Pham Sy Minh
Pham Sy Minh
The error trace: ``` $ java -jar target/Richsploit.jar -e 4 -p 'ping stuff.burpcollaborator.net' -u 'https://[redacted]/app/a4j/g/3_3_3.Final' -v 3 [+] This exploit requires that you first visit a page containing the tag....
Description --------------- Currently `-f` does not only append extensions to paths but "/" as well. This unnecessarily generates a huge number of entries, and users can't get rid of this...
Related to #5289, where [akmalhisyam found a way to bypass URL normalization using PreparedRequests](https://github.com/psf/requests/issues/5289#issuecomment-573632625), however, the solution doesn't work when you have proxies provided. ## Expected Result This should be...
### What is the feature? An idea from [`lc/gau`](https://github.com/lc/gau) where you look for URLs from AlienVault's Open Threat Exchange, the Wayback Machine, Common Crawl, and URLScan (we can try to...
### What is the suggestion? I don't think any of the modern web applications would try to prevent or monitor brute-forcing by checking on the `User-Agent` header, `--proxies-file` is an...
Description --------------- `pkg_resources` will soon be deprecated, and based on my research and testing, `importlib.metadata` is not a reliable replacement as under certain conditions, it might not be able to...
### Description To use `--min-response-size/--max-response-size`, you have to feed in a value in byte, no suffix, but `--exclude-sizes` requires you specify a measurement unit by a suffix and it can...
Description --------------- Fix #1479