From f1726da3616280ef2b64efc55c525d811e7bf81d Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 8 Sep 2025 20:17:56 +0000 Subject: [PATCH 01/51] Bump golang.org/x/term from 0.34.0 to 0.35.0 Bumps [golang.org/x/term](https://github.com/golang/term) from 0.34.0 to 0.35.0. - [Commits](https://github.com/golang/term/compare/v0.34.0...v0.35.0) --- updated-dependencies: - dependency-name: golang.org/x/term dependency-version: 0.35.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- go.mod | 4 ++-- go.sum | 8 ++++---- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/go.mod b/go.mod index dfffac22..4c596702 100644 --- a/go.mod +++ b/go.mod @@ -8,7 +8,7 @@ require ( github.com/pin/tftp/v3 v3.1.0 github.com/urfave/cli/v2 v2.27.7 go.uber.org/automaxprocs v1.6.0 - golang.org/x/term v0.34.0 + golang.org/x/term v0.35.0 software.sslmate.com/src/go-pkcs12 v0.6.0 ) @@ -23,7 +23,7 @@ require ( golang.org/x/mod v0.27.0 // indirect golang.org/x/net v0.43.0 // indirect golang.org/x/sync v0.16.0 // indirect - golang.org/x/sys v0.35.0 // indirect + golang.org/x/sys v0.36.0 // indirect golang.org/x/tools v0.36.0 // indirect mvdan.cc/gofumpt v0.9.0 // indirect ) diff --git a/go.sum b/go.sum index 4847d60a..865e47a7 100644 --- a/go.sum +++ b/go.sum @@ -48,10 +48,10 @@ golang.org/x/sync v0.16.0 h1:ycBJEhp9p4vXvUZNszeOq0kGTPghopOL8q0fq3vstxw= golang.org/x/sync v0.16.0/go.mod h1:1dzgHSNfp02xaA81J2MS99Qcpr2w7fw1gpm99rleRqA= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.35.0 h1:vz1N37gP5bs89s7He8XuIYXpyY0+QlsKmzipCbUtyxI= -golang.org/x/sys v0.35.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k= -golang.org/x/term v0.34.0 h1:O/2T7POpk0ZZ7MAzMeWFSg6S5IpWd/RXDlM9hgM3DR4= -golang.org/x/term v0.34.0/go.mod h1:5jC53AEywhIVebHgPVeg0mj8OD3VO9OzclacVrqpaAw= +golang.org/x/sys v0.36.0 h1:KVRy2GtZBrk1cBYA7MKu5bEZFxQk4NIDV6RLVcC8o0k= +golang.org/x/sys v0.36.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks= +golang.org/x/term v0.35.0 h1:bZBVKBudEyhRcajGcNc3jIfWPqV4y/Kt2XcoigOWtDQ= +golang.org/x/term v0.35.0/go.mod h1:TPGtkTLesOwf2DE8CgVYiZinHAOuy5AYUYT1lENIZnA= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/tools v0.36.0 h1:kWS0uv/zsvHEle1LbV5LE8QujrxB3wfQyxHfhOk0Qkg= golang.org/x/tools v0.36.0/go.mod h1:WBDiHKJK8YgLHlcQPYQzNCkUxUypCaa5ZegCVutKm+s= From db967aa446a8726cee8a2d3aeb4690d62db360eb Mon Sep 17 00:00:00 2001 From: firefart <105281+firefart@users.noreply.github.com> Date: Wed, 10 Sep 2025 21:03:11 +0200 Subject: [PATCH 02/51] message --- gobusterdir/gobusterdir.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gobusterdir/gobusterdir.go b/gobusterdir/gobusterdir.go index 4f1d8f37..1c0214a0 100644 --- a/gobusterdir/gobusterdir.go +++ b/gobusterdir/gobusterdir.go @@ -40,7 +40,7 @@ func (e *WildcardError) Error() string { } else { addInfo = fmt.Sprintf("%s => %d (Length: %d)", e.url, e.statusCode, e.length) } - return fmt.Sprintf("the server returns a status code that matches the provided options for non existing urls. %s. Please exclude the response length or the status code or set the wildcard option.", addInfo) + return fmt.Sprintf("the server returns a status code that matches the provided options for non existing urls. %s. Please exclude the response length (or as a range), the status code or set the force option (but expect false positives).", addInfo) } // GobusterDir is the main type to implement the interface From 3d6dee6dbea80dd81affd22a86493fddd5fe0af0 Mon Sep 17 00:00:00 2001 From: Mike Wajda Date: Mon, 15 Sep 2025 15:45:07 -0500 Subject: [PATCH 03/51] feat: add the ability to use regex to inspect the response body --- README.md | 5 +++++ cli/dir/dir.go | 12 ++++++++++++ gobusterdir/gobusterdir.go | 20 +++++++++++++++++++- gobusterdir/options.go | 4 ++++ 4 files changed, 40 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index b00383c1..5cee69c0 100644 --- a/README.md +++ b/README.md @@ -129,6 +129,11 @@ gobuster dir -u https://example.com -w wordlist.txt -l # Filter by status codes gobuster dir -u https://example.com -w wordlist.txt -s 200,301,302 + +# Filter using a regex against the response body +# This can be handy for websites that return status code 200 for everything, but the html contains an error message +# NOTE: we need to exclude status codes `200` for this to work +gobuster dir -u https://example.com -w wordlist.txt -b 200 -re "error\shello" ``` #### ๐Ÿ” DNS Mode (`dns`) diff --git a/cli/dir/dir.go b/cli/dir/dir.go index ca46f331..a7ec6002 100644 --- a/cli/dir/dir.go +++ b/cli/dir/dir.go @@ -3,6 +3,7 @@ package dir import ( "errors" "fmt" + "regexp" internalcli "github.com/OJ/gobuster/v3/cli" "github.com/OJ/gobuster/v3/gobusterdir" @@ -36,6 +37,7 @@ func getFlags() []cli.Flag { &cli.BoolFlag{Name: "discover-backup", Aliases: []string{"db"}, Value: false, Usage: "Upon finding a file search for backup files by appending multiple backup extensions"}, &cli.StringFlag{Name: "exclude-length", Aliases: []string{"xl"}, Usage: "exclude the following content lengths (completely ignores the status). You can separate multiple lengths by comma and it also supports ranges like 203-206"}, &cli.BoolFlag{Name: "force", Value: false, Usage: "Continue even if the prechecks fail. Please only use this if you know what you are doing, it can lead to unexpected results."}, + &cli.StringFlag{Name: "regex", Aliases: []string{"re"}, Usage: "Use regex to filter the results, by inspecting the content of the response body."}, }...) return flags } @@ -101,6 +103,16 @@ func run(c *cli.Context) error { } pluginOpts.ExcludeLengthParsed = ret4 + pluginOpts.Regex = c.String("regex") + if c.IsSet("regex") { + + parsedRegex, err := regexp.Compile(pluginOpts.Regex) + if err != nil { + return fmt.Errorf("invalid value for regex: %w", err) + } + pluginOpts.RegexParsed = parsedRegex + } + globalOpts, err := internalcli.ParseGlobalOptions(c) if err != nil { return err diff --git a/gobusterdir/gobusterdir.go b/gobusterdir/gobusterdir.go index 4f1d8f37..a3f78ae4 100644 --- a/gobusterdir/gobusterdir.go +++ b/gobusterdir/gobusterdir.go @@ -252,9 +252,16 @@ func (d *GobusterDir) ProcessWord(ctx context.Context, word string, progress *li var statusCode int var size int64 var header http.Header + var body []byte + + requestOptions := libgobuster.RequestOptions{} + if d.options.RegexParsed != nil { + requestOptions.ReturnBody = true + } + for i := 1; i <= tries; i++ { var err error - statusCode, size, header, _, err = d.http.Request(ctx, url, libgobuster.RequestOptions{}) + statusCode, size, header, body, err = d.http.Request(ctx, url, requestOptions) if err != nil { // check if it's a timeout and if we should try again and try again // otherwise the timeout error is raised @@ -283,6 +290,11 @@ func (d *GobusterDir) ProcessWord(ctx context.Context, word string, progress *li if statusCode != 0 { resultStatus := false + // check body with the regex + if d.options.RegexParsed != nil && body != nil && d.options.RegexParsed.Match(body) { + resultStatus = true + } + switch { case d.options.StatusCodesBlacklistParsed.Length() > 0: if !d.options.StatusCodesBlacklistParsed.Contains(statusCode) { @@ -448,6 +460,12 @@ func (d *GobusterDir) GetConfigString() (string, error) { } } + if o.RegexParsed != nil { + if _, err := fmt.Fprintf(tw, "[+] Regex:\t%s\n", o.RegexParsed.String()); err != nil { + return "", err + } + } + if _, err := fmt.Fprintf(tw, "[+] Timeout:\t%s\n", o.Timeout.String()); err != nil { return "", err } diff --git a/gobusterdir/options.go b/gobusterdir/options.go index 3e1bdb59..c0b9b6cc 100644 --- a/gobusterdir/options.go +++ b/gobusterdir/options.go @@ -1,6 +1,8 @@ package gobusterdir import ( + "regexp" + "github.com/OJ/gobuster/v3/libgobuster" ) @@ -22,6 +24,8 @@ type OptionsDir struct { ExcludeLength string ExcludeLengthParsed libgobuster.Set[int] Force bool + Regex string + RegexParsed *regexp.Regexp } // NewOptions returns a new initialized OptionsDir From acedf3cbef06af10fa6a5b14bf85cd48f8d89d0a Mon Sep 17 00:00:00 2001 From: Mike Wajda Date: Thu, 18 Sep 2025 15:21:04 -0500 Subject: [PATCH 04/51] feat: add regex inverted --- README.md | 3 +++ cli/dir/dir.go | 10 +++++++++- gobusterdir/gobusterdir.go | 8 ++++++-- gobusterdir/options.go | 1 + 4 files changed, 19 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 5cee69c0..dba7d32a 100644 --- a/README.md +++ b/README.md @@ -134,6 +134,9 @@ gobuster dir -u https://example.com -w wordlist.txt -s 200,301,302 # This can be handy for websites that return status code 200 for everything, but the html contains an error message # NOTE: we need to exclude status codes `200` for this to work gobuster dir -u https://example.com -w wordlist.txt -b 200 -re "error\shello" + +# Filter using a regex but inverted against the response body +gobuster dir -u https://example.com -w wordlist.txt -b 200 -rei "(?i)\berror\b" ``` #### ๐Ÿ” DNS Mode (`dns`) diff --git a/cli/dir/dir.go b/cli/dir/dir.go index a7ec6002..13076659 100644 --- a/cli/dir/dir.go +++ b/cli/dir/dir.go @@ -38,6 +38,7 @@ func getFlags() []cli.Flag { &cli.StringFlag{Name: "exclude-length", Aliases: []string{"xl"}, Usage: "exclude the following content lengths (completely ignores the status). You can separate multiple lengths by comma and it also supports ranges like 203-206"}, &cli.BoolFlag{Name: "force", Value: false, Usage: "Continue even if the prechecks fail. Please only use this if you know what you are doing, it can lead to unexpected results."