crt0mega
/
skipfish
1
0
Fork 0
Code Issues 1 Pull Requests Projects Releases Wiki Activity

Commit Graph

  • 093800c9de 2.10b: Many updates, see changelog master Steve Pinkham 2012-12-21 23:32:24 -0500
  • e48969d827 Version 2.09b: bugfixes and policy improvements Steve Pinkham 2012-09-12 17:09:00 -0400
  • c9d5b74896 Version 2.08b: Many changes including dir refactor Steve Pinkham 2012-09-12 17:06:51 -0400
  • a655d5853c Version 2.07b: bugfixes and enhancements Steve Pinkham 2012-09-12 16:56:44 -0400
  • d1f54c9fe2 Version 2.06b: Major update, see full commit msg Steve Pinkham 2012-09-12 16:48:57 -0400
  • 771e70eba4 2.05b: crash and redirect fixes Steve Pinkham 2012-03-17 10:06:56 -0400
  • a46315b1ec 2.04b: See changelog or extended commit message Steve Pinkham 2012-03-17 09:59:08 -0400
  • 987151620c 2.03b: bugfixes Steve Pinkham 2011-08-09 16:09:16 -0400
  • c7d2a24438 2.02b: Fixed a minor NULL pointer crash in -Y mode Steve Pinkham 2011-08-09 16:08:08 -0400
  • 62021819e7 2.01b: A number of improvements Steve Pinkham 2011-08-09 16:06:35 -0400
  • 6b2d33edca Version 2.00b: Many improvements Steve Pinkham 2011-08-09 16:04:52 -0400
  • b199943c9d 1.94b: Proxy support and bugfixes Steve Pinkham 2011-08-09 16:03:29 -0400
  • e7485cd346 1.93b: Major fix to URL XSS detection logic Steve Pinkham 2011-08-09 16:02:53 -0400
  • 831a3a497b 1.92b: Reading starting URLs from file now supported (@ prefix). Steve Pinkham 2011-08-09 16:01:39 -0400
  • 16bd99b75c 1.91b: More minor fixes to pivots.txt Steve Pinkham 2011-08-09 16:00:34 -0400
  • 2c5f161d7b 1.90b: Minor fix to pivots.txt Steve Pinkham 2011-08-09 15:58:54 -0400
  • 3e0d5cbd10 1.89b: Save file of discovered URLS Steve Pinkham 2011-08-09 15:57:42 -0400
  • dcc44d94e8 1.88b: Dictionary improvements, contd. Steve Pinkham 2011-08-09 15:56:54 -0400
  • 7d164759bc 1.87b: Dictionary improvements. Steve Pinkham 2011-08-09 15:56:21 -0400
  • 2b28b72176 1.86b: Auth header and time display fixes Steve Pinkham 2011-08-09 15:47:01 -0400
  • 276ce8a5a8 1.85b: Minor refinements to the content analysis module. Steve Pinkham 2011-03-29 22:20:42 -0400
  • baf9921f42 1.84b: Option -S removed. Steve Pinkham 2011-01-10 14:22:09 -0500
  • 0f835b3def 1.83b: Minor fix to -e behavior. Steve Pinkham 2011-01-10 14:18:57 -0500
  • 0717375d0a 1.82b: NULL pointer in is_javascript() fixed. Steve Pinkham 2011-01-10 14:17:42 -0500
  • a3473417d9 1.81b: Fix to numerical SQL injection detector logic. Steve Pinkham 2010-12-03 15:32:05 -0500
  • 35607dcb58 1.80b: option not save binary responses, and make charset errors less noisy by default Steve Pinkham 2010-12-03 15:30:00 -0500
  • ffee2aec54 1.79b: Improvement to directory listing detector. Steve Pinkham 2010-12-03 15:28:04 -0500
  • 44d86a63b6 1.78b: Fix to -J logic. Steve Pinkham 2010-11-22 09:26:50 -0500
  • 39cfa696da 1.77b: Further minor documentation and presentation tweaks. Steve Pinkham 2010-11-21 20:21:25 -0500
  • 806e8eedea 1.76b: Major clean-up of dictionary instructions. Steve Pinkham 2010-11-21 07:43:07 -0500
  • 088136e95e 1.75b: iPhone U-A support added. Steve Pinkham 2010-11-21 07:40:21 -0500
  • 514ec354db 1.74b:Non-HTTPS password form analysis added. Steve Pinkham 2010-11-21 07:37:01 -0500
  • 8f1f9b0e0f 1.73b: Silence some pointless compiler warnings on newer systems. Steve Pinkham 2010-11-20 20:45:05 -0500
  • ecb2517547 1.72b: Minor beautification stuff. Steve Pinkham 2010-11-18 10:37:31 -0500
  • 2e4f8fa7a7 1.71b: better duplicate node detection, new report diff tool and child signatures in report Steve Pinkham 2010-11-17 22:07:04 -0500
