* Update .ffufrc to match 405 status code responses by default
* Updated README.md with the new default match status codes
* Updated default match codes to include 405 Method Not Allowed
405 Method not Allowed is returned by many api endpoints when accessed via an improper method. ffuf sends GET reqeusts by default and if an endpoint only supports POST it will return 405 and ffuf will not think it's a valid endpoint unless specifically told to match 405 status codes
* Added choket to contributors
* Update CHANGELOG.md
This change addresses two panics that happened while parsing the provided
wordlist flag in Windows systems.
- pkg/ffuf/util.go:40: panic happened when the provided path was
invalid. Example: ".\wordlist.txt:" as the os.Stat call returned an
error different than os.ErrNotExist.
- pkg/ffuf/optionsparser.go:179: panic happened when the provided value
did not existed and did not contain a colon character. Example:
".\asdf.txt" when the local file ".\asdf.txt" did not exist. This panic
happened due to strings.LastIndex returning -1 when the provided
substring does not appear. Therefore, v[:-1] panicking.
Fixes#333
Signed-off-by: Miguel Ángel Jimeno <miguelangel4b@gmail.com>
This change is an attempt to handle gosimple linter finfings in order to
make the code easier to follow. It includes the following changes:
- use strings.Contains instead of strings.Index != -1
- use time.Since which is the standard library helper. See https://github.com/golang/go/blob/go1.15.2/src/time/time.go#L866-L867
- remove unneeded return statements at the end of methods
- preallocate maps when their capacity is known
- avoid underscoring values when they can be omitted
- avoid fmt.Sprintf() calls when the only argument is already a string
Signed-off-by: Miguel Ángel Jimeno <miguelangel4b@gmail.com>
* job: remove duplicate if statement
Signed-off-by: Miguel Ángel Jimeno <miguelangel4b@gmail.com>
* contributors: add Miguel Jimeno to CONTRIBUTORS.md
Signed-off-by: Miguel Ángel Jimeno <miguelangel4b@gmail.com>
* Update util.go
* Update job.go
rand.Seed updated just before usage
* Update util.go
revert
* Updated CHANGELOG.MD with a description of the bug fix.
Co-authored-by: Joona Hoikkala <joohoi@users.noreply.github.com>
* Fix for issue #179
* additional changes after review | #179
* Further info -> README.md regarding #179 & CONTRIBUTORS.md
* Further info -> README.md regarding #179 & CONTRIBUTORS.md
* Further info -> README.md regarding #179
* Fix for removed "Changes"
* Fix for removed "Changes"
* Multiple wordlist support
* Display error correctly if wordlist file could not be opened
* Add back the redirect location
* Support multiple keywords in HTML output and fix wordlist positioning
* Support multiple wordlists for md output
* Support multiple keywords in CSV output
* Improve output for multi keyword runs
* Add changelog entry
* Switch the wordlist filename <-> keyword around to allow tab completion
* Fix the usage example in README
* Added HTML and Markdown output support
* Add HTML color code in HTML template
* Added lines count
* Added content lines to json + csv
* Added changelog entry
* Fixed copy paste mistake
* Changed the html report to be grepable :)
* Grepable output fixed
* Fixed lines count
* removed dead(?) code
* Added -acc for custom auto-calibration strings. Resolves#53
* don't use the calibration url templates when custom calibration paths are given
* added changelog entry about -acc flag
* Added redirect location in stdout output
* Keep conditional logic outside of the resultNormal function + Better help message for redirect location
* Moved GetRedirectLocation as a Response public method
* Added changelog entry + (Redirect become ->)
* allow ranges on response size matching/filtering
* allow ranges on word count matching/filtering
* allow ranges on http status matching/filtering
* documentation update about using ranges in size, word count and status code filtering/matching
* moved valuerange code to ffuf main package
