Arjun Versions Save

• hotfix for a breaking bug

• Ability to detect parameters that respond to a certain value e.g. "?debug=yes"
• Added "required parameter" detection
• Heuristic can now extract words out of json/text responses
• Fixed -oB option description

• Fixed multiple breaking bugs
• Export results as they come in multi-target mode
• Various improvements to output in multi-target mode
• changed default chunk size 300->500 and threads to 2->5

• Fixed header comparison (will fix infinite bruteforce on some targets)
• Fixed catastrophic backtracking in some regexes (arjun used to get stuck)
• New logic for handling redirections
• --disable-redirects option

• Fixed file-paths not being windows compatible
• Fixed and improved JavaScript heuristics scanning
• Fixed missing ampersands in -oT output
• Refactoring of help options and code

• Fixed memory exhaustion bug
• Fixed parsing of raw HTTP files
• Added new detection factor: number of lines
• Failed retries are now handled properly

• Minor code cleanup
• Fixed --headers option

• Fixed circular import
• Fixed BurpSuite export
• Fixed not working headers
• Better response type checking
• Fixed wordlist error on Windows
• Fixed Content-Type header bug

Added an anomaly detection algorithm with 9 factors

• Added a HTTP response analyzer for handling errors and retrying requests
• Significantly improved heuristic scanner
• --passive option for collecting parameters from otx, commoncrawl and archive.org
• -c option to define number of parameters to be sent at once
• import via -i options now supports: BurpSuite log, raw request file, text file with urls
• -T option to specify HTTP connection timeout
• combined -m option for specifying HTTP request method
• Various bug fixes and better output

• --stable switch for handling rate limits
• Include empty JS variables for testing
• Various optimizations and bug fixes
• Handle keyboard interruption
• Removed redundant code