Releases: xmendez/wfuzz
Releases · xmendez/wfuzz
Wfuzz 2.4.1 - The Web fuzzer
Version 1.4d to 2.4.1 developed by:
Xavier Mendez ([email protected])
Version up to 1.4c developed by:
Christian Martorella ([email protected])
Carlos del ojo ([email protected])
Changelog 2.4.1:
New features
- Python 3.7 support
Bugs
Wfuzz 2.4 - The web fuzzer
Version 1.4d to 2.4 developed by:
Xavier Mendez ([email protected])
Version up to 1.4c developed by:
Christian Martorella ([email protected])
Carlos del ojo ([email protected])
Changelog 2.4:
New features
- JSON post data parsing
- Shodanp payload
- --filter-help: Filter language specification help usage.
- --no-cache: Disable plugins cache. Every request will be scanned by plugins.
- --zP, --zE and --zD: Payloads' parameters, encoders and default parameter arguments.
- --ip: Specify an IP to connect to instead of the URL's host in the format ip:port. (fixes #121 )
- --efield/field: Show the specified language expression together with the current payload.
- --recipe can be chained to combine different recipes.
- Bash auto-completion script (fixes #32 )
New filter operators
- plugins: Returns plugins result as a string.
- :=, =+ and =- assignment operators
- gre('exp'): Returns first regex group that matches in value
Bugs
- Trying various encodings when reading wordlists (fixes #128 #125 )
- Wrap line in output width (fixes #96 #76 #68 #56 #35 )
- Proxy type incorrectly specified HTML instead HTTP
- Incorrect URL parsing when specifying with port but without scheme.
- POST data is not correctly handled for all content types. (fixes #127 )
- Burplog payload Python 2 and 3 compatible
- HTTP Response was parsed two times when using proxy and SSL
- Fixed Python dependencies (thanks to @blshkv )
- Fixed typo in autorize plugin (thanks to @tkisason )
Wfuzz 2.3.4 - The web fuzzer
Version 1.4d to 2.3.4 developed by:
Xavier Mendez ([email protected])
Version up to 1.4c developed by:
Christian Martorella ([email protected])
Carlos del ojo ([email protected])
Changelog 2.3.4:
Changes:
- Documentation: Added pycurl installation details on Windows and MacOS
- Improved Windows support by replacing wconio dependency by colorama
- Changed default setting: Not to cancel on plugin exception
- Added more regexes to errors plugin
- Added --AA and --AAA alias
- Changed plugins' categories
Bugs:
- Exception when using --prev flag
- Exception when using --interact on Windows
Wfuzz 2.3.3 - The Web fuzzer
Version 1.4d to 2.3.3 developed by:
Xavier Mendez ([email protected])
Version up to 1.4c developed by:
Christian Martorella ([email protected])
Carlos del ojo ([email protected])
Changelog 2.3.3:
Changes:
- Improve abstraction between FuzzRequest and the underneath HTTP library
- Tests cases for setting FuzzRequest GET/POST parameters
- Tests cases for FuzzRequest cache keys
- FuzzRequest internal Cache differentiates from GET and POST parameters
- Added issue template (thanks to @Prinzhorn)
- Deploy to pypi using Travis CI
Bugs fixed:
- Seting postdata to an empty string (thanks to @Prinzhorn)
- Seting postdata using a dictionary with an integer value
- Addressed documentation pyparsing link (thanks to @Prinzhorn)
- Addressed incorrect documentation XSS example
Wfuzz 2.3.1 - The Web fuzzer
Version 1.4d to 2.3.1 developed by:
Xavier Mendez ([email protected])
Version up to 1.4c developed by:
Christian Martorella ([email protected])
Carlos del ojo ([email protected])
Changelog 2.3:
Changes:
- Unpinned libraries in setup.py to make more flexible installing the package. Added requirements file with latest dependencies versions that work.
Bugs fixed:
Wfuzz 2.3 - The Web fuzzer
Version 1.4d to 2.3 developed by:
Xavier Mendez ([email protected])
Version up to 1.4c developed by:
Christian Martorella ([email protected])
Carlos del ojo ([email protected])
Changelog 2.3:
New features:
- Python 2 and 3 compatible
- Pep8 compliant
- Integrated travis CI and code coverage
- Unit and integration tests
- Updated docs
- Deflate encoding
Bugs fixed:
- Ability to send post data using any HTTP verb (thanks @navhaxs and @vingtsyl)
- Encode quote in html_escape encoder
- Fix minimum length in hexrange payload
- Avoid stale thread due to http_pool being created too early
- Changed order of imports in ipnet and iprange payloads
- _build_id using parent class variable in moduleman FileLoader and DirLoader
- Incorrect simple_filter return value in modulefilter
- PUT method hanged request
Wfuzz 2.2.11 - The Web fuzzer
Version 1.4d to 2.2.11 developed by:
Xavier Mendez ([email protected])
Version up to 1.4c developed by:
Christian Martorella ([email protected])
Carlos del ojo ([email protected])
Changelog 2.2.11:
Bugs fixed:
- Error in setup.py (Thanks to @gaurav8k)
- Warning instead of exiting when pycurl is missing the PATH_AS_IS attribute (Thanks to @javixeneize)
- Bug in httppool (Thanks to @Jumbo-WJB)
Wfuzz 2.2.9 - The Web fuzzer
Version 1.4d to 2.2.9 developed by:
Xavier Mendez ([email protected])
Version up to 1.4c developed by:
Christian Martorella ([email protected])
Carlos del ojo ([email protected])
Changelog 2.2.9:
Bugs fixed:
- Avoid pycurl URL normalization when using dots (thanks to @FJ7)
- Automatically add / when URL is specified without a path (thanks to @Bladefidz and @javixeneize)
- Filter not working when using output printer (thanks to @phackt)
- Response parse when pycurl returns various headers (thanks to @phackt)
Wfuzz 2.2.8 - The Web fuzzer
Version 1.4d to 2.2.8 developed by:
Xavier Mendez ([email protected])
Version up to 1.4c developed by:
Christian Martorella ([email protected])
Carlos del ojo ([email protected])
Changelog 2.2.8:
- Fixed bug when repeating requests
- Fixed zip count (thanks @Bladefidz)
- Fixed --help in wfpayload
- CSV support (thanks @egilas)
- Added mysql error message to errors plugin
- Added raw_content filter language attribute
- --prev flag prints previous requests, useful for comparing results
- Moved source code to src directory and created bash cli executables
Wfuzz 2.2.3 - The Web fuzzer
Version 1.4d to 2.2.3 developed by:
Xavier Mendez ([email protected])
Version up to 1.4c developed by:
Christian Martorella ([email protected])
Carlos del ojo ([email protected])
Changelog 2.2.3:
New features:
- f switch for storing results in file
- o switch for changing output
- new get_session API method
- Updated JSON printer (thanks to @ilyaglow)
- Added requirements to setup.py
Bug fixes:
- bug in the default output not printing filtered results