Commit graph

108 commits

Author SHA1 Message Date
Joona Hoikkala
99100e0608
Add linter workflow as GitHub action (#325)
* Add linter workflow as GitHub action

* Fix linter issues

* More fixes
2020-10-03 11:29:18 +03:00
bjhulst
2abc72018d
Bug 231 (#312)
* Update filter.go

* Upsert filter options

Insert or update filter options.

* Indent.

* Updated CHANGELOG.md

fix for: Option -ac overwriting other existing filters #231
2020-10-03 11:20:21 +03:00
M. Ángel Jimeno
19937c4929
pkg: handle gosimple linter findings (#322)
This change is an attempt to handle gosimple linter finfings in order to
make the code easier to follow. It includes the following changes:

- use strings.Contains instead of strings.Index != -1
- use time.Since which is the standard library helper. See https://github.com/golang/go/blob/go1.15.2/src/time/time.go#L866-L867
- remove unneeded return statements at the end of methods
- preallocate maps when their capacity is known
- avoid underscoring values when they can be omitted
- avoid fmt.Sprintf() calls when the only argument is already a string

Signed-off-by: Miguel Ángel Jimeno <miguelangel4b@gmail.com>
2020-10-03 10:45:07 +03:00
M. Ángel Jimeno
7099b61f2d
pkg/output/stdout: use Error() method from error interface when possible (#321)
Signed-off-by: Miguel Ángel Jimeno <miguelangel4b@gmail.com>
2020-10-02 17:14:48 +03:00
M. Ángel Jimeno
8156fd1917
pkg: use {strings,bytes}.ReplaceAll when possible (#320)
Use the ReplaceAll helper from the standard library in order to make the
code easier to read. Requires Go 1.12 or higher.

Fixes #301

Signed-off-by: Miguel Ángel Jimeno <miguelangel4b@gmail.com>
2020-10-02 17:12:40 +03:00
Joona Hoikkala
bde943cc5d
Add support for configuration files for ffuf (#308)
* Refactor config and job creation

* ConfigOptions defaults

* Structure ConfigOptions for config file parser

* Sort options

* Finalize the configuration file reading and add examples and documentation

* Fix issues with opts -> config translation
2020-09-27 19:24:06 +03:00
Kiblyn11
79fe3c0c91
Change banner logging to stderr (#282)
* Change banner logging to stderr

* Edit CHANGELOG and CONTRIBUTORS

* fix: add to contributors according to sort order
2020-09-24 12:09:03 +03:00
Joona Hoikkala
dc24ad2639
Make SIGINT more responsive, and handle zombied TCP connections properly (#302) 2020-09-24 12:04:31 +03:00
M. Ángel Jimeno
47c8cafadc
job: remove duplicate if statement (#283)
* job: remove duplicate if statement

Signed-off-by: Miguel Ángel Jimeno <miguelangel4b@gmail.com>

* contributors: add Miguel Jimeno to CONTRIBUTORS.md

Signed-off-by: Miguel Ángel Jimeno <miguelangel4b@gmail.com>
2020-08-30 15:24:13 +03:00
Joona Hoikkala
0ce941326b
Throttle rate of requests per second (#287)
* Add the functionality to perform req/sec limiting (for humans)

* Add documentation
2020-08-30 13:51:41 +03:00
Joona Hoikkala
126157438b
Prepare 1.2.0-git (#268) 2020-07-23 13:49:27 +03:00
Joona Hoikkala
d61ceb3eb2
Release 1.1 (#266) 2020-07-23 13:38:56 +03:00
Joona Hoikkala
bef2dc04ed
Fix crash with 3xx requests without location header (#265)
Co-authored-by: Joona Hoikkala <joohoi@io.fi>
2020-07-23 13:13:27 +03:00
bjhulst
9bb613050e
Update random seed logic (#262)
* Update util.go

* Update job.go

rand.Seed updated just before usage

* Update util.go

revert

* Updated CHANGELOG.MD with a description of the bug fix.

