Hiddenden/beef
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
687 Commits 14 Branches 34 Tags
5ea6dd9fd2fb9ab97cb44a8cfb01bb5d6437ea73
Commit Graph

18 Commits

Author SHA1 Message Date
antisnatchor
e22332e1f8 (Fixes issue 467) rewrote from scratch the XssRays handler, refactored JS and Ruby code, improved the whole thing. 
git-svn-id: https://beef.googlecode.com/svn/trunk@1361 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-10-12 14:56:50 +00:00
antisnatchor
3f82b0315a (Fixes issue 427): fixed sending back PoC for POST injection with xssrays. 
git-svn-id: https://beef.googlecode.com/svn/trunk@1251 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-09-02 10:18:48 +00:00
antisnatchor
10d8edb5fd <xssrays> prevent printing console.log messages if the hooked browser is IE 
git-svn-id: https://beef.googlecode.com/svn/trunk@1250 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-09-02 09:26:46 +00:00
antisnatchor
5fb6334654 (Fixes issue 405): added attack vector browser checks using the beef.browser API. If the vector is marked as working with only IE, if the browser is FF the attack will be skipped. 
git-svn-id: https://beef.googlecode.com/svn/trunk@1249 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-09-02 09:21:31 +00:00
antisnatchor
f228138fb2 <xssrays> small code cleanup and comments added 
git-svn-id: https://beef.googlecode.com/svn/trunk@1247 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-08-31 11:11:42 +00:00
antisnatchor
4fc61d4c47 (Fixes issue 403): added handler: "xssrays" to xssrays.js. This is why beef.net.send was never called. 
git-svn-id: https://beef.googlecode.com/svn/trunk@1246 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-08-31 10:00:22 +00:00
antisnatchor
59bfab48a3 (Fixes issue 406): when checking for URI path Xss, remove the last / from the url in case there is one. It will be added later. 
git-svn-id: https://beef.googlecode.com/svn/trunk@1245 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-08-31 08:43:57 +00:00
antisnatchor
cfe0b3e87b <xssrays> removed browser checks and fixed unreferenced variable sameDomain (now is crossDomain) 
git-svn-id: https://beef.googlecode.com/svn/trunk@1244 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-08-31 08:24:17 +00:00
bcoles@gmail.com
22941a51b4 Augmented beef.net.request to support port_status 
Only "open" and "closed" are supported currently

Part of issue 286



git-svn-id: https://beef.googlecode.com/svn/trunk@1177 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-08-10 09:47:01 +00:00
antisnatchor
922e72d2fe Issue 384: xssrays core code cleanup, refactoring and small bugfix (finishing the scan if stack.length=0) 
git-svn-id: https://beef.googlecode.com/svn/trunk@1165 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-08-03 12:22:56 +00:00
antisnatchor
fca36abfdc Issue 384: xssrays core code cleanup, added support for configurable crossDomain, debug and cleanTimeout settings 
git-svn-id: https://beef.googlecode.com/svn/trunk@1163 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-08-03 11:56:23 +00:00
antisnatchor
9c57194d38 Issue 384: fixed handling of different ports (!= 80/443) on get-params/Uri-path XSS. commented out some JS debug code. 
git-svn-id: https://beef.googlecode.com/svn/trunk@1156 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-08-01 10:14:44 +00:00
antisnatchor
a5a9e45076 Issue 384: First draft of XssRays (core xssrays JS) 
git-svn-id: https://beef.googlecode.com/svn/trunk@1114 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-07-26 18:36:30 +00:00
antisnatchor
2d5360a870 Issue 384: initial commit of Gareth XssRays 0.5.5 
git-svn-id: https://beef.googlecode.com/svn/trunk@1064 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-07-14 09:10:25 +00:00
antisnatchor
fe5b318792 (Fixes issue 359) Proxy/Requester now forward back original XHR response headers (stripping some of them lik encoding and cache related). Added also a temporary fix for issue 368 (prevent saving raw image data if db = mysql). 
git-svn-id: https://beef.googlecode.com/svn/trunk@1051 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-07-09 22:30:44 +00:00
scotty.b.brown@gmail.com
5c3e6f1575 Adding Apache Licence Header to all files (except VERSION file) 
git-svn-id: https://beef.googlecode.com/svn/trunk@1046 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-07-02 23:08:28 +00:00
antisnatchor
6af4f673d3 Proxy and Requester enhancements. Proxy got a good performance improvement, it's now multi-thread, able to handle errors, can be used with a normal browser. Requester core (ruby/js) has been enhanced too: db model, js logic and parsing code. Many previous bugs in different parts have been corrected. 
git-svn-id: https://beef.googlecode.com/svn/trunk@1027 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-06-26 18:03:53 +00:00
scotty.b.brown@gmail.com
35f62714b1 Moving nextgen from a branch to the trunk!!! 
git-svn-id: https://beef.googlecode.com/svn/trunk@908 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-04-20 07:54:56 +00:00