-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathCHANGELOG
388 lines (372 loc) · 48.4 KB
/
CHANGELOG
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
14/01/2014 - 0.45.0 "Winter Blizzard" alpha release: Dedicated to Alessandro Fanio Gonzalez (@alessandrofg), Ankush Jindal (@ankushjindal278), Assem Chelli (@assem-ch), Bharadwaj Machiraju (@tunnelshade), Marios Kourtesis (@marioskourtesis) & their mentors: Andrés Morales, Andrés Riancho, Gareth Heyes, Krzysztof Kotowicz, and their co-mentors: Abraham Aranguren, Azeddine Islam Mennouchi, Hani Benhabiles, Javier Marcos de Prado, Johanna Curiel, Martin Johns.
+ New Feature: OWTF can now be updated using a command line flag <=> Bharadwaj Machiraju (@tunnelshade)
+ Added and fixed some tests for plugins <=> Alessandro Fanio Gonzalez (@alessandrofg)
+ New Feature: Few tools are proxified through OWTF inbound proxy <=> Bharadwaj Machiraju (@tunnelshade)
+ New Feature: Httprint signatures updated (still updating) <=> Azeddine Islam Mennouchi
+ New Feature: Plug-n-Hack Phase I implemented in OWTF <=> Bharadwaj Machiraju (@tunnelshade)
+ Travis CI service is under usage for tests <=> Alessandro Fanio Gonzalez (@alessandrofg)
+ New Feature: OWTF Inbound proxy is made capable of websocket traffic proxying <=> Bharadwaj Machiraju (@tunnelshade)
+ New Feature: HTTP AUTH support is implemented in OWTF Inbound proxy <=> Bharadwaj Machiraju (@tunnelshade)
+ Enhancement: Spiders, Robots and Crawlers grep plugin added <=> Bharadwaj Machiraju (@tunnelshade)
+ Enhancement: Web Services passive discovery plugin improved <=> Bharadwaj Machiraju (@tunnelshade)
+ New Feature: User can run multiple instances of OWTF <=> Bharadwaj Machiraju (@tunnelshade)
+ New Feature: Outbound socks proxy support implemented <=> Marios Kourtesis (@marioskourtesis)
+ New Tool: Added nmap to WAF checks <=> Abraham Aranguren (@7a_)
+ New Feature: Tor mode added to OWTF <=> Marios Kourtesis (@marioskourtesis)
+ New Feature: New Installation procedure added to OWTF <=> Bharadwaj Machiraju (@tunnelshade)
+ 40+ Bug fixes
09/08/2013 - 0.30 "Summer Storm II" alpha release: Dedicated to Alessandro Fanio Gonzalez (@alessandrofg), Ankush Jindal (@ankushjindal278), Assem Chelli (@assem-ch), Bharadwaj Machiraju (@tunnelshade), their mentors: Andrés Morales, Andrés Riancho, Gareth Heyes, Krzysztof Kotowicz, and their co-mentors: Abraham Aranguren, Azeddine Islam Mennouchi, Hani Benhabiles, Javier Marcos de Prado, Johanna Curiel, Martin Johns.
+ Extracting the HTML generated by the reporting system from Python modules into independent Jinja2 template files <=> Assem Chelli (@assem-ch)
+ Added some features to the Testing Framework. Added tests that cover approximately the 45% of the code of the OWTF Framework. <=> Alessandro Fanio Gonzalez (@alessandrofg)
+ Added support for test coverage reports and test logs in HTML. <=> Alessandro Fanio Gonzalez (@alessandrofg)
+ Spawing multiple processes on the basis of targets and then handling the input, stopping of the targets <=> Ankush Jindal(@ankushjindal278)
+ Centralised log function <=> Ankush Jindal(@ankushjindal278)
+ Generic messaging system with pull and push facility differently and database handler to use messaging for DB transaction in multiprocessing<=> (@ankushjindal278)
+ Draft inbound proxy is replaced by a new inbound proxy <=> Bharadwaj Machiraju (@tunnelshade)
+ Inbound proxy is capable of caching and saving the transactions <=> Bharadwaj Machiraju (@tunnelshade)
+ Inbound proxy is capable of cookie filters. <=> Bharadwaj Machiraju (@tunnelshade)
28/06/2013 - 0.20 "Summer Storm I" alpha release: Dedicated to Alessandro Fanio Gonzalez (@alessandrofg), Ankush Jindal (@ankushjindal278), Assem Chelli (@assem-ch) and Bharadwaj Machiraju (@tunnelshade)
+ Port of Abraham Aranguren's network security OSCP scripts into OWASP OWTF <=> Ankush Jindal (@ankushjindal278)
+ Fixed a small bug in the calling of metagoofil, thanks to Adi Mutu (@an_animal) for reporting <=> Bharadwaj Machiraju (@tunnelshade)
+ Added w3af and it's dependencies to install script <=> Bharadwaj Machiraju (@tunnelshade)
+ Fixed scripts/run_arachni.sh to save arachni output files into relevant owtf_review directory - https://github.com/owtf/owtf/issues/41 <=> Abraham Aranguren (@7a_)
+ Fixed release name in framework/config/framework_config.cfg <=> Abraham Aranguren (@7a_)
+ Fixed the installation of phply ( a dependency of w3af ) <=> Bharadwaj Machiraju (@tunnelshade)
+ Fixed most PEP standard warnings on owtf.py <=> Abraham Aranguren (@7a_)
+ Fixed most PEP standard warnings on framework/config/health_check.py <=> Abraham Aranguren (@7a_)
+ Minor README fix replacing references from backtrack to Kali <=> Abraham Aranguren (@7a_)
+ Added arachni to install script along with some minor fixes, thanks to @fataku for reporting <=> Bharadwaj Machiraju (@tunnelshade)
+ Fixed unicode urls for dirbuster combined dictionaries <=> Bharadwaj Machiraju (@tunnelshade)
+ Fixed ssl-cipher-check bug Issue - https://github.com/owtf/owtf/issues/38 <=> Abraham Aranguren (@7a_)
24/05/2013 - 0.16 "shady citizen" alpha release: Dedicated to Michael Kohl (@citizen428) and Bharadwaj Machiraju (@tunnelshade) for contributing to OWTF, thank you!