}, &cli.StringFlag{Name: "regex", Aliases: []string{"re"}, Usage: "Use regex to filter the results, by inspecting the content of the response body."}, + &cli.StringFlag{Name: "regex-invert", Aliases: []string{"rei"}, Usage: "Use regex to filter the results, but inverted, by inspecting the content of the response body."}, }...) return flags } @@ -103,9 +104,16 @@ func run(c *cli.Context) error { } pluginOpts.ExcludeLengthParsed = ret4 - pluginOpts.Regex = c.String("regex") if c.IsSet("regex") { + pluginOpts.Regex = c.String("regex") + } + + if c.IsSet("regex-invert") { + pluginOpts.Regex = c.String("regex-invert") + pluginOpts.RegexInvert = true + } + if pluginOpts.Regex != "" { parsedRegex, err := regexp.Compile(pluginOpts.Regex) if err != nil { return fmt.Errorf("invalid value for regex: %w", err) diff --git a/gobusterdir/gobusterdir.go b/gobusterdir/gobusterdir.go index a3f78ae4..06d8a76b 100644 --- a/gobusterdir/gobusterdir.go +++ b/gobusterdir/gobusterdir.go @@ -291,8 +291,12 @@ func (d *GobusterDir) ProcessWord(ctx context.Context, word string, progress *li resultStatus := false // check body with the regex - if d.options.RegexParsed != nil && body != nil && d.options.RegexParsed.Match(body) { - resultStatus = true + if d.options.RegexParsed != nil && body != nil { + if d.options.RegexInvert { + resultStatus = !d.options.RegexParsed.Match(body) + } else { + resultStatus = d.options.RegexParsed.Match(body) + } } switch { diff --git a/gobusterdir/options.go b/gobusterdir/options.go index c0b9b6cc..1586e2eb 100644 --- a/gobusterdir/options.go +++ b/gobusterdir/options.go @@ -26,6 +26,7 @@ type OptionsDir struct { Force bool Regex string RegexParsed *regexp.Regexp + RegexInvert bool } // NewOptions returns a new initialized OptionsDir From 9c87f96f749e0ec775c706bbc5d5475df58b9fa7 Mon Sep 17 00:00:00 2001 From: Mike Wajda Date: Fri, 19 Sep 2025 12:52:54 -0500 Subject: [PATCH 05/51] fix: various modifications from review Add regex invert to `GetConfigString` Add debug message Allow regex without needing the status code blacklisting --- README.md | 5 ++--- gobusterdir/gobusterdir.go | 33 ++++++++++++++++++++++++++------- 2 files changed, 28 insertions(+), 10 deletions(-) diff --git a/README.md b/README.md index dba7d32a..4ef9a0af 100644 --- a/README.md +++ b/README.md @@ -132,11 +132,10 @@ gobuster dir -u https://example.com -w wordlist.txt -s 200,301,302 # Filter using a regex against the response body # This can be handy for websites that return status code 200 for everything, but the html contains an error message -# NOTE: we need to exclude status codes `200` for this to work -gobuster dir -u https://example.com -w wordlist.txt -b 200 -re "error\shello" +gobuster dir -u https://example.com -w wordlist.txt -re "error\shello" # Filter using a regex but inverted against the response body -gobuster dir -u https://example.com -w wordlist.txt -b 200 -rei "(?i)\berror\b" +gobuster dir -u https://example.com -w wordlist.txt -rei "(?i)\berror\b" ``` #### ๐Ÿ” DNS Mode (`dns`) diff --git a/gobusterdir/gobusterdir.go b/gobusterdir/gobusterdir.go index 06d8a76b..fb5a4325 100644 --- a/gobusterdir/gobusterdir.go +++ b/gobusterdir/gobusterdir.go @@ -168,6 +168,8 @@ func (d *GobusterDir) PreRun(ctx context.Context, pr *libgobuster.Progress) erro } switch { + case d.options.RegexParsed != nil: + d.options.StatusCodesBlacklistParsed= libgobuster.NewSet[int]() case d.options.StatusCodesBlacklistParsed.Length() > 0: if !d.options.StatusCodesBlacklistParsed.Contains(wildcardResp) { return &WildcardError{url: url.String(), statusCode: wildcardResp, length: wildcardLength, location: wildcardHeader.Get("Location")} @@ -290,16 +292,27 @@ func (d *GobusterDir) ProcessWord(ctx context.Context, word string, progress *li if statusCode != 0 { resultStatus := false - // check body with the regex - if d.options.RegexParsed != nil && body != nil { + switch { + case d.options.RegexParsed != nil && body != nil: if d.options.RegexInvert { resultStatus = !d.options.RegexParsed.Match(body) } else { resultStatus = d.options.RegexParsed.Match(body) } - } - switch { + if d.globalopts.Debug { + debugMessage := "" + if d.options.RegexInvert { + debugMessage = fmt.Sprintf("checking body with inverted regex for %s", d.options.RegexParsed.String()) + } else { + debugMessage = fmt.Sprintf("checking body with regex for %s", d.options.RegexParsed.String()) + } + + progress.MessageChan <- libgobuster.Message{ + Level: libgobuster.LevelDebug, + Message: debugMessage, + } + } case d.options.StatusCodesBlacklistParsed.Length() > 0: if !d.options.StatusCodesBlacklistParsed.Contains(statusCode) { resultStatus = true @@ -464,9 +477,15 @@ func (d *GobusterDir) GetConfigString() (string, error) { } } - if o.RegexParsed != nil { - if _, err := fmt.Fprintf(tw, "[+] Regex:\t%s\n", o.RegexParsed.String()); err != nil { - return "", err + if o.RegexParsed != nil { + if o.RegexInvert { + if _, err := fmt.Fprintf(tw, "[+] Regex Inverted:\t%s\n", o.RegexParsed.String()); err != nil { + return "", err + } + } else { + if _, err := fmt.Fprintf(tw, "[+] Regex:\t%s\n", o.RegexParsed.String()); err != nil { + return "", err + } } } From 7fd4a797fe2e32ae686792d39f6f6ddd6714ede4 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 22 Sep 2025 20:04:18 +0000 Subject: [PATCH 06/51] Bump hadolint/hadolint-action from 3.2.0 to 3.3.0 Bumps [hadolint/hadolint-action](https://github.com/hadolint/hadolint-action) from 3.2.0 to 3.3.0. - [Release notes](https://github.com/hadolint/hadolint-action/releases) - [Changelog](https://github.com/hadolint/hadolint-action/blob/master/.releaserc) - [Commits](https://github.com/hadolint/hadolint-action/compare/v3.2.0...v3.3.0) --- updated-dependencies: - dependency-name: hadolint/hadolint-action dependency-version: 3.3.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/hadolint.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/hadolint.yml b/.github/workflows/hadolint.yml index d59735f8..8286592c 100644 --- a/.github/workflows/hadolint.yml +++ b/.github/workflows/hadolint.yml @@ -13,7 +13,7 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v5 - - uses: hadolint/hadolint-action@v3.2.0 + - uses: hadolint/hadolint-action@v3.3.0 with: dockerfile: Dockerfile # DL3007: Using latest is prone to errors if the image will ever update. Pin the version explicitly to a release tag From 9a5cf49581ea65c25a0d4c346978457de15beb6f Mon Sep 17 00:00:00 2001 From: firefart <105281+firefart@users.noreply.github.com> Date: Sun, 28 Sep 2025 15:03:27 +0200 Subject: [PATCH 07/51] cleanup code --- .gitignore | 1 + cli/dir/dir.go | 37 ++++++++++++----------- gobusterdir/gobusterdir.go | 61 +++++++++++++++++++------------------- gobusterdir/options.go | 3 +- 4 files changed, 52 insertions(+), 50 deletions(-) diff --git a/.gitignore b/.gitignore index 3bbfe4b5..a8bf3b57 100644 --- a/.gitignore +++ b/.gitignore @@ -30,3 +30,4 @@ config.json gobuster *.txt dist/ +wordlist \ No newline at end of file diff --git a/cli/dir/dir.go b/cli/dir/dir.go index 13076659..588a7fbe 100644 --- a/cli/dir/dir.go +++ b/cli/dir/dir.go @@ -37,13 +37,19 @@ func getFlags() []cli.Flag { &cli.BoolFlag{Name: "discover-backup", Aliases: []string{"db"}, Value: false, Usage: "Upon finding a file search for backup files by appending multiple backup extensions"}, &cli.StringFlag{Name: "exclude-length", Aliases: []string{"xl"}, Usage: "exclude the following content lengths (completely ignores the status). You can separate multiple lengths by comma and it also supports ranges like 203-206"}, &cli.BoolFlag{Name: "force", Value: false, Usage: "Continue even if the prechecks fail. Please only use this if you know what you are doing, it can lead to unexpected results."