Co-authored-by: Joona Hoikkala <joohoi@users.noreply.github.com>
2020-07-23 12:28:31 +03:00
Joona Hoikkala
0633fb6b0a
Fixed behavior of wordlist:keyword separator in Windows (#240) 2020-05-16 15:49:57 +03:00
Joona Hoikkala
08ec6bad2a
Add Host information to JSON output file (#223) 2020-04-23 00:53:28 +03:00
Dave Walker
88720dfdc9
Support outputting all file formats concurrently (#218)
* Support outputting all file formats concurrently

Previously ffuf would allow outputting to a single
file-format, ie Markdown (md), json or HTML.  It was not
possible to output in multiple formats in the same
execution.

This change allows specifying an output (-of) of "all",
which means that the output filename (-o) is used, but the
appropriate suffix is added.

As an example,
... -of all -o output/report

Will output:
 - output/report.json
 - output/report.html
 - output/report.csv
 - ... etc

Fixes ffuf/ffuf#215

Signed-off-by: Dave Walker (Daviey) <email@daviey.com>

* Updated Changelog and added myself to CONTRIBUTORS

Signed-off-by: Dave Walker (Daviey) <email@daviey.com>

* Fix file extension for 'ecsv' when 'all' is used

.. And fix CONTRIBUTORS.md to be alphabetical

Signed-off-by: Dave Walker (Daviey) <email@daviey.com>
2020-04-19 12:11:15 +03:00
Dave Walker
e4628ff481
Increase default rows per page on html report (#217)
* Increase default rows per page on html report

Previously 10 results were displayed per-page, as the
default of DataTables.  This change increases the default to
250 results per page and also adds the option for 250, 500,
1000, 2500 and ALL results.

In addition, materialize css default was blocking the
viewing of the option to display alternative results
per-page.  This is resolved by calling .formSelect as per
https://stackoverflow.com/questions/28258106/materialize-css-select-doesnt-seem-to-render

Fixes ffuf/ffuf#216

Signed-off-by: Dave Walker (Daviey) <email@daviey.com>

* Updated Changelog and added myself to CONTRIBUTORS

Signed-off-by: Dave Walker (Daviey) <email@daviey.com>

* Updated CONTRIBUTORS.md to be alphabetical

Signed-off-by: Dave Walker (Daviey) <email@daviey.com>
2020-04-19 12:04:33 +03:00
helpermika
7021c2f211
Add the wordlists to the header information (#211)
* Add the wordlists to the header information (#197)

* Add the requested change
2020-04-15 13:39:01 +03:00
bjhulst
ef1aac3a1e
Feature178 (#186)
* feature 178

* sync

* sync

* sync

* sync

Co-authored-by: bjhulst <bjhulst>
2020-03-20 12:42:54 +02:00
Damian Schwyrz
ccdd377930
Fix for #193 (#194)
* Fix for #193

* Fix for #193 - Changelog
2020-03-20 12:41:13 +02:00
Damian Schwyrz
7ffd74d87e
Fix for issue #179 (#180)
* Fix for issue #179

* additional changes after review | #179

* Further info -> README.md regarding #179 & CONTRIBUTORS.md

* Further info -> README.md regarding #179 & CONTRIBUTORS.md

* Further info -> README.md regarding #179

* Fix for removed "Changes"

* Fix for removed "Changes"
2020-02-27 15:19:07 +02:00
Joona Hoikkala
2d165e6179
Prepare for 1.1.0-git (#176) 2020-02-21 22:52:23 +02:00
Joona Hoikkala
7c6b20a552
Prepare point release v1.0.2 (#175) 2020-02-21 22:46:41 +02:00
bjhulst
5f0d0faeb7
Make defining User-agent header case insensitive #171 (#173)
* Takes the User-Agent header from a list.

* typo

* base

* Make defining User-agent header case insensitive #171

* -whitespaces

* Make canonical http headers and set default User-Agent only once.

* clean-up

* formatting, canonical customer headers, docs updated

* cleanup

* fmt

* Checking userdefined headers for excluding in canonicalization.

