Releases · xnl-h4ck3r/GAP-Burp-Extension

14 Jul 20:39

xnl-h4ck3r

v5.4 Latest

Latest

v5.4
- Changed
  - BUG FIX: Change the self.REGEX_LINKS regex to also look for . within file names. If a file name is found that has a required extension, e.g. .js then the file name itself can also have a . in it, e.g. chunk.1337.js. Previously the regex would not have picked these up in certain situations.

Assets 4

26 May 23:30

xnl-h4ck3r

v5.3

Changed
- Change REGEX_JSNESTED (used by the Javascript variables and constants option) to also get params from nested objects that start with JSON.stringify(.

Assets 4

21 May 20:44

xnl-h4ck3r

v5.2

Changed
- Fix bug where "sus" parameters wouldn't be shown at all in the Potential param pane if the option to Report "sus" params issues was not selected.
- Change REGEX_JSNESTED (used by the Javascript variables and constants option) to also get params from nested objects that start with dataLayer.push(.
- Improve the description for Javascript variables and constants in the GAP Help.md.

Assets 4

21 May 16:31

xnl-h4ck3r

v5.1

New
- When the RESPONSE PARAMETERS option of Javascript variables and constants is selected, GAP will now extract parameter names from nested objects too.
- Add Inc. Tentaive? option next to Report "sus"params? option. Findings marked Tentative will only be raised if this option is checked. If disabled it will speed up processing.
Changed
- Move the check for Sus param checkbox being checked to the start of checkSusParams instead of half way through, to help speed things up.
- Change regex REGEX_PARAMSPOSSIBLE and REGEX_PARAMSSUB to check for HTML entities with the & as optional, as sometimes they appear without. This ensures they are replaced more effectively.