}, - &cli.StringFlag{Name: "regex", Aliases: []string{"re"}, Usage: "Use regex to filter the results, by inspecting the content of the response body."}, - &cli.StringFlag{Name: "regex-invert", Aliases: []string{"rei"}, Usage: "Use regex to filter the results, but inverted, by inspecting the content of the response body."}, + &cli.StringFlag{Name: "regex", Aliases: []string{"re"}, Usage: "Use regex to filter the results, by inspecting the content of the response body. When using this option be sure to set the status-codes and status-codes-blacklist options accordingly. The regex check is done after the status code checks. Only responses matching the regex will be displayed."}, + &cli.StringFlag{Name: "regex-invert", Aliases: []string{"rei"}, Usage: "Use regex to filter the results, but inverted, by inspecting the content of the response body. When using this option be sure to set the status-codes and status-codes-blacklist options accordingly. The regex check is done after the status code checks. Only responses NOT matching the regex will be displayed."}, }...) return flags } func run(c *cli.Context) error { + globalOpts, err := internalcli.ParseGlobalOptions(c) + if err != nil { + return err + } + log := libgobuster.NewLogger(globalOpts.Debug) + pluginOpts := gobusterdir.NewOptions() httpOptions, err := internalcli.ParseCommonHTTPOptions(c) @@ -104,30 +110,27 @@ func run(c *cli.Context) error { } pluginOpts.ExcludeLengthParsed = ret4 - if c.IsSet("regex") { - pluginOpts.Regex = c.String("regex") - } - - if c.IsSet("regex-invert") { - pluginOpts.Regex = c.String("regex-invert") - pluginOpts.RegexInvert = true + if c.IsSet("regex") && c.IsSet("regex-invert") { + return errors.New("regex and regex-invert are mutually exclusive, please set only one") } - if pluginOpts.Regex != "" { - parsedRegex, err := regexp.Compile(pluginOpts.Regex) + if c.IsSet("regex") && c.String("regex") != "" { + regex, err := regexp.Compile(c.String("regex")) if err != nil { return fmt.Errorf("invalid value for regex: %w", err) } - pluginOpts.RegexParsed = parsedRegex + pluginOpts.Regex = regex } - globalOpts, err := internalcli.ParseGlobalOptions(c) - if err != nil { - return err + if c.IsSet("regex-invert") && c.String("regex-invert") != "" { + regex, err := regexp.Compile(c.String("regex-invert")) + if err != nil { + return fmt.Errorf("invalid value for regex-invert: %w", err) + } + pluginOpts.Regex = regex + pluginOpts.RegexInvert = true } - log := libgobuster.NewLogger(globalOpts.Debug) - plugin, err := gobusterdir.New(&globalOpts, pluginOpts, log) if err != nil { return fmt.Errorf("error on creating gobusterdir: %w", err) diff --git a/gobusterdir/gobusterdir.go b/gobusterdir/gobusterdir.go index 337392df..5b1b4843 100644 --- a/gobusterdir/gobusterdir.go +++ b/gobusterdir/gobusterdir.go @@ -102,6 +102,19 @@ func (d *GobusterDir) Name() string { return "directory enumeration" } +func (d *GobusterDir) regexBodyIsAMatch(body []byte) bool { + switch { + case d.options.Regex != nil && body != nil: + if d.options.RegexInvert { + return !d.options.Regex.Match(body) + } else { + return d.options.Regex.Match(body) + } + default: + return true + } +} + // PreRun is the pre run implementation of gobusterdir func (d *GobusterDir) PreRun(ctx context.Context, pr *libgobuster.Progress) error { // add trailing slash @@ -139,7 +152,7 @@ func (d *GobusterDir) PreRun(ctx context.Context, pr *libgobuster.Progress) erro url.Path = fmt.Sprintf("%s/", url.Path) } - wildcardResp, wildcardLength, wildcardHeader, _, err := d.http.Request(ctx, url, libgobuster.RequestOptions{}) + wildcardResp, wildcardLength, wildcardHeader, wildcardBody, err := d.http.Request(ctx, url, libgobuster.RequestOptions{ReturnBody: true}) if err != nil { var retErr error switch { @@ -168,15 +181,21 @@ func (d *GobusterDir) PreRun(ctx context.Context, pr *libgobuster.Progress) erro } switch { - case d.options.RegexParsed != nil: - d.options.StatusCodesBlacklistParsed= libgobuster.NewSet[int]() case d.options.StatusCodesBlacklistParsed.Length() > 0: if !d.options.StatusCodesBlacklistParsed.Contains(wildcardResp) { - return &WildcardError{url: url.String(), statusCode: wildcardResp, length: wildcardLength, location: wildcardHeader.Get("Location")} + if d.regexBodyIsAMatch(wildcardBody) { + return nil + } else { + return &WildcardError{url: url.String(), statusCode: wildcardResp, length: wildcardLength, location: wildcardHeader.Get("Location")} + } } case d.options.StatusCodesParsed.Length() > 0: if d.options.StatusCodesParsed.Contains(wildcardResp) { - return &WildcardError{url: url.String(), statusCode: wildcardResp, length: wildcardLength, location: wildcardHeader.Get("Location")} + if d.regexBodyIsAMatch(wildcardBody) { + return nil + } else { + return &WildcardError{url: url.String(), statusCode: wildcardResp, length: wildcardLength, location: wildcardHeader.Get("Location")} + } } default: return errors.New("StatusCodes and StatusCodesBlacklist are both not set which should not happen") @@ -257,7 +276,7 @@ func (d *GobusterDir) ProcessWord(ctx context.Context, word string, progress *li var body []byte requestOptions := libgobuster.RequestOptions{} - if d.options.RegexParsed != nil { + if d.options.Regex != nil { requestOptions.ReturnBody = true } @@ -293,33 +312,13 @@ func (d *GobusterDir) ProcessWord(ctx context.Context, word string, progress *li resultStatus := false switch { - case d.options.RegexParsed != nil && body != nil: - if d.options.RegexInvert { - resultStatus = !d.options.RegexParsed.Match(body) - } else { - resultStatus = d.options.RegexParsed.Match(body) - } - - if d.globalopts.Debug { - debugMessage := "" - if d.options.RegexInvert { - debugMessage = fmt.Sprintf("checking body with inverted regex for %s", d.options.RegexParsed.String()) - } else { - debugMessage = fmt.Sprintf("checking body with regex for %s", d.options.RegexParsed.String()) - } - - progress.MessageChan <- libgobuster.Message{ - Level: libgobuster.LevelDebug, - Message: debugMessage, - } - } case d.options.StatusCodesBlacklistParsed.Length() > 0: if !d.options.StatusCodesBlacklistParsed.Contains(statusCode) { - resultStatus = true + resultStatus = d.regexBodyIsAMatch(body) } case d.options.StatusCodesParsed.Length() > 0: if d.options.StatusCodesParsed.Contains(statusCode) { - resultStatus = true + resultStatus = d.regexBodyIsAMatch(body) } default: return nil, errors.New("StatusCodes and StatusCodesBlacklist are both not set which should not happen") @@ -477,13 +476,13 @@ func (d *GobusterDir) GetConfigString() (string, error) { } } - if o.RegexParsed != nil { + if o.Regex != nil { if o.RegexInvert { - if _, err := fmt.Fprintf(tw, "[+] Regex Inverted:\t%s\n", o.RegexParsed.String()); err != nil { + if _, err := fmt.Fprintf(tw, "[+] Regex Inverted:\t%s\n", o.Regex.String()); err != nil { return "", err } } else { - if _, err := fmt.Fprintf(tw, "[+] Regex:\t%s\n", o.RegexParsed.String()); err != nil { + if _, err := fmt.Fprintf(tw, "[+] Regex:\t%s\n", o.Regex.String()); err != nil { return "", err } } diff --git a/gobusterdir/options.go b/gobusterdir/options.go index 1586e2eb..1785b3ce 100644 --- a/gobusterdir/options.go +++ b/gobusterdir/options.go @@ -24,8 +24,7 @@ type OptionsDir struct { ExcludeLength string ExcludeLengthParsed libgobuster.Set[int] Force bool - Regex string - RegexParsed *regexp.Regexp + Regex *regexp.Regexp RegexInvert bool } From 2bf4568a1e642ba98a7522df5d51dca6e2f5bd92 Mon Sep 17 00:00:00 2001 From: firefart <105281+firefart@users.noreply.github.com> Date: Sun, 28 Sep 2025 15:05:14 +0200 Subject: [PATCH 08/51] update --- gobusterdir/gobusterdir.go | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/gobusterdir/gobusterdir.go b/gobusterdir/gobusterdir.go index 5b1b4843..2facb764 100644 --- a/gobusterdir/gobusterdir.go +++ b/gobusterdir/gobusterdir.go @@ -107,9 +107,8 @@ func (d *GobusterDir) regexBodyIsAMatch(body []byte) bool { case d.options.Regex != nil && body != nil: if d.options.RegexInvert { return !d.options.Regex.Match(body) - } else { - return d.options.Regex.Match(body) } + return d.options.Regex.Match(body) default: return true } @@ -185,17 +184,15 @@ func (d *GobusterDir) PreRun(ctx context.Context, pr *libgobuster.Progress) erro if !d.options.StatusCodesBlacklistParsed.Contains(wildcardResp) { if d.regexBodyIsAMatch(wildcardBody) { return nil - } else { - return &WildcardError{url: url.String(), statusCode: wildcardResp, length: wildcardLength, location: wildcardHeader.Get("Location")} } + return &WildcardError{url: url.String(), statusCode: wildcardResp, length: wildcardLength, location: wildcardHeader.Get("Location")} } case d.options.StatusCodesParsed.Length() > 0: if d.options.StatusCodesParsed.Contains(wildcardResp) { if d.regexBodyIsAMatch(wildcardBody) { return nil - } else { - return &WildcardError{url: url.String(), statusCode: wildcardResp, length: wildcardLength, location: wildcardHeader.Get("Location")} } + return &WildcardError{url: url.String(), statusCode: wildcardResp, length: wildcardLength, location: wildcardHeader.Get("Location")} } default: return errors.New("StatusCodes and StatusCodesBlacklist are both not set which should not happen") From 23eb90fbb7a42bafc92dd65e8a1596ac087b5f3e Mon Sep 17 00:00:00 2001 From: firefart <105281+firefart@users.noreply.github.com> Date: Sun, 28 Sep 2025 15:06:45 +0200 Subject: [PATCH 09/51] readme --- README.md | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/README.md b/README.md index 4ef9a0af..556f4f50 100644 --- a/README.md +++ b/README.md @@ -351,6 +351,16 @@ _Remember: Always test responsibly and with proper authorization._