+ Created an alternative phishing3.2.2_listenerIP SET script directory to use in profiles/general/default.cfg: <=> Abraham Aranguren (@7a_)
- The point of this is to be able to simply change the PHISHING_SCRIPT_DIR to use when SET adds an additional "ask listener IP" manual step (happens sometimes)
- If SET stops asking the MSF listener IP then simply change PHISHING_SCRIPT_DIR back to phishing3.2.2 to use the correct scripts
+ Fixed legacy misspelled "phishing" typo bug around a few files <=> Abraham Aranguren (@7a_)
+ Added external links to assist Credential Transport vulnerability exploitation: SSLStrip, Firesheep, CookieCadger <=> Abraham Aranguren (@7a_)
+ Added external link to SpiderLabs' Blogpost: Adding Anti-CRSF support to Burp Intruder <=> Abraham Aranguren (@7a_)
+ Added Skipfish support via a new Skipfish plugin: Skipfish_Unauthenticated <=> Abraham Aranguren (@7a_)
+ Added Arachni v.0.4.1 support <=> Abraham Aranguren (@7a_)
+ Removed demos directory to place demos in a dedicated repository (https://github.com/owtf/owtf_demos) and keep the main owtf repository more lightweight <=> Abraham Aranguren (@7a_)
+ Removed releases directory to place demos in a dedicated repository (https://github.com/owtf/owtf_releases) and keep the main owtf repository more lightweight <=> Abraham Aranguren (@7a_)
+ Substituted getopt with argparse for argument parsing <=> Abraham Aranguren (@7a_)
+ Fixed www.company.com/subdir issue thanks to Adi Mutu (@an_animal) for reporting it and Bharadwaj Machiraju (@tunnelshade) for fixing it! - https://github.com/owtf/owtf/pull/15 <=> Bharadwaj Machiraju (@tunnelshade)
+ Fixed bug on draft Inbound proxy thanks to Bharadwaj Machiraju (@tunnelshade) for finding + fixing it! - https://github.com/owtf/owtf/pull/16 <=> Bharadwaj Machiraju (@tunnelshade)
+ Initial Kali Linux port (some tools still missing, the install script needs more work) thanks to Bharadwaj Machiraju (@tunnelshade) for a lot of help on this! <=> Bharadwaj Machiraju (@tunnelshade)
+ Fixed websecurify path, thanks to Anant Shrivastava (@anantshri) for finding and fixing the problem in a pull request! <=> Anant Shrivastava (@anantshri)
+ Kali Linux fix: Removed setrubyenv.sh from default.cfg resource configuration file due to no longer being necessary and because it was stopping execution of ruby tools <=> Abraham Aranguren (@7a_)
+ Improved exception handling in framework/http/requester.py to avoid crashing OWTF for small library things like 'raise BadStatusLine(line)' <=> Abraham Aranguren (@7a_)
+ Kali Linux fix: Fixed DirBuster path and centralised binary name on profiles/general/default.cfg <=> Abraham Aranguren (@7a_)
+ fixed minor pentesting vs. pen testing typo on owtf.py :) <=> Abraham Aranguren (@7a_)
+ Merged new pull request from Bharadwaj Machiraju (@tunnelshade): OWTF restricted dictionary installation and merging scripts thank you! <=> Bharadwaj Machiraju (@tunnelshade)
+ Minor improvements to pull request above after testing (linking raft files instead of copying again, fixing svndigger_raft_dict_merger.py permissions) <=> Abraham Aranguren (@7a_)
+ Added .project files in order to allow importing of OWTF project into Eclipse, revised readme/CONTRIBUTORS and a bug fix in owtf.py <=> Bharadwaj Machiraju (@tunnelshade)
+ Removing big-size binaries from the git repo and purge thier history in order to have a small repository <=> Assem Chelli (@assem-ch)
+ Fixed the plugin listing option. It is no longer necessary to specify a Target when listing plugins. <=> Alessandro Fanio Gonzalez (@alessandrofg)
+ Commented out TOOL_GOOHOST as it is not being called by OWTF (since there are better tools doing same job) <=> Bharadwaj Machiraju (@tunnelshade)
+ Revhosts is replaced by dnsrecon as revhosts is discontinued in kali linux. <=> Bharadwaj Machiraju (@tunnelshade)
+ httprint is added to install script as the tool is not present in kali by default <=> Bharadwaj Machiraju (@tunnelshade)
+ Added missing gnutls-bin package to Kali Linux script <=> Abraham Aranguren (@7a_)
+ Added wrapper install scripts around other install scripts and fixed cms-explorer installation & path <=> Bharadwaj Machiraju (@tunnelshade)
+ Fixed the dictionary path for skipfish <=> Bharadwaj Machiraju (@tunnelshade)
+ Created the AUTHORS file <=> Assem Chelli (@assem-ch)
+ Added script for patching Tlssled and revised master install script <=> Bharadwaj Machiraju (@tunnelshade)
+ Removed misleading note about argparse since owtf.py now uses this library <=> Abraham Aranguren (@7a_)
+ Added checks before installation of dictionaries and updated date for tlssled patch <=> Bharadwaj Machiraju (@tunnelshade)
+ Revised the extract_urls.sh to use DirBuster.txt instead of generated report and other minor fixes <=> Bharadwaj Machiraju (@tunnelshade)
+ Skipfish is now linked to from the report, this was the final step to solve https://github.com/owtf/owtf/issues/13 <=> Abraham Aranguren (@7a_)
+ Fixed a bug in invoking nikto (scripts/run_nikto.sh) <=> Bharadwaj Machiraju (@tunnelshade)
24/09/2012 - 0.15 "Brucon" pre-alpha release: Dedicated to Brucon (http://brucon.org), its organisers and attendants
+ Changed name to OWASP OWTF since this is an OWASP project now, thank you OWASP! - https://www.owasp.org/index.php/OWASP_OWTF <=> Abraham Aranguren (@7a_)
+ Bug fix: General clean-up of the bt5_install.sh script + OWTF's tool locations for a smoother install experience, thanks to Xavier Mertens (@xme) for reporting! <=> Abraham Aranguren (@7a_)
+ Bug fix: Removed Slowloris download code from bt5_install.sh script since redistribution was allowed by RSnake and it's packaged with OWASP OWTF <=> Abraham Aranguren (@7a_)
+ Bug fix: Commented out whatweb download from bt5_install.sh since the Backtrack version is now stable, default config also points to Backtrack path now <=> Abraham Aranguren (@7a_)
+ Bug fix: requester.py was referencing "Core.mError" which could sometimes result in the following error: "AttributeError: Core instance has no attribute 'mError'" <=> Abraham Aranguren (@7a_)
