ekultek
|
cadc40b81a
|
patches an issue where the XSS scan fails if it does not have a protocol (issue #314)
|
2017-12-19 10:01:04 -06:00 |
|
ekultek
|
b16a9c184a
|
getting rid of the '...' at the end of the output string, got sick of typing it os now it won't be there anymore
|
2017-12-07 07:27:20 -06:00 |
|
ekultek
|
4e0945b842
|
patches an issue where any connection problem (timeout, disconnect, etc) would cause a unexpected exception (issue #239). also patches an issue where XSS was stuck in a loop (issue #240). added two new plugin detection scripts
|
2017-12-06 17:14:13 -06:00 |
|
ekultek
|
d79296e4cc
|
colored output fix, error was not red, is now
|
2017-12-06 09:35:31 -06:00 |
|
ekultek
|
c382c010fc
|
patch for an issue where it would fail again if the encoding is still messed up, also patch for an issue with the protocol, will now auto assign http if it isn't present (issue #225 and issue #226)
|
2017-12-04 14:37:07 -06:00 |
|
ekultek
|
151d44beff
|
patch for an issue where the status code was in the wrong place issue #219
|
2017-12-02 11:23:48 -06:00 |
|
ekultek
|
30ffde95c3
|
created a get_page function that does the requests for me, this way I'm not calling requests.get over and over again
|
2017-12-02 11:06:16 -06:00 |
|
ekultek
|
ccd0f4920b
|
patch for an issue where a timeout would cause an error (issue #)
|
2017-12-02 10:27:13 -06:00 |
|
ekultek
|
54dd5d47f5
|
the gaierror has been taken care of once and for all, if it fails it's not going to try and find the IP address (issue #215), fixes and issue with chunked encoding errors, about 99% of the time when you try to request again it will work, so that's what we're gonna do (issue #214)
|
2017-12-02 07:31:02 -06:00 |
|
ekultek
|
ade2d5f82c
|
added new headers to search for, patches issue #207, patches issue #211, also patches issue #212
|
2017-12-01 16:19:26 -06:00 |
|
ekultek
|
5de72f5d33
|
fixes a bunch of connection bugs including issue #191, also fixes some issues with WAF identification
|
2017-11-30 13:23:18 -06:00 |
|
ekultek
|
ddf46c6bbe
|
minor edits to some of the attacks, also created an interactive pause that you will be able to skip or exit from
|
2017-11-25 19:59:09 -06:00 |
|
ekultek
|
52af437fe4
|
moved shutdown, startup, and prompt to lib.core.common due to how much they are used
|
2017-11-20 14:27:08 -06:00 |
|
ekultek
|
fd4c89ffb8
|
created a common.py file and drafted write_to_log_file into it, also created an HTTP_HEADER class that will be used instead of repeating myself, fixed everything accordingly
|
2017-11-20 11:43:27 -06:00 |
|
ekultek
|
55b1285809
|
multiple tamper scripts now implemented (issue #149), checks if the status code is a 404 before saying it's XSS vulnerable (issue #147)
|
2017-11-14 11:46:14 -06:00 |
|
ekultek
|
f2cad88415
|
initial push for issue #142, created a few WAF scripts to detect, will also save the fingerprint of the WAF script if the protection is declared to be generic
|
2017-11-12 19:13:00 -06:00 |
|
ekultek
|
17c5771eac
|
minor adjustments to the coding style, nothing that will cause any problems
|
2017-11-11 10:43:50 -06:00 |
|
ekultek
|
33ac2f961a
|
same as admin panel, full batch functionaility has been implemented
|
2017-11-10 10:59:16 -06:00 |
|
ekultek
|
0151d26449
|
fixed some circular importing issues
|
2017-11-09 08:25:46 -06:00 |
|
ekultek
|
65744104f3
|
minor tweak to output colors, when run in batch will not prompt if you want to save the URL's, will just delete them
|
2017-11-08 20:02:51 -06:00 |
|
ekultek
|
9b623cf8e0
|
edited the file paths to reflect the new direcetories
|
2017-11-04 09:10:58 -05:00 |
|
ekultek
|
a909ac6c74
|
updating some doc strings, will be updating them more in time. just wanted to go ahead and start on them for now
|
2017-10-16 10:03:35 -05:00 |
|
ekultek
|
80d9565585
|
files edited to reflect the move of the settings, errors, and tamper scripts folders
|
2017-10-10 17:01:13 -05:00 |
|
ekultek
|
d813942c55
|
created three new tamper scripts and added warnings to other ones
|
2017-10-02 12:10:34 -05:00 |
|
ekultek
|
f38ec5f65f
|
adding support for python 3 (issue #7) if you find any issues with python3 please make an issue there
|
2017-09-29 14:28:53 -05:00 |
|
ekultek
|
024e660853
|
created a tamper script for URL encoding, created tamper warnings, minor update to search.py, bumped version number
|
2017-09-29 10:21:26 -05:00 |
|
ekultek
|
9de772204e
|
creating tamper scripts for the XSS payloads
|
2017-09-28 11:16:48 -05:00 |
|
ekultek
|
83e0a5a436
|
updates to the XSS scanner, will successfully output if possible sqli is present or not, and only display the information once
|
2017-09-27 18:02:55 -05:00 |
|
ekultek
|
166e918223
|
patched the XSS scanner, should work better now
|
2017-09-27 10:35:39 -05:00 |
|
ekultek
|
90d3798a93
|
created an XSS scanner for issue #8
|
2017-09-26 12:56:35 -05:00 |
|
ekultek
|
6875605c98
|
patch for issue #2 install xvfb if it isn't there, also added it to the README requirements.
|
2017-09-25 11:08:32 -05:00 |
|