirements. 2017-09-25 11:08:32 -05:00