+ New feature: Instead of having to use our own nikto binaries, the OWTF's install script will now patch's nikto's poor default user agent (blocked by basic WAF blacklists) <=> Abraham Aranguren (@7a_)
+ Added to Sandro Gauci's Webapp Exploit Payloads to the following external plugins: XSS, CSRF and Cross Site Flashing <=> Abraham Aranguren (@7a_)
+ Added cross-site flashing link to get swfdump from www.swftools.org <=> Abraham Aranguren (@7a_)
+ Added external plugin link to bAdmin project (from whitehat) for default admin interfaces passwords <=> Abraham Aranguren (@7a_)
+ Added xss external plugin link to Gareth's Heyes HackVertor <=> Abraham Aranguren (@7a_)
+ Added xss external plugin link to Mario Heiderich's html5sec.org <=> Abraham Aranguren (@7a_)
+ Changed default UA to a more believable FF15 <=> Abraham Aranguren (@7a_)
+ Added udl filetype to blanket google hacking searches (ica and rdp were already there), thanks to Chema Alonso (@chemaalonso)! <=> Abraham Aranguren (@7a_)
+ Added external cross-site flashing link to Adobe's SWFInvestigator <=> Abraham Aranguren (@7a_)
+ Added external xss link to Krzysztof Kotowicz's Chrome extension exploitation framework (XSS ChEF) <=> Abraham Aranguren (@7a_)
+ Added external xss link to Michal Zalewski's post-XSS ideas on XSS exploitation <=> Abraham Aranguren (@7a_)
+ Added external session management schema link to .NET VIEWSTATE vulnerabilities blog post <=> Abraham Aranguren (@7a_)
+ Added external SQLi plugin link to InfoSec Institute's SQLi Backdoor creation article <=> Abraham Aranguren (@7a_)
+ Added external file extension handling + SQLi link to contagiodump.blogspot.com's Collection of Web Backdoors & Shells <=> Abraham Aranguren (@7a_)
+ Added external file extension handling + SQLi link to Laudanum's Project for shells and utilities <=> Abraham Aranguren (@7a_)
+ Added external Bypassing Authentication Schema plugin link to OWASP's Password Storage Cheat Sheet <=> Abraham Aranguren (@7a_)
+ Added external Clickjacking plugin link to OWASP's ClickJacking article <=> Abraham Aranguren (@7a_)
+ Added external Bypassing Authorisation Schema link to OWASP's Access Control Cheat Sheet <=> Abraham Aranguren (@7a_)
+ Added external plugin link to bAdmin project (from whitehat) for default or guessable user accounts plugin <=> Abraham Aranguren (@7a_)
+ Added external plugin link to OWASP's XSS Filter Evasion Cheat Sheet <=> Abraham Aranguren (@7a_)
+ Added external plugin link to OWASP's XSS Prevention Cheat Sheet <=> Abraham Aranguren (@7a_)
+ Added external plugin link to OWASP's DOM XSS Prevention Cheat Sheet <=> Abraham Aranguren (@7a_)
+ Added external plugin link to OWASP's Web Service Security Cheat Sheet <=> Abraham Aranguren (@7a_)
+ Added external plugin link to OWASP's Transport Layer Protection Cheat Sheet <=> Abraham Aranguren (@7a_)
+ Added external plugin link to OWASP's SQL Injection Prevention Cheat Sheet <=> Abraham Aranguren (@7a_)
+ Added external plugin link to OWASP's Query Parameterization Cheat Sheet (complements SQLi cheat sheet) <=> Abraham Aranguren (@7a_)
+ Added external plugin link to OWASP's Session Management Cheat Sheet <=> Abraham Aranguren (@7a_)
+ Added external plugin link to OWASP's Logging Cheat Sheet <=> Abraham Aranguren (@7a_)
+ Added external plugin link to OWASP's JAAS Authentication Cheat Sheet <=> Abraham Aranguren (@7a_)
+ Added external plugin link to OWASP's Forgot Password Cheat Sheet <=> Abraham Aranguren (@7a_)
+ Added external plugin link to OWASP's Cryptographic Storage Cheat Sheet <=> Abraham Aranguren (@7a_)
+ Added external plugin link to OWASP's Cross-Site Request Forgery (CSRF) Prevention Cheat Sheet <=> Abraham Aranguren (@7a_)
+ Added external plugin link to OWASP's Choosing and Using Security Questions Cheat Sheet <=> Abraham Aranguren (@7a_)
+ Added external plugin link to OWASP's Authentication Cheat Sheet <=> Abraham Aranguren (@7a_)
23/04/2012 - 0.14 "London" pre-alpha release: Dedicated to BSides London (http://www.securitybsides.org.uk/), its organisers and attendants
+ Fixed URL regexp on the link_clicker.py payload for the OWTF imap client Agent <=> Abraham Aranguren (@7a_)
It was missing IP-only URLs like: http://192..., regexp changed to: 'http[:0-9a-zA-Z\.\/]+'
+ Upgraded SET spear phishing scripts from SET version 2.5.3 to SET version 3.2.2 <=> Abraham Aranguren (@7a_)
+ Bug fix: Added GetFileAsList and AppendToFile convenience functions (required by some existing code) <=> Abraham Aranguren (@7a_)
+ Added Version information at the bottom of the OWTF banner and arranged some loading messages to suit <=> Abraham Aranguren (@7a_)
+ Added GetCurrentDateTimeAsStr convenience method to the Timer class <=> Abraham Aranguren (@7a_)
+ Added SET script for new payload (19) <=> Abraham Aranguren (@7a_)
+ Replaced /etc/motd by new parameter WORD_TEMPLATE in SET payload script 3, and added parameter to Spear_Phishing plugin <=> Abraham Aranguren (@7a_)
+ Added better error handling to the Spear Phishing handler so that it aborts when a payload script is not found (instead of crashing in SET, after) <=> Abraham Aranguren (@7a_)
+ Fixed SET payload 15 to take advantage of the custom PDF template <=> Abraham Aranguren (@7a_)
+ Added a bit of SET's documentation to the readme directory <=> Abraham Aranguren (@7a_)
+ Commented out the Attachment name modification in the Spear Phishing plugin (sometimes you may want to control this from outside the plugin) <=> Abraham Aranguren (@7a_)
+ Added better exception handling to OWTF's SMTP class so that failure to perform the SMTP Login assumes open relay and moves on (also sent as a patch to SET) <=> Abraham Aranguren (@7a_)
+ Added slightly better message to OWTF's SMTP START TLS exception handling error message <=> Abraham Aranguren (@7a_)
+ Added warning to SET handler when sending blank values <=> Abraham Aranguren (@7a_)
+ Added check to Spear Phishing module to verify the word template exists <=> Abraham Aranguren (@7a_)
+ Improved exception handling on the SMTP class for Targeted Phishing, thanks Sam! <=> Abraham Aranguren (@7a_)
