Closed DeliciousBounty closed 1 year ago
@GuyL99 , I did not forget to implement the custom auth type. Actually cherrybomb support four types of authentication: basic, bearer, header, cookie. You can see https://github.com/blst-security/cherrybomb/blob/fix_auth/cherrybomb-engine/src/scan/active/http_client/auth.rs that all of them are implemented. ( see the "from_parts" function)
Why not include custom then?
Raz called it header type instead of custom, it is work the same way. User provide header and value
Custom can be delivered by query or payload as a parameter...
Custom can be delivered by query or payload as a parameter... @RazMag I get it. So actually the new cherrybomb CLI does not include custom authentication. I implemented authentication in according to the new CLI. maybe open an issue for it?
Merged with dev, will be added to main in 1.0.1
Hey I fixed authentication and made some changes in auth.rs and conf.rs In response to my issue #109