2018-11-16 01:42:03 +05:30
|
|
|
### 3.0.4
|
|
|
|
|
|
|
|
|
|
- Fixed a bug in bruteforcer
|
|
|
|
|
- Fixed a major bug in HTML Parser
|
|
|
|
|
- Added progress bar for bruteforcer
|
|
|
|
|
- Code refactor
|
|
|
|
|
- Updated signature for Fortiweb WAF
|
|
|
|
|
|
2018-11-15 00:05:57 +05:30
|
|
|
### 3.0.3
|
|
|
|
|
|
|
|
|
|
- Minor bug fixes
|
|
|
|
|
- Proxy Support
|
|
|
|
|
- Blind XSS support
|
|
|
|
|
- Detection of up to 66 WAFs
|
|
|
|
|
|
|
|
|
|
### 3.0.2
|
|
|
|
|
|
|
|
|
|
- Ability to bruteforce payloads from a file
|
|
|
|
|
- Verbose output toggle
|
|
|
|
|
- Payload encoding: base64
|
|
|
|
|
- Handle MemoryError in DOM scanner
|
|
|
|
|
- Fixed a bug in bruteforcer
|
|
|
|
|
|
|
|
|
|
### 3.0.1
|
|
|
|
|
|
|
|
|
|
- Fixed poc generation
|
|
|
|
|
- Better multi js context injection
|
|
|
|
|
- Better wrong content type handling
|
|
|
|
|
- Handle high variance of context breakers
|
|
|
|
|
- Better efficiency check
|
|
|
|
|
- Fixed update mechanism
|
|
|
|
|
- Added license
|
|
|
|
|
- Added --skip switch
|
|
|
|
|
- Ignore SSL certificates
|
|
|
|
|
|
|
|
|
|
### 3.0.0
|
|
|
|
|
|
|
|
|
|
Production ready stable release with no known bugs
|
|
|
|
|
|
|
|
|
|
### 3.0-rc-1
|
|
|
|
|
|
|
|
|
|
- Removed redundant code & imports
|
|
|
|
|
- Disable colors in windows and mac
|
|
|
|
|
- Fixed user-agent overriding
|
|
|
|
|
- Handle wrong content type
|
|
|
|
|
- Multi-thread scanning
|
|
|
|
|
- Rewritten JavaScript parser to be more accurate
|
|
|
|
|
- Handle dynamic number of reflections
|
|
|
|
|
- Better regex for locating DOM sources
|
|
|
|
|
- Fixed a bug in DOM scanning while crawling
|
|
|
|
|
- Flexible crawling with ability to specify threads, depth
|
|
|
|
|
- Treat html entity and slash escaping differently
|
|
|
|
|
- Other minor bug fixes
|
|
|
|
|
|
|
|
|
|
### 3.0-beta
|
|
|
|
|
|
|
|
|
|
Intial beta release for public testing
|