+3.8.3 + +## 3.8.3 + +- Add option to filter body by regex + +
+ +
+ 3.8.2 ## 3.8.2 From c59c447b3880c1ce47b5cb5868b34ef28ee022e0 Mon Sep 17 00:00:00 2001 From: firefart <105281+firefart@users.noreply.github.com> Date: Sun, 28 Sep 2025 15:14:01 +0200 Subject: [PATCH 10/51] update --- go.mod | 12 ++++++------ go.sum | 24 ++++++++++++------------ 2 files changed, 18 insertions(+), 18 deletions(-) diff --git a/go.mod b/go.mod index 4c596702..c95cf64c 100644 --- a/go.mod +++ b/go.mod @@ -19,13 +19,13 @@ require ( github.com/mattn/go-isatty v0.0.20 // indirect github.com/russross/blackfriday/v2 v2.1.0 // indirect github.com/xrash/smetrics v0.0.0-20250705151800-55b8f293f342 // indirect - golang.org/x/crypto v0.41.0 // indirect - golang.org/x/mod v0.27.0 // indirect - golang.org/x/net v0.43.0 // indirect - golang.org/x/sync v0.16.0 // indirect + golang.org/x/crypto v0.42.0 // indirect + golang.org/x/mod v0.28.0 // indirect + golang.org/x/net v0.44.0 // indirect + golang.org/x/sync v0.17.0 // indirect golang.org/x/sys v0.36.0 // indirect - golang.org/x/tools v0.36.0 // indirect - mvdan.cc/gofumpt v0.9.0 // indirect + golang.org/x/tools v0.37.0 // indirect + mvdan.cc/gofumpt v0.9.1 // indirect ) tool mvdan.cc/gofumpt diff --git a/go.sum b/go.sum index 865e47a7..2e105f7e 100644 --- a/go.sum +++ b/go.sum @@ -37,15 +37,15 @@ github.com/xrash/smetrics v0.0.0-20250705151800-55b8f293f342/go.mod h1:Ohn+xnUBi go.uber.org/automaxprocs v1.6.0 h1:O3y2/QNTOdbF+e/dpXNNW7Rx2hZ4sTIPyybbxyNqTUs= go.uber.org/automaxprocs v1.6.0/go.mod h1:ifeIMSnPZuznNm6jmdzmU3/bfk01Fe2fotchwEFJ8r8= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= -golang.org/x/crypto v0.41.0 h1:WKYxWedPGCTVVl5+WHSSrOBT0O8lx32+zxmHxijgXp4= -golang.org/x/crypto v0.41.0/go.mod h1:pO5AFd7FA68rFak7rOAGVuygIISepHftHnr8dr6+sUc= -golang.org/x/mod v0.27.0 h1:kb+q2PyFnEADO2IEF935ehFUXlWiNjJWtRNgBLSfbxQ= -golang.org/x/mod v0.27.0/go.mod h1:rWI627Fq0DEoudcK+MBkNkCe0EetEaDSwJJkCcjpazc= +golang.org/x/crypto v0.42.0 h1:chiH31gIWm57EkTXpwnqf8qeuMUi0yekh6mT2AvFlqI= +golang.org/x/crypto v0.42.0/go.mod h1:4+rDnOTJhQCx2q7/j6rAN5XDw8kPjeaXEUR2eL94ix8= +golang.org/x/mod v0.28.0 h1:gQBtGhjxykdjY9YhZpSlZIsbnaE2+PgjfLWUQTnoZ1U= +golang.org/x/mod v0.28.0/go.mod h1:yfB/L0NOf/kmEbXjzCPOx1iK1fRutOydrCMsqRhEBxI= golang.org/x/net v0.0.0-20200202094626-16171245cfb2/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.43.0 h1:lat02VYK2j4aLzMzecihNvTlJNQUq316m2Mr9rnM6YE= -golang.org/x/net v0.43.0/go.mod h1:vhO1fvI4dGsIjh73sWfUVjj3N7CA9WkKJNQm2svM6Jg= -golang.org/x/sync v0.16.0 h1:ycBJEhp9p4vXvUZNszeOq0kGTPghopOL8q0fq3vstxw= -golang.org/x/sync v0.16.0/go.mod h1:1dzgHSNfp02xaA81J2MS99Qcpr2w7fw1gpm99rleRqA= +golang.org/x/net v0.44.0 h1:evd8IRDyfNBMBTTY5XRF1vaZlD+EmWx6x8PkhR04H/I= +golang.org/x/net v0.44.0/go.mod h1:ECOoLqd5U3Lhyeyo/QDCEVQ4sNgYsqvCZ722XogGieY= +golang.org/x/sync v0.17.0 h1:l60nONMj9l5drqw6jlhIELNv9I0A4OFgRsG9k2oT9Ug= +golang.org/x/sync v0.17.0/go.mod h1:9KTHXmSnoGruLpwFjVSX0lNNA75CykiMECbovNTZqGI= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.36.0 h1:KVRy2GtZBrk1cBYA7MKu5bEZFxQk4NIDV6RLVcC8o0k= @@ -53,11 +53,11 @@ golang.org/x/sys v0.36.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks= golang.org/x/term v0.35.0 h1:bZBVKBudEyhRcajGcNc3jIfWPqV4y/Kt2XcoigOWtDQ= golang.org/x/term v0.35.0/go.mod h1:TPGtkTLesOwf2DE8CgVYiZinHAOuy5AYUYT1lENIZnA= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= -golang.org/x/tools v0.36.0 h1:kWS0uv/zsvHEle1LbV5LE8QujrxB3wfQyxHfhOk0Qkg= -golang.org/x/tools v0.36.0/go.mod h1:WBDiHKJK8YgLHlcQPYQzNCkUxUypCaa5ZegCVutKm+s= +golang.org/x/tools v0.37.0 h1:DVSRzp7FwePZW356yEAChSdNcQo6Nsp+fex1SUW09lE= +golang.org/x/tools v0.37.0/go.mod h1:MBN5QPQtLMHVdvsbtarmTNukZDdgwdwlO5qGacAzF0w= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -mvdan.cc/gofumpt v0.9.0 h1:W0wNHMSvDBDIyZsm3nnGbVfgp5AknzBrGJnfLCy501w= -mvdan.cc/gofumpt v0.9.0/go.mod h1:3xYtNemnKiXaTh6R4VtlqDATFwBbdXI8lJvH/4qk7mw= +mvdan.cc/gofumpt v0.9.1 h1:p5YT2NfFWsYyTieYgwcQ8aKV3xRvFH4uuN/zB2gBbMQ= +mvdan.cc/gofumpt v0.9.1/go.mod h1:3xYtNemnKiXaTh6R4VtlqDATFwBbdXI8lJvH/4qk7mw= software.sslmate.com/src/go-pkcs12 v0.6.0 h1:f3sQittAeF+pao32Vb+mkli+ZyT+VwKaD014qFGq6oU= software.sslmate.com/src/go-pkcs12 v0.6.0/go.mod h1:Qiz0EyvDRJjjxGyUQa2cCNZn/wMyzrRJ/qcDXOQazLI= From 8583fbb8d9a23ea06150e5e7bba0a60d833cab8c Mon Sep 17 00:00:00 2001 From: firefart <105281+firefart@users.noreply.github.com> Date: Sun, 28 Sep 2025 15:19:56 +0200 Subject: [PATCH 11/51] update vhs --- .github/workflows/vhs.yml | 12 ++++++++---- vhs/gobuster_dir.tape | 2 +- 2 files changed, 9 insertions(+), 5 deletions(-) diff --git a/.github/workflows/vhs.yml b/.github/workflows/vhs.yml index 2b23a88a..c971323d 100644 --- a/.github/workflows/vhs.yml +++ b/.github/workflows/vhs.yml @@ -29,14 +29,18 @@ jobs: - name: Build linux run: task linux - - name: Install deps + - name: Install vhs deps run: | sudo apt update sudo apt install -y ffmpeg ttyd - - uses: charmbracelet/vhs-action@v2 - with: - path: "vhs/gobuster_dir.tape" + - name: Install vhs + run: | + go install github.com/charmbracelet/vhs@latest + + - name: Generate vhs gif + run: | + vhs vhs/gobuster_dir.tape -o vhs/gobuster_dir.gif - name: commit and push changes run: | diff --git a/vhs/gobuster_dir.tape b/vhs/gobuster_dir.tape index 2b4e8ecb..04766c3a 100644 --- a/vhs/gobuster_dir.tape +++ b/vhs/gobuster_dir.tape @@ -55,7 +55,7 @@ # Hide Hide the subsequent commands from the output # Show Show the subsequent commands in the output -Output vhs/gobuster_dir.gif +Output gobuster_dir.gif # Require gobuster From 13e0b1a4183c8eaeb23386f60b8fdd841238ddb1 Mon Sep 17 00:00:00 2001 From: firefart <105281+firefart@users.noreply.github.com> Date: Sun, 28 Sep 2025 15:55:22 +0200 Subject: [PATCH 12/51] update --- .github/workflows/vhs.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/vhs.yml b/.github/workflows/vhs.yml index c971323d..099dab2b 100644 --- a/.github/workflows/vhs.yml +++ b/.github/workflows/vhs.yml @@ -48,4 +48,4 @@ jobs: git config user.email "<>" git add vhs/*.gif git commit -m "update vhs gifs" || echo "no changes to commit" - git push origin master + git push From 91703b750215a5e0ef899793910cdfd3764edc47 Mon Sep 17 00:00:00 2001 From: firefart <105281+firefart@users.noreply.github.com> Date: Sun, 28 Sep 2025 15:55:53 +0200 Subject: [PATCH 13/51] update --- .github/workflows/vhs.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/vhs.yml b/.github/workflows/vhs.yml index 099dab2b..057741ec 100644 --- a/.github/workflows/vhs.yml +++ b/.github/workflows/vhs.yml @@ -3,6 +3,8 @@ on: push: paths: - vhs/**.tape + schedule: + - cron: "0 0 * * 0" # every week permissions: contents: write From aae70eb37af12300b58c23a1518b40d60911a1de Mon Sep 17 00:00:00 2001 From: firefart <105281+firefart@users.noreply.github.com> Date: Sun, 28 Sep 2025 15:56:24 +0200 Subject: [PATCH 14/51] update --- .github/workflows/vhs.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/vhs.yml b/.github/workflows/vhs.yml index 057741ec..fcc43d71 100644 --- a/.github/workflows/vhs.yml +++ b/.github/workflows/vhs.yml @@ -5,6 +5,7 @@ on: - vhs/**.tape schedule: - cron: "0 0 * * 0" # every week + workflow_dispatch: permissions: contents: write From aa3f08f1844bdf6ca9011d062ba6995c0c4a53bf Mon Sep 17 00:00:00 2001 From: firefart <105281+firefart@users.noreply.github.com> Date: Sun, 28 Sep 2025 15:57:43 +0200 Subject: [PATCH 15/51] update --- .github/workflows/vhs.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/vhs.yml b/.github/workflows/vhs.yml index fcc43d71..71355d7a 100644 --- a/.github/workflows/vhs.yml +++ b/.github/workflows/vhs.yml @@ -4,7 +4,8 @@ on: paths: - vhs/**.tape schedule: - - cron: "0 0 * * 0" # every week + # every week + - cron: "0 0 * * 0" workflow_dispatch: permissions: From ced860efb96a43c0766573db114ce86d690f69ed Mon Sep 17 00:00:00 2001 From: firefart <105281+firefart@users.noreply.github.com> Date: Sun, 28 Sep 2025 16:47:22 +0200 Subject: [PATCH 16/51] add body output dir --- README.md | 1 + cli/options.go | 9 ++ gobusterdir/gobusterdir.go | 16 +++- gobusterfuzz/gobusterfuzz.go | 37 +++++-- gobustergcs/gobustersgcs.go | 16 ++-- gobustervhost/gobustervhost.go | 30 ++++-- libgobuster/helpers.go | 70 ++++++++++++++ libgobuster/helpers_test.go | 170 +++++++++++++++++++++++++++++++++ libgobuster/options_http.go | 1 + libgobuster/version.go | 2 +- 10 files changed, 328 insertions(+), 24 deletions(-) diff --git a/README.md b/README.md index 556f4f50..45b2e3b0 100644 --- a/README.md +++ b/README.md @@ -356,6 +356,7 @@ _Remember: Always test responsibly and with proper authorization._ ## 3.8.3 - Add option to filter body by regex +- Add option to save response bodies
