Codebase list dotdotpwn / master AUTHORS.txt
master

Tree @master (Download .tar.gz)

AUTHORS.txt @masterraw · history · blame 

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
                     --= CORE DEVELOPMENT TEAM =--

 Christian Navarrete aka chr1x         Alejandro Hernandez H. aka nitr0us
   http://twitter.com/chr1x              http://twitter.com/nitr0usmx
        [email protected]                 [email protected]
                                         http://www.brainoverflow.org

 CubilFelino Security Research Lab     Chatsubo [(in)Security Dark] Labs
   http://chr1x.sectester.net          http://chatsubo-labs.blogspot.com   

                        [email protected]
                     http://dotdotpwn.sectester.net



                          --= CONTRIBUTORS =--

-------------------------------------

Contribution: Idea and Code
SSL support in http-url and http modules. 
Changed from HTTP::Lite to core HTTP libraries (LWP).
Added more dot encodings
By: Eldar Marcussen aka Wireghoul
    http://twitter.com/Wireghoul
    http://www.justanotherhacker.com

-------------------------------------

Contribution: Idea
Use the Bisection Algorithm (http://en.wikipedia.org/wiki/Bisection_method) to detect
the exact deepness of a directory traversal vulnerability once it has been found.
Origin of -X switch.

By: Roberto Salgado aka LightOS
    http://twitter.com/LightOS
    http://www.websec.ca

-------------------------------------

Contribution: Idea and Code
Not always include the @Extra_files (e.g. web.config, httpd.conf, etc.). Origin of the -E switch.
Specify the Operating System type if known ("windows" or "unix"). Origin of the -o switch.

By: Eduardo Ruiz Duarte aka Beck
    http://twitter.com/toorandom
    http://math.co.ro
    http://b3ck.blogspot.com

-------------------------------------

Contribution: Code
Save a results' report into the Reports folder. Origin of the -r switch.
Treatment of SIGINT in order to print the number of traversals found when Ctrl + C is pressed.
Random User-Agent in HTTP requests for IDS/IPS detection avoidance.

By: Diego Boy
    http://twitter.com/Diego_Boy

-------------------------------------

Contribution: Code
Random User-Agent in HTTP requests for IDS/IPS detection avoidance.

By: Cristian Urrutia aka Gashnark
    http://twitter.com/blion_tec

-------------------------------------

Contribution: Idea and Code
Option to specify a different HTTP Method from GET when using the 'http' module.
Origin of the -M switch. Other HTTP methods are [POST | HEAD | COPY | MOVE]

By: Christian Yerena
    http://twitter.com/preth00nker

-------------------------------------

Contribution: Porting DotDotPwn 2.1 to Pentoo Linux
Creation of the ebuild of DotDotPwn 2.1 to be included into Pentoo Linux (a security-focused
Live CD based on Gentoo Linux).

http://trac.pentoo.ch/changeset/2650/

By: Alvaro Soto
    http://twitter.com/alsotoes

-------------------------------------