- Fixed header comparison (will fix infinite bruteforce on some targets) - Fixed catastrophic backtracking in some regexes (arjun used to get stuck) - New logic for handling redirections - `--disable-redirects` option
2.1.4
Not secure
- Fixed file-paths not being windows compatible - Fixed and improved JavaScript heuristics scanning - Fixed missing ampersands in `-oT` output - Refactoring of help options and code
2.1.3
Not secure
- Fixed memory exhaustion bug - Fixed parsing of raw HTTP files - Added new detection factor: `number of lines` - Failed retries are now handled properly
2.1.2
Not secure
- Minor code cleanup - Fixed `--headers` option
2.1.1
Not secure
- Fixed circular import - Fixed BurpSuite export - Fixed not working headers - Better response type checking - Fixed wordlist error on Windows - Fixed `Content-Type` header bug
2.1.0
Not secure
- Added `XML` method - `-q` option for quiet mode - New wordlists backed by research - `-oT` option for txt export - `-oB` option for BurpSuite export - `-oJ` alias for JSON export - Added support for custom injection point in `XML` and `JSON` - pypi package