diff --git a/cli/options.go b/cli/options.go index 7f035744..e1797bf2 100644 --- a/cli/options.go +++ b/cli/options.go @@ -130,6 +130,7 @@ func CommonHTTPOptions() []cli.Flag { &cli.StringSliceFlag{Name: "headers", Aliases: []string{"H"}, Usage: "Specify HTTP headers, -H 'Header1: val1' -H 'Header2: val2'"}, &cli.BoolFlag{Name: "no-canonicalize-headers", Aliases: []string{"nch"}, Value: false, Usage: "Do not canonicalize HTTP header names. If set header names are sent as is"}, &cli.StringFlag{Name: "method", Aliases: []string{"m"}, Value: "GET", Usage: "the password to the p12 file"}, + &cli.StringFlag{Name: "body-output-dir", Usage: "Directory to store response bodies"}, }...) flags = append(flags, BasicHTTPOptions()...) return flags @@ -209,6 +210,14 @@ func ParseCommonHTTPOptions(c *cli.Context) (libgobuster.HTTPOptions, error) { opts.Headers = append(opts.Headers, header) } + if c.IsSet("body-output-dir") { + opts.BodyOutputDir = c.String("body-output-dir") + err = os.MkdirAll(opts.BodyOutputDir, 0o755) + if err != nil { + return opts, fmt.Errorf("could not create body output dir %q: %w", opts.BodyOutputDir, err) + } + } + return opts, nil } diff --git a/gobusterdir/gobusterdir.go b/gobusterdir/gobusterdir.go index 2facb764..13b0152c 100644 --- a/gobusterdir/gobusterdir.go +++ b/gobusterdir/gobusterdir.go @@ -9,6 +9,7 @@ import ( "io" "net/http" "os" + "path/filepath" "strings" "syscall" "text/tabwriter" @@ -86,6 +87,7 @@ func New(globalopts *libgobuster.Options, opts *OptionsDir, logger *libgobuster. NoCanonicalizeHeaders: opts.NoCanonicalizeHeaders, Cookies: opts.Cookies, Method: opts.Method, + BodyOutputDir: opts.BodyOutputDir, } h, err := libgobuster.NewHTTPClient(&httpOpts, logger) @@ -273,7 +275,7 @@ func (d *GobusterDir) ProcessWord(ctx context.Context, word string, progress *li var body []byte requestOptions := libgobuster.RequestOptions{} - if d.options.Regex != nil { + if d.options.Regex != nil || d.options.BodyOutputDir != "" { requestOptions.ReturnBody = true } @@ -305,6 +307,18 @@ func (d *GobusterDir) ProcessWord(ctx context.Context, word string, progress *li break } + if d.options.BodyOutputDir != "" && body != nil { + fname := libgobuster.SanitizeFilename(fmt.Sprintf("%s_%d.html", strings.Trim(entity, "/"), statusCode)) + fpath := filepath.Join(d.options.BodyOutputDir, fname) + err := os.WriteFile(fpath, body, 0o600) + if err != nil { + progress.MessageChan <- libgobuster.Message{ + Level: libgobuster.LevelError, + Message: fmt.Sprintf("Could not write body to file %s: %v", fpath, err), + } + } + } + if statusCode != 0 { resultStatus := false diff --git a/gobusterfuzz/gobusterfuzz.go b/gobusterfuzz/gobusterfuzz.go index a5cb028f..1f5e45d0 100644 --- a/gobusterfuzz/gobusterfuzz.go +++ b/gobusterfuzz/gobusterfuzz.go @@ -9,6 +9,7 @@ import ( "io" "net/http" "os" + "path/filepath" "strings" "syscall" "text/tabwriter" @@ -52,13 +53,15 @@ func New(globalopts *libgobuster.Options, opts *OptionsFuzz, logger *libgobuster } basicOptions := libgobuster.BasicHTTPOptions{ - Proxy: opts.Proxy, - Timeout: opts.Timeout, - UserAgent: opts.UserAgent, - NoTLSValidation: opts.NoTLSValidation, - RetryOnTimeout: opts.RetryOnTimeout, - RetryAttempts: opts.RetryAttempts, - TLSCertificate: opts.TLSCertificate, + Proxy: opts.Proxy, + Timeout: opts.Timeout, + UserAgent: opts.UserAgent, + NoTLSValidation: opts.NoTLSValidation, + RetryOnTimeout: opts.RetryOnTimeout, + RetryAttempts: opts.RetryAttempts, + TLSCertificate: opts.TLSCertificate, + LocalAddr: opts.LocalAddr, + TLSRenegotiation: opts.TLSRenegotiation, } httpOpts := libgobuster.HTTPOptions{ @@ -70,6 +73,7 @@ func New(globalopts *libgobuster.Options, opts *OptionsFuzz, logger *libgobuster NoCanonicalizeHeaders: opts.NoCanonicalizeHeaders, Cookies: opts.Cookies, Method: opts.Method, + BodyOutputDir: opts.BodyOutputDir, } h, err := libgobuster.NewHTTPClient(&httpOpts, logger) @@ -139,6 +143,10 @@ func (d *GobusterFuzz) ProcessWord(ctx context.Context, word string, progress *l requestOptions.UpdatedBasicAuthPassword = strings.ReplaceAll(d.options.Password, FuzzKeyword, word) } + if d.options.BodyOutputDir != "" { + requestOptions.ReturnBody = true + } + // add some debug output if d.globalopts.Debug { progress.MessageChan <- libgobuster.Message{ @@ -156,9 +164,10 @@ func (d *GobusterFuzz) ProcessWord(ctx context.Context, word string, progress *l var statusCode int var size int64 var responseHeaders http.Header + var body []byte for i := 1; i <= tries; i++ { var err error - statusCode, size, responseHeaders, _, err = d.http.Request(ctx, url, requestOptions) + statusCode, size, responseHeaders, body, err = d.http.Request(ctx, url, requestOptions) if err != nil { // check if it's a timeout and if we should try again and try again // otherwise the timeout error is raised @@ -185,6 +194,18 @@ func (d *GobusterFuzz) ProcessWord(ctx context.Context, word string, progress *l break } + if d.options.BodyOutputDir != "" && body != nil { + fname := libgobuster.SanitizeFilename(fmt.Sprintf("%s_%d.html", strings.Trim(word, "/"), statusCode)) + fpath := filepath.Join(d.options.BodyOutputDir, fname) + err := os.WriteFile(fpath, body, 0o600) + if err != nil { + progress.MessageChan <- libgobuster.Message{ + Level: libgobuster.LevelError, + Message: fmt.Sprintf("Could not write body to file %s: %v", fpath, err), + } + } + } + if statusCode != 0 { resultStatus := true diff --git a/gobustergcs/gobustersgcs.go b/gobustergcs/gobustersgcs.go index 8c2c1eb3..161c01bd 100644 --- a/gobustergcs/gobustersgcs.go +++ b/gobustergcs/gobustersgcs.go @@ -43,13 +43,15 @@ func New(globalopts *libgobuster.Options, opts *OptionsGCS, logger *libgobuster. } basicOptions := libgobuster.BasicHTTPOptions{ - Proxy: opts.Proxy, - Timeout: opts.Timeout, - UserAgent: opts.UserAgent, - NoTLSValidation: opts.NoTLSValidation, - RetryOnTimeout: opts.RetryOnTimeout, - RetryAttempts: opts.RetryAttempts, - TLSCertificate: opts.TLSCertificate, + Proxy: opts.Proxy, + Timeout: opts.Timeout, + UserAgent: opts.UserAgent, + NoTLSValidation: opts.NoTLSValidation, + RetryOnTimeout: opts.RetryOnTimeout, + RetryAttempts: opts.RetryAttempts, + TLSCertificate: opts.TLSCertificate, + LocalAddr: opts.LocalAddr, + TLSRenegotiation: opts.TLSRenegotiation, } httpOpts := libgobuster.HTTPOptions{ diff --git a/gobustervhost/gobustervhost.go b/gobustervhost/gobustervhost.go index f2bae76d..cfebc279 100644 --- a/gobustervhost/gobustervhost.go +++ b/gobustervhost/gobustervhost.go @@ -9,6 +9,7 @@ import ( "io" "net/http" "os" + "path/filepath" "strings" "sync" "syscall" @@ -45,13 +46,15 @@ func New(globalopts *libgobuster.Options, opts *OptionsVhost, logger *libgobuste } basicOptions := libgobuster.BasicHTTPOptions{ - Proxy: opts.Proxy, - Timeout: opts.Timeout, - UserAgent: opts.UserAgent, - NoTLSValidation: opts.NoTLSValidation, - RetryOnTimeout: opts.RetryOnTimeout, - RetryAttempts: opts.RetryAttempts, - TLSCertificate: opts.TLSCertificate, + Proxy: opts.Proxy, + Timeout: opts.Timeout, + UserAgent: opts.UserAgent, + NoTLSValidation: opts.NoTLSValidation, + RetryOnTimeout: opts.RetryOnTimeout, + RetryAttempts: opts.RetryAttempts, + TLSCertificate: opts.TLSCertificate, + LocalAddr: opts.LocalAddr, + TLSRenegotiation: opts.TLSRenegotiation, } httpOpts := libgobuster.HTTPOptions{ @@ -63,6 +66,7 @@ func New(globalopts *libgobuster.Options, opts *OptionsVhost, logger *libgobuste NoCanonicalizeHeaders: opts.NoCanonicalizeHeaders, Cookies: opts.Cookies, Method: opts.Method, + BodyOutputDir: