* Update .ffufrc to match 405 status code responses by default
* Updated README.md with the new default match status codes
* Updated default match codes to include 405 Method Not Allowed
405 Method not Allowed is returned by many api endpoints when accessed via an improper method. ffuf sends GET reqeusts by default and if an endpoint only supports POST it will return 405 and ffuf will not think it's a valid endpoint unless specifically told to match 405 status codes
* Added choket to contributors
* Update CHANGELOG.md
* Fix for issue #179
* additional changes after review | #179
* Further info -> README.md regarding #179 & CONTRIBUTORS.md
* Further info -> README.md regarding #179 & CONTRIBUTORS.md
* Further info -> README.md regarding #179
* Fix for removed "Changes"
* Fix for removed "Changes"
* regexp filter had a copy-paste error talking about size filter, fixed
* implement -mr/-fr FUZZ, detecting if fuzzed input is present in response. resolves#76
* quote regexp control characters to obtain exact matches (according to joohoi's comment)
* allow keywords as part of regexp matching/filtering
* updated changelog
Co-authored-by: Joona Hoikkala <joohoi@users.noreply.github.com>
* Multiple wordlist support
* Display error correctly if wordlist file could not be opened
* Add back the redirect location
* Support multiple keywords in HTML output and fix wordlist positioning
* Support multiple wordlists for md output
* Support multiple keywords in CSV output
* Improve output for multi keyword runs
* Add changelog entry
* Switch the wordlist filename <-> keyword around to allow tab completion
* Fix the usage example in README
* Added HTML and Markdown output support
* Add HTML color code in HTML template
* Added lines count
* Added content lines to json + csv
* Added changelog entry
* Fixed copy paste mistake
* Changed the html report to be grepable :)
* Grepable output fixed
* Fixed lines count
* Added HTML and Markdown output support
* Add HTML color code in HTML template
* Added changelog entry
* Fixed copy paste mistake
* Changed the html report to be grepable :)
* Grepable output fixed
* Add options for -disable-logging and -logfile.
Both of these options have to do with the logging surrounding issues
such as #39. Where in that issue the server was returning data after
the connection was closed. Therefore, I added two options one for
completely disabling all of the internal logging functionality aka
sending it to /dev/null. Another for writing the logging information
to a file so it can be retrieved later if need be.
* Changed to automatically disable internal logging.
Per the changes requested by @joohoi, changed to a single
flag `-debug-log` which will place all of the internal logging
into the specified file. If the file fails to be opened or is
not specified it will disable the logging.
* Update readme with the changes for -debug-log.
* removed dead(?) code
* Added -acc for custom auto-calibration strings. Resolves#53
* don't use the calibration url templates when custom calibration paths are given
* added changelog entry about -acc flag
* Added redirect location in stdout output
* Keep conditional logic outside of the resultNormal function + Better help message for redirect location
* Moved GetRedirectLocation as a Response public method
* Added changelog entry + (Redirect become ->)
* allow ranges on response size matching/filtering
* allow ranges on word count matching/filtering
* allow ranges on http status matching/filtering
* documentation update about using ranges in size, word count and status code filtering/matching
* moved valuerange code to ffuf main package
* added -data-ascii and -data-binary for curl compatibility
* README update
* README update regarding -i and -cookie
* README update on -data-ascii and -data-binary
* New input provider: command
* Set env var and move to Windows and POSIX constants for shell instead of CLI flag.
* Display position instead of input payload when --input-cmd is used
* Update README
* Fix README and flags help
* Add an example to README