Releases v2.0.0
New Features
Added support for requests keyword arguments (method, params, data, json, headers, cookies, auth, timeout, allow_redirects, proxies, verify, cert)
CLI
Added support for requests keyword arguments (same as above)
Add the option to configure SSL verification and requests keyword arguments on a per-target basis when bulk scanning
Added a prompt when a scheme is not provided during single scanning
Added shorthand options for all options (not including requests keyword arguments)
POSSIBLE BREAKING CHANGE --verify moved to request args. --verify-enable replaced with --verify
POSSIBLE BREAKING CHANGE --certs/--certificates replaced with --verify path/to/certificate/bundle
POSSIBLE BREAKING CHANGE --json replaced with --output json
POSSIBLE BREAKING CHANGE --rules replaced with --rules-file (for consistency with --rules-uri)
Bug Fixes
Added error handling so that the whole scan doesn't break if a single target isn't reachable when bulk scanning
Other
Deprecated support for Python <3.8. Added support for Python 3.8 - 3.11
Changed the default HTTP request method from GET to HEAD when retrieving headers from remote endpoint
Add a default timeout of 5 seconds to HTTP requests when retrieving headers from remote endpoint
Default behaviour to follow redirects when retrieving headers from remote endpoint
Added code coverage check to the pipeline (min 80% required)
Use isolated tox environments for pipeline checks & local testing
POSSIBLE BREAKING CHANGE Removed top-level Headers key from the rules specification
POSSIBLE BREAKING CHANGE Changed request_headers argument in main class to headers
POSSIBLE BREAKING CHANGE Moved rules.yml to resources folder
General refactoring & maintenance
You can’t perform that action at this time.
