1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
|
TODO List
---------
+ Distributed
- Start a listening httest and send script over TCP/SSL
- Send script to a listening httest
+ HTML
- DOM, XmlHttpRequest and HTML interaction
- Fill formular and submit
+ SSL
- Need more information on ssl failure
- Integrate OpenSSL 1.0.0 and 1.0.1 and extend _SSL:TRACE
+ Debugger
- break on error
+ Output
- Print line number in output
- Color coding in output
- Stack trace on error is not highlighted. Do it the C way :)
- XML output
- Statistic output at the end.
+ Scanning
- Parameterized scripts
- XSS, Slowloris, SQL injection, ... snipplets
- Detect http infrastructure like owa, sharepoint, twiki, ...
+ htproxy
- Etag support
- Title matcher
- Link name matcher (the stuff between <a href..> and </a>)
- Generic tag matcher
- SSL support
+ Other
- Update user guide!
- Transparent forward proxy support
- Encrpyt the ntml type 3 message and extrakt user
- Clean up unused EXPECT/MATCH after a _ERROR ... _END
- Shared variables => SHARED <var-name-list>
|
