Hiddenden/beef
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
4,222 Commits 14 Branches 34 Tags
1f0c5d7ee95fc25b4d769b2fbd230ee467d41b15
Commit Graph

62 Commits

Author SHA1 Message Date
jcrew99
486a9bb329 Update copyright 2023 (#2675) 
* updated copyright

* reverted gemfile lock changes
 2022-12-31 15:36:07 +10:00
wheatley
f33e2698a0 MAINTAINABILITY: 2257 update copyright 2022 (#2259) 
* 2257 updated copyright date
 2021-12-31 09:48:08 +10:00
J
4ec6ecee27 updated all of the copyright information 2021-01-11 04:48:56 +10:00
Jack Walker
b4116e7a7f Merge pull request #1813 from beefproject/jsdoc 
Jsdoc
 2020-01-02 16:52:41 +10:00
Grant Burgess
53f2529718 Updated documentation for use with JSDoc 2020-01-02 16:32:17 +10:00
beep
470b3483d0 Update copyright information 2020-01-01 18:47:08 -08:00
Brendan Coles
4b3618528e Use beef.debug for XSSrays debugging 2019-02-17 09:33:53 +00:00
Ben Passmore
9f1e8f5e8d Updated copyright 2019-01-01 11:57:28 +10:00
Wade Alcorn
fca5279f17 Updated Copyright dates 2018-01-04 09:12:47 +10:00
Brendan Coles
afa7739482 Add debugging output to requester 2017-04-15 10:27:10 +00:00
Wade Alcorn
91cc7ed873 Updated Copyright information 2016-12-29 15:50:13 +10:00
Brendan Coles
d0255d6e9c Add timeout option to beef.net.cors.request 2016-04-02 07:04:40 +00:00
Wade Alcorn
ce01d9fa46 updated copyright year 2015-12-30 08:11:57 +10:00
Brendan Coles
e354ab8045 Add support for request.proto to beef.net.forge_request 2015-12-14 12:38:41 +00:00
Brendan Coles
cb4df3a72c Validate beef.net.connection.type value 2015-12-13 21:43:29 +00:00
Brendan Coles
9386fa28e7 Add beef.net.connection client methods 2015-10-03 14:27:27 +00:00
Brendan Coles
aaefde9b43 Replace console.log with beef.debug 2015-07-12 22:51:06 +00:00
Wade Alcorn
2fbca61368 Updated copyright dates 2014-12-30 07:44:58 +10:00
antisnatchor
6b93b09c2f #970 Updated DNS tunnel debug module config.yaml description 2014-06-29 13:20:11 +02:00
antisnatchor
d1688395ae #970 Added string to DNS requests to differentiate between normal and data-extrusion DNS requests 2014-06-29 13:04:51 +02:00
antisnatchor
f7df45ebd1 #970 Modified dns.js to support the current way we send data from client to server using DNS. 2014-06-29 12:31:59 +02:00
Wade Alcorn
94b636c6fd Fixed reference to origin 2014-04-24 19:36:58 +10:00
antisnatchor
b43fbce044 Fixed issue #957. The requester and proxy now work again after the jquery update. 2014-01-03 13:48:31 +00:00
Wade Alcorn
8003f1a47f Updated the copyright year to 2014 2014-01-01 16:34:15 +10:00
bcoles
da763df110 Uncommented several instances of beef.debug() - Part of issue #862 2013-04-17 22:12:35 +09:30
bcoles
a172362452 Part of issue #862 - Add beef.debug() for client-side debugging 
Add `beef.debug()` function - wraps `console.log()`

Debug messages are suppressed for browsers which don't support `console.log()`

Update './core/*' to use `beef.debug()` instead of `console.log()`
Update './modules/*' to use `beef.debug()` instead of `console.log()`
Update './extensions/*' to use `beef.debug()` instead of `console.log()`

Add 'modules/debug/test_beef_debug/' module
 2013-04-15 16:49:01 +09:30
bcoles
55b0bee9ca Re-enable XSS-Rays vectors containing ' charater 
Fix issue #47
 2013-04-14 20:38:41 +09:30
antisnatchor
73e291832e Replacing document.location.href with location in xssrays.js. 2013-04-07 15:54:14 +01:00
Wade Alcorn
fe40038441 Updated copyright year to 2013 2012-12-30 12:47:43 +10:00
bcoles
3152f41a18 Add beef.net.cors.request 
Returns a response object with HTTP status, headers and body