* resolving one conflict

* moved logic back and less resolve conflicts

Co-authored-by: Joona Hoikkala <joohoi@users.noreply.github.com>
2020-02-21 22:43:19 +02:00
Joona Hoikkala
a5d9bb5c18
Calculate req/sec correctly when recursing (#168) 2020-02-17 01:02:00 +02:00
Joona Hoikkala
ff1bc2a3c2
Handle relative URLs in redirects properly (#167) 2020-02-17 00:56:38 +02:00
Joona Hoikkala
a19741daa6
Save POST body correctly (#161) 2020-02-09 13:29:12 +02:00
Joona Hoikkala
a3e3dc5246
Prepare v1.1 again (#154) 2020-02-02 15:32:50 +02:00
Joona Hoikkala
46755d8f7c
Prepare for point release 1.0.1 (#153) 2020-02-02 15:28:47 +02:00
Joona Hoikkala
6868aff865
Fix bug in regex matching when writing responses to file (#150)
* Fix bug in regex matching when writing responses to file

* Add changelog entry
2020-02-01 02:36:03 +02:00
Joona Hoikkala
875ee38f59
Prepare 1.1-git (#146)
* Prepare 1.1-git

* Changelog too...
2020-01-30 00:55:01 +02:00
Joona Hoikkala
bb59f50cbe
Prepare for release 1.0 (#144) 2020-01-30 00:28:28 +02:00
Joona Hoikkala
b0a632e6cd
Replay matches using a chosen proxy (#140)
* Replay matches using a custom proxy

* Add changelog entry
2020-01-17 09:49:25 +02:00
Ice3man
3d8e233097 Added ignore comment option (#138)
* Added ignore comment option

* Ignore blank lines & added changelog entry
2020-01-15 11:19:18 +02:00
Joona Hoikkala
ac2b447dfd
Write configuration to output JSON (#135)
* Config to json output, filters and matchers

* optRange marshaling

* Add CHANGELOG entry
2020-01-07 18:27:43 +02:00
Shaked Klein Orbach
1b45085191 remove -k flag support, convert to dummy flag (#134)
* remove -k flag support, convert to dummy flag

* update changelog and contributors
2020-01-07 18:25:42 +02:00
Joona Hoikkala
b4adeae872
Recursive jobs support (#129) 2019-12-31 14:19:27 +02:00
Tapio Vuorinen
7032f0eb47 -maxtime cli flag to limit running time of ffuf. resolves #85 (#127) 2019-12-30 12:49:34 +02:00
Joona Hoikkala
15524003b8
Write requests and responses to filesystem if requested (#126) 2019-12-28 17:46:44 +02:00
Tapio Vuorinen
f5609a2d13 fuzzing input in result, resolves #76 (#124)
* regexp filter had a copy-paste error talking about size filter, fixed

* implement -mr/-fr FUZZ, detecting if fuzzed input is present in response. resolves #76

* quote regexp control characters to obtain exact matches (according to joohoi's comment)

* allow keywords as part of regexp matching/filtering

* updated changelog

Co-authored-by: Joona Hoikkala <joohoi@users.noreply.github.com>
2019-12-23 13:29:24 +02:00
Tapio Vuorinen
918d5dcc8f count also 429 response codes if -sa (stop on all error cases) is used (#113)
* count also 429 response codes if -sa (stop on all error cases) is used. resolves #83

* Update README.md

Co-Authored-By: Joona Hoikkala <joohoi@users.noreply.github.com>

* Update main.go

Co-Authored-By: Joona Hoikkala <joohoi@users.noreply.github.com>

* lowered the 429 threshold to 20%

Co-authored-by: Joona Hoikkala <joohoi@users.noreply.github.com>
2019-12-20 20:23:54 +02:00
Joona Hoikkala
c33a431716
Limit the use of -e to a single keyword (#106)
* Limit the use of extension to a single wordlist

* Update README
2019-11-16 22:22:14 +02:00
Joona Hoikkala
d04a2d80ae
Prepare 1.0 (#105) 2019-11-16 18:34:58 +02:00
Joona Hoikkala
d4e88ade95
Prepare release 0.12 (#104) 2019-11-16 18:19:07 +02:00
Joona Hoikkala
6059ead533
Verbose banner information (#102) 2019-11-16 17:28:34 +02:00
Joona Hoikkala
ec480844a8
Add SIGTERM monitoring (#101) 2019-11-16 16:51:29 +02:00
Joona Hoikkala
3949e49b3b
Implement -v (verbose) flag (#100) 2019-11-16 16:32:11 +02:00
Joona Hoikkala
8807dc119d
Add DataTables support to HTML output (#98) 2019-11-16 15:42:25 +02:00
Joona Hoikkala
7b0542a5a7
Show RedirectLocation and full URL in output files (#97) 2019-11-16 15:29:09 +02:00