Release 2.2.2 Zhang Jike, I advise you to be kind

zan8in released this 05 Apr 10:31

· 811 commits to main since this release

6987238

bug:

Fix afrog html report XSS vulnerability

optimization:

Simplified URL blacklist mechanism
Optimize http/s detection function
Optimized file upload (all) PoC
Optimize RCE (all) PoC

delete:

Remove Fingerprint fingerprint recognition and command parameters (replacement tool pyxis)
Remove uncommon command parameters

PoC:

Added 52 PoCs
Validate and optimize n multiple PoCs
Remove PoC csz-cms-multiple-blind-sql-injection
Remove PoC phpstudy-nginx-wrong-resolve
Built-in several private PoC

修复：
- 修复 afrog html 报告 XSS 漏洞

优化：
- 简化 URL 黑名单机制
- 优化 http/s 检测功能
- 优化文件上传 (所有) PoC
- 优化 RCE (所有) PoC

删除：
- 去掉 Fingerprint 指纹识别及命令参数 (替代工具 pyxis)
- 去掉不常用命令参数

PoC:
- 新增 52 PoC
- 验证和优化 n 多个 PoC
- 删除 PoC csz-cms-multiple-blind-sql-injection
- 删除 PoC phpstudy-nginx-wrong-resolve
- 内置几个 private PoC

Assets 11