zerokeeper
zerokeeper
Hello,also I read [https://github.com/gocolly/colly/issues/445](445) and [https://github.com/gocolly/colly/issues/438](438),but i can't read Request.body string.And i try to put it CONTEXT,but it does not work. I look up a lot of information,the 'ioutil.ReadAll' is...
### Template / PR Information - update fingerprinthub-web-fingerprints.yaml,remove apache-cocoon ### Template Validation I've validated this template locally? NO #### Additional Details (leave it blank if not applicable)
Hi,libpng team. there is a memory leak in the file png.c:368 of function png_create_info_struct. the bug is trigered by `./pngcp poc /dev/null` [libpng_poc.zip](https://github.com/glennrp/libpng/files/2729282/libpng_poc.zip) the asan debug info is as follows:...
用xray爬虫扫描spring应用的漏洞是发现,没有带上原始的Accept头,导致页面类型显示错误,无法判断出漏洞 `xray webscan --plugins cmd-injection,sqldet --browser-crawler http://127.0.0.1:8090/springboot-spel-rce/` 爬虫到的原始请求是 ``` GET /springboot-spel-rce/article?id=1 HTTP/1.1 Host: 127.0.0.1:8090 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/110.0.5481.96 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7...
`dirscan/admin/default` 扫描会出现不同后缀的结果 好像也是1.9.x新版本的问题,之前1.8.x的版本没发现这个问题 ``` https://example.com/admin.html https://example.com/admin.jsp https://example.com/admin.do https://example.com/admin.asp https://example.com/admin https://example.com/admin/ ```
### Please describe your feature request: add `-ul/-url-limit` (default 1000) to set katana crawl max url page in every site,avoid to crawl long time in some sites. ### Describe the...
### httpx version: all with the -nfs and -nf flag version. ### Current Behavior: The bug is that when the requested URL hostname is an IP and the path is...
### Nuclei version: v3.2.9 ### Current Behavior: unresolved variables: {{FQDN}} {{RDN}} or unresolved more other variables. ### Steps To Reproduce: use the blind-ssrf.yaml of nuclei-templates. `nuclei -dast -id blind-ssrf -u...