opts.BodyOutputDir, } h, err := libgobuster.NewHTTPClient(&httpOpts, logger) @@ -197,6 +201,18 @@ func (v *GobusterVhost) ProcessWord(ctx context.Context, word string, progress * break } + if v.options.BodyOutputDir != "" && body != nil { + fname := libgobuster.SanitizeFilename(fmt.Sprintf("%s_%d.html", strings.Trim(word, "/"), statusCode)) + fpath := filepath.Join(v.options.BodyOutputDir, fname) + err := os.WriteFile(fpath, body, 0o600) + if err != nil { + progress.MessageChan <- libgobuster.Message{ + Level: libgobuster.LevelError, + Message: fmt.Sprintf("Could not write body to file %s: %v", fpath, err), + } + } + } + // subdomain must not match default vhost and non existent vhost // or verbose mode is enabled found := body != nil && !bytes.Equal(body, v.normalBody) && !bytes.Equal(body, v.abnormalBody) diff --git a/libgobuster/helpers.go b/libgobuster/helpers.go index 4acd82f3..09f4f960 100644 --- a/libgobuster/helpers.go +++ b/libgobuster/helpers.go @@ -7,9 +7,11 @@ import ( "fmt" "io" "os" + "path/filepath" "regexp" "strconv" "strings" + "unicode" ) // Set is a set of Ts @@ -207,3 +209,71 @@ func ParseCommaSeparatedInt(inputString string) (Set[int], error) { } return ret, nil } + +// Windows reserved characters: < > : " | ? * and control characters (0-31) +var filenameInvalidChars = regexp.MustCompile(`[<>:"|?*\x00-\x1f]`) + +// sanitizeFilename removes or replaces invalid characters from a filename +// to make it safe for use on Windows, macOS, and Linux filesystems +func SanitizeFilename(filename string) string { + if filename == "" { + return "unnamed" + } + + // Remove leading/trailing whitespace + filename = strings.TrimSpace(filename) + + // Replace path separators and other problematic characters + filename = strings.ReplaceAll(filename, "/", "_") + filename = strings.ReplaceAll(filename, "\\", "_") + + filename = filenameInvalidChars.ReplaceAllString(filename, "_") + + // Remove non-printable Unicode characters + filename = strings.Map(func(r rune) rune { + if unicode.IsPrint(r) { + return r + } + return '_' + }, filename) + + // Windows reserved names (case-insensitive) + reservedNames := []string{ + "CON", "PRN", "AUX", "NUL", + "COM1", "COM2", "COM3", "COM4", "COM5", "COM6", "COM7", "COM8", "COM9", + "LPT1", "LPT2", "LPT3", "LPT4", "LPT5", "LPT6", "LPT7", "LPT8", "LPT9", + } + + // Check if filename (without extension) is a reserved name + nameOnly := strings.TrimSuffix(filename, filepath.Ext(filename)) + for _, reserved := range reservedNames { + if strings.EqualFold(nameOnly, reserved) { + filename = "_" + filename + break + } + } + + // Remove trailing dots and spaces (Windows requirement) + filename = strings.TrimRight(filename, ". ") + + // Ensure filename isn't empty after sanitization + if filename == "" { + filename = "unnamed" + } + + filename = filepath.Base(filename) + + // Limit length to 255 characters (common filesystem limit) + if len(filename) > 255 { + ext := filepath.Ext(filename) + base := strings.TrimSuffix(filename, ext) + maxBase := 255 - len(ext) + if maxBase > 0 { + filename = base[:maxBase] + ext + } else { + filename = filename[:255] + } + } + + return filename +} diff --git a/libgobuster/helpers_test.go b/libgobuster/helpers_test.go index f2f39d04..c84ce254 100644 --- a/libgobuster/helpers_test.go +++ b/libgobuster/helpers_test.go @@ -392,3 +392,173 @@ func BenchmarkParseCommaSeparatedInt(b *testing.B) { }) } } + +func TestSanitizeFilename(t *testing.T) { + tests := []struct { + name string + input string + expected string + }{ + { + name: "empty string", + input: "", + expected: "unnamed", + }, + { + name: "normal filename", + input: "test.txt", + expected: "test.txt", + }, + { + name: "filename with spaces", + input: " test file.txt ", + expected: "test file.txt", + }, + { + name: "filename with path separators", + input: "folder/test\\file.txt", + expected: "folder_test_file.txt", + }, + { + name: "filename with Windows invalid characters", + input: "testname:with|invalid?chars*.txt", + expected: "test_file_name_with_invalid_chars_.txt", + }, + { + name: "filename with control characters", + input: "test\x00file\x1fname.txt", + expected: "test_file_name.txt", + }, + { + name: "filename with non-printable Unicode", + input: "test\u200bfile\u2028name.txt", + expected: "test_file_name.txt", + }, + { + name: "Windows reserved name - CON", + input: "CON.txt", + expected: "_CON.txt", + }, + { + name: "Windows reserved name - PRN (lowercase)", + input: "prn.log", + expected: "_prn.log", + }, + { + name: "Windows reserved name - COM1", + input: "COM1", + expected: "_COM1", + }, + { + name: "Windows reserved name - LPT9", + input: "lpt9.dat", + expected: "_lpt9.dat", + }, + { + name: "filename with reserved name as part of longer name", + input: "CONfig.txt", + expected: "CONfig.txt", + }, + { + name: "filename with trailing dots and spaces", + input: "test.txt.. ", + expected: "test.txt", + }, + { + name: "filename that becomes empty after sanitization", + input: "... ", + expected: "unnamed", + }, + { + name: "very long filename", + input: strings.Repeat("a", 300) + ".txt", + expected: strings.Repeat("a", 251) + ".txt", // 255 total + }, + { + name: "long filename with long extension", + input: strings.Repeat("a", 250) + "." + strings.Repeat("b", 10), + expected: strings.Repeat("a", 244) + "." + strings.Repeat("b", 10), // 255 total + }, + { + name: "long filename where extension is too long", + input: "test." + strings.Repeat("b", 260), + expected: ("test." + strings.Repeat("b", 260))[:255], + }, + { + name: "whitespace only", + input: " \t\n ", + expected: "unnamed", + }, + { + name: "mixed invalid characters and reserved name", + input: "aux|withchars.log", + expected: "aux_with_invalid_chars.log", + }, + { + name: "reserved name", + input: "AUX.log", + expected: "_AUX.log", + }, + { + name: "Unicode filename", + input: "ั‚ะตัั‚ ั„ะฐะนะป.txt", + expected: "ั‚ะตัั‚ ั„ะฐะนะป.txt", + }, + { + name: "filename with quotes", + input: `"quoted filename".txt`, + expected: "_quoted filename_.txt", + }, + { + name: "filename with pipe character", + input: "file|with|pipes.txt", + expected: "file_with_pipes.txt", + }, + { + name: "filename with question marks", + input: "what?is?this?.txt", + expected: "what_is_this_.txt", + }, + { + name: "filename with asterisks", + input: "wild*card*name*.txt", + expected: "wild_card_name_.txt", + }, + { + name: "only extension", + input: ".hidden", + expected: ".hidden", + }, + { + name: "reserved name without extension", + input: "NUL", + expected: "_NUL", + }, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + result := SanitizeFilename(tt.input) + if result != tt.expected { + t.Errorf("sanitizeFilename(%q) = %q, want %q", tt.input, result, tt.expected) + } + + // Additional validation: ensure result is safe + if len(result) > 255 { + t.Errorf("sanitizeFilename(%q) returned filename too long: %d characters", tt.input, len(result)) + } + + if strings.ContainsAny(result, `<>:"|?*`) { + t.Errorf("sanitizeFilename(%q) still contains invalid characters: %q", tt.input, result) + } + + if strings.Contains(result, "/") || strings.Contains(result, "\\") { + t.Errorf("sanitizeFilename(%q) still contains path separators: %q", tt.input, result) + } + + if result == "" { + t.Errorf("sanitizeFilename(%q) returned empty string", tt.input) + } + }) + } +} diff --git a/libgobuster/options_http.go b/libgobuster/options_http.go index f4dcbbe6..52067a09 100644 --- a/libgobuster/options_http.go +++ b/libgobuster/options_http.go @@ -31,4 +31,5 @@ type HTTPOptions struct { NoCanonicalizeHeaders bool FollowRedirect bool Method string + BodyOutputDir string } diff --git a/libgobuster/version.go b/libgobuster/version.go index 69134730..51a56265 100644 --- a/libgobuster/version.go +++ b/libgobuster/version.go @@ -8,7 +8,7 @@ import ( const ( // VERSION contains the current gobuster version - VERSION = "3.8.2" + VERSION = "3.8.3" ) func GetVersion() string { From 66f23ccb6c53051e9081481330c6cf88e218c9f7 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 13 Oct 2025 20:03:01 +0000 Subject: [PATCH 17/51] Bump golang.org/x/term from 0.35.0 to 0.36.0 Bumps [golang.org/x/term](https://github.com/golang/term) from 0.35.0 to 0.36.0. - [Commits](https://github.com/golang/term/compare/v0.35.0...v0.36.0) --- updated-dependencies: - dependency-name: golang.org/x/term dependency-version: 0.36.