Skip to content

v4.0-stable

Latest
Latest
Compare
Choose a tag to compare
@stasinopoulos stasinopoulos released this 20 Dec 06:18
· 1 commit to master since this release
v4.0
13d5148
  • Fixed: Multiple bug-fixes regarding several reported unhandled exceptions.
  • Revised: Minor bug-fix regarding tamper script "backticks.py"
  • Revised: Improvements regarding shell options reverse_tcp, bind_tcp.
  • Revised: Major code refactoring regarding session handler.
  • Revised: Minor improvement regarding options --prefix, --suffix.
  • Revised: Improvement regarding writing text to the stdout (console) stream.
  • Fixed: Minor bug-fix regarding combining custom injection marker (i.e. asterisk *) with -p option.
  • Revised: Improvement regarding specifying multiple injection points by appending custom injection marker (i.e. asterisk *).
  • Fixed: Minor bug-fix regarding crawler (i.e. option --crawl).
  • Updated: Six (third party) module has been updated (Python 3.12 support).
  • Revised: Minor improvement regarding determining (passively) the target's underlying operating system.
  • Revised: Minor improvement for enabling end-users to choose whether to skip or continue testing the remaining parameters, if one is found vulnerable.
  • Revised: Minor improvements regarding semiblind (i.e. "file-based") technique.
  • Fixed: Minor bug-fix regarding option --output-dir.
  • Revised: Improvement regarding option --skip for excluding certain parameter(s) from testing.
  • Revised: Improvement regarding specifying which parameter(s) to test (i.e. -p option).
  • Revised: Improvement regarding processing / ignoring custom injection marker (i.e. asterisk *).
  • Revised: Improvement regarding forcing usage of provided HTTP method (e.g. PUT).
  • Revised: Improvement regarding parsing raw HTTP request from a file (i.e. -r option).
  • Revised: Improvement regarding parsing JSON nested objects.
  • Revised: Improvement regarding (basic) heuristic detection of WAF/IPS protection.
  • Revised: Improvement regarding option --ignore-code for ignoring multiple (problematic) HTTP error codes.
  • Added: New option --abort-code for aborting on (problematic) HTTP error code(s) (e.g. 401)
  • Added: New option --time-limit for running with a time limit in seconds (e.g. 3600).

Note: For more check the detailed changeset.

Assets 2
Loading