  • e5f6c3e1b1 1.70b: improve SQL syntax detection and allocator flag cleanup Steve Pinkham 2010-11-17 22:05:27 -0500
  • 69e6c20648 1.69b: parameter encoding, User-Agent, password fixes Steve Pinkham 2010-10-01 00:00:03 -0400
  • de39e6a7a3 1.67b: Improved dir detection Steve Pinkham 2010-09-20 16:17:08 -0400
  • 3abc965d68 Version 1.66b: Dir detection and dictionary updates Steve Pinkham 2010-09-20 16:14:23 -0400
  • 5b119c8e7f 1.65b: dictionary & CSS MIME sniffing improvements Steve Pinkham 2010-09-10 12:59:06 -0400
  • ce8e52b8fb 1.64b: param injection Wordpress improvements Steve Pinkham 2010-09-07 13:27:26 -0400
  • aed5e5bea0 1.63b: WordPress param injection fixes Steve Pinkham 2010-08-30 20:43:46 -0400
  • 3a220b94d2 1.62b: Further refinements to content classifier. Steve Pinkham 2010-08-30 20:43:10 -0400
  • af1a154ac8 1.61b: Further refinements to content classifier. Steve Pinkham 2010-08-27 11:47:51 -0400
  • 5e85684e40 1.60b: Minor sniffer fix to better handle CSV file checks Steve Pinkham 2010-08-27 11:47:18 -0400
  • 512dfe7ea6 1.59b: Fixed several file POI checks that depended on MIME information. Steve Pinkham 2010-08-27 11:46:12 -0400
  • 42d17c7921 1.58b: Descendant limit checks added. Steve Pinkham 2010-08-21 15:56:47 -0400
  • 768867c93b 1.57b: Splash screen added (grr). Steve Pinkham 2010-08-20 17:38:17 -0400
  • 5d4c67bd53 1.56b: Attack logic improvements Steve Pinkham 2010-08-20 11:47:57 -0400
  • 1794a045a0 1.55b: Improved 404 directory no-parse checks. Steve Pinkham 2010-08-09 10:52:11 -0400
  • 701f665ab9 1.53b-1.54b: Improved loop derector and JSON discriminator Steve Pinkham 2010-08-09 10:49:43 -0400
  • c4ad54fe2f 1.52b: Fixed HTTP read loop after 1.48b. Steve Pinkham 2010-07-27 11:17:52 -0400
  • 9674a65163 Bugfix to 1.50b release Steve Pinkham 2010-07-27 11:16:29 -0400
  • c215134fbe 1.50b: memleak fix, change some exit() to abort() Steve Pinkham 2010-07-27 11:13:05 -0400
  • b9594e48fa 1.49b: Allocator and dir listing changes Steve Pinkham 2010-07-05 22:45:35 -0400
  • 0d9f8c7fc5 1.48b: SSL handling bugfixes Steve Pinkham 2010-07-05 22:43:58 -0400
  • 99fdd5f699 1.47b: performance and compilation changes Steve Pinkham 2010-07-05 22:41:31 -0400
  • 72804b90f0 1.46b: Security fix and cleanup Steve Pinkham 2010-07-05 10:10:59 -0400
  • 38ca4b24a5 1.45b: Reporting improvements Steve Pinkham 2010-06-30 12:46:02 -0400
  • 7548514234 1.44b: Improve SQL injection detection Steve Pinkham 2010-06-29 10:10:17 -0400
  • 98ffe73aba 1.43b: Reduce the likelyhood of crawl loops - Improvement to reduce the likelihood of crawl loops: do not extract links if current page identical to parent. Steve Pinkham 2010-06-29 10:08:21 -0400
  • d0ce4e0db9 1.42b: Fix to SQL injection detection with empty parameters. Steve Pinkham 2010-06-29 10:06:30 -0400
  • d4b1cd630e 1.41b: if response varies, directory brute force is also skipped. Steve Pinkham 2010-06-21 10:57:40 -0400
  • 2d658f5126 1.40b: Command-line option not to descend into 5xx directories. Steve Pinkham 2010-06-21 10:55:54 -0400
  • 15c43e8675 1.38b: Small bugfixes Steve Pinkham 2010-06-21 10:53:17 -0400
  • 30aa479d14 1.37b: NULL ptr with -F fixed. Steve Pinkham 2010-06-15 15:44:36 -0400
  • 822e4f67e1 Version 1.35 and 1.36 - various changes Version 1.36b: - Command-line support for parameters that should not be fuzzed. - In-flight URLs can be previewed by hitting 'return'. Steve Pinkham 2010-06-14 21:31:24 -0400
  • 347a8b4b58 1.34b: A small tweak to file / dir discriminator logic to accommodate quirky frameworks. Steve Pinkham 2010-05-06 22:59:07 -0400
  • 8d7293fb5f 1.33b - New SQL error sig and text page detector tweaks Steve Pinkham 2010-04-22 23:01:39 -0400
