Steve Pinkham
2d658f5126
1.40b: Command-line option not to descend into 5xx directories.
2010-06-21 10:55:54 -04:00
Steve Pinkham
822e4f67e1
Version 1.35 and 1.36 - various changes
...
Version 1.36b:
- Command-line support for parameters that should not be fuzzed.
- In-flight URLs can be previewed by hitting 'return'.
Version 1.35b:
- Several new form autocomplete rules.
2010-06-14 21:31:24 -04:00
Steve Pinkham
8d7293fb5f
1.33b - New SQL error sig and text page detector tweaks
...
- New SQL error signature added.
- Improved tolerance for tabs in text page detector.
2010-04-22 23:01:39 -04:00
Steve Pinkham
a4a2b9130c
1.31b: Fix to detect <frame> tags, and fix commenting out USE_COLOR
...
- Compilation with USE_COLOR commented out now works as expected.
- Fix to detect <frame> tags.
2010-04-15 09:17:53 -04:00
Steve Pinkham
095e83d582
1.30b - Support <button> tag and fix compiler warnings
...
- Support for the (rare) <button> tag in forms.
- Fixed compiler warning on some platforms.
2010-04-08 22:03:37 -04:00
Steve Pinkham
9236e119f7
Further fixes for forms with no action= URL
2010-04-02 13:46:59 -04:00
Steve Pinkham
c9b575c01e
1.28b - added host IP to stats screen, -u for quiet mode, handle forms with now action= URL
...
- Forms with no action= URL are now handled correctly.
- New option (-u) to suppress realtime info,
- Destination host displayed on stats screen.
2010-04-02 09:45:44 -04:00
Steve Pinkham
71f2ea83b4
1.24b - XSS detection now accounts for commented out text.
2010-03-25 00:33:41 -04:00
Steve Pinkham
ffa63decdb
1.23b - XHTML vs HTML changes
...
- A minor improvement to XHTML detection.
- HTML vs XHTML mismatches no longer trigger a warning.
2010-03-25 00:32:32 -04:00
Steve Pinkham
00dcafb61c
1.20b - URL parser now accounts for its own \.\ injection pattern.
2010-03-25 00:27:38 -04:00
Steve Pinkham
75e1b5ddd5
1.19b - New ODBC POI added and Apache config file detection tightened up.
2010-03-24 08:37:50 -04:00
Steve Pinkham
8199ba27af
1.18b - Fix a potential NULL ptr deref with malformed Set-Cookie.
2010-03-24 08:35:25 -04:00
Steve Pinkham
d32f6dcba1
1.17b - JS detector refined not to trigger on certain text/plain inputs.
2010-03-23 22:31:19 -04:00
Steve Pinkham
cb51cd8988
1.13b - Improved password, file form detection.
2010-03-23 09:58:39 -04:00
Steve Pinkham
6a67f575d8
1.08b - A minor improvement to XHTML / XML detection.
2010-03-21 20:09:10 -04:00
Steve Pinkham
908118790d
1.04b - Workaround for *BSD systems with malloc J or Z options set by default. - again
...
- A minor tweak to reject certain not-quite-URLs extracted from JS.
2010-03-20 11:54:06 -04:00
Steve Pinkham
fcf0650b5e
Version 1.00b as released
2010-03-20 11:46:08 -04:00