Version 1.4d to 3.1.0 developed by:
Xavi Mendez (xmendez@edge-security.com)
Version up to 1.4c developed by:
Christian Martorella (cmartorella@edge-security.com)
Carlos del ojo (deepbit@gmail.com)
Changelog 3.1.0:
- Added tox and change test in Makefile
- Improved plugin field filter language capabilities, ie. data and severity can be specified
- Plugin's information is shown depending on severity when using -v
- Filter language and fuzzresult's description handle lists of results
- Added some basic queue profiling for debugging
- diff operator
- Refactored discarded results
- Dotdict str
- Removed future library
- Added operator tests
Plugins:
- Refactored headers plugin
- Links plugins looks in link and redirect headers
- Improved links plugin regex based on nahamsec/JSParser
- New field printer to output filter expressions only
- burplog unittest
- raw printer shows plugin data
wfpayload:
- Added --prev and --AA, ---AAA to wfpayload
wfencode:
- -i reads from stdin
- general handle exception in wfencode
Breaking changes:
- Changed -A, --AA, ---AAA plugin's categories
- Changed plugins filter language field.
- Changed links filter parameters and kbase keys.
- Changed headers kbase key and server result.
- When slicing a payload FUZZ refers to the previous result.
Bugs:
- Fixed --prev in wfpayload
- Fixed -c and -v values within printers plugins
- Don't print empty values in wfpayload
- Use lower() in ~ operator
- Remove httpreceiver queue limit
- Fixed --interactive actions
- Stripped CRLF from burplog parsed responses
- Fixed --slice when using FuzzResult payloads
- Only add recursive and routing queues when transport is Http
- Bug in reqresp when parsing nested http responses due to textparser