v0.0.26

What's Changed

• @LeonardoE95 Added JSP payload to Payload Generator in #127

Tsunami 0.0.25

What's Changed

• Added AJP library by @RaulDoyensec in #120
• Fix config NullPtrException and wrong config path argument by @lokiuox in #123
• Extended Tsunami core engine to support dynamic plugins

New Contributors

• @RaulDoyensec made their first contribution in #120
• @lokiuox made their first contribution in #123

Full Changelog: v0.0.24...v0.0.25

Tsunami 0.0.24

• #117: Fix a null exception that was introduced in version 0.0.23
• #110: Add additional payloads for the callback server
• 315dfe1: Change the behavior of buildWebApplicationRootUrl so that it can be used generically
• #118: setTrustAllCertificates not directly accessible in client and set to true by default
• Misc updates to the documentation

Tsunami 0.0.23

IMPORTANT: This release changes definitions for language servers' protocol buffers. If you have your own language server, you need to ensure that the version of the protos are updated everywhere.

• Language servers now support a more compact RunRequest that should avoid repetitions and save some memory;
• Fixes issues with the Python language server that should not be fully supported;
• Add hive-jdbc as a dependency;
• Add support for OS fingerprinting;

Tsunami 0.0.22

• Add an option to the HTTP client to be able to specify a custom user-agent;
• Compatibility improvements.

Tsunami 0.0.21

• Change the behavior of the isPlainHttp util to make use of SSL version grabbing added in version 0.0.20

Tsunami 0.0.20

• Protobuff changes
  • Add the list of supported SSL version to the NetworkService;
  • Add the list of supported HTTP methods to the NetworkService;
• Python server IO logged to standard out by default

Tsunami 0.0.19

• Added weak credential testers for Postgres & MySQL in tsunami-plugins using jdbc drivers.
• Minor util method to support upcoming credential tester for HTTP type services.

Tsunami 0.0.18

Added mysql & postgres jdbc drivers to the core engine.

Tsunami 0.0.17

• The NPE error has been fixed with running Tsunami scanner without passing callback server params.
• Database ConnectionProvider has been moved over from postgres plugin to core engine, so that other Tsunami plugins can use the same database client for any database interactions.