Skip to content

v1.4.3

Latest
Latest
Compare
Choose a tag to compare
@Brum3ns Brum3ns released this 17 Jun 23:25
· 1 commit to main since this release
v1.4.3
a4d68ca

What's changed

Bug fixes

  • Old option -fH and -mH was not used but showed as an option

New features

  • New options added:
    • -fdH Filter dynamic header in response
    • -fH Filter header in response
    • -mH Match header in response
  • Firefly now use filters in difference scans such as dynamic header detection. This is to remove false positive in the result.
  • A new more advanced HTTP filter package has been developed that replace the old one.
  • Randomness and dynamic detection has been heavily improved and have an accuracy of: ~90% in detection rate when a random/dynamic string appear in the HTTP response that is a least 16 chars long (common for CSRF, Sessions etc). The accuracy is near ~99% when a string has a length of 23 chars or more (This can be tested in the /tests folder).

Full Changelog: v1.4.2...v1.4.3

Assets 2
Loading