Comments (5)
I run again and it give me a different payload, thats awesome!
from dalfox.
Hi @bsysop
Well, first of all, I need to fix that payload. (it is WAF Bypassing payload, but I think we should increase the probability of triggering.)
I'll commit and reflect it when it's modified! And the version option will be add with the update option at the release! (Maybe this weekend)
Thank you so much for your good opinion, my friend :D
from dalfox.
Oh, and to prevent too many relfected log, I've been blocking the checking of that parameter since verify was successful. so the payload found will be different for each test case.
The important thing is that the parameter is vulnerable lol
from dalfox.
100% agree! Most important feature is detection!
Thank you very much brother, i tell you when finish my tests.
from dalfox.
Thank you so much for always helping me a lot 👍
from dalfox.
Related Issues (20)
- Inconsistent output HOT 1
- --output-request is not working when raw request is provided as input
- Blind XSS not working
- Xss.ht file HOT 2
- [G] Found dalfox-google-api via built-in grepping HOT 1
- Dalfox Installation Issue
- Multi threading functionality
- Docker: Version of GLIBC dependencies is not met
- config parameter not working HOT 1
- Feature Request: Custom Injection Point Support in DalFox
- Bug with scan website HOT 1
- Using TOP SOCKS
- "Dalfox" is not a command HOT 1
- POC issue HOT 1
- Support to Caido's active workflows
- Add logging time for detecting blind xss
- reflected payload in html
- The output file is not created if the poc is only reflected
- could not retrieve document root
- Can't Install Via Go, Snapcraft, or Docker
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from dalfox.