Add 'Test CORS Request' debug module
 2012-11-26 02:50:27 +10:30
Wade Alcorn
b68df3d024 Changed license header 2012-11-02 14:05:15 +10:00
antisnatchor
2bad801c80 Terminating unterminated statements in various JS files. 2012-05-22 13:27:57 +01:00
antisnatchor
f8cd395e21 Added additional check on pathname for XssRays Issue 657 2012-04-20 11:40:28 +01:00
antisnatchor
cf3587e2b1 Fix issue 657: the damn IE doesn't contain a forward slash on pathname 2012-04-19 18:08:16 +01:00
bcoles
cce8cf451c Added XssRays vectors: 
o URL encoded
	o Double URL encoded
	o Double nibble URL encoded

Fixes issue #65

Part of issue #47
 2012-04-05 14:26:30 +09:30
bcoles
2bca21a41d Minor updates to XSSRays 
Part of issue #47
 2012-03-26 16:29:15 +10:30
Keith Lee
97672966df Fix for issues 567 and also remove multiple calls to beef.browser.hasJava() from /beef/core/main/client/net/local.js 2012-03-07 01:41:27 +08:00
antisnatchor
c6988befc5 Fixed issue 66: base64'ed the iframe src in case of Chrome/Safari to bypass the webkit anti-XSS filter 2012-02-12 13:45:35 +01:00
Wade Alcorn
06899ca267 Year updated from 2011 to 2012 2011-12-31 22:24:36 +10:00
bcoles
4543d60570 Added allowCrossDomain functionality to beef.net.requester.send 2011-12-24 13:37:14 +10:30
bcoles
61a34c1c60 Decoupled beef.net.request and beef.net.proxyrequest 
This is part of issue 87
 2011-12-24 04:21:45 +10:30
bcoles
f2d4592941 Added DNS Tunnel first draft 2011-12-23 08:24:10 +10:30
bcoles
3ee52b82c0 Part of issue 87, issue 63, issue 29, issue 30 
In preperation for creating requester and proxy unit tests:

  o Tidied up some of the requester and proxy
  o Partially de-coupled requester from proxy
  o Fixed minor bugs:
    o is_valid_uri was not implemented correctly
    o http scheme validation had "http" instead of "https"
 2011-12-20 02:47:50 +10:30
antisnatchor
c37db1e364 (Fixes issue 486): now using the requester (so also the tunneling proxy) you can correctly send POST requests 2011-11-23 17:07:55 +01:00
antisnatchor
e22332e1f8 (Fixes issue 467) rewrote from scratch the XssRays handler, refactored JS and Ruby code, improved the whole thing. 
git-svn-id: https://beef.googlecode.com/svn/trunk@1361 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-10-12 14:56:50 +00:00
antisnatchor
3f82b0315a (Fixes issue 427): fixed sending back PoC for POST injection with xssrays. 
git-svn-id: https://beef.googlecode.com/svn/trunk@1251 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-09-02 10:18:48 +00:00
antisnatchor
10d8edb5fd <xssrays> prevent printing console.log messages if the hooked browser is IE 
git-svn-id: https://beef.googlecode.com/svn/trunk@1250 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-09-02 09:26:46 +00:00
antisnatchor
5fb6334654 (Fixes issue 405): added attack vector browser checks using the beef.browser API. If the vector is marked as working with only IE, if the browser is FF the attack will be skipped. 
git-svn-id: https://beef.googlecode.com/svn/trunk@1249 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-09-02 09:21:31 +00:00
antisnatchor
f228138fb2 <xssrays> small code cleanup and comments added 
git-svn-id: https://beef.googlecode.com/svn/trunk@1247 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-08-31 11:11:42 +00:00
antisnatchor
4fc61d4c47 (Fixes issue 403): added handler: "xssrays" to xssrays.js. This is why beef.net.send was never called. 
git-svn-id: https://beef.googlecode.com/svn/trunk@1246 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-08-31 10:00:22 +00:00