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- go.mod | 4 ++-- go.sum | 8 ++++---- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/go.mod b/go.mod index c95cf64c..442b3b84 100644 --- a/go.mod +++ b/go.mod @@ -8,7 +8,7 @@ require ( github.com/pin/tftp/v3 v3.1.0 github.com/urfave/cli/v2 v2.27.7 go.uber.org/automaxprocs v1.6.0 - golang.org/x/term v0.35.0 + golang.org/x/term v0.36.0 software.sslmate.com/src/go-pkcs12 v0.6.0 ) @@ -23,7 +23,7 @@ require ( golang.org/x/mod v0.28.0 // indirect golang.org/x/net v0.44.0 // indirect golang.org/x/sync v0.17.0 // indirect - golang.org/x/sys v0.36.0 // indirect + golang.org/x/sys v0.37.0 // indirect golang.org/x/tools v0.37.0 // indirect mvdan.cc/gofumpt v0.9.1 // indirect ) diff --git a/go.sum b/go.sum index 2e105f7e..694a2aec 100644 --- a/go.sum +++ b/go.sum @@ -48,10 +48,10 @@ golang.org/x/sync v0.17.0 h1:l60nONMj9l5drqw6jlhIELNv9I0A4OFgRsG9k2oT9Ug= golang.org/x/sync v0.17.0/go.mod h1:9KTHXmSnoGruLpwFjVSX0lNNA75CykiMECbovNTZqGI= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.36.0 h1:KVRy2GtZBrk1cBYA7MKu5bEZFxQk4NIDV6RLVcC8o0k= -golang.org/x/sys v0.36.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks= -golang.org/x/term v0.35.0 h1:bZBVKBudEyhRcajGcNc3jIfWPqV4y/Kt2XcoigOWtDQ= -golang.org/x/term v0.35.0/go.mod h1:TPGtkTLesOwf2DE8CgVYiZinHAOuy5AYUYT1lENIZnA= +golang.org/x/sys v0.37.0 h1:fdNQudmxPjkdUTPnLn5mdQv7Zwvbvpaxqs831goi9kQ= +golang.org/x/sys v0.37.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks= +golang.org/x/term v0.36.0 h1:zMPR+aF8gfksFprF/Nc/rd1wRS1EI6nDBGyWAvDzx2Q= +golang.org/x/term v0.36.0/go.mod h1:Qu394IJq6V6dCBRgwqshf3mPF85AqzYEzofzRdZkWss= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/tools v0.37.0 h1:DVSRzp7FwePZW356yEAChSdNcQo6Nsp+fex1SUW09lE= golang.org/x/tools v0.37.0/go.mod h1:MBN5QPQtLMHVdvsbtarmTNukZDdgwdwlO5qGacAzF0w= From 620cc4c814241f3101bb542c128cc08f7394d25e Mon Sep 17 00:00:00 2001 From: Christian Mehlmauer <105281+firefart@users.noreply.github.com> Date: Thu, 30 Oct 2025 15:53:26 +0100 Subject: [PATCH 18/51] Fix #610 --- main.go | 1 + 1 file changed, 1 insertion(+) diff --git a/main.go b/main.go index 08ce1ae1..bb300dd5 100644 --- a/main.go +++ b/main.go @@ -54,6 +54,7 @@ func main() { s3.Command(), gcs.Command(), }, + DisableSliceFlagSeparator: true, // needed so we can specify ',' in slice flags. Otherwise urfave/cli splits on ',' } err := app.Run(os.Args) From f19b0d74d4d490833885d26fc0576b8a7588106c Mon Sep 17 00:00:00 2001 From: Christian Mehlmauer <105281+firefart@users.noreply.github.com> Date: Thu, 30 Oct 2025 16:01:30 +0100 Subject: [PATCH 19/51] update --- go.mod | 10 +++++----- go.sum | 20 ++++++++++---------- gobustergcs/gobustersgcs.go | 2 +- gobusters3/gobusters3.go | 2 +- 4 files changed, 17 insertions(+), 17 deletions(-) diff --git a/go.mod b/go.mod index 442b3b84..f7fdcae8 100644 --- a/go.mod +++ b/go.mod @@ -19,13 +19,13 @@ require ( github.com/mattn/go-isatty v0.0.20 // indirect github.com/russross/blackfriday/v2 v2.1.0 // indirect github.com/xrash/smetrics v0.0.0-20250705151800-55b8f293f342 // indirect - golang.org/x/crypto v0.42.0 // indirect - golang.org/x/mod v0.28.0 // indirect - golang.org/x/net v0.44.0 // indirect + golang.org/x/crypto v0.43.0 // indirect + golang.org/x/mod v0.29.0 // indirect + golang.org/x/net v0.46.0 // indirect golang.org/x/sync v0.17.0 // indirect golang.org/x/sys v0.37.0 // indirect - golang.org/x/tools v0.37.0 // indirect - mvdan.cc/gofumpt v0.9.1 // indirect + golang.org/x/tools v0.38.0 // indirect + mvdan.cc/gofumpt v0.9.2 // indirect ) tool mvdan.cc/gofumpt diff --git a/go.sum b/go.sum index 694a2aec..2fd94068 100644 --- a/go.sum +++ b/go.sum @@ -37,13 +37,13 @@ github.com/xrash/smetrics v0.0.0-20250705151800-55b8f293f342/go.mod h1:Ohn+xnUBi go.uber.org/automaxprocs v1.6.0 h1:O3y2/QNTOdbF+e/dpXNNW7Rx2hZ4sTIPyybbxyNqTUs= go.uber.org/automaxprocs v1.6.0/go.mod h1:ifeIMSnPZuznNm6jmdzmU3/bfk01Fe2fotchwEFJ8r8= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= -golang.org/x/crypto v0.42.0 h1:chiH31gIWm57EkTXpwnqf8qeuMUi0yekh6mT2AvFlqI= -golang.org/x/crypto v0.42.0/go.mod h1:4+rDnOTJhQCx2q7/j6rAN5XDw8kPjeaXEUR2eL94ix8= -golang.org/x/mod v0.28.0 h1:gQBtGhjxykdjY9YhZpSlZIsbnaE2+PgjfLWUQTnoZ1U= -golang.org/x/mod v0.28.0/go.mod h1:yfB/L0NOf/kmEbXjzCPOx1iK1fRutOydrCMsqRhEBxI= +golang.org/x/crypto v0.43.0 h1:dduJYIi3A3KOfdGOHX8AVZ/jGiyPa3IbBozJ5kNuE04= +golang.org/x/crypto v0.43.0/go.mod h1:BFbav4mRNlXJL4wNeejLpWxB7wMbc79PdRGhWKncxR0= +golang.org/x/mod v0.29.0 h1:HV8lRxZC4l2cr3Zq1LvtOsi/ThTgWnUk/y64QSs8GwA= +golang.org/x/mod v0.29.0/go.mod h1:NyhrlYXJ2H4eJiRy/WDBO6HMqZQ6q9nk4JzS3NuCK+w= golang.org/x/net v0.0.0-20200202094626-16171245cfb2/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.44.0 h1:evd8IRDyfNBMBTTY5XRF1vaZlD+EmWx6x8PkhR04H/I= -golang.org/x/net v0.44.0/go.mod h1:ECOoLqd5U3Lhyeyo/QDCEVQ4sNgYsqvCZ722XogGieY= +golang.org/x/net v0.46.0 h1:giFlY12I07fugqwPuWJi68oOnpfqFnJIJzaIIm2JVV4= +golang.org/x/net v0.46.0/go.mod h1:Q9BGdFy1y4nkUwiLvT5qtyhAnEHgnQ/zd8PfU6nc210= golang.org/x/sync v0.17.0 h1:l60nONMj9l5drqw6jlhIELNv9I0A4OFgRsG9k2oT9Ug= golang.org/x/sync v0.17.0/go.mod h1:9KTHXmSnoGruLpwFjVSX0lNNA75CykiMECbovNTZqGI= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= @@ -53,11 +53,11 @@ golang.org/x/sys v0.37.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks= golang.org/x/term v0.36.0 h1:zMPR+aF8gfksFprF/Nc/rd1wRS1EI6nDBGyWAvDzx2Q= golang.org/x/term v0.36.0/go.mod h1:Qu394IJq6V6dCBRgwqshf3mPF85AqzYEzofzRdZkWss= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= -golang.org/x/tools v0.37.0 h1:DVSRzp7FwePZW356yEAChSdNcQo6Nsp+fex1SUW09lE= -golang.org/x/tools v0.37.0/go.mod h1:MBN5QPQtLMHVdvsbtarmTNukZDdgwdwlO5qGacAzF0w= +golang.org/x/tools v0.38.0 h1:Hx2Xv8hISq8Lm16jvBZ2VQf+RLmbd7wVUsALibYI/IQ= +golang.org/x/tools v0.38.0/go.mod h1:yEsQ/d/YK8cjh0L6rZlY8tgtlKiBNTL14pGDJPJpYQs= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -mvdan.cc/gofumpt v0.9.1 h1:p5YT2NfFWsYyTieYgwcQ8aKV3xRvFH4uuN/zB2gBbMQ= -mvdan.cc/gofumpt v0.9.1/go.mod h1:3xYtNemnKiXaTh6R4VtlqDATFwBbdXI8lJvH/4qk7mw= +mvdan.cc/gofumpt v0.9.2 h1:zsEMWL8SVKGHNztrx6uZrXdp7AX8r421Vvp23sz7ik4= +mvdan.cc/gofumpt v0.9.2/go.mod h1:iB7Hn+ai8lPvofHd9ZFGVg2GOr8sBUw1QUWjNbmIL/s= software.sslmate.com/src/go-pkcs12 v0.6.0 h1:f3sQittAeF+pao32Vb+mkli+ZyT+VwKaD014qFGq6oU= software.sslmate.com/src/go-pkcs12 v0.6.0/go.mod h1:Qiz0EyvDRJjjxGyUQa2cCNZn/wMyzrRJ/qcDXOQazLI= diff --git a/gobustergcs/gobustersgcs.go b/gobustergcs/gobustersgcs.go index 161c01bd..ecc02679 100644 --- a/gobustergcs/gobustersgcs.go +++ b/gobustergcs/gobustersgcs.go @@ -191,7 +191,7 @@ func (s *GobusterGCS) ProcessWord(ctx context.Context, word string, progress *li } extraStr = "Bucket Listing enabled: " for _, x := range gcsListing.Items { - extraStr += fmt.Sprintf("%s (%sb), ", x.Name, x.Size) + extraStr += fmt.Sprintf("%s (%sb), ", x.Name, x.Size) // nolint:perfsprint } extraStr = strings.TrimRight(extraStr, ", ") } diff --git a/gobusters3/gobusters3.go b/gobusters3/gobusters3.go index e0600d63..fb98dfba 100644 --- a/gobusters3/gobusters3.go +++ b/gobusters3/gobusters3.go @@ -180,7 +180,7 @@ func (s *GobusterS3) ProcessWord(ctx context.Context, word string, progress *lib } extraStr = "Bucket Listing enabled: " for _, x := range awsListing.Contents { - extraStr += fmt.Sprintf("%s (%db), ", x.Key, x.Size) + extraStr += fmt.Sprintf("%s (%db), ", x.Key, x.Size) // nolint:perfsprint } extraStr = strings.TrimRight(extraStr, ", ") } From 8c13a5bfcfcb46009b362ed7813dd567e023f6d0 Mon Sep 17 00:00:00 2001 From: Christian Mehlmauer <105281+firefart@users.noreply.github.com> Date: Fri, 31 Oct 2025 21:04:03 +0100 Subject: [PATCH 20/51] Allow comma in Header values via CLI Signed-off-by: Christian Mehlmauer <105281+firefart@users.noreply.github.com> --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 45b2e3b0..fb22a14c 100644 --- a/README.md +++ b/README.md @@ -357,6 +357,7 @@ _Remember: Always test responsibly and with proper authorization._ - Add option to filter body by regex - Add option to save response bodies +- Allow comma in Header values passed via the CLI From 88666c98da43785de37e6a4f3cf1b9c3cfebfcc0 Mon Sep 17 00:00:00 2001 From: firefart <105281+firefart@users.noreply.github.com> Date: Sun, 9 Nov 2025 04:02:35 +0000 Subject: [PATCH 21/51] chore: update dependencies [automated] --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index f7fdcae8..f35b7afe 100644 --- a/go.mod +++ b/go.mod @@ -23,7 +23,7 @@ require ( golang.org/x/mod v0.29.0 // indirect golang.org/x/net v0.46.0 // indirect golang.org/x/sync v0.17.0 // indirect - golang.org/x/sys v0.37.0 // indirect + golang.org/x/sys v0.38.0 // indirect golang.org/x/tools v0.38.0 // indirect mvdan.cc/gofumpt v0.9.2 // indirect ) diff --git a/go.sum b/go.sum index 2fd94068..5dd870d9 100644 --- a/go.sum +++ b/go.sum @@ -48,8 +48,8 @@ golang.org/x/sync v0.17.0 h1:l60nONMj9l5drqw6jlhIELNv9I0A4OFgRsG9k2oT9Ug= golang.org/x/sync v0.17.0/go.mod h1:9KTHXmSnoGruLpwFjVSX0lNNA75CykiMECbovNTZqGI= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.37.0 h1:fdNQudmxPjkdUTPnLn5mdQv7Zwvbvpaxqs831goi9kQ= -golang.org/x/sys v0.37.