Commit graph

133 commits

Author SHA1 Message Date
Joona Hoikkala
d05cf280ae
Add unsupported arch/os to goreleaser ignore list (#267) 2020-07-23 13:46:36 +03:00
Joona Hoikkala
d61ceb3eb2
Release 1.1 (#266) 2020-07-23 13:38:56 +03:00
Joona Hoikkala
bef2dc04ed
Fix crash with 3xx requests without location header (#265)
Co-authored-by: Joona Hoikkala <joohoi@io.fi>
2020-07-23 13:13:27 +03:00
bjhulst
9bb613050e
Update random seed logic (#262)
* Update util.go

* Update job.go

rand.Seed updated just before usage

* Update util.go

revert

* Updated CHANGELOG.MD with a description of the bug fix.

Co-authored-by: Joona Hoikkala <joohoi@users.noreply.github.com>
2020-07-23 12:28:31 +03:00
C_Sto
27fcbee730
fix file get thing (#226)
* fix file get thing

* update doco
2020-07-23 12:15:36 +03:00
bsysop
80c6afad01
Update CONTRIBUTORS.md to add bsysop (#258) 2020-06-26 14:41:38 +03:00
Joona Hoikkala
0633fb6b0a
Fixed behavior of wordlist:keyword separator in Windows (#240) 2020-05-16 15:49:57 +03:00
Joona Hoikkala
08ec6bad2a
Add Host information to JSON output file (#223) 2020-04-23 00:53:28 +03:00
Dave Walker
88720dfdc9
Support outputting all file formats concurrently (#218)
* Support outputting all file formats concurrently

Previously ffuf would allow outputting to a single
file-format, ie Markdown (md), json or HTML.  It was not
possible to output in multiple formats in the same
execution.

This change allows specifying an output (-of) of "all",
which means that the output filename (-o) is used, but the
appropriate suffix is added.

As an example,
... -of all -o output/report

Will output:
 - output/report.json
 - output/report.html
 - output/report.csv
 - ... etc

Fixes ffuf/ffuf#215

Signed-off-by: Dave Walker (Daviey) <email@daviey.com>

* Updated Changelog and added myself to CONTRIBUTORS

Signed-off-by: Dave Walker (Daviey) <email@daviey.com>

* Fix file extension for 'ecsv' when 'all' is used

.. And fix CONTRIBUTORS.md to be alphabetical

Signed-off-by: Dave Walker (Daviey) <email@daviey.com>
2020-04-19 12:11:15 +03:00
Dave Walker
e4628ff481
Increase default rows per page on html report (#217)
* Increase default rows per page on html report

Previously 10 results were displayed per-page, as the
default of DataTables.  This change increases the default to
250 results per page and also adds the option for 250, 500,
1000, 2500 and ALL results.

In addition, materialize css default was blocking the
viewing of the option to display alternative results
per-page.  This is resolved by calling .formSelect as per
https://stackoverflow.com/questions/28258106/materialize-css-select-doesnt-seem-to-render

Fixes ffuf/ffuf#216

Signed-off-by: Dave Walker (Daviey) <email@daviey.com>

* Updated Changelog and added myself to CONTRIBUTORS

Signed-off-by: Dave Walker (Daviey) <email@daviey.com>

* Updated CONTRIBUTORS.md to be alphabetical

Signed-off-by: Dave Walker (Daviey) <email@daviey.com>
2020-04-19 12:04:33 +03:00
helpermika
7021c2f211
Add the wordlists to the header information (#211)
* Add the wordlists to the header information (#197)

* Add the requested change
2020-04-15 13:39:01 +03:00
Joona Hoikkala
404c048835
Fix error with missing usage info (#195) 2020-03-21 14:52:12 +02:00
bjhulst
ef1aac3a1e
Feature178 (#186)
* feature 178

* sync

* sync

* sync

* sync

Co-authored-by: bjhulst <bjhulst>
2020-03-20 12:42:54 +02:00
Damian Schwyrz
ccdd377930
Fix for #193 (#194)
* Fix for #193

* Fix for #193 - Changelog
2020-03-20 12:41:13 +02:00
Damian Schwyrz
7ffd74d87e
Fix for issue #179 (#180)
* Fix for issue #179

* additional changes after review | #179

* Further info -> README.md regarding #179 & CONTRIBUTORS.md

* Further info -> README.md regarding #179 & CONTRIBUTORS.md

* Further info -> README.md regarding #179

* Fix for removed "Changes"

* Fix for removed "Changes"
2020-02-27 15:19:07 +02:00
Joona Hoikkala
2d165e6179
Prepare for 1.1.0-git (#176) 2020-02-21 22:52:23 +02:00
Joona Hoikkala
7c6b20a552
Prepare point release v1.0.2 (#175) 2020-02-21 22:46:41 +02:00
bjhulst
5f0d0faeb7
Make defining User-agent header case insensitive #171 (#173)
* Takes the User-Agent header from a list.

* typo

* base

* Make defining User-agent header case insensitive #171

* -whitespaces

* Make canonical http headers and set default User-Agent only once.

* clean-up

* formatting, canonical customer headers, docs updated

* cleanup

* fmt

* Checking userdefined headers for excluding in canonicalization.

