Fix verifytls (#22)

* Fix wording and make tls verify more intuitive

* Fix README.md

README.md

@@ -86,7 +86,7 @@ To define the test case for ffuf, use the keyword `FUZZ` anywhere in the URL (`-
     	Filter HTTP response size
   -fw string
     	Filter by amount of words in response
-  -k	Skip TLS identity verification (insecure)
+  -k	TLS identity verification
   -mc string
     	Match HTTP status codes from respose (default "200,204,301,302,307,401,403")
   -mr string

main.go

@@ -52,7 +52,7 @@ func main() {
 	flag.Var(&opts.headers, "H", "Header `\"Name: Value\"`, separated by colon. Multiple -H flags are accepted.")
 	flag.StringVar(&conf.Url, "u", "", "Target URL")
 	flag.StringVar(&conf.Wordlist, "w", "", "Wordlist path")
-	flag.BoolVar(&conf.TLSSkipVerify, "k", true, "Skip TLS identity verification (insecure)")
+	flag.BoolVar(&conf.TLSVerify, "k", false, "TLS identity verification")
 	flag.StringVar(&opts.delay, "p", "", "Seconds of `delay` between requests, or a range of random delay. For example \"0.1\" or \"0.1-2.0\"")
 	flag.StringVar(&opts.filterStatus, "fc", "", "Filter HTTP status codes from response")
 	flag.StringVar(&opts.filterSize, "fs", "", "Filter HTTP response size")

pkg/ffuf/config.go

@@ -20,7 +20,7 @@ type Config struct {
 	FuzzHeaders     map[string]string
 	Method          string
 	Url             string
-	TLSSkipVerify   bool
+	TLSVerify       bool
 	Data            string
 	Quiet           bool
 	Colors          bool
@@ -47,7 +47,7 @@ func NewConfig(ctx context.Context) Config {
 	conf.FuzzHeaders = make(map[string]string)
 	conf.Method = "GET"
 	conf.Url = ""
-	conf.TLSSkipVerify = true
+	conf.TLSVerify = false
 	conf.Data = ""
 	conf.Quiet = false
 	conf.StopOn403 = false

pkg/runner/simple.go

@@ -35,7 +35,7 @@ func NewSimpleRunner(conf *ffuf.Config) ffuf.RunnerProvider {
 			MaxIdleConnsPerHost: 500,
 			MaxConnsPerHost:     500,
 			TLSClientConfig: &tls.Config{
-				InsecureSkipVerify: conf.TLSSkipVerify,
+				InsecureSkipVerify: !conf.TLSVerify,
 			},
 		}}