v2.3.2
Add:
- The result will be written to the JSON file, but it will not include the request and response content.
- Writes a JSON file including all vulnerability results.
- The "disable-output-html" command can be used to prevent the automatic generation of an HTML report, and its priority is higher than the "-o" command.
- PoC script info information adds three fields affected, solutions, and created
Optimization:
- Duplicated PoC removed: springboot-env-unauth
- When performing an update operation, the -up command prompt is not friendly enough
- Scan in order of increasing security risk level
新增:
- 使用命令参数 -json 或 -j,将漏洞结果写入 JSON 文件,不包括 request 和 response
- 使用命令参数 -json-all 或 -ja,将漏洞结果写入 JSON 文件,包括 request 和 response
- 使用 disable-output-html 命令可以禁止生成 HTML 报告,该命令的优先级高于 -o 命令。
- PoC 脚本 info 信息增加 affected、solutions、created 三个字段
优化:
- 已移除重复的PoC: springboot-env-unauth
- 执行更新操作时,-up 命令提示不够友好
- 按照从低到高的安全风险级别顺序进行扫描
- 优化 url.path 编码问题