You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This commit was created on GitHub.com and signed with GitHub’s verified signature.
(critical) prevented silent partial scans when randomized runtime wordlists are truncated by validating shuffled list size and warning on early EOF before report generation
(critical) restored runtime Ctrl+C pause/resume so the first interrupt opens the continue/exit menu during active worker joins instead of immediately canceling the scan.
(fix) hardened STD reporter summary generation for partial or malformed report payloads
(fix) detect Bitrix from CMS header and harden Strapi fingerprinting
(fix) tuned runtime fingerprint scoring so endpoint-only framework probes no longer imply Node.js/Python runtime
(fix) added conservative PHP route-marker runtime evidence for legacy PHP sites without exposed X-Powered-By headers
(fix) broken random-list shuffle and JS challenge detection
(fix) --accept-cookies routing so accepted cookies are preserved across scan requests and header-bypass variants.
(fix) gated passive WAF/gateway headers in both vendor-specific matching and generic fallback so normal 200 responses are not promoted to blocked
(fix) isolated default fingerprint fallback results with deep copies to prevent nested metadata leakage between failed or empty detection runs
(fix) added vendor-specific and generic-fallback gating for passive gateway/server markers to avoid classifying normal 200 responses as blocked WAF pages
(fix) --debug 0 being incorrectly treated as debug level 1.
(fix) file response sniffer false positives for large textual web/API responses. Large text/html, text/*, JSON, XML, XHTML and SVG responses are no longer classified as files only because their body or Content-Length exceeds the large-response threshold.
(fix) hardened --transport / --transport-profile flow with startup validation, proxy-mode safeguards and transport healthcheck execution
(fix) added cross-platform VPN executable resolution via --transport-bin, common OpenVPN/WireGuard backend lookup paths and actionable OS-specific diagnostics when VPN backends are missing
(fix) hardened --sniff indexof directory-listing detection to avoid title-only false positives while preserving Apache, nginx, IIS and generic autoindex layouts
(fix) validated --retries / wizard retries as a non-negative integer and normalized runtime retry values before passing them to urllib3
(fix) restored interactive HTML report controls by making visible URL copy, text search and status-group navigation use stable row metadata and explicit UI feedback
(fix) deduplicate duplicate subdomain scan candidates before they are submitted to the HTTP worker queue.
(fix) keep subdomain scan progress totals aligned when duplicate candidates are dropped.
(fix) Cache rendered subdomain IP lookups per hostname to avoid repeated DNS resolution in subdomain reports.
(enhancement) added passive privacy-risk detection to --fingerprint for possible supercookie tracking surfaces.
(enhancement) added supercookie/privacy-risk metadata to std, txt, csv, json, html, sqlite, and sarif reports.
(enhancement) added --header-bypass-profile safe|offensive with offensive header spoofing and expanded path-normalization variants for controlled 401/403 bypass probing.
(enhancement) expanded header-bypass evidence with profile, status transition, score and reason metadata across detailed reports.
(enhancement) added --sniff stacktrace to detect exposed stack traces and debug error details across Python, Node.js, PHP, NestJS, Java, SQL, and Oracle responses.
(enhancement) expanded passive WAF recognition with block-response signatures for DDoS-GUARD, Tencent Cloud WAF, Google Cloud Armor, SafeLine, Vercel WAF, Wallarm and Wordfence, complementing existing infrastructure fingerprinting where applicable.
(enhancement) detect common HTTP Server header engines as fingerprint infrastructure, including Nginx, Apache HTTP Server, Microsoft IIS, Caddy, LiteSpeed, lighttpd, Tornado, Gunicorn, Uvicorn, Hypercorn, Waitress, Apache Tomcat, Eclipse Jetty, Envoy and Traefik
(enhancement) Added clear response-level diagnostics for --debug 3.
(enhancement) prettify HTML reports make it more intelligible for UX
(enhancement) expanded passive WAF recognition with additional vendor signatures sourced from public WAF fingerprint catalogs
(enhancement) expanded passive WAF recognition with DDoS-GUARD, Google Cloud Armor, SafeLine, Tencent Cloud WAF, Vercel WAF, Wallarm and Wordfence signatures while keeping passive edge headers gated behind block-like statuses
(enhancement) deduplicated WAF evidence signals before report propagation
(enhancement) updated internal wordlists
(deprecated) made scheme the source of truth for HTTP/HTTPS mode and deprecated standalone wizard ssl configuration to prevent mismatched request providers
(docs) documented runtime pause/resume controls separately from session checkpoint resume.
(docs) updated documentation with added more detailed examples and hits
(debug) added compact STD fingerprint evidence counters for report-level QA
(debug) added scan worker stall diagnostics and ensured queued tasks are always marked done after worker errors to avoid silent hangs during long-running requests
(debug) added compact fingerprint evidence signals to fingerprint.txt for easier QA of runtime/infrastructure detection
(dependencies) update dependencies to the latest versions
(tests) added regression coverage for new WAF signatures, passive-header false-positive protection and fingerprint fallback isolation
(tests) expanded coverage for transport healthcheck cleanup branches, OpenVPN liveness diagnostics and hardened indexof detection paths
