summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorKr1ss2021-02-20 21:39:41 +0100
committerKr1ss2021-02-20 21:39:41 +0100
commita6143edd978cef67ae7ff772c8e0b65e52c8449a (patch)
treee93d6e5392820663246a22e5a9bf6e2c1f202528
parenta128551c117d54a8095053fcbe8985106ec3ba43 (diff)
downloadpackages-a6143edd978cef67ae7ff772c8e0b65e52c8449a.tar.gz
packages-a6143edd978cef67ae7ff772c8e0b65e52c8449a.tar.bz2
packages-a6143edd978cef67ae7ff772c8e0b65e52c8449a.zip
update: wapiti 3.0.4-1
upstream release
Diffstat
-rw-r--r--.SRCINFO11
-rw-r--r--ChangeLog22
-rw-r--r--PKGBUILD14
3 files changed, 37 insertions, 10 deletions
diff --git a/.SRCINFO b/.SRCINFO
index d306576..9149bf3 100644
--- a/.SRCINFO
+++ b/.SRCINFO
@@ -1,12 +1,13 @@
1pkgbase = wapiti 1pkgbase = wapiti
2 pkgdesc = A comprehensive web app vulnerability scanner written in Python 2 pkgdesc = A comprehensive web app vulnerability scanner written in Python
3 pkgver = 3.0.3 3 pkgver = 3.0.4
4 pkgrel = 3 4 pkgrel = 1
5 url = http://wapiti.sourceforge.net/ 5 url = http://wapiti.sourceforge.net
6 changelog = ChangeLog 6 changelog = ChangeLog
7 arch = any 7 arch = any
8 license = GPL 8 license = GPL
9 makedepends = python-setuptools 9 makedepends = python-setuptools
10 makedepends = python-pip
10 depends = python-requests 11 depends = python-requests
11 depends = python-beautifulsoup4 12 depends = python-beautifulsoup4
12 depends = python-lxml 13 depends = python-lxml
@@ -17,8 +18,8 @@ pkgbase = wapiti
17 optdepends = python-requests-kerberos: Kerberos authentication 18 optdepends = python-requests-kerberos: Kerberos authentication
18 optdepends = python-requests-ntlm: NTLM authentication 19 optdepends = python-requests-ntlm: NTLM authentication
19 options = zipman 20 options = zipman
20 source = http://downloads.sourceforge.net/sourceforge/wapiti/wapiti/wapiti-3.0.3/wapiti3-3.0.3.tar.gz 21 source = http://downloads.sourceforge.net/sourceforge/wapiti/wapiti/wapiti-3.0.4/wapiti3-3.0.4.tar.gz
21 sha256sums = 059f778453ebf05b38e9c6c837d3b3eb9b8921c8fdc6d4029df89f2b0e84f5b7 22 sha256sums = 8b696753a37506f0c3e8f542cb60e9f8198bb1bafd1a1dc97fbb9592becf31f3
22 23
23pkgname = wapiti 24pkgname = wapiti
24 25
diff --git a/ChangeLog b/ChangeLog
index 75cba8b..947f2b2 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,25 @@
120/02/2021
2 Wapiti 3.0.4
3 XSS: improved context awareness of HTML webpage, payloads can now use the existing HTML tags without closing them
4 XSS: greatly reduced number of false negatives while slightly reducing false positives
5 XSS: the module will also check for the CSP header and warn if reflection was found while a strong CSP seems present
6 XSS: reduced memory and CPU consumption
7 XSS: added more payloads to bypass filters and WAF
8 Exec: added a few more payloads
9 SQL: more heuristics to detect DBMS used on the target
10 Wappalyzer module allows to detect software used by a website, along with versions
11 New module to check the security settings of Cookies (HttpOnly, secure, etc)
12 New module to check the security settings for HTTP headers (Strict-Transport-Security, X-Frame-Options, etc)
13 New module to check the security settings for Content-Security-Policy
14 New module to check for forms vulnerable to CSRF (either no anti-CSRF token is present or it is not well implemented)
15 New module to brute-force found login forms with known default credentials (admin/admin, demo/demo, etc)
16 New --update option allows to get last updates for detections databases (Wappalyzer and Nikto)
17 New --max-attack-time options allows to limit the execution time of each attack module
18 New --store-config options allows to set the path for Wapiti configuration files (detection databases)
19 Combining the new "-a post" authentication option along with -s allows to login on the target without using wapiti-getcookie
20 Removed jQuery dependency
21 Fixed several issues with endpoints
22
120/02/2020 2320/02/2020
2 Wapiti 3.0.3 24 Wapiti 3.0.3
3 An important work was made to reduce false positives in XSS detections. 25 An important work was made to reduce false positives in XSS detections.
diff --git a/PKGBUILD b/PKGBUILD
index 2f9d93e..9ebaf3b 100644
--- a/PKGBUILD
+++ b/PKGBUILD
@@ -4,27 +4,31 @@
4 4
5pkgname=wapiti 5pkgname=wapiti
6 6
7pkgver=3.0.3 7pkgver=3.0.4
8pkgrel=3 8pkgrel=1
9 9
10pkgdesc='A comprehensive web app vulnerability scanner written in Python' 10pkgdesc='A comprehensive web app vulnerability scanner written in Python'
11arch=('any') 11arch=('any')
12url='http://wapiti.sourceforge.net/' 12url="http://$pkgname.sourceforge.net"
13license=('GPL') 13license=('GPL')
14 14
15makedepends=('python-setuptools' 'python-pip')
15depends=('python-requests' 'python-beautifulsoup4' 'python-lxml' 'python-tld' 16depends=('python-requests' 'python-beautifulsoup4' 'python-lxml' 'python-tld'
16 'python-yaswfp' 'python-mako' 'python-pysocks') 17 'python-yaswfp' 'python-mako' 'python-pysocks')
17optdepends=('python-requests-kerberos: Kerberos authentication' 18optdepends=('python-requests-kerberos: Kerberos authentication'
18 'python-requests-ntlm: NTLM authentication') 19 'python-requests-ntlm: NTLM authentication')
19makedepends=('python-setuptools')
20 20
21options=('zipman') 21options=('zipman')
22 22
23changelog=ChangeLog 23changelog=ChangeLog
24source=("http://downloads.sourceforge.net/sourceforge/$pkgname/$pkgname/$pkgname-$pkgver/$pkgname${pkgver:0:1}-$pkgver.tar.gz") 24source=("http://downloads.sourceforge.net/sourceforge/$pkgname/$pkgname/$pkgname-$pkgver/$pkgname${pkgver:0:1}-$pkgver.tar.gz")
25sha256sums=('059f778453ebf05b38e9c6c837d3b3eb9b8921c8fdc6d4029df89f2b0e84f5b7') 25sha256sums=('8b696753a37506f0c3e8f542cb60e9f8198bb1bafd1a1dc97fbb9592becf31f3')
26 26
27 27
28prepare() {
29 rm -rf "$pkgname${pkgver:0:1}-$pkgver/tests"
30}
31
28build() { 32build() {
29 cd "$pkgname${pkgver:0:1}-$pkgver" 33 cd "$pkgname${pkgver:0:1}-$pkgver"
30 python setup.py build 34 python setup.py build
generated by cgit v1.2.3-70-g09d2 (git 2.46.0) at 2024-11-25 17:04:31 +0000