  • 23205f4600 1.32b - A minor fix for embedded URL auth detection Steve Pinkham 2010-04-19 20:27:39 -0400
  • a4a2b9130c 1.31b: Fix to detect <frame> tags, and fix commenting out USE_COLOR Steve Pinkham 2010-04-15 09:17:53 -0400
  • 095e83d582 1.30b - Support <button> tag and fix compiler warnings Steve Pinkham 2010-04-08 22:03:37 -0400
  • 9236e119f7 Further fixes for forms with no action= URL Steve Pinkham 2010-04-02 13:46:59 -0400
  • c9b575c01e 1.28b - added host IP to stats screen, -u for quiet mode, handle forms with now action= URL Steve Pinkham 2010-04-02 09:45:44 -0400
  • 5918f62bbc 1.27b - Tweaks to CFLAGS and man page added Steve Pinkham 2010-03-30 17:23:09 -0400
  • dc378471b7 1.26b - phtml added to the dictionary, and another MALLOC_CHECK workaround Steve Pinkham 2010-03-26 09:39:20 -0400
  • b05dbeedfa 1.25b - Limit # of requests with the same path Steve Pinkham 2010-03-25 00:34:36 -0400
  • 71f2ea83b4 1.24b - XSS detection now accounts for commented out text. Steve Pinkham 2010-03-25 00:33:41 -0400
  • ffa63decdb 1.23b - XHTML vs HTML changes Steve Pinkham 2010-03-25 00:32:32 -0400
  • 942cb96f58 1.22b - bugfix - URL parser now accounts for its own \.\ injection pattern. Steve Pinkham 2010-03-25 00:31:24 -0400
  • 50c87f0348 1.20b - URL parser now accounts for its own \.\ injection pattern. bugfix Steve Pinkham 2010-03-25 00:29:30 -0400
  • 00dcafb61c 1.20b - URL parser now accounts for its own \.\ injection pattern. Steve Pinkham 2010-03-25 00:27:38 -0400
  • 75e1b5ddd5 1.19b - New ODBC POI added and Apache config file detection tightened up. Steve Pinkham 2010-03-24 08:37:50 -0400
  • 8199ba27af 1.18b - Fix a potential NULL ptr deref with malformed Set-Cookie. Steve Pinkham 2010-03-24 08:35:25 -0400
  • d32f6dcba1 1.17b - JS detector refined not to trigger on certain text/plain inputs. Steve Pinkham 2010-03-23 22:31:19 -0400
  • 68eb5bab19 1.16b - Fixed index.html typo and CFLAG/LIBS/LDFLAGS changes Steve Pinkham 2010-03-23 19:54:33 -0400
  • 662a6138f4 1.15b - Documentation and path mapping changes Steve Pinkham 2010-03-23 19:53:18 -0400
  • 61ba870458 1.14b - Wordlist, path mapping, cflags, put detection, and doc changes Steve Pinkham 2010-03-23 15:04:21 -0400
  • cb51cd8988 1.13b - Improved password, file form detection. Steve Pinkham 2010-03-23 09:58:39 -0400
  • e29db14ace 1.12b-working directory conf, add KnownIssues URL Steve Pinkham 2010-03-23 09:56:13 -0400
  • cf67fd9480 Version 1.11b: Various Fixes Steve Pinkham 2010-03-22 20:52:55 -0400
  • 8c2cb9450d 1.10b - Fix to extensions-only.wl. Steve Pinkham 2010-03-22 10:05:10 -0400
  • fc8b7d781b 1.09b - Fix for a potential crash in probabilistic scan mode (<100%). Steve Pinkham 2010-03-21 20:11:57 -0400
  • 6a67f575d8 1.08b - A minor improvement to XHTML / XML detection. Steve Pinkham 2010-03-21 20:09:10 -0400
  • 5658c2c310 1.07b - Several build fixes for FreeBSD, MacOS X. Steve Pinkham 2010-03-21 20:07:06 -0400
  • a7f9000161 1.06b - Minor documentation updates Steve Pinkham 2010-03-21 19:59:55 -0400
  • 3720b4840a 1.05b - Final workaround for FORTIFY_SOURCE on MacOS X. Steve Pinkham 2010-03-20 11:57:35 -0400
  • 908118790d 1.04b - Workaround for *BSD systems with malloc J or Z options set by default. - again - A minor tweak to reject certain not-quite-URLs extracted from JS. Steve Pinkham 2010-03-20 11:54:06 -0400
  • ca78a8e8f7 1.03b - Workaround for *BSD systems with malloc J or Z options set by default. - again Steve Pinkham 2010-03-20 11:51:34 -0400
  • d4e2d34e0b 1.02b - Workaround for *BSD systems with malloc J or Z options set by default. Steve Pinkham 2010-03-20 11:49:23 -0400