s0md3v/Bolt
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

updated credits

Browse Source
This commit is contained in:
Somdev Sangwan
2019-01-20 13:58:43 +05:30
committed by GitHub
parent 6a6747e475
commit 2759348421
1 changed files with 4 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
README.md
View File

@@ -36,7 +36,8 @@ In this phase, Bolt finds out the tokens which aren't strong enough and the form
##### Comparing ##### Comparing
This phase focuses on detection on replay attack scenarios and hence checks if a token has been issued more than one time. This phase focuses on detection on replay attack scenarios and hence checks if a token has been issued more than one time.
It also calculates the average [levenshtein distance](https://en.wikipedia.org/wiki/Levenshtein_distance) between all the tokens to see if they are similar. It also calculates the average [levenshtein distance](https://en.wikipedia.org/wiki/Levenshtein_distance) between all the tokens to see if they are similar.\
Tokens are also compared against a database of 250+ hash patterns.
##### Observing ##### Observing
In this phase, 100 simultaneous requests are made to a single webpage to see if same tokens are generated for the requests. In this phase, 100 simultaneous requests are made to a single webpage to see if same tokens are generated for the requests.
@@ -78,4 +79,5 @@ Other options and switches:
- `--headers` supply http headers - `--headers` supply http headers
#### Credits #### Credits
Regular Expressions for detecting hashes are taken from [hashID](https://github.com/psypanda/hashID). Regular Expressions for detecting hashes are taken from [hashID](https://github.com/psypanda/hashID).\
Bit level entropy tests are taken from [highfestiva](https://github.com/highfestiva)'s python implementation of statistical tests.