Vincent Gilles
|
438f8ada61
|
Feat: add debug_print_backtrace to the list of info leak indicators
|
2020-10-02 10:50:53 +02:00 |
Swissky
|
e23636ae70
|
Github Action - CodeQL
|
2020-10-01 10:52:51 +02:00 |
Swissky
|
f2df2acd6d
|
XXE / SSRF / Cookies and more use-cases
|
2020-09-29 14:08:36 +02:00 |
Swissky
|
95fbef209c
|
Cryptographic hash, random and info leak
|
2020-06-15 20:11:43 +02:00 |
Swissky
|
31962bee50
|
pcntl_exec + server side template injection
|
2020-01-16 23:33:55 +01:00 |
Swissky
|
db89689cde
|
Test case with MD5 hash
|
2020-01-11 00:13:17 +01:00 |
Swissky
|
a0be9801bf
|
Update README.md
|
2020-01-11 00:08:09 +01:00 |
Swissky
|
ee2c747c6c
|
High entropy string detection + code refactor add_vuln()
|
2020-01-11 00:06:47 +01:00 |
Swissky
|
e3b1d7fb3c
|
Fix maximum recursion error + catch hardcoded password in define()
|
2020-01-09 22:59:26 +01:00 |
Swissky
|
4f985f9709
|
Update README.md
|
2019-11-13 23:02:45 +01:00 |
Swissky
|
4911f157c5
|
SPONSOR - Adding sponsor button
|
2019-09-22 16:12:30 +02:00 |
Swissky
|
426b6111d9
|
Merge pull request #8 from tanaydin/pycodestyle
Fixes for errors catch by pycodestyle (except E501)
|
2019-04-05 18:57:20 +02:00 |
Swissky
|
ee80485bea
|
Merge pull request #11 from tanaydin/fixfor-encoding
Fix for encoding files with different encodings.
|
2019-04-05 18:52:46 +02:00 |
tanaydin sirin
|
5b98259818
|
Merge branch 'master' into pycodestyle
|
2019-04-05 17:36:27 +02:00 |
Tanaydin Sirin
|
d363731e80
|
Fix for encoding files with different encodings.
|
2019-04-05 17:32:25 +02:00 |
Tanaydin Sirin
|
fe8786101a
|
Fixes for errors by pycodestyle (except E501) to run it
pycodestyle . --ignore=E501
|
2019-04-05 16:32:45 +02:00 |
Swissky
|
659b6a1e2c
|
Merge pull request #7 from tanaydin/python3
Reformated files for python3, changed some function calls.
|
2019-04-05 15:52:12 +02:00 |
Tanaydin Sirin
|
b3734a43f7
|
Python3 fix for directory not found error.
|
2019-04-05 15:43:04 +02:00 |
Tanaydin Sirin
|
be2d110578
|
Reformated files for python3, changed some function calls.
|
2019-04-05 15:38:57 +02:00 |
Swissky
|
def6aaf64f
|
Merge pull request #6 from tanaydin/plain_output
Added --plain output to exporter
|
2019-04-05 15:34:01 +02:00 |
Tanaydin Sirin
|
8e67f536cc
|
Added --plain output to exporter, it works with files so it is logical to make it plain all time.
|
2019-04-05 15:22:22 +02:00 |
Swissky
|
9c91219532
|
Merge pull request #5 from tanaydin/plain_output
Better output for file.
|
2019-04-05 15:16:13 +02:00 |
tanaydin sirin
|
6732d43099
|
Merge pull request #3 from tanaydin/plain_output
Better output for file.
|
2019-04-05 15:12:49 +02:00 |
Tanaydin Sirin
|
0703843c4e
|
Better output for file.
|
2019-04-05 15:11:57 +02:00 |
Swissky
|
6d452748ec
|
Merge pull request #4 from tanaydin/plain_output
Adds --plain for plain output.
|
2019-04-05 15:11:46 +02:00 |
Swissky
|
7a0bc642a8
|
Merge pull request #3 from tanaydin/patch-1
Fix for "unbalanced parenthesis"
|
2019-04-05 15:10:03 +02:00 |
tanaydin sirin
|
bf86549569
|
Merge pull request #2 from tanaydin/plain_output
Adds --plain for plain output.
|
2019-04-05 14:27:14 +02:00 |
tanaydin sirin
|
07dd6eddf4
|
Merge pull request #1 from tanaydin/patch-1
Update functions.py
|
2019-04-05 14:26:46 +02:00 |
Tanaydin Sirin
|
8c425bd30d
|
Adds --plain for plain output.
|
2019-04-05 14:25:05 +02:00 |
tanaydin sirin
|
18b352fe71
|
Update functions.py
I was getting "sre_constants.error: unbalanced parenthesis". This small comment escapes current vulnerability to keep regular expressions happy.
|
2019-04-05 12:47:17 +02:00 |
Swissky
|
7e1d2a35b8
|
Hardcoded credential
|
2017-11-20 21:56:02 +01:00 |
Swissky
|
5ea956e411
|
False positive check $xx='const';
|
2017-11-14 13:45:07 +01:00 |
Swissky
|
b062f507a8
|
zsh:1: command not found: q
|
2017-11-14 13:24:19 +01:00 |
Swissky
|
3e5e9ca74e
|
Check for constant var
|
2017-11-14 11:10:21 +01:00 |
Swissky
|
02afeab9cd
|
Export script
|
2017-11-14 09:07:12 +01:00 |
Swissky
|
e280f50e0f
|
Bugfix - Opening inexistent file
|
2017-11-12 13:42:25 +01:00 |
Swissky
|
ca3fba1758
|
More indicators : Header injection , URL redirect, SQL etc
|
2017-08-05 15:23:40 +02:00 |
Swissky
|
626c3581b8
|
BUGFIX - Colored variable badly displayed when count>2
|
2017-06-06 22:51:01 +02:00 |
Swissky
|
bd2d77b6c9
|
BUGFIX - Only the nth occurence var is colored if dup vuln
|
2017-06-05 22:56:23 +02:00 |
Swissky
|
37887b7635
|
BUGFIX - False positive for declaration $var = pgconnect
|
2017-06-05 21:15:38 +02:00 |
Swissky
|
1289809b15
|
BUGFIX - Detection for var as for($something as $else)
|
2017-06-05 20:18:48 +02:00 |
Swissky
|
fddb914e38
|
FEATURE - Vulnerability and file count
|
2017-06-05 19:10:25 +02:00 |
Swissky
|
4ad8f01911
|
FEATURE: XPATH,LDAP,Assert, PGSQLi detection added
|
2017-05-29 22:02:00 +02:00 |
Swissky
|
7aa1fd26b9
|
FEATURE - XSS detection with print
|
2017-05-28 23:23:07 +02:00 |
Swissky
|
a21792a585
|
FEATURE - SQL injection PDO detection
|
2017-05-28 23:15:33 +02:00 |
Swissky
|
5160b19e1b
|
FEATURE : PHP object injection detection
|
2017-05-28 22:42:28 +02:00 |
Swissky
|
c75f1eb415
|
Bugfix - Constant init var fixed
|
2017-05-28 22:11:40 +02:00 |
Swissky
|
012581e641
|
Bugfix - "POST and POST" now detected as 2 vulns
|
2017-05-28 20:58:07 +02:00 |
Swissky
|
d8b39c37db
|
License added
|
2017-05-27 21:05:28 +02:00 |
Swissky
|
07b302e184
|
Feature - check declaration for false positive
|
2017-05-27 03:15:49 +02:00 |