search

wapiti-scanner / wapiti

Web vulnerability scanner written in Python3
https://github.com/wapiti-scanner/wapiti
GNU General Public License v2.0
1.15k stars 176 forks source link

Fix headless wapp version detection #567

Closed bretfourbe closed 6 months ago

bretfourbe commented 6 months ago

In some cases, headless version detection will provide false positive on version value. For instance with Chart.js, the JS command Chart will result in a JS function. image So now it ensures whether a version is wanted or not for each JS command. For instance, Chart.js is still detected with the Chart command but without version. image image

codecov[bot] commented 6 months ago

Codecov Report

Attention: Patch coverage is 0% with 2 lines in your changes are missing coverage. Please review.

Project coverage is 79.37%. Comparing base (206d6ec) to head (41c76f9).

Files Patch % Lines
wapitiCore/attack/mod_wapp.py 0.00% 2 Missing :warning:
Additional details and impacted files ```diff @@ Coverage Diff @@ ## master #567 +/- ## ========================================== + Coverage 79.36% 79.37% +0.01% ========================================== Files 113 113 Lines 9323 9323 ========================================== + Hits 7399 7400 +1 + Misses 1924 1923 -1 ```

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.