Felipe Zipitría

An example GraphQL query could be this: ``` curl --location --request POST 'https://echo.hoppscotch.io/graphql' \ --header 'Content-Type: application/json' \ --data-raw '{"query":"query Request {\n method\n url\n headers {\n key\n value\n }\n}\n","variables":{}}' ```

One relevant information for this list is that "_VBScript errors are likely no longer emitted with default IIS installations which disable Classic ASP. Some details here:_ https://docs.microsoft.com/en-us/iis/application-frameworks/running-classic-asp-applications-on-iis-7-and-iis-8/classic-asp-script-error-messages-no-longer-shown-in-web-browser-by-default."

@dune73 @lifeforms Well, I'm puzzled now. The file `iis-errors.data` is not mentioned in any rule in the `RESPONSE-954-DATA-LEAKAGES-IIS.conf` file. 🤔 A quick blame gives me: ``` 81c5f0671 base_rules/iis-errors.txt (Ryan Barnett...

Those links are examples from a quick search. The class uses that raw file to create a [big regex to look for user-agents](https://github.com/JayBizzle/Crawler-Detect/blob/0889ab57a2a50ebe3ca99066e0a23eecc4cd4382/src/CrawlerDetect.php#L101) They are not required, just input for...

@azurit Any updates on this list?

@franbuehler Did you had time to take a look at SQLite functions?

Is this part of the Milestone? Or can be done afterwards?

JFYI: we have a similar project that would generate a generic plugin by extending modsecurity with a new operator. Nothing productive yet, but I'm expecting to have something in the...

Started with sources: - [Daniel Meissler's Fuzzing/LFI](https://github.com/danielmiessler/SecLists/tree/master/Fuzzing/LFI)

One of the things I've done is, knowing that we use the ignore case prefix, lowercase everything and sort the ascending list of html properties. I think that is why...