Skip to content

Releases: six2dez/reconftw

v2.9

04 Jun 09:38
d282967
Compare
Choose a tag to compare

Highlights

  • API leak checks SwaggerSpy and porch-pirate
  • 3rd parties misconfigs with misconfig-mapper
  • JS sourcemaps check with sourcemapper and jsluice
  • IP geolocation info
  • oshi.at for sending huge results zip files
  • Improved trufflehog detection
  • Updated mind map
  • IIS short names added
  • Password leaks with LeakSearch
  • PPfuzz replaced by ppmap
  • Brutespray and nomore403 updated
  • Nucleus fuzzing parameters
  • Added p1radup

What's Changed

New Contributors

Full Changelog: v2.8.1...v2.9

v2.8.1

19 Jan 13:46
ad9e153
Compare
Choose a tag to compare
  • Gf potential removed
  • New API leaks search included
  • Fix for dontgo403
  • Fix for smuggler

v2.8

17 Jan 12:18
992b3e0
Compare
Choose a tag to compare

Main changes

  • Removed web interface
  • Added postman search
  • Replaced byp4xx with dontgo403

What's Changed

New Contributors

Full Changelog: v2.7.1.1...v2.8

v2.7.1.1

20 Oct 06:00
90dacad
Compare
Choose a tag to compare

What's Changed

Full Changelog: v2.7.1...v2.7.1.1

v2.7.1

19 Oct 15:13
be7272e
Compare
Choose a tag to compare

Highlights

  • Security controls for tampered CSP/domains entries
  • Removed subgpt as it no longer works
  • Print nuclei results with axiom
  • Added postleaksNG
  • Option to update tools before running the tool
  • Added custom nuclei templates path option
  • Installer improvements

What's Changed

New Contributors

Full Changelog: v2.7...v2.7.1

v2.7

17 Jun 00:05
2a7d605
Compare
Choose a tag to compare

Highlights

  • Removed unimap
  • Improved GH repos scan, Trufflehog + gitleaks
  • Added Mantra for JS secrets
  • Removed bbrf
  • New random banner by @720922
  • Better and improved web fuzzing
  • crt replaces ctfr
  • web server fixes
  • vulners replaces searchsploit
  • Shellcheck compliant
  • Preparing to move to MIT license
  • Timeout fixes
  • Dynamic gowitness timeout
  • Added nuclei fuzzing templates on vulns_check

What's Changed

New Contributors

Full Changelog: v2.6...v2.7

v2.6

24 Apr 23:19
3ee2fbc
Compare
Choose a tag to compare

Highlights

  • Added @n0kovo subdomain wordlist for DEEP mode, dropped assetnore's best_dns_wordlist
  • Back to interlace, dropped rush
  • Back to @lc gau as default passive url collector, only for deep mode for performance reasons
  • Added @r0oth3x49 ghauri as option for deep sqli
  • Added @hakluke hakip2host instead of dnsx for PTR lookup
  • 100K (or even more) different fixes
  • Removed theHarvester, h8mail and pwndb as they never work, I have a replacement in the backlog ;)
  • Fixed JSA with interlace from @gprime31
  • THE WEB INTERFAAAAAAAAACE @lur1el @d3vchac @ddaniboy

What's Changed

New Contributors

Full Changelog: v2.5.2...v2.6

v2.5.2

14 Feb 18:54
06fefdd
Compare
Choose a tag to compare

Highlights

  • coming back to Trickest resolvers
  • waymore now replaces waybackurls and gau
  • Added gitlab-subdomains
  • Usage of new ffuf hashmap feature for ssrf detection
  • amass freezed version on v3.20.0
  • Added byp4xx
  • Fixes on send2zip
  • urless on js extraction

What's Changed

New Contributors

Full Changelog: v2.5.1...v2.5.2

v2.5.1

07 Jan 20:42
23a97b9
Compare
Choose a tag to compare

What's Changed

New Contributors

Full Changelog: v2.5...v2.5.1

v2.5

23 Oct 01:18
52d33cd
Compare
Choose a tag to compare

Highlights

  • Improved send results over notify
  • JS secrets detection moved to cfg
  • Fixes on inscope, resolvers, NOERROR subdomain discovery, web fuzzing, ripgen in Docker, ipcdn, MacOS installation,
  • HTTP Request Smuggling check
  • Web cache poisoning check
  • Subfinder added

What's Changed

New Contributors

Full Changelog: v2.4...v2.5