10/04/2012 - 0.13b "HackPra" pre-alpha release: Dedicated to HackPra (http://www.nds.rub.de/teaching/hackpra/), its organisers and attendants
+ Inclusion of slowloris, thanks to RSNake for allowing redistribution! <=> Abraham Aranguren (@7a_)
+ More indentation clean up in various files <=> Abraham Aranguren (@7a_)
+ Fixed bug on DeriveURLSettings: Thanks to Sandro Gauci for reporting! <=> Abraham Aranguren (@7a_)
The home-brew parsing was resulting in an error like below with URLs like http://example.com:81
"Aborted by Framework: Cannot resolve Hostname: example.com:81"
URL parsing is now done via the urlparse library
+ Fixed bug introduced above whereby urlparse was returning "None" for the port in the summary report: <=> Abraham Aranguren (@7a_)
Reintroduced scheme check to handle this case and ensure the port is never blank regardless of URL format
+ Fixed bug similar to the one in DeriveURLSettings on the OWTF Core: <=> Abraham Aranguren (@7a_)
IsInScopeURL was parsing the hostname from the URL in a home-brew fashion this worked ok most of the time
but in some cases could lead to bugs, core.py is now using urlparse for parsing the hostname from the URL
+ Added regression test shell scripts to tests directory <=> Abraham Aranguren (@7a_)
25/03/2012 - 0.13 "Trooper" pre-alpha release: Dedicated to Troopers (http://www.troopers.de/), its organisers and attendants
+ Inclusion of fuzzdb -allowed by licence- thanks! <=> Abraham Aranguren (@7a_)
+ Inclusion of HashCollision-DOS-POC by Christian Mehlmauer (@_FireFart_) thanks! <=> Abraham Aranguren (@7a_)
Location: owtf_dir/tools/dos/web/HashCollision-DOS-POC
More info: https://github.com/FireFart/HashCollision-DOS-POC
+ Installation script cleanup: tools/bt5_install.sh courtesy of Michael Kohl (@citizen428), thanks! <=> Michael Kohl (@citizen428)
+ Minor fixes to scripts/setrubyenv.sh also courtesy of Michael Kohl @citizen428), thanks! <=> Michael Kohl (@citizen428)
+ "set fuzzFormComboValues all" removed from scripts/run_w3af.sh because it may make w3af scans slow, thanks to Adi Mutu (am06) and Andrés Riancho (@w3af)! <=> Abraham Aranguren (@7a_)
More info: http://sourceforge.net/mailarchive/forum.php?thread_name=CA%2B1Rt67bN3-2OpB%2B7SOGO7%3D92KWXBMdbaztpa885f%3Du2GzjcFg%40mail.gmail.com&forum_name=w3af-users
+ Created an initial basic targeted phishing plugin to send anything via SMTP: aux/se/Targeted_Phishing@OWTF-ASEP-002.py <=> Abraham Aranguren (@7a_)
+ Created the concept of "OWTF Agents": Small listeners that establish communication channels that allow to perform actions remotely (i.e. in a victim machine) <=> Abraham Aranguren (@7a_)
- Added sbd-based shared-password OWTF Agent for persistent shell access to other machines to be used during a test (i.e. victim emulation)
- Added ssh-based trusted-public-key OWTF Agent for an alternative to shared passwords (basic instructions to set this up with ssh)
- Added initial auxiliary plugins to communicate with OWTF agents:
SBD_CommandChainer is working, the others in rce are WIP (see plugins/aux/rce)
- Added imapd OWTF agent: This checks email with a predefined account and loads the configured plugin to process the message.
Example:
1) OWTF sends a targeted phishing attack via aux/se/Targeted_Phishing@OWTF-ASEP-002.py
2) An OWTF imapd Agent processes any new email that arrives and emulates a user click for all links found in the message
+ Added initial SMB handler to the framework and a related plugin: aux/smb/SMB_Handler@OWTF-SMB-001.py <=> Abraham Aranguren (@7a_)
+ Added an Interactive Shell handler useful to interact with remote and local shells run in a subprocess <=> Abraham Aranguren (@7a_)
+ Significant SET integration improvements: new OWTF SET handler + spear_phishing modules and plugin/configurability tweaks <=> Abraham Aranguren (@7a_)
+ Added hopefully better comments in several places <=> Abraham Aranguren (@7a_)
+ Started to use Eclipse and Fixed indentation on many framework files :P <=> Abraham Aranguren (@7a_)
+ Bug fix: Commented out goohost shell one liners in profiles/general/default.cfg: When goohost is not installed cat hangs (Thanks to Sandro Gauci) <=> Abraham Aranguren (@7a_)
+ Bug fix: Grep plugins were no longer showing links to Text, HTML, etc findings <=> Abraham Aranguren (@7a_)
+ Added CAPTCHA breaker tool links to external plugin to assist manual exploitation: PWNtcha - captcha decoder, Captcha Breaker <=> Abraham Aranguren (@7a_)
+ Added vulnerability search box to the CAPTCHA external plugin <=> Abraham Aranguren (@7a_)
+ Added links to the "Session managament schema" external plugin: Gareth Hayes' HackVertor, Raul Siles' (Taddong) F5 BIG IP Cookie Decoder <=> Abraham Aranguren (@7a_)
+ Added link to the "SSI Injection" external plugin: webappsec.org SSI Injection info <=> Abraham Aranguren (@7a_)
+ Moved HTTP-Traceroute back into rev_proxy to avoid config changes <=> Abraham Aranguren (@7a_)
10/02/2012 - 0.12 "Wicky" pre-alpha release: Dedicated to @marcwickenden for sending the first pull request!
+ Merged pull request with IPv6 support and proper IP validation from @marcwickenden thanks! <=> Marc Wickenden (@marcwickenden)
+ Added graceful framework abort when a hostname cannot be resolved (instead of python trace mess) <=> Abraham Aranguren (@7a_)
+ Added Hurricane Electric passive recon link to discovery plugin (Thanks to Chris John Riley) <=> Abraham Aranguren (@7a_)
+ Bug fix in plugin_handler.py and plugin_register.py to set a Start, RunTime and End date for external plugins that have been already run but require to be registered against a target to report display purposes. Only happened in separate iterations. <=> Abraham Aranguren (@7a_)
+ Added a Sanitiser module to solve the "embedding untrusted HTML" issue, when POST is the only way to query a third party site. The filter is public and you are encouraged to break it :). An improved filter will be published shortly after each new public bypass. <=> Abraham Aranguren (@7a_)
REMARKS:
- Thank you very much to everybody that took the time to try to break the HTML filter!
