Skip to content

v3.12.0
Compare
Choose a tag to compare
@VitorOriel VitorOriel released this 24 Aug 20:03
· 413 commits to master since this release
v3.12.0
d0dbe3e

New features

  • Allow to use multiple encoders;
  • Allow to use chain encoders (multiple encoders applied to a single payload);
  • Added new encoder plugins:
    • HtmlDec - encode the payload to html decimal format;
    • HtmlHex - encode the payload to html hexadecimal format;
  • Added new arguments (see List of Execution Parameters):
    • Allow to encode specific parts of a payload by using regex, with the --encode-only argument;
    • Allow to remove duplicated payloads from the final wordlist, with the --unique argument;
  • Added DnsDumpster plugin to the wordlists (see Plugin wordlists);
  • Added Grep plugin to the scanners (see Plugin scanners);
  • Added option to insert logic operators with the Matcher item that'll be compared (see Matching results);

For detailed information about the new encoder features, see Encoders.

Bugfixes

  • Fixed a bug when more than one http method is specified to same target, and the application stops to run (revised since the last release);
  • Updated the WordlistFactory exception to no longer show NoneType exception, when specifying multiple targets for wordlists without parameters;
  • Fixed the split string logic on splitStrToList function;

CLI output changes

  • Updated the file size to human readable format;
  • The simple output option will no longer display the program banner;

Request changes

  • Added a lock mutex when setting up the payload on Request.__getRequestParameters, to prevent race conditions;
  • Added an argument isSession in the class constructor to define if the requester will use a session request;
  • Added a body setter method;

Scanner changes

  • Now the IP address are saved on the result when do a subdomain fuzzing using plugin scanners;

Code refatored

  • Moved the http functions from conn/RequestParser to utils/http_utils;
  • Moved the request indexer from the Request to the Fuzzer;
  • Moved the base, default and plugin classes to specific folders;
  • Moved the file operation functions from utils/utils to utils/file_utils;
  • Moved the Logger to utils/Logger;
  • Changed the requester factory name from HttpFactory to RequestFactory;
  • Created a consts file utils/consts to handle with fuzzing types information, output directory, and also the app fuzzing mark;
  • Applied strategy design pattern on the reports;
  • Updated python notations on return types from the class methods and functions;
  • Inserted decorator functions;
Assets 2
Loading