Tasos Laskos
Tasos Laskos
Add a new option `--scope-domains` (or something) to whitelist domains other than the target and hence allow them to be included in the scan. Web APIs can be spread across...
Example based on the timing attack SQL injection module: - Module injects something like: `')) ; SELECT pg_sleep(10)--` - Executable code is: `SELECT pg_sleep(10)` By making that distinction in audit...
CloudFlare tries to minify JS files, but the resulting formatting is inconsistent 2-3% of the time. This rare inconsistency can cause differential analysis FPs if it occurs at the wrong...
Does Ruru support MS Windows? I'm trying with RubyInstaller 2.3.0 and Rust nightly but keep getting link errors with `cargo build --release`. At first the file `x64-msvcrt-ruby230.lib` is not found,...
Hello, just by installing `gem 'bootstrap', '~> 4.4.0'` (previous version `gem 'bootstrap-sass', '3.3.6'`) I'm getting the following error: ``` Encoding::UndefinedConversionError: "\xE2" from ASCII-8BIT to UTF-8 /home/user/.rvm/gems/ruby-2.7.1@project/gems/execjs-2.7.0/lib/execjs/encoding.rb:22:in `encode' /home/user/.rvm/gems/ruby-2.7.1@project/gems/execjs-2.7.0/lib/execjs/encoding.rb:22:in `encode' /home/user/.rvm/gems/ruby-2.7.1@project/gems/execjs-2.7.0/lib/execjs/external_runtime.rb:8:in...
Use the HTML formatters of the plugins to convert their results to HTML which can be included in the WebUI.
There have been reports of the interface slowing down as the DB increases in size. This has most likely to do with the SQL queries becoming more and more resource...
Maintain and display a track record of security trends for web applications. Add a re-scan feature (with non-mandatory crawl since we've already got a sitemap) and a vulnerability time-line.