Scanning a site which is behind HTTP basic authentication?

fullhunt / log4j-scan

A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228

MIT License

3.4k stars 741 forks source link

Open aingham opened 2 years ago

aingham commented 2 years ago

Hi,

Does the scanner support the https://username:password@example.com syntax for scanning a site which is behind HTTP basic authentication?

Many thanks,

Andy

axel3rd commented 2 years ago

Duplicate #81. WIP via #95.

axel3rd commented 2 years ago