- Congratulations + props to the successful breakers before this release: Mario Heiderich, @notracecc, @dreyercito
- If you did not try to break the filter, what are you waiting for? :)
- The challenge will run indefinitely and is available here: http://blog.7-a.org/2012/01/embedding-untrusted-html-xss-challenge.html
+ Clean-up of passive robots.txt plugin to sanitise embedded HTML (via module above) + move this to an external file
+ plugin_helper.py clean-up for flexibility, readability and code reuse around transparent filtering and sandboxing of embedded third-party HTML (related to above)
+ When embedding HTML from a third party site OWTF will: <=> Abraham Aranguren (@7a_)
1) Filter the HTML using the Sanitiser module above
2) Save the filtered output to a file
3) Create a separate file that embeds the filtered output inside a sanboxed iframe (just in case an unpublished bypass whatever ;))
4) The OWTF report provides a link to the sanboxed file only
5) Both the sandboxed + non-sandboxed files are saved to another directory = they cannot access HTML 5 localstorage (where your review is), at least in Firefox 8
+ Fixed minor but annoying bug whereby the filter was not showing up when the detailed report was collapsed, so detailed report totals were not being shown <=> Abraham Aranguren (@7a_)
+ Added a more links to assist manual XSS exploitation: http://www.bindshell.net/tools/beef, http://xss-proxy.sourceforge.net/, http://www.gnucitizen.org/projects/backframe/ <=> Abraham Aranguren (@7a_)
+ Integration with CKEditor (http://ckeditor.com/): <=> Abraham Aranguren (@7a_)
1) Notes now have a full blown WYSIWYG editor -their permissive licensing allows redistribution, thank you!-
2) Above means you can now take notes with fancy formatting: tables, links, bullet points, font format, size, style, etc (useful for exploit/PoC links, etc)
3) The OWTF review works as usual but the notes are now saved with their formatting (HTML instead of plain text)
4) OWTF will show an automated preview on top of the editor, this is always displayed, which makes it more intuitive to see if there are notes present for a plugin
5) OWTF will also automatically save these formatted notes in the review for resilience: Even if your browser crashes or is closed by mistake you keep what you typed
6) The OWTF notes preview also modify links so that they are displayed on a new tab (most useful option and consistent with other links in the report)
7) OWTF will create/destroy CKEditor instances as follows: 1st lightbulb click: create, 2nd click: destroy = report is more lightweight, loads faster, etc
8) OWTF will destroy all plugin editors when a new one is created: This ensures only resources for a single editor are used at any point in time (report = lightweight)
+ Bug fix: Changing the detailed report iframe size via onload event was messy: Now the iframe is created directly using the initial height defined on: COLLAPSED_REPORT_SIZE <=> Abraham Aranguren (@7a_)
+ Enhancement: Added new review icons to be able to flag certain special cases. Icons can be removed on: profiles/general/default.cfg <=> Abraham Aranguren (@7a_)
1) LadyBug: Flag functional and/or business logic bugs (it's up to you how you interpret this, as usual)
2) Empty Star: To flag you had a brief look (already saw it) but no real analysis was done
3) Half Star: To flag you had an initial look but need to investigate more to be able to rate the output
+ Created an initial help file that is linked to from the OWTF report via question mark icons <=> Abraham Aranguren (@7a_)
+ Some clean-up around review icons code in the report a bit less messy now :P <=> Abraham Aranguren (@7a_)
+ Plugin Review Icons are now highlighted like filters when the user clicks on them as well as when the report loads: More intuitive <=> Abraham Aranguren (@7a_)
+ Multiple bug fixes around Import/Export Review from Summary report (Import was not working at all and other similar problems) <=> Abraham Aranguren (@7a_)
+ Multiple space and colour optimisations in the report <=> Abraham Aranguren (@7a_)
+ An initial Summary Report filter has been implemented, this triggers the same filter on all children iframes, resizing them, etc <=> Abraham Aranguren (@7a_)
+ Added unit tests to allow more efficient testing of the Sanitiser module (i.e. test quickly all previous bypasses against new filter) <=> Abraham Aranguren (@7a_)
+ Made the Sanitiser module a bit smarter so that: <=> Abraham Aranguren (@7a_)
1) It can be called from the framework: When this happens no tests are run, but all functionality is callable by the framework
2) It can be called from the commandline: When this happens the Sanitiser expects HTML on stdin (i.e. cat input.txt | sanitiser.py)
NOTE: I noticed it was handier to read from stdin (instead of a hard-coded file) so that I can regression test new filters faster
+ Significant report memory usage improvements (single review object shared for all reports, it was num_targets x review + 1 before) <=> Abraham Aranguren (@7a_)
+ Significant report performance improvements: <=> Abraham Aranguren (@7a_)
1) When the report loads for the first time, counters and colours are calculated and stored in localstorage
2) Counters will only be updated when the user rates plugins from then on
3) When the report loads again counters are not calculated (as previously= this was slow), instead they are read from localStorage
+ Lots of small report tweaks to improve navigability, general usability and appearance <=> Abraham Aranguren (@7a_)
+ Added rudimentary reporting functionality via magic bar: Builds a basic report for ease of copy-paste in your reporting <=> Abraham Aranguren (@7a_)
+ Refactored owtf.js into smaller files: owtf_general.js, owtf_review.js, owtf_filter.js and owtf_reporting.js <=> Abraham Aranguren (@7a_)
+ Reorganised dictionaries and tools into "restricted" (i.e. licensing) directories so that they are not committed by mistake to github <=> Abraham Aranguren (@7a_)
19/01/2012 - 0.11 "Vienna" pre-alpha release: Dedicated with special love to BSides Vienna (http://www.bsidesvienna.info/), its organisers and attendants
+ Significant report improvements <=> Abraham Aranguren (@7a_)
+ OWTF will now only execute external plugins once regardless of the number of targets (it was 1 x num_targets before, way slower) <=> Abraham Aranguren (@7a_)
