github.com/ronin-rb/ronin-vulns issues | Ecosyste.ms: OpenCollective

Release 0.3.0

postmodern opened this issue 5 months ago

Add a `URI::HTTP#vulns/has_vulns?` core-ext methods

AI-Mozi opened this pull request 5 months ago

Release 0.2.1

postmodern opened this issue 6 months ago

Switch to using `require_relative` for local files

postmodern opened this issue 6 months ago

Add `Ronin::Vulns::XXE`

postmodern opened this issue 6 months ago

Add a `URI::HTTP#vulns` and `#has_vulns?` core-ext methods

postmodern opened this issue 7 months ago

Release 0.2.0.rc2

postmodern opened this issue 7 months ago

Release 0.2.0-rc1

postmodern opened this issue 7 months ago

Release 0.2.0

postmodern opened this issue 8 months ago

Add support for testing SSRFs

postmodern opened this issue 8 months ago

Add support for testing JSON payloads

postmodern opened this issue 8 months ago

Test for when an open redirect has a `http://` or `https://` prefix always added to the injected URL

postmodern opened this issue 8 months ago

Test for `[email protected]/...`, `http://example.com/?...`, and `http://example.com/#` URLs in `OpenRedirect`

postmodern opened this issue 8 months ago

Improve `OpenRedirect#vulnerable?` regexs to detect when an additional string is appended to the test URL

postmodern opened this issue 8 months ago

Release 0.1.5

postmodern opened this issue 8 months ago

Enhance `meta` redirect regex in `Ronin::Vulns::OpenRedirect` to match when additional data is appended to the URL

postmodern opened this issue 8 months ago

Fix `meta` redirect regexp in `Ronin::Vulns::OpenRedirect`

postmodern opened this issue 8 months ago

Use `.each_value` instead of `.each`

AI-Mozi opened this pull request 9 months ago

Add `--test-all-form-params` option

AI-Mozi opened this pull request 9 months ago

Add support for testing for `$(...)` command injection

postmodern opened this issue 9 months ago

Refactor `Ronin::Vulns::CLI::Logging` to be `Ronin::Vulns::CLI::Printing`

postmodern opened this issue 9 months ago

Add a `WebVuln.test_param` method

postmodern opened this issue 9 months ago

Add missing `ronin-vulns irb` command

postmodern opened this issue about 1 year ago

Add shell completions for `ronin-vulns`

postmodern opened this issue about 1 year ago

Add missing `man/ronin-vulns.1.md` man page file

postmodern opened this issue about 1 year ago

Add `NAME` sections to all man pages

postmodern opened this issue about 1 year ago

Update to kramdown-man 1.0.0

postmodern opened this issue about 1 year ago

Add a `Ronin::Vulns::CLI::Importable` module

postmodern opened this issue about 1 year ago

Probably handle when `Ronin::Vulns::RFI.scan` is given a URL with no path extension

postmodern opened this issue about 1 year ago

Add missing `--test-all-form-params` option

postmodern opened this issue about 1 year ago

Add missing `--request-method` option to `Ronin::Vulns::CLI::WebVulnCommand`

postmodern opened this issue about 1 year ago

Fix typo in documentation

AI-Mozi opened this pull request about 1 year ago

Add an `--import` option to `Ronin::Vulns::CLI::WebVulnCommand`

postmodern opened this issue about 1 year ago

Add `Ronin::Vulns::Importer`

postmodern opened this issue about 1 year ago

Add `ronin-db` as a dependency

postmodern opened this issue about 1 year ago

Change `Ronin::Vulns::SSTI::ESCAPES` to be a `Hash`

postmodern opened this issue about 1 year ago

Add missing spec for `CLI::WebVulnCommand#log_vuln`

postmodern opened this issue over 1 year ago

Add `--user-agent` and `--user-agent-string` options to `WebVulnCommand`

postmodern opened this issue over 1 year ago

Add `WebVuln#user_agent` and a `user_agent:` keyword argument to `WebVuln`

postmodern opened this issue over 1 year ago

Add a `--print-http` option to `CLI::WebVulnCommand`

postmodern opened this issue over 1 year ago

Add a `--print-curl` option to `CLI::WebVulnCommand`

postmodern opened this issue over 1 year ago

Improve performance of `ronin-vulns` commands by only creating `scan_kwargs` once

postmodern opened this issue over 1 year ago

Release 0.1.4

postmodern opened this issue over 1 year ago

Allow `--cookie-param NAME=VALUE` and `--cookie "..."` to be used together

postmodern opened this issue over 1 year ago

Allow `--cookie "..."` to be repeated multiple times

postmodern opened this issue over 1 year ago

Add additional SQLi sleep tests

mohghezal opened this issue over 1 year ago

Release 0.1.3

postmodern opened this issue over 1 year ago

Detect XSS inside or after HTML comments

quadule opened this pull request over 1 year ago

Add a `ronin-vulns command-injection` command

postmodern opened this issue over 1 year ago

Add `Ronin::Vulns::CommandInjection`

postmodern opened this issue over 1 year ago

Add `Ronin::Vulns::SSRF`

postmodern opened this issue over 1 year ago

Release 0.1.2

postmodern opened this issue almost 2 years ago

Validate URL arguments to ensure they are `http://` or `https://` URLs

postmodern opened this issue almost 2 years ago

Unhandled error use case

jasnow opened this issue almost 2 years ago

Release ronin-vulns 0.1.1

postmodern opened this issue almost 2 years ago

Add some kind of debugging messages / audit log

postmodern opened this issue almost 2 years ago

Add missing `print_vuln` methods to `WebVulnCommand` sub-classes

postmodern opened this issue almost 2 years ago

Release ronin-vulns 0.1.0.beta1