v0.11.0

New Features ✨

• Implemented MCP server support (SSE) - Enhanced with better prompts for MCP server tooling
• Added IRC server password authentication support
• Migrated to Rust 2024 edition

Fixes 🔧

• Fixed HTTPS certificate grabber bug that prevented functionality in some cases
• Fixed SSH plugin support for older key exchange algorithms (fixes #71)
• Fixed SSH plugin when using a single key
• Fixed command line arguments to properly override recipe options (fixes #66)
• Updated URL crate to include Cyrillic characters fix (fixes #69)
• Fixed samba linkage for Homebrew builds

Dependencies & Build

• Bumped paho-mqtt to 0.13.3
• Updated to latest samba version
• Removed libsmbclient workaround from CI
• General cargo updates

Miscellaneous

• Multiple MCP-related fixes and improvements
• Added Homebrew badge to README
• Updated README.md
• Docker tag publishing for released versions
• Various small fixes and refactoring improvements

^{This changelog was generated by Changelog.}

v0.10.0

Changelog

New Features

REST API

• Introduced a REST API via with /plugins and /sessions endpoints.

Plugins

• DNS Plugin: Extracts subdomains from TLS alternate name records.
• Port Scanner:
  • Unified TCP/UDP scanning under port.scanner.
  • Defaulted to common ports and added TLS certificate info.
• MySQL Plugin: Added banner grabbing capability.

Other Features

• Variables Interpolation: Implemented for HTTP success/failure strings.

Fixes

• MacOS CI Workflow: Resolved dependency and build issues.
• Oracle Plugin: Fixed compilation (closes #59).
• Port Scanner: Fixed argument parsing.
• General: Various API and plugin fixes.

Improvements

• Plugin Registration: Simplified via macro refactoring.
• Codebase Refactoring:
  • Removed ctors.
  • Removed lazy-static dependency.

Documentation

• Updated README with plugin and API usage details.
• Added test server documentation for XSS.

Maintenance

• Ignored .DS_Store in .gitignore.
• Updated dependencies for Cargo and RISC-V support.

Miscellaneous

• Small fixes and refactorings for better maintainability.

Full Changelog: v0.9.0...v0.10.0

v0.9.0

New

fefff61 new: improved tcp.ports http banner grabbing by content type
0c43394 new: tcp.ports line grabber will send some data with newlines at the beginning
ae864f2 new: --dns-max-positives option
c7cea27 new: --dns-ip-lookup option

Fixes

123f71c Merge pull request #43 from kpcyrd/riscv
42f4300 Update pavao dependency to fix RISC-V build
071002b Merge pull request #39 from dimtgsn/tokio-time-sleep-instead-of-std-thread-sleep
84185d0 replace std::thread::sleep with tokio::time::sleep in async function
41a134a misc: small fix or general refactoring i did not bother commenting
b007e43 fix: renamed proto field to transport and setting protocol from banner grabber
f06e3f9 misc: small fix or general refactoring i did not bother commenting
ccf2361 fix: using --tcp-ports-http-headers
3381b1a fix: handling samba BadFileDescriptor error (ref #38)
67070d8 fix: fixed cmd-binary option description

v0.8.0

New

c51ac13 new: added basic cookbook (#35)
1ec76e0 new: implemented recipes engine (closes #35)
efc8925 new: the user-agent for the http plugins is now randomized by default, new --http-ua argument replaced --http-random-ua
74267c9 new: added flag to generate shell completions
674e1b2 new: cross compilation file
c7d21c0 new: new --tcp-ports-banner-timeout argument
70d18bc new: added basic banner grabbing capabilities to the tcp.ports plugin
ab15307 new: added new cmd plugin

Fixes

0a3c067 fix: --http-payload is not mandatory anymore
a1fcfbe fix: url dependency override to allow relative paths in URLs (fixes #36)
0ed709a fix: using default db name in mysql and pgsql plugins (fixes #37)
0978500 fix: refactored http placeholders parsing
5fe6c32 fix: fixed interpolation of credentials in http target
ed9a56a cross compilation fixes
39e8c51 fix: restored banner after shell completion generation block
2844290 Merge pull request #33 from kpcyrd/shell-completions
fef45ab fix: clippy driven minor fixes
ec69c1e fix: cmd plugin now uses --target/-T instead of --cmd-binary
e25d6e9 fix: check --cmd-binary only if cmd plugin is used
50f2854 fix: removed unused import
61cb085 fix: fixed stats reporting getting stuck while the tokio runtime is blocking

and more minor fixes

v0.7.1

961931b fix: added forgotten socks5 options

v0.7.0

c963c7f new: added socks5 plugin (closes #26)
f8f3a02 new: added samba plugin (ref #28)
a704326 fix: added group-skip to modules options structure in order to make clap happy in debug mode (fixes #29)

v0.6.1

Drastically improved binary and docker image size.

v0.6.0

New

• c5f6c71 new: added http.vhost virtual host enumeration
• 26539c9 new: implemented csv output format
• 3c9ad4f new: updated astbc-ssh2-tokio dependency to 0.8.2

Fixes

• 778c2a9 misc: small fix or general refactoring i did not bother commenting
• a1bb54f new: increased default timeout and decreased default retries to address cases like #20
• 6438347 fix: using shared state to signal other plugin workers about unreachable endpoints
• 8473773 misc: small fix or general refactoring i did not bother commenting

v0.5.1

A fix release mostly to test docker hub image building from github actions.

Fixes

• b7c0257 fix: urlencode fields when content-type is application/x-www-form-urlencoded (fixes #24)
• e5a7ea6 fix: do not overwrite content-type if passed by user (fixes #23)

v0.5.0

Mostly an hotfix release for #22.

New

• New MQTT plugin.

Fixes

b420615 fix: start reporting stats when session is fully initialized (fixes #21)
f71ddb0 fix: Dockerfile compiled twice
747fcfd fix: check if expression is a file other than filesystem existance (fixes #22)
ef93650 fix: permafix for #8 without build.rs
9b1b582 cargo fix

Various other fixes and refactorings.