+ Host names are now retrieved properly from python via import socket + socket.gethostbyname -> i.e. cannot use dns/host when /etc/hosts is required in a pen test (Bug report credit: Sandro Gauci) <=> Abraham Aranguren (@7a_)
+ Fixed licence to more accurately match 3-clause-BSD (the intended licence :)) <=> Abraham Aranguren (@7a_)
+ Created initial FAQ based on actual feedback/questions <=> Abraham Aranguren (@7a_)
+ Added new grep + external plugins for HTML5 Cross Origin Resource Sharing (CORS) (OWTF-WGP-002) - Thanks to Krzyzstof Kotowicz for answering my questions + great PoCs :) <=> Abraham Aranguren (@7a_)
+ Added links to interesting resources for manual exploitation, etc on the external CORS plugin (Thanks to Krzysztof Kotowicz) <=> Abraham Aranguren (@7a_)
+ Added links to interesting resources for manual exploitation, etc on the external Cross Site Flashing plugin (Thanks to Krzysztof Kotowicz, Michele Orru, Mario Heiderich) <=> Abraham Aranguren (@7a_)
+ Tweaked cross site flashing passive plugin (google hacking searches) to also search for Silverlight's stuff: clientaccesspolicy.xml, .xap and .scr files <=> Abraham Aranguren (@7a_)
+ Tweaked cross site flashing semi passive plugin to also try to get the clientaccesspolicy.xml file (Silverlight's equivalent to crossdomain.xml) <=> Abraham Aranguren (@7a_)
+ Tweaked regexps for Application Configuration Management (OWASP-CM-004) to reduce false positives <=> Abraham Aranguren (@7a_)
+ Added regexps to Application Configuration Management (OWASP-CM-004) to search for PHP+ASP source code disclosure too <=> Abraham Aranguren (@7a_)
+ Added resources (Nicolas Gregoire's XLT wiki) to XML Injection external plugin (to assist with manual exploitation) <=> Abraham Aranguren (@7a_)
+ Added Nicolas Gregoire's HTTP-Traceroute.py reverse proxy check script to tools/discovery/web/rev_proxy (Thanks to Nicolas for allowing direct redistribution with OWTF!) <=> Abraham Aranguren (@7a_)
Added a GET and TRACE reverse proxy checks using HTTP-Traceroute.py to: Infrastructure Configuration Management (OWASP-CM-003) - with WAF and Load Balancer checks -
Link for background: http://www.agarri.fr/kom/archives/2011/11/12/traceroute-like_http_scanner/index.html
+ Bug fix: owtf.py -l net (also owtf.py -g net) would crash because there are no net plugins yet: An error message explaining this is now shown instead (Bug report credit: am06, Michele Orru)) <=> Abraham Aranguren (@7a_)
+ Bug fix: semi_passive/Testing_for_Cross_site_flashing@OWASP-DV-004.py does no longer show duplicates + minor plugin clean-up <=> Abraham Aranguren (@7a_)
+ Bug fix: Fixed some issues on Transaction DB comparisons that resulted in the Cache not working right <=> Abraham Aranguren (@7a_)
+ Modified web/passive/Spiders_Robots_and_Crawlers\@OWASP-IG-001.py to directly submit the form on tool.motoricerca.info (because it does not work via link, uses POST only) <=> Abraham Aranguren (@7a_)
+ Added Start, End and Runtime fields to Plugin Register + Modified report to display the Start + End Date/Time for each plugin (potentially useful to correlate log events) <=> Abraham Aranguren (@7a_)
+ Added http://statsie.com passive analysis link (on Passive Search Engine Discovery) <=> Abraham Aranguren (@7a_)
+ Created a configuration health-check module by massive popular demand :). When OWTF starts it will now warn you when tools are missing and suggest how to fix it. <=> Abraham Aranguren (@7a_)
+ Created initial rudimentary owtf_dir/tools/bt5_install.sh script (incomplete, but getting there) to download tools missing or unreliable in Backtrack 5 <=> Abraham Aranguren (@7a_)
+ Updated install script (owtf_dir/install/bt5_install.sh) + /profiles/general/default.cfg to include the latest Arachni version (v0.4.0.2) and verified it works <=> Abraham Aranguren (@7a_)
+ Experimental: Created a Command Register (owtf_review/db/command_register.txt) where information on all commands run is stored: <=> Abraham Aranguren (@7a_)
- Start+End Date/Time, Runtime, Status (Finished/Cancelled), Actual command run, Command without plugin output info (needed internally for the framework)
- Purpose 1: Avoid running the same command several times, very useful when you have several domain.com targets. A message like "command already run for target X" appears
- Purpose 2: Simple date and time correlation becomes possible: Useful for debugging and IDS testing (which exploit worked? what command brought the server down?, etc)
- Purpose 3: It is simply nice to have a log of every command that was run, and questions like "what tools did you run and how?" become easier to answer
+ Added link to Gareth Heyes' awesome http://shazzer.co.uk project to assist with manual XSS exploitation <=> Abraham Aranguren (@7a_)
+ Added Command execution start date/time information on the screen so that the pen tester can make a better decision (wait/stop it) <=> Abraham Aranguren (@7a_)
+ Experimental: Created a redirect detection mechanism so that it is more intuitive to realise when all URLs are being redirected (i.e. blanket redirect from port 80 to 443) <=> Abraham Aranguren (@7a_)
- Status will be marked as "302 Found": Instead of the previous "200 OK", which did not reflect the redirect (not ideal but better than 200)
- URL will be set as the redirected URL: This way it is more obvious if the target is http:// but the transaction log is all https://, that there is a blanket redirect
- Known issue: The scope can be wrong if the redirect is performed to outside of the target URL, need to work more on this
+ Experimental: If the user supplies only domain names, the scope expands to https + http for each domain <=> Abraham Aranguren (@7a_)
+ Experimental: If a passed URL cannot be reached it is removed from the report (assumed it does not exist) -> useful for huge scopes! <=> Abraham Aranguren (@7a_)
06/01/2012 - 0.10 "Berlin" pre-alpha release dedicated to BerlinSides (http://berlinsides.org/), its organisers and attendants
+ Thanks to Mario Heiderich for the sample attack vectors and Selenium research for IDS testing (used by the selenium aux plugin) <=> Abraham Aranguren (@7a_)
+ Passive Plugins will now be run even if the target IP is internal because passive plugins now also make suggestions (i.e. potentially useful commands) <=> Abraham Aranguren (@7a_)
+ Changed blue navigation arrows to + and - gray icons courtesy of http://www.app-bits.com/free-icons.html. plus/minus suggested as more intuitive (Idea Credit: Sandro Gauci) <=> Abraham Aranguren (@7a_)
