Hi, all!
I just have committed core/data/fuzzer/fuzzer.py with Laurent's patch.
It is not original patch because I decided to remove mutant with
m2.setSafeEncodeChars('/').
Furthermore I have tested it with webpy application in which URLs
processed internally (not by Apache's mod_rewrite). Now
Hey Guys,
Please notice that xss.py changed somewhat in r4632 (for example, now there
is a class variable named XSS_TESTS, as @laurent correctly pointed out a
couple mails ago in this thread).
Thanks,
Javier
On Mon, Jan 9, 2012 at 5:05 PM, Andres Riancho wrote:
> Taras,
>
> On Fri, Jan 6, 2012
Taras,
On Fri, Jan 6, 2012 at 6:16 PM, Taras wrote:
> Hi, all and happy new year! :)
>
> Laurent thanks for paying attention to fuzzURLParts functionality! :)
> Especially that we also had a small conversation here about double encoding.
>
>
>>> Sorry for that, I attached the proper cleaned patch
Hi, all and happy new year! :)
Laurent thanks for paying attention to fuzzURLParts functionality! :)
Especially that we also had a small conversation here about double encoding.
>> Sorry for that, I attached the proper cleaned patch. In fact :
>>
>> * m is single encoded version, so we need it
>>
Andres,
Le jeu 05/01/12 13:37, "Andres Riancho" andres.rian...@gmail.com a écrit:
> Laurent,
>
> On Wed, Jan 4, 2012 at 12:45 PM, aurent.gu...@algosecure.fr> wrote:
> Andres,
> >
> > Le mer 04/01/12 14:47, "Andres Riancho" andr
> es.rian...@gmail.com a écrit:
>> Laurent,
> >>
[snip]
> >> >
Andres,
Le mer 04/01/12 14:47, "Andres Riancho" andres.rian...@gmail.com a écrit:
> Laurent,
>
[snip]
> > By the way, I realize that when activating "URL
> parts fuzzing" functionnality,
> the createMutants() method does not return the
> original URL, only mutants.
> This implies that each pent
Laurent,
On Wed, Jan 4, 2012 at 7:34 AM, wrote:
> Hi,
>
> Thank you taking time to read my verbose mail ;)
A pleasure when the email has interesting content :)
>
>> Laurent,
>>
>> Please read comments inline,
>>
>> On Tue, Jan 3, 2012 at 7:51 AM, wrote:
>> > Hi,
>> >
>> > I'm a new w3af u
Hi,
Thank you taking time to read my verbose mail ;)
> Laurent,
>
> Please read comments inline,
>
> On Tue, Jan 3, 2012 at 7:51 AM, wrote:
> > Hi,
> >
> > I'm a new w3af user (using and testing it for 1 month) and I'd like to
congratulate you for the work you already achieved :
> > * differ
Laurent,
Please read comments inline,
On Tue, Jan 3, 2012 at 7:51 AM, wrote:
> Hi,
>
> I'm a new w3af user (using and testing it for 1 month) and I'd like to
> congratulate you for the work you already achieved :
> * different phases (discovery, audit, exploit...) separated (clever)
> * a
Hi,
I'm a new w3af user (using and testing it for 1 month) and I'd like to
congratulate you for the work you already achieved :
* different phases (discovery, audit, exploit...) separated (clever)
* a plugin system
* possibility to use profiles and scripts
* spiderman !
* written in python ^^
Wh
10 matches
Mail list logo
