Releases · cyberaz0r/Burp-IISTildeEnumerationScanner

Version 2.0:

Completely refactored code (ate all the spaghetti, now it is fine ;) )
Upgraded threading system to a completely new and improved version to address threading-related bugs such as bruteforce running after stopping and issues with the scan/stop button not starting or stopping the scan correctly
Adjusted default configuration values and some active scan parameters to improve accuracy of detection
Enhanced dynamic values cleaning by utilizing double-request strip in detection mode to reduce false positive ratio and by incorporating more regexes in bruteforce mode to improve bruteforcing accuracy
Added dynamic content strip level configuration value to select level of dynamic content stripping with additional regexes
Added delay between requests configuration value to specify the delay between request in milliseconds
Added Intruder Payload Set Generator to guess complete file names from scan results using sitemap URLs
Improved match list building on complete filename guessing
Improved name and extension prefixes feature and fixed some bugs on it
Fixed duplicates with unfinished extension in results display
Fixed some syncronization issues with output and better UI handling on starting/stopping scan
Fixed wordlist fields height in UI
Fixed some typos and rephrased some parts
Changed detection confidence to "Firm" (there can be false positives, it is never certain!)
Changed issue references to the original research paper for issue background and Microsoft workaround for remediation background

Provide feedback