Update http_cookies - Githubissues

rapid7 / recog

Pattern recognition for hosts, services, and content

Other

662 stars 195 forks source link

Update http_cookies #351

Closed tsellers-r7 closed 3 years ago

tsellers-r7 commented 3 years ago

Description

This PR updates http_cookies by:

Adding missing examples
Re-ordering some of the matches to improve metrics
Removing unnecessary captures where the value doesn't change.

Motivation and Context

Improving fingerprints

How Has This Been Tested?

rspec

Checklist:

[x] I have updated the documentation accordingly (or changes are not required).
[x] I have added tests to cover my changes (or new tests are not required).
[x] All new and existing tests passed.

tsellers-r7 commented 3 years ago

FYI @hdm

hdm commented 3 years ago

Thanks!

hdm commented 3 years ago

This LGTM at first glance. We may want to consider normalizing cookies in the future so that we parse each cookie separately vs the entire Set-Cookie header, as the order of cookies can change. Any anchors (^) might not be valid when there is an application cookie set first.