Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Suggestions for a filter flag to improvie accuracy #1293

Open
vu1Art1st opened this issue Mar 30, 2023 · 5 comments · May be fixed by #1436
Open

Suggestions for a filter flag to improvie accuracy #1293

vu1Art1st opened this issue Mar 30, 2023 · 5 comments · May be fixed by #1436
Labels
enhancement New feature or request Priority: High

Comments

@vu1Art1st
Copy link

What is the feature?

The feature sets a flag to skip continuously getting the same size of response and exclude specific paths during recursive scans.

What is the use case?

This feature is useful when scanning websites that have a web application firewall, redirects, or custom error pages that return continuously the same size of 200 response. By setting this flag, dirsearch can skip these continuously same size responses and exclude specific paths to produce more accurate results.

@vu1Art1st vu1Art1st added the enhancement New feature or request label Mar 30, 2023
@shelld3v
Copy link
Collaborator

shelld3v commented Apr 8, 2023

exclude specific paths during recursive scans

It's already possible with --exclude-subdirs

@vu1Art1st
Copy link
Author

exclude specific paths during recursive scans

It's already possible with --exclude-subdirs

i'm not that mean, what i mean is in some cases, during scanning, especially recursive scanning, it may trigger WAF or redirection, resulting in a large number of consecutive HTTP response status codes of 200 with the same size. In such cases, it should be skipped directly."

@Prady18
Copy link

Prady18 commented Apr 11, 2023

@AMG4MATIC Understood. When performing scanning activities, such as recursive scanning, it is possible that it may trigger a Web Application Firewall (WAF) or redirection, resulting in a large number of consecutive HTTP response status codes of 200 with the same size. In these cases, it may be advisable to skip these responses directly in order to avoid unnecessary scanning and potential detection by security mechanisms. Skipping these responses can help avoid false positives or unnecessary noise in the scanning process. However, it's important to always ensure that any scanning activities are performed in a responsible and legal manner, with proper authorization and adherence to applicable laws and regulations.

@s0i37
Copy link

s0i37 commented Oct 31, 2024

Its just like a:
wfuzz -c -z stdin http://site.com/FUZZ --filter 'w|u()'
And only old wfuzz can do this.

@shelld3v
Copy link
Collaborator

shelld3v commented Nov 7, 2024

Its just like a: wfuzz -c -z stdin http://site.com/FUZZ --filter 'w|u()' And only old wfuzz can do this.

--filter 'w|u()' seems to get all results and then filter only unique responses, but it requires the scanning to totally finish before showing the results right?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
enhancement New feature or request Priority: High
Projects
None yet
Development

Successfully merging a pull request may close this issue.

4 participants