Hacktober is here, and so is a new update!
In the spirit of Hacktober, we are excited to announce a brand-new update for Browser Bruter! After extensive testing, we've squashed numerous bugs and added exciting new features to make Browser Bruter better than ever.
Bug Fixes:
- Docker Console Output: Previously, the Docker container would fail to display output after running the script once, forcing users to restart the container. This issue has been resolved, and now the console output functions as expected.
- --fill-values Option: This option wasn't working in earlier versions, but it's now fixed.
- Battering Ram Attack Mode: The report previously displayed only a single element being fuzzed, but now all elements are shown correctly.
- Report Explorer URL Display: In the Request tab, the entire URL (including the domain) was being displayed. Now, only the path after the method name is shown for clarity.
- Argument Validation: If users supplied --elements and --element-payloads (or --payloads and --element-payloads) together, they used to encounter a stack trace. Now, a clear help message is displayed instead.
- Attack Mode Option Check: Previously, selecting attack modes 1 or 2 without using the --elements and --payloads options caused crashes. Similarly, modes 3 or 4 required --elements-payloads but did not enforce the check. These validations are now in place, making error messages user-friendly and avoiding crashes.
New Features:
- Advanced Search in Report Explorer: The new search functionality enhances your ability to explore reports efficiently. Check it out here: Report Explorer Advanced Search
- UI Tweaks: We've added scroll bars in the Request/Response tabs, and attack mode names are now visible in the GUI.
- Enhanced Error Handling: Instead of crashing when a server is slow or an element/browser isn’t found, Browser Bruter now prompts you to retry the attack, preventing unwanted interruptions.
- Improved Code Quality: The tee class has been removed, leading to cleaner and more efficient code.
- Pause Menu Enhancements: You can now toggle verbosity on or off through the pause menu, even if you didn’t use the --verbose switch. More info: Pause & Resume Attacks
New Options:
- --chrome-driver and --chrome-binary: These options allow users to provide their own Chrome browser binary and driver. Learn more: New Browser Options
- --pause-on-popup: This option pauses Browser Bruter when a popup occurs on the webpage, giving you time to manually handle the popup and analyze attacks like cross-site scripting in real-time. Details here: Handling Popups