* resolving one conflict

* moved logic back and less resolve conflicts

Co-authored-by: Joona Hoikkala <joohoi@users.noreply.github.com>
2020-02-21 22:43:19 +02:00
Joona Hoikkala
b58c30625e
Detect -u properly after last change (#174) 2020-02-19 09:04:21 +02:00
Joona Hoikkala
1e57e6d0a9
Fix issue when -request is used in conjunction with -u (#172) 2020-02-18 19:20:30 +02:00
Joona Hoikkala
a5d9bb5c18
Calculate req/sec correctly when recursing (#168) 2020-02-17 01:02:00 +02:00
Joona Hoikkala
ff1bc2a3c2
Handle relative URLs in redirects properly (#167) 2020-02-17 00:56:38 +02:00
Joona Hoikkala
a19741daa6
Save POST body correctly (#161) 2020-02-09 13:29:12 +02:00
Joona Hoikkala
7fcef5a331
Add a mention about ffuf-scripts (#156) 2020-02-02 17:06:43 +02:00
Joona Hoikkala
3f900460ac
Update changelog (#155) 2020-02-02 15:34:12 +02:00
Joona Hoikkala
a3e3dc5246
Prepare v1.1 again (#154) 2020-02-02 15:32:50 +02:00
Joona Hoikkala
46755d8f7c
Prepare for point release 1.0.1 (#153) 2020-02-02 15:28:47 +02:00
Joona Hoikkala
6868aff865
Fix bug in regex matching when writing responses to file (#150)
* Fix bug in regex matching when writing responses to file

* Add changelog entry
2020-02-01 02:36:03 +02:00
Joona Hoikkala
875ee38f59
Prepare 1.1-git (#146)
* Prepare 1.1-git

* Changelog too...
2020-01-30 00:55:01 +02:00
Joona Hoikkala
8970d9b4ea
Update goreleaser config (#145) 2020-01-30 00:35:55 +02:00
Joona Hoikkala
bb59f50cbe
Prepare for release 1.0 (#144) 2020-01-30 00:28:28 +02:00
Joona Hoikkala
afece7bf2b
Better usage information and -help. Ignore -mc default value if any matcher is manually set (#143) 2020-01-30 00:23:58 +02:00
Joona Hoikkala
b0a632e6cd
Replay matches using a chosen proxy (#140)
* Replay matches using a custom proxy

* Add changelog entry
2020-01-17 09:49:25 +02:00
Ice3man
3d8e233097 Added ignore comment option (#138)
* Added ignore comment option

* Ignore blank lines & added changelog entry
2020-01-15 11:19:18 +02:00
Joona Hoikkala
e7069b945c
Add codingo and order CONTRIBUTORS.md alphabetically (#139) 2020-01-15 11:17:24 +02:00
Ice3man
01e516988d Added raw request parsing option (#137)
* Added request body option

* Update CHANGELOG.md

* Update CONTRIBUTORS.md

* Removed typo

* Fixed the URL in path issue

* Misc changes to align to codebase
2020-01-15 11:08:24 +02:00
Joona Hoikkala
ac2b447dfd
Write configuration to output JSON (#135)
* Config to json output, filters and matchers

* optRange marshaling

* Add CHANGELOG entry
2020-01-07 18:27:43 +02:00
Shaked Klein Orbach
1b45085191 remove -k flag support, convert to dummy flag (#134)
* remove -k flag support, convert to dummy flag

* update changelog and contributors
2020-01-07 18:25:42 +02:00
Joona Hoikkala
b4adeae872
Recursive jobs support (#129) 2019-12-31 14:19:27 +02:00
Joona Hoikkala
fef5f0c78f
Clean up README.md and add CONTRIBUTORS.md (#128) 2019-12-30 13:07:28 +02:00
Tapio Vuorinen
7032f0eb47 -maxtime cli flag to limit running time of ffuf. resolves #85 (#127) 2019-12-30 12:49:34 +02:00
Joona Hoikkala
15524003b8
Write requests and responses to filesystem if requested (#126) 2019-12-28 17:46:44 +02:00
Tapio Vuorinen
f5609a2d13 fuzzing input in result, resolves #76 (#124)
* regexp filter had a copy-paste error talking about size filter, fixed

* implement -mr/-fr FUZZ, detecting if fuzzed input is present in response. resolves #76

* quote regexp control characters to obtain exact matches (according to joohoi's comment)

* allow keywords as part of regexp matching/filtering

* updated changelog

Co-authored-by: Joona Hoikkala <joohoi@users.noreply.github.com>
2019-12-23 13:29:24 +02:00
Tapio Vuorinen
918d5dcc8f count also 429 response codes if -sa (stop on all error cases) is used (#113)
* count also 429 response codes if -sa (stop on all error cases) is used. resolves #83

* Update README.md

Co-Authored-By: Joona Hoikkala <joohoi@users.noreply.github.com>

* Update main.go

Co-Authored-By: Joona Hoikkala <joohoi@users.noreply.github.com>

* lowered the 429 threshold to 20%

Co-authored-by: Joona Hoikkala <joohoi@users.noreply.github.com>
2019-12-20 20:23:54 +02:00
JamTookTheBait
5c1a535fa9 fixed POST data fuzzing example (#119)
-u flag is required
2019-12-08 13:48:53 +02:00
Joona Hoikkala
c33a431716
Limit the use of -e to a single keyword (#106)
* Limit the use of extension to a single wordlist

* Update README
2019-11-16 22:22:14 +02:00
Joona Hoikkala
d04a2d80ae
Prepare 1.0 (#105) 2019-11-16 18:34:58 +02:00
Joona Hoikkala
d4e88ade95
Prepare release 0.12 (#104) 2019-11-16 18:19:07 +02:00
Joona Hoikkala
c29efff5f7
Update README (#103) 2019-11-16 17:31:55 +02:00
Joona Hoikkala
6059ead533
Verbose banner information (#102) 2019-11-16 17:28:34 +02:00