+ Changed text color to be darker for higher contrast and easier reading :) (Idea Credit: Sandro Gauci) <=> Abraham Aranguren (@7a_)
+ Implemented dynamic counters beside each filter for a quick visual overview and know where data is (with colours too :)) + All icons are now configurable <=> Abraham Aranguren (@7a_)
+ Bug fix: Comments where not being populated back upon screen reload <=> Abraham Aranguren (@7a_)
+ Removed matches table (redundant now because of the counters) and added mechanism to highlight enabled filter icon with blue background: More intuitive, I think <=> Abraham Aranguren (@7a_)
+ Several UI rearrangements to improve navigation and intuitiveness <=> Abraham Aranguren (@7a_)
+ Implemented new CLI option for algorithm: breadth (default): runs each plugin against all targets first. And depth runs all plugins against each target first <=> Abraham Aranguren (@7a_)
+ Massive refactoring/rewrite of significant portions of the framework to support: algorithm, multi-host targets, future net plugins, etc <=> Abraham Aranguren (@7a_)
+ Changed Config to transparently handle multi-target configurations (i.e. self.Core.Config.Get('x') --> 'x' is relevant for the current target) <=> Abraham Aranguren (@7a_)
+ Changed Config to transparently handle multi-target replacements (i.e. self.Core.Config.GetReplacementDict() --> Returns PLACE_HOLDER => VALUE pairs relevant for target) <=> Abraham Aranguren (@7a_)
+ Serious refactoring to dynamically load plugins and plugin types from the file system along with a description of what they do <=> Abraham Aranguren (@7a_)
+ Significant DB refactoring to accomodate to the new multi-host/multi-db problem, created plugin register db and improved DB simulation mode without touching disk <=> Abraham Aranguren (@7a_)
+ Bug fix: New Plugin highlighting upon screen refresh is now working again <=> Abraham Aranguren (@7a_)
+ robots.txt analysis: Added resource: http://tool.motoricerca.info/robots-checker.phtml + changed proxy from hexilion to anonymouse.org + passive robots.txt plugin clean-up <=> Abraham Aranguren (@7a_)
+ Bug fix: Fixed an issue that resulted in many broken report links <=> Abraham Aranguren (@7a_)
+ Significant reporting improvements, including Summary report counters working, etc <=> Abraham Aranguren (@7a_)
+ Transaction Log DB handling improvements and clean up <=> Abraham Aranguren (@7a_)
+ Added "external" plugins so that the pen tester has a way to write down information relevant to external tools and/or manual testing. Will have helpful info in the future. <=> Abraham Aranguren (@7a_)
+ Added initial SSI grep plugin <=> Abraham Aranguren (@7a_)
+ Added OWASP Codes to the detailed report <=> Abraham Aranguren (@7a_)
+ Many more bugs were also fixed .. <=> Abraham Aranguren (@7a_)
01/12/2011 - 0.07 pre-alpha release
+ Fixed bug in spider plugin: Counter incorrect <=> Abraham Aranguren (@7a_)
+ Cache Control Meta tags search added to grep plugin: Logout and Browser Cache Management (OWASP-AT-007) <=> Abraham Aranguren (@7a_)
+ New plugins: autocomplete, cross site flashing <=> Abraham Aranguren (@7a_)
+ Report navigation improved <=> Abraham Aranguren (@7a_)
+ Added option to "Mark as Reviewed", "Mark as NOT Reviewed", "Clear Review", "Clear Review Storage" for more efficient review <=> Abraham Aranguren (@7a_)
+ Reviewed items are stricken-through, so it's easy to see what has not been reviewed yet <=> Abraham Aranguren (@7a_)
+ New plugin results are highlighted in white blackground, so that it is easy for the tester to identify what's new <=> Abraham Aranguren (@7a_)
+ Made seed shorter and flipped top table to be horizontal and take a lot less space off the screen <=> Abraham Aranguren (@7a_)
+ To the right of OWASP Index Item: Removed toggle + moved "show" and "hide" beside plugin tabs, refactor into tabcreator <=> Abraham Aranguren (@7a_)
+ Added basic CSRF grep plugin that looks for hidden fields (in the hope that token will/will not be found) <=> Abraham Aranguren (@7a_)
+ Added basic SQLi google-hacking passive plugin <=> Abraham Aranguren (@7a_)
+ Added DoS grep plugin (show top 10 slowest queries and suggest to view log) <=> Abraham Aranguren (@7a_)
+ Cleared up the HTTP Transactions table: Removed redundant links + Added link to transaction log <=> Abraham Aranguren (@7a_)
+ Added new plugin for Credentials_transport_over_an_encrypted_channel <=> Abraham Aranguren (@7a_)
+ Lots of UI improvements to use screen space better: Now Review, History, Logs, etc have their own tabs <=> Abraham Aranguren (@7a_)
+ Tried to use cool jquery icons but failed miserably: They are displayed but background sucks need a web designer :) <=> Abraham Aranguren (@7a_)
+ Had the bright idea of changing the naming convention, which broke everything for 1day+ <=> Abraham Aranguren (@7a_)
+ Bug fix: All URLs where being logged instead of only the valid ones <=> Abraham Aranguren (@7a_)
+ Bug fix: DoS testing was taking into account transactions out of scope <=> Abraham Aranguren (@7a_)
+ Bug fix: DoS plugin (and DB transaction manager) crashed when transaction DB empty <=> Abraham Aranguren (@7a_)
+ Moved DirBuster to its own plugin: Old, Backup and Unreferenced Files (OWASP-CM-006) <=> Abraham Aranguren (@7a_)
+ Moved each scanner to its own plugin for ease of review and flexibility (i.e. I want to run X but not Y, etc): arachni, wapiti, w3af, etc now have their own plugins <=> Abraham Aranguren (@7a_)
+ Bug fix: Added check on plugin handler so that grep plugins are skipped when Transaction DB is empty (Grep plugins grep the DB so no DB = fail) <=> Abraham Aranguren (@7a_)
+ Bug fix: Vuln search box was broken due to jquery port changes <=> Abraham Aranguren (@7a_)
+ Added check so that passive plugins are not run if the target ip is an RFC1918 address (aka "private" or "LAN" address) <=> Abraham Aranguren (@7a_)
+ Added passive Testing for Admin Interfaces (OWASP-CM-007) <=> Abraham Aranguren (@7a_)
+ Split URL DB into "potential URL" (maybe third-party tool false positive) and "URL" (vetted) DBs -> potential URLs to be checked by spider plugins <=> Abraham Aranguren (@7a_)
+ Improved Extract URLs mechanism to Visit links (adding to DB, which helps grep plugins) if >= 1 active plugin enabled + associated bugfixes, UI and timing improvements <=> Abraham Aranguren (@7a_)
