* Scraper functionality
* Handle matched only - case for scraper
* Add scraper output to different formats
* Fix the ancient merge reminders
* Load scraper rules from directory
* Scraper fixes
* Fix ioutil deprecation and use xdg paths instead (wip)
* Clean up deprecated ioutil references, add config directory structure creation and run entry creation
* Add wordlist position setting and FFUFHASH variable
* Save full wordlist paths and print out a raw request when searched
* Cast from string to 32bit integer, 2billion should be enough for a position
* Use correct format strings for float
* Add -json option
Prints newline-delimited JSON output to STDOUT
* sort
* Clear terminal line via STDERR foreach JSON result
For each JSON result being printed, prepend it with a TERMINAL_CLEAR_LINE via
STDERR. This clears the progress line (which is also being emitted via STDERR)
and leaves us with a clean stream of JSON lines in the terminal.
* Added response time reporting and filtering
* Update to use the http config context
* Added changelog and contributor info
* Round time output in stdout to nearest millisecond
* Change stdout duration rounding to use Milliseconds()
* Go back to Round() for timing output
* Changed stdout to display millisecond durations
Co-authored-by: Joona Hoikkala <joohoi@users.noreply.github.com>
* adding content-type to csv and json output (#336)
* added to contributors and changelog
* changed 'type' to 'content-type'
* added content-type for html and md output
* updated changelog
Co-authored-by: layton <layton@desktop-manjaro.fritz.box>
Co-authored-by: Joona Hoikkala <joohoi@users.noreply.github.com>
* Update .ffufrc to match 405 status code responses by default
* Updated README.md with the new default match status codes
* Updated default match codes to include 405 Method Not Allowed
405 Method not Allowed is returned by many api endpoints when accessed via an improper method. ffuf sends GET reqeusts by default and if an endpoint only supports POST it will return 405 and ffuf will not think it's a valid endpoint unless specifically told to match 405 status codes
* Added choket to contributors
* Update CHANGELOG.md
This change addresses two panics that happened while parsing the provided
wordlist flag in Windows systems.
- pkg/ffuf/util.go:40: panic happened when the provided path was
invalid. Example: ".\wordlist.txt:" as the os.Stat call returned an
error different than os.ErrNotExist.
- pkg/ffuf/optionsparser.go:179: panic happened when the provided value
did not existed and did not contain a colon character. Example:
".\asdf.txt" when the local file ".\asdf.txt" did not exist. This panic
happened due to strings.LastIndex returning -1 when the provided
substring does not appear. Therefore, v[:-1] panicking.
Fixes#333
Signed-off-by: Miguel Ángel Jimeno <miguelangel4b@gmail.com>
* Update util.go
* Update job.go
rand.Seed updated just before usage
* Update util.go
revert
* Updated CHANGELOG.MD with a description of the bug fix.
Co-authored-by: Joona Hoikkala <joohoi@users.noreply.github.com>