Skip to content

v0.6b-20160401
Compare
Choose a tag to compare
@stasinopoulos stasinopoulos released this 01 Apr 06:39
· 1744 commits to master since this release
v0.6b-20160401
011825e
  • Added: The ability to store valid (Basic) credentials into session files for current target.
  • Added: New option --ignore-401 that ignores HTTP Error 401 (Unauthorized) and continues tests without providing valid credentials.
  • Added: Dictionary-based cracker for Basic HTTP authentication credentials.
  • Added: Identifier for HTTP authentication type (currently only Basic type is supported).
  • Added: New option --skip-waf that skips heuristic detection of WAF/IPS/IDS protection.
  • Added: Support for verbose mode in the "DNS exfiltration" injection technique (module).
  • Added: New option --dns-server that supports the "DNS exfiltration" injection technique (module).
  • Added: New option --dependencies that checks (non-core) third party dependenices.

Note: For more check the detailed changeset.

Assets 2
Loading