0.1.4 / 2023-09-19
CLI
- Improved the performance of
ronin-vulns
commands when scanning multiple URLs
or a file of URLs by not rebuilding an identical
Ronin::Vulns::CLI::WebVulnCommand#scan_kwargs for each URL.
- Allow the
--cookie "..."
option to be repeated multiple times and merge the
cookie strings together.
- Allow the
--cookie-param NAME=VALUE
option to be used with the
--cookie "..."
option and merge the cookie values together.
- Print vulnerable param names in single quotes.
0.1.3 / 2023-07-07
0.1.2 / 2023-03-01
- Require
ronin-support
~> 1.0, >= 1.0.1
CLI
- Validate that given URLs start with either
http://
or https://
, and print
an error message otherwise.
- Print a
No vulnerabilities found
message when no vulnerabilities were
discovered.
0.1.1 / 2023-02-02
0.1.0 / 2023-02-01
- Initial release:
- Require
ruby
>= 3.0.0.
- Supports testing for:
- Local File Inclusion (LFI)
- Remote File Inclusion (RFI)
- PHP
- ASP Class / ASP.NET
- JSP
- ColdFusion
- Perl
- SQL Injection (SQLi)
- Reflected Cross Site Scripting (XSS)
- Server Side Template Injection (SSTI)
- Open Redirects
- Supports testing:
- URL query parameters.
- HTTP Headers.
- HTTP
Cookie
parameters.
- Form parameters.