+ Improved log UI to indicate if there are error messages or not without having to click the button + Significant Log UI navigation improvements <=> Abraham Aranguren (@7a_)
+ Implemented persistence via localStorage, serious JavaScript refactoring: Now there is a single Review JSON object, code simplified a lot <=> Abraham Aranguren (@7a_)
+ Made the choice between localStorage and sessvars configurable so that the user can choose and use some form of persistance (sessvars) even on old browsers. <=> Abraham Aranguren (@7a_)
+ Because of above 2 lines the Storage has been abstracted into separate libraries: the abstraction (sessvars or localStorage) is loaded depending on configuration setting <=> Abraham Aranguren (@7a_)
+ Implemented ability to add notes to the results of each plugin, this is saved in the JavaScript storage as well <=> Abraham Aranguren (@7a_)
+ Added a Filter tab at the top that includes the icons available to review each plugin and allows filtering by flag, by comments present, striken-through, etc <=> Abraham Aranguren (@7a_)
+ Fixed lots of bugs in filter above, added "review size" and "total size" columns to top table for visibility of memory in use, the columns are updated on the fly <=> Abraham Aranguren (@7a_)
+ Added a hidden token div inside plugin reports so that the report can detect whether a plugin's content has changed or not: If changed highlight tab background to white <=> Abraham Aranguren (@7a_)
+ Added a counter to the filter so that the user has visibility about how many plugins matched the filter (handy to find bugs too) <=> Abraham Aranguren (@7a_)
+ Made rating flags configurable: the user can now choose which flag icons they wish to view on the screen (i.e. only low, medium and high icons, etc) <=> Abraham Aranguren (@7a_)
+ Added a new Grep plugin based on URL classification for "Old Backup and Unreferenced Files (OWASP-CM-006)" <=> Abraham Aranguren (@7a_)
+ Bug fix: the grep plugin for "Old Backup and Unreferenced Files (OWASP-CM-006)" was showing URLs with 404 responses <=> Abraham Aranguren (@7a_)
+ Bug fix: Solved a storage capacity calculation issue when sessvars was chosen as the JavaScript storage <=> Abraham Aranguren (@7a_)
+ Installed the latest stable whatweb version, which fixed some issues after updating BT5 R1 <=> Abraham Aranguren (@7a_)
+ Enabled filter on load: Refreshing the report will now 1) Click on the Filter tab + 2) Click on the "show completed plugins only" filter => Showing only available info <=> Abraham Aranguren (@7a_)
+ Bug fix: The unique html counter db was being corrupted under special circumstances (6+ multi-runs) <=> Abraham Aranguren (@7a_)
+ Moved suggested commands from active fingerprint to passive: They are only suggested. Also created powerful primitive to suggest commands more efficiently <=> Abraham Aranguren (@7a_)
+ Bug fix: Spider was using the previous DB instead of the one for scraped/potential URLs <=> Abraham Aranguren (@7a_)
+ Bug fix/Enhancement: Serious improvements to CMS Explorer import dictionaries script: Dictionaries are now converted into DirBuster format and CMS-specific <=> Abraham Aranguren (@7a_)
+ After above, created new configuration lines for CMS-specific dictionaries: all, wordpress all, wordpress plugins, etc from the DirBuster format import (thx CMS Explorer). <=> Abraham Aranguren (@7a_)
18/11/2011 - 0.04 pre-alpha release - Lots of improvements, widely unpublished
+ Re-architecture to simplify code a bit more (general clean-up) <=> Abraham Aranguren (@7a_)
+ Lots of bug fixes <=> Abraham Aranguren (@7a_)
+ Implemented (hopefully) robust error/exception handling that facilitates bug reporting and tries to save as much partial data as possible for the user when a crash happens <=> Abraham Aranguren (@7a_)
+ Implemented new HTTP method support in reporter module (HEAD, OPTIONS, TRACE, DEBUG and PUT -PUT still buggy-) <=> Abraham Aranguren (@7a_)
+ Improved DB format and implemented a few caching functions to speed the framework <=> Abraham Aranguren (@7a_)
+ Implemented naming convention to distinguish scope from external DB transactions <=> Abraham Aranguren (@7a_)
+ Implemented logging of transaction parts separately as well as in full: 4 files saved per transaction -> full, request, resp. headers and resp. body <=> Abraham Aranguren (@7a_)
+ Created new Reporting functions to show Transactions as tables easily from plugins (reporter.py: DrawHTTPTransactionTable and relatives) <=> Abraham Aranguren (@7a_)
+ Created new mRandom module to build random strings on the fly <=> Abraham Aranguren (@7a_)
+ Centralised helper functions into a single library called general.py (will consider separating when there are more functions) <=> Abraham Aranguren (@7a_)
+ Improved Transaction log and main report significantly and started to customise CSS a bit <=> Abraham Aranguren (@7a_)
+ Main config.cfg split into framework_config.cfg and user_config.cfg to keep settings separate, the framework loads all settings on the Config object <=> Abraham Aranguren (@7a_)
+ Added outbound proxy support for owtf requests only and a proxy check on start-up <=> Abraham Aranguren (@7a_)
+ Serious refactoring of database and related fixes elsewhere in the framework: Now broken down into: db, url_manager, transaction_manager and run_manager <=> Abraham Aranguren (@7a_)
+ Moved plugin_handler and plugin_helper into a plugin module (aka "directory") <=> Abraham Aranguren (@7a_)
+ Significant improvements in Header Analysis and Reporting <=> Abraham Aranguren (@7a_)
+ Lots of error handling bug fixes <=> Abraham Aranguren (@7a_)
+ Moved transaction.py and requester.py into a http module (aka "directory") <=> Abraham Aranguren (@7a_)
+ Added handy links section to report at the top: OWASP Testing Guide, CVSS advanced calculator, Hackvertor, etc <=> Abraham Aranguren (@7a_)
+ Changed grep plugin behaviour: Grep plugins will automatically be run after semi_passive and then again after active plugins run + always overwritten <=> Abraham Aranguren (@7a_)
+ Built reusable response pattern matching primitives <=> Abraham Aranguren (@7a_)
+ Fixed nasty run DB data corruption bug (only happened on the first 2 runs) <=> Abraham Aranguren (@7a_)
+ Added autocomplete plugin that looks for password fields <=> Abraham Aranguren (@7a_)
01/11/2011 - 0.01 pre-alpha release - Basic proof of concept, widely unpublished :) <=> Abraham Aranguren (@7a_)