assetnote / kiterunner

Contextual Content Discovery Tool
GNU Affero General Public License v3.0
2.64k stars 296 forks source link

Flag to prevent destructive content discovery & fuzzing #2

Open laluka opened 3 years ago

laluka commented 3 years ago

Hi there, Your tool works like a charm, thanks so much!

It would be really nice to have a simple flag to prevent destructive actions, like --safe to prevent DELETE (don't know about POST/PUT) method calls, or endpoints that contain keywords such as del, delete, remove, or reset, etc :)

Have a nice day! :upside_down_face:

NotoriousRebel commented 3 years ago

Any updates on this? In the meantime it shouldn't be too difficult in theory where if the HTTP request method is something that may be deemed unsafe such as DELETE or PUT you just continue?

NotoriousRebel commented 3 years ago

@laluka Any updates?

laluka commented 3 years ago

@laluka Any updates?

Not at all sorry, I don't have enough free time to work on this, I only opened this issue as a suggestion for the maintainers 😅