ekultek
|
1bfac89266
|
removed the gist lookup, it will be reimplemented in the furture, but for now there's to many problems with it (issue #285)
|
2017-12-15 09:46:36 -06:00 |
|
ekultek
|
b16a9c184a
|
getting rid of the '...' at the end of the output string, got sick of typing it os now it won't be there anymore
|
2017-12-07 07:27:20 -06:00 |
|
ekultek
|
6e3d4b98f8
|
these updates should patch issue #245 and issue #252, seems that the error just wasn't being caught
|
2017-12-06 21:13:12 -06:00 |
|
ekultek
|
b86db8008f
|
update for an issue #233, #234, #235 and #237. issue was with Tor (proxy 127.0.0.1:9050) needed a higher timeout for it
|
2017-12-06 10:48:58 -06:00 |
|
ekultek
|
4c5b1538f3
|
will now detect the website character encoding, attempt to detect firewalls, attempt to detect plugins, also will now only use 1 request (2 if firewall is detected)
|
2017-12-06 09:38:57 -06:00 |
|
ekultek
|
bc053b5dcf
|
will now detect the website character encoding, attempt to detect firewalls, attempt to detect plugins, also will now only use 1 request (2 if firewall is detected)
|
2017-12-06 09:37:46 -06:00 |
|
ekultek
|
151d44beff
|
patch for an issue where the status code was in the wrong place issue #219
|
2017-12-02 11:23:48 -06:00 |
|
ekultek
|
083e541284
|
fixes a bunch of bugs, plus some annoying output that shouldn't be showing up, including but not limited to issue #202 and issue #203
|
2017-12-01 11:05:53 -06:00 |
|
ekultek
|
5de72f5d33
|
fixes a bunch of connection bugs including issue #191, also fixes some issues with WAF identification
|
2017-11-30 13:23:18 -06:00 |
|
ekultek
|
c0382bdb17
|
created a timeout class that will timeout a function if it takes to long, added the timeout to the nmap scan, if it takes over 2 minutes it will timeout, you can increase the timeout with the --time-sec flag
|
2017-11-29 11:48:12 -06:00 |
|
ekultek
|
f3dd7c567b
|
will now save potential SQLi vulnerable websites to a log file during the header check (if the check throws a dbms error)
|
2017-11-28 13:07:23 -06:00 |
|
ekultek
|
97187c07f0
|
fixes issue #173 crawler will ignore SSL certificates, fixes #174 caches the found firewall into memory, incase we run across it again we don't waste our time trying to discover it, fixes #175 and #176 if there are unicode chars in the value it will not be saved
|
2017-11-28 08:14:47 -06:00 |
|
ekultek
|
4c496b265c
|
one more patch for the generic WAF detection script, another private report, will not detect Apache now
|
2017-11-27 13:45:15 -06:00 |
|
ekultek
|
4651fcd2ac
|
major patch for an issue with the firewall identification (private report) it was super unreliable, should work better now
|
2017-11-27 13:09:53 -06:00 |
|
ekultek
|
e662cb4a00
|
created an interactive pause that you will be able to skip or exit from
|
2017-11-25 20:00:23 -06:00 |
|
ekultek
|
3225387157
|
fixed the x-forwarded-for header in the header checking
|
2017-11-24 07:03:10 -06:00 |
|
ekultek
|
6f62049eb8
|
optimization for the time it takes to load the program, should be quicker now, created a search for public PGP keys will take your sites domain and search for any public PGP keys it can find, renamed some files to make more sense
|
2017-11-22 15:07:24 -06:00 |
|
ekultek
|
9eca1950cb
|
created constants of all the log filenames, adjusted files accordingly
|
2017-11-20 14:04:11 -06:00 |
|
ekultek
|
fd4c89ffb8
|
created a common.py file and drafted write_to_log_file into it, also created an HTTP_HEADER class that will be used instead of repeating myself, fixed everything accordingly
|
2017-11-20 11:43:27 -06:00 |
|
ekultek
|
6f6663b453
|
added a new header to the check to see if they have protection against MITM attacks (Public-Key-Pins)
|
2017-11-14 19:40:21 -06:00 |
|
ekultek
|
beaa69f7af
|
added a few new WAF scripts (issue #142) squid proxy IDS, cloudfront, minor updates to modsecurity
|
2017-11-14 13:54:52 -06:00 |
|
ekultek
|
a805afd1fa
|
minor update so that it will not keep pulling the Apache server error, this way it will truly only pull what it believes are WAF/IDS/IPS's
|
2017-11-13 20:46:26 -06:00 |
|
ekultek
|
f2cad88415
|
initial push for issue #142, created a few WAF scripts to detect, will also save the fingerprint of the WAF script if the protection is declared to be generic
|
2017-11-12 19:13:00 -06:00 |
|
ekultek
|
cec5a4c7c5
|
will now save discovered cookies to a log file
|
2017-11-11 16:02:34 -06:00 |
|
ekultek
|
d4d6630f59
|
patches an error where if you are unable to retrieve the headers it will fail, will not just output that it is unable to retreive the headers (issue #141)
|
2017-11-11 06:25:33 -06:00 |
|
ekultek
|
3db01c4dcf
|
will only display the headers that are equipped for protection and will no longer prompt you if you want to continue, a warning should be enough, fixed a new line issue in an inof message
|
2017-11-10 11:00:21 -06:00 |
|
ekultek
|
150ebef721
|
will now save all headers to the log file
|
2017-11-09 14:40:23 -06:00 |
|
ekultek
|
864983250f
|
when a header is present it will now display as a warning instead of an error
|
2017-11-08 13:57:45 -06:00 |
|
ekultek
|
b5ca0225b6
|
created a header check whilst running attacks. if a protection header is found in the headers found, it will prompt you and warn you
|
2017-11-07 14:52:57 -06:00 |
|