Dobin Rutishauser

Results 41 issues of Dobin Rutishauser

The "HTML Errors" indicator sometimes appears, which means there are HTML differences. But there is no output ("Error message") in the tooltip. The indicator should only appear: - If there...

Release new version into the burp app store

Write a tutorial with all features (e.g. persistent XSS). Either with GIF's, or as video.

Color the attacks in panelright. - XSS, SQL1, SQL2, Other, ... as light blue, yellow, etc. - Make color configurable in the attack selector window (see #14)

Attacks should not be selected per-parameter, but overall (also not per-request). Attacking a parameter should use the attacks specified in the overall configuration. - Selection box with: - Sentinel payloads...

Insert {} stuff

From burp release: There are new settings to enable session handling rules to be in scope for the Extender tool, and to update Burp's cookie jar based on traffic via...

enhancement

- beautify: - should work correctly (also on xss) - should not de-beautify - should work on strange content, like: {"": ""}{} - diff view: - colorize

enhancement

Currently FFW only supports mutation fuzzers, which are based on prerecorded data from the interceptor. It should also support generative fuzzers, which do not have prerecorded data. * Add fuzzer...

The current asan parser https://github.com/dobin/ffw/blob/master/verifier/asanparser.py is a complete hack. Maybe someone else made a complete asan parser in python already? If not, make it it's own project, add unit-tests.