π Major Release Changelog π
We are excited to announce a major release that brings several powerful enhancements, bug fixes, and cutting-edge security techniques. This update takes our project to the next level with improved functionality, performance, and security. Here are the key highlights:
π§ New Features & Improvements:
-
Auto-Calibration Feature Added:
To streamline the output and eliminate duplicates, we've introduced an auto-calibrate function. This feature simplifies data processing and makes the output more efficient. Users can still opt to see the full output details using the-vflag for debugging or detailed analysis.
(Special thanks to Diego Jurado for this great idea!) -
Switched HTTP Request Library:
In this release, we've replaced the default Gohttplibrary with go-rawurlparser by @slicingmelon. This change resolves parsing issues with specific payloads, ensuring better handling of edge cases. The updated library improves the stability and accuracy of URL parsing, making the system more robust overall. -
Double URL Encoding Technique:
Inspired by cutting-edge research, we've incorporated a double URL encoding technique that was introduced in the DEFCON 2024 Bug Bounty Village talk by Justin Rhynorater Gardner. This advanced method helps bypass URL-based filters, enhancing security and offering a sophisticated approach to handling potentially harmful inputs.
π DEFCON 2024 Presentation PDF -
New Filtering Options:
We've introduced two new command-line flags,--statusand--unique, which allow users to filter results more effectively, providing more control over the output.
(Thanks to @jaikishantulswani for contributing this feature!)
π οΈ Bug Fixes & Minor Updates:
-
Rewrite of HTTP Versions technique:
After detecting incorrect behavior in the HTTP Versions technique, it has been rewritten to function as intended. -
Minor Bug Fixes:
We've also addressed several small bugs and made improvements to the codebase.
(Thanks to @nxczje for their valuable PR!)
π‘ Looking Ahead:
This release marks a significant step in the evolution of the project, but there's still more to come! We will continue to refine the system, add new features, and address user feedback to make the project even better. Stay tuned for future updates!
π Special Thanks:
We would like to give special recognition to the amazing contributors who have helped shape this release:
- Diego Jurado for suggesting the auto-calibration and double-encoding feature idea.
- @slicingmelon for the go-rawurlparser pkg.
- @jaikishantulswani for adding the new filtering options.
- @nxczje for fixing minor bugs and contributing to the codebase.