* Modify SimpleRunner to take a Request parameter, add base and copy functions for Requests
* Add Request structs to run queues
* Implemented sniper mode
* Added request and optionsparser tests for sniper mode
* Removed unneccesary print statements
* Updated readme.md and terminal output
* Enabled command inputs for sniper mode
* correctly initialize validmode in optionsparser
* Remove unnecessary print data in TestScrubTemplates
* Use InputProvider for sniper template characters
* Add a sniper-mode specific queue job execution log
* Update CONTRIBUTORS.md
* Update README.md
Installing executables with "go get" in module mode is deprecated.
"go install pkg@version" should be used instead.
For more information, see https://golang.org/doc/go-get-install-deprecation
* Update CONTRIBUTORS.md
* Update README.md
Co-authored-by: Joona Hoikkala <joohoi@users.noreply.github.com>
* Added response time reporting and filtering
* Update to use the http config context
* Added changelog and contributor info
* Round time output in stdout to nearest millisecond
* Change stdout duration rounding to use Milliseconds()
* Go back to Round() for timing output
* Changed stdout to display millisecond durations
Co-authored-by: Joona Hoikkala <joohoi@users.noreply.github.com>
* Update .ffufrc to match 405 status code responses by default
* Updated README.md with the new default match status codes
* Updated default match codes to include 405 Method Not Allowed
405 Method not Allowed is returned by many api endpoints when accessed via an improper method. ffuf sends GET reqeusts by default and if an endpoint only supports POST it will return 405 and ffuf will not think it's a valid endpoint unless specifically told to match 405 status codes
* Added choket to contributors
* Update CHANGELOG.md
* Fix for issue #179
* additional changes after review | #179
* Further info -> README.md regarding #179 & CONTRIBUTORS.md
* Further info -> README.md regarding #179 & CONTRIBUTORS.md
* Further info -> README.md regarding #179
* Fix for removed "Changes"
* Fix for removed "Changes"
* regexp filter had a copy-paste error talking about size filter, fixed
* implement -mr/-fr FUZZ, detecting if fuzzed input is present in response. resolves#76
* quote regexp control characters to obtain exact matches (according to joohoi's comment)
* allow keywords as part of regexp matching/filtering
* updated changelog
Co-authored-by: Joona Hoikkala <joohoi@users.noreply.github.com>
* Multiple wordlist support
* Display error correctly if wordlist file could not be opened
* Add back the redirect location
* Support multiple keywords in HTML output and fix wordlist positioning
* Support multiple wordlists for md output
* Support multiple keywords in CSV output
* Improve output for multi keyword runs
* Add changelog entry
* Switch the wordlist filename <-> keyword around to allow tab completion
* Fix the usage example in README
* Added HTML and Markdown output support
* Add HTML color code in HTML template
* Added lines count
* Added content lines to json + csv
* Added changelog entry
* Fixed copy paste mistake
* Changed the html report to be grepable :)
* Grepable output fixed
* Fixed lines count
* Added HTML and Markdown output support
* Add HTML color code in HTML template
* Added changelog entry
* Fixed copy paste mistake
* Changed the html report to be grepable :)
* Grepable output fixed
* Add options for -disable-logging and -logfile.
Both of these options have to do with the logging surrounding issues
such as #39. Where in that issue the server was returning data after
the connection was closed. Therefore, I added two options one for
completely disabling all of the internal logging functionality aka
sending it to /dev/null. Another for writing the logging information
to a file so it can be retrieved later if need be.
* Changed to automatically disable internal logging.
Per the changes requested by @joohoi, changed to a single
flag `-debug-log` which will place all of the internal logging
into the specified file. If the file fails to be opened or is
not specified it will disable the logging.
* Update readme with the changes for -debug-log.
* removed dead(?) code
* Added -acc for custom auto-calibration strings. Resolves#53
* don't use the calibration url templates when custom calibration paths are given
* added changelog entry about -acc flag
* Added redirect location in stdout output
* Keep conditional logic outside of the resultNormal function + Better help message for redirect location
* Moved GetRedirectLocation as a Response public method
* Added changelog entry + (Redirect become ->)
