Updated: dichawk endpoints
New: lightmode option
Updated: half of the code has been refactored/reorganized
Updated: dichawk endpoints
Updated: JS sensitives endpoints
Updated: Exclude option (referer to Readme)
Fixed: ANy error with exclude option
New: Download all js link with specific keyword found
Updated: dichawk endpoints
Updated: JS sensitives endpoints
Started: Add proxy function (--proxy proxy.lst) [In progress]
New: Adding path disclosure recon
New: Detecting potential hidden directory
Updated: dichawk endpoints
New: Wiki created !
Fixed: any bugs and redesign titles pre-scan
Changed: waybacktool module deleted by a personal module (less slow)
New: Option -nfs (not first step) to pass the first recon steps
Fixed: Any bug with the download file and bypass forbidden when differents options
New: Google cse search (buckets...)
New: Add LICENSE & PyPI version and stats
Redefining priorities/tasks
New: Let's debug certificate subdomains results
New: Display the current bypass number during scan ("CB:")
New: Easter egg for xmas :)
Updated: Fix any bugs
New: Cloudflare protection detection in live
Updated: Bugs correction with backup extension scan
Updated: New ways to bypass forbidden (Thanks @yunem_se !)
Updated: New socketio endpoints
Updated: New words in dichawk.txt
Updated: New logo by @__PH4NTOM__!
Fixed: Any bugs
Updated: Little style modifications
Fixed: A pass on the source code, more speedy
Added: Function "vim_backup" to test backup vim during scan when any -b option
Updated: New banner
Fixed: Multiple website with file which contain url
Updated: code review & optimisation
Updated: Multiple new paths/words in dichawk.txt
Added: Option "-f" for scanning multiple website to one time. Ex: ```-f urls_file.txt```
Updated: Clean code & directory
Fixed: Fixed percentage & line count bug during scan
Added: Display errors number in live during scan
Added: Output file format function. Available formats: json, csv, txt. Ex: ```-of json```, ```-o /tmp/Target -of csv```
Fixed: Reduction of false positives number
Added: Header of Hawkscan when your typing "head hawkscan.py"
Fixed: Any bugs: Thread modification, header parameters, bypass forbidden & any others...
Added: google module in requirements/setup
Updated: Deleted degoogle modules/script, google dork works now with the "googlesearch" module
Updated: A little style modification
Updated: Default thread now 30
Added: A new restriction bypass feature, that test "post,put,patch & option" requests methods on a restriction page
Fixed: The little style display problems
Fixed: Better display of live lines
Added: A new file to manage the modules to launches
Fixed: Bug in socketio module
Fixed: Add size bytes during th error scan
Added: Words in wordlist
Updated: New logo made by Cyber_Ph4ntoM
Updated: Code review
Updated: Add multiple words in dichawk.txt
Updated: Style refont
Fixed: Mutliple bugs
Update: you can choose your backup file when you scan, EX:
-b: default all backup file
-b .bck, .old, .bak: just these backups
Updated: dico.txt → dichawk.txt (dico.txt it was to simple for a personal dictionary :)
Fixed: Bug on parsing JS
Fixed: Bug on the exclude function
Fixed: Bug on the bypass forbidden function
Added: News header value in bypass forbidden function
Updated: Rrefont helping style
Added: Notify when scan completed (Only work on Linux)
Added: New function added: check_socketio(), to check the websocket requests during the first step. That can potentially leak any informations (path, message, users...). Adding too in JS verification to check if any endpoint look like socketio.
Fixed: Reducted false positive number
Deleted: WhoIs function (useless)
Updated: Style refont
Updated: Dockerfile
Added: A resume of commands (url, threads...) during the begin scan
Updated: Add new content in google dork, dico and javascript recon
Updated: Real setup.py :)
Fixed: Any bugs
Modified: Raw output, modification for any integration
Added: Function "check_backup_domain" added, test before start "domain.zip/rar etc.."
Added: New option (-ffs) to force the first step of scan during the first running (waf, vhosts, wayback etc...)
Added: multiple excludes (only number or bytes number), exemple: --exclude 403,500 // --exclude 1337b,500...
Fixed: Bugs
Modified: function "check_ip" which check if the IP o the website was different by domain name => Now: check_vhost
Added: Option --auth for HTTP authentification. Exemple --auth admin:admin
Fixed: Bugs
Faster
Updated: Less FP with bypass forbidden function
Updated: Less errors in princpal script
Updated: Little modifications in report
Fixed: Style and system bugs
Added: Auto resize relative to window
Added: "degoogle" tools for google dork queries, more fast and less of google captcha
Updated: Code optimization
Started: Code optimization
Updated: Changed changelog.md + Readme.md
Updated: file and directory function management
A directory of the website is automatically create like: "website_date/".
And if the directory exist an other directory is created like: "website date_hour/"
Added: Function to try if the website IP is different of the website domain
Updated: dico.txt
Fixed: system bugs
Added: New exclude type, now you can exclude a number of byte with "b" at the end in your number, like: --exclude 550b
Added: Google dork requests at the first scan
Added: Option "--js" for scan and analyse JS
Deleted: "dryscrape" librarie for the moment, many error with it, I'll remake it later
Added: Setup.py, you can just doing "python setup.py"
Added: Try differents bypass for 403 code error
Updated: dico.txt
~~Auto activate JS during scan if the webite is full JS (website 2.0)~~
Add: New function which try automatically if it's possible scanning with "localhost" host
Replace: "--cookie" by "-H" for different header values; ex: -H "Host:test" // -H "Authentification:cookie" (not space after ":" or "=")
Code review
New logo
Adding Changelog
Adding news words in dico.txt (old dico_extra.txt)
Adding extensions in backup check test function, option -b (.json, .xml, .bkp...) => very long
Test bypass of waf rate limited in real time (X-Originating-IP...)
Exclude response http code (--exclude 403)
Filter on response http code in report
Better management Threads
Add news words in dico_extra.txt
New style for the report
Errors log management