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks= +golang.org/x/sys v0.38.0 h1:3yZWxaJjBmCWXqhN1qh02AkOnCQ1poK6oF+a7xWL6Gc= +golang.org/x/sys v0.38.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks= golang.org/x/term v0.36.0 h1:zMPR+aF8gfksFprF/Nc/rd1wRS1EI6nDBGyWAvDzx2Q= golang.org/x/term v0.36.0/go.mod h1:Qu394IJq6V6dCBRgwqshf3mPF85AqzYEzofzRdZkWss= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= From aee5a6e68b8123e4285d9116240bed7408ec6e3b Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 10 Nov 2025 20:05:10 +0000 Subject: [PATCH 22/51] Bump golangci/golangci-lint-action from 8 to 9 Bumps [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action) from 8 to 9. - [Release notes](https://github.com/golangci/golangci-lint-action/releases) - [Commits](https://github.com/golangci/golangci-lint-action/compare/v8...v9) --- updated-dependencies: - dependency-name: golangci/golangci-lint-action dependency-version: '9' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/golangci-lint.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/golangci-lint.yml b/.github/workflows/golangci-lint.yml index d6fcd95b..0e7d277b 100644 --- a/.github/workflows/golangci-lint.yml +++ b/.github/workflows/golangci-lint.yml @@ -15,7 +15,7 @@ jobs: go-version: "stable" - name: golangci-lint - uses: golangci/golangci-lint-action@v8 + uses: golangci/golangci-lint-action@v9 with: version: latest args: --timeout=5m From d27d87dfb247dfb65e3820a0c84fba5ae0b5dd5d Mon Sep 17 00:00:00 2001 From: firefart <105281+firefart@users.noreply.github.com> Date: Wed, 12 Nov 2025 04:03:23 +0000 Subject: [PATCH 23/51] chore: update dependencies [automated] --- go.mod | 6 +++--- go.sum | 12 ++++++------ 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/go.mod b/go.mod index f35b7afe..63bf303d 100644 --- a/go.mod +++ b/go.mod @@ -8,7 +8,7 @@ require ( github.com/pin/tftp/v3 v3.1.0 github.com/urfave/cli/v2 v2.27.7 go.uber.org/automaxprocs v1.6.0 - golang.org/x/term v0.36.0 + golang.org/x/term v0.37.0 software.sslmate.com/src/go-pkcs12 v0.6.0 ) @@ -19,9 +19,9 @@ require ( github.com/mattn/go-isatty v0.0.20 // indirect github.com/russross/blackfriday/v2 v2.1.0 // indirect github.com/xrash/smetrics v0.0.0-20250705151800-55b8f293f342 // indirect - golang.org/x/crypto v0.43.0 // indirect + golang.org/x/crypto v0.44.0 // indirect golang.org/x/mod v0.29.0 // indirect - golang.org/x/net v0.46.0 // indirect + golang.org/x/net v0.47.0 // indirect golang.org/x/sync v0.17.0 // indirect golang.org/x/sys v0.38.0 // indirect golang.org/x/tools v0.38.0 // indirect diff --git a/go.sum b/go.sum index 5dd870d9..8747fba3 100644 --- a/go.sum +++ b/go.sum @@ -37,21 +37,21 @@ github.com/xrash/smetrics v0.0.0-20250705151800-55b8f293f342/go.mod h1:Ohn+xnUBi go.uber.org/automaxprocs v1.6.0 h1:O3y2/QNTOdbF+e/dpXNNW7Rx2hZ4sTIPyybbxyNqTUs= go.uber.org/automaxprocs v1.6.0/go.mod h1:ifeIMSnPZuznNm6jmdzmU3/bfk01Fe2fotchwEFJ8r8= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= -golang.org/x/crypto v0.43.0 h1:dduJYIi3A3KOfdGOHX8AVZ/jGiyPa3IbBozJ5kNuE04= -golang.org/x/crypto v0.43.0/go.mod h1:BFbav4mRNlXJL4wNeejLpWxB7wMbc79PdRGhWKncxR0= +golang.org/x/crypto v0.44.0 h1:A97SsFvM3AIwEEmTBiaxPPTYpDC47w720rdiiUvgoAU= +golang.org/x/crypto v0.44.0/go.mod h1:013i+Nw79BMiQiMsOPcVCB5ZIJbYkerPrGnOa00tvmc= golang.org/x/mod v0.29.0 h1:HV8lRxZC4l2cr3Zq1LvtOsi/ThTgWnUk/y64QSs8GwA= golang.org/x/mod v0.29.0/go.mod h1:NyhrlYXJ2H4eJiRy/WDBO6HMqZQ6q9nk4JzS3NuCK+w= golang.org/x/net v0.0.0-20200202094626-16171245cfb2/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.46.0 h1:giFlY12I07fugqwPuWJi68oOnpfqFnJIJzaIIm2JVV4= -golang.org/x/net v0.46.0/go.mod h1:Q9BGdFy1y4nkUwiLvT5qtyhAnEHgnQ/zd8PfU6nc210= +golang.org/x/net v0.47.0 h1:Mx+4dIFzqraBXUugkia1OOvlD6LemFo1ALMHjrXDOhY= +golang.org/x/net v0.47.0/go.mod h1:/jNxtkgq5yWUGYkaZGqo27cfGZ1c5Nen03aYrrKpVRU= golang.org/x/sync v0.17.0 h1:l60nONMj9l5drqw6jlhIELNv9I0A4OFgRsG9k2oT9Ug= golang.org/x/sync v0.17.0/go.mod h1:9KTHXmSnoGruLpwFjVSX0lNNA75CykiMECbovNTZqGI= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.38.0 h1:3yZWxaJjBmCWXqhN1qh02AkOnCQ1poK6oF+a7xWL6Gc= golang.org/x/sys v0.38.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks= -golang.org/x/term v0.36.0 h1:zMPR+aF8gfksFprF/Nc/rd1wRS1EI6nDBGyWAvDzx2Q= -golang.org/x/term v0.36.0/go.mod h1:Qu394IJq6V6dCBRgwqshf3mPF85AqzYEzofzRdZkWss= +golang.org/x/term v0.37.0 h1:8EGAD0qCmHYZg6J17DvsMy9/wJ7/D/4pV/wfnld5lTU= +golang.org/x/term v0.37.0/go.mod h1:5pB4lxRNYYVZuTLmy8oR2BH8dflOR+IbTYFD8fi3254= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/tools v0.38.0 h1:Hx2Xv8hISq8Lm16jvBZ2VQf+RLmbd7wVUsALibYI/IQ= golang.org/x/tools v0.38.0/go.mod h1:yEsQ/d/YK8cjh0L6rZlY8tgtlKiBNTL14pGDJPJpYQs= From cff4b344f9114f88bcad550d8ae8d460757ac0b3 Mon Sep 17 00:00:00 2001 From: firefart <105281+firefart@users.noreply.github.com> Date: Thu, 20 Nov 2025 04:02:40 +0000 Subject: [PATCH 24/51] chore: update dependencies [automated] --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index 63bf303d..a82ef5a3 100644 --- a/go.mod +++ b/go.mod @@ -19,7 +19,7 @@ require ( github.com/mattn/go-isatty v0.0.20 // indirect github.com/russross/blackfriday/v2 v2.1.0 // indirect github.com/xrash/smetrics v0.0.0-20250705151800-55b8f293f342 // indirect - golang.org/x/crypto v0.44.0 // indirect + golang.org/x/crypto v0.45.0 // indirect golang.org/x/mod v0.29.0 // indirect golang.org/x/net v0.47.0 // indirect golang.org/x/sync v0.17.0 // indirect diff --git a/go.sum b/go.sum index 8747fba3..60088177 100644 --- a/go.sum +++ b/go.sum @@ -37,8 +37,8 @@ github.com/xrash/smetrics v0.0.0-20250705151800-55b8f293f342/go.mod h1:Ohn+xnUBi go.uber.org/automaxprocs v1.6.0 h1:O3y2/QNTOdbF+e/dpXNNW7Rx2hZ4sTIPyybbxyNqTUs= go.uber.org/automaxprocs v1.6.0/go.mod h1:ifeIMSnPZuznNm6jmdzmU3/bfk01Fe2fotchwEFJ8r8= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= -golang.org/x/crypto v0.44.0 h1:A97SsFvM3AIwEEmTBiaxPPTYpDC47w720rdiiUvgoAU= -golang.org/x/crypto v0.44.0/go.mod h1:013i+Nw79BMiQiMsOPcVCB5ZIJbYkerPrGnOa00tvmc= +golang.org/x/crypto v0.45.0 h1:jMBrvKuj23MTlT0bQEOBcAE0mjg8mK9RXFhRH6nyF3Q= +golang.org/x/crypto v0.45.0/go.mod h1:XTGrrkGJve7CYK7J8PEww4aY7gM3qMCElcJQ8n8JdX4= golang.org/x/mod v0.29.0 h1:HV8lRxZC4l2cr3Zq1LvtOsi/ThTgWnUk/y64QSs8GwA= golang.org/x/mod v0.29.0/go.mod h1:NyhrlYXJ2H4eJiRy/WDBO6HMqZQ6q9nk4JzS3NuCK+w= golang.org/x/net v0.0.0-20200202094626-16171245cfb2/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= From 50ec1e487ddd38454d07d203f7ce98f918b06803 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 20 Nov 2025 20:04:39 +0000 Subject: [PATCH 25/51] Bump actions/checkout from 5 to 6 Bumps [actions/checkout](https://github.com/actions/checkout) from 5 to 6. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v5...v6) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/docker.yml | 2 +- .github/workflows/go.yml | 2 +- .github/workflows/golangci-lint.yml | 2 +- .github/workflows/hadolint.yml | 2 +- .github/workflows/release.yml | 2 +- .github/workflows/vhs.yml | 2 +- .github/workflows/yamllint.yml | 2 +- 7 files changed, 7 insertions(+), 7 deletions(-) diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index 878f30ce..3bcae17a 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -17,7 +17,7 @@ jobs: steps: - name: checkout sources - uses: actions/checkout@v5 + uses: actions/checkout@v6 - name: Set up QEMU uses: docker/setup-qemu-action@v3 diff --git a/.github/workflows/go.yml b/.github/workflows/go.yml index b659900e..cba9d2d1 100644 --- a/.github/workflows/go.yml +++ b/.github/workflows/go.yml @@ -8,7 +8,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Check out code - uses: actions/checkout@v5 + uses: actions/checkout@v6 - name: Set up Go uses: actions/setup-go@v6 diff --git a/.github/workflows/golangci-lint.yml b/.github/workflows/golangci-lint.yml index 0e7d277b..f3ff7adf 100644 --- a/.github/workflows/golangci-lint.yml +++ b/.github/workflows/golangci-lint.yml @@ -8,7 +8,7 @@ jobs: timeout-minutes: 30 runs-on: ubuntu-latest steps: - - uses: actions/checkout@v5 + - uses: actions/checkout@v6 - uses: actions/setup-go@v6 with: diff --git a/.github/workflows/hadolint.yml b/.github/workflows/hadolint.yml index 8286592c..c43193fe 100644 --- a/.github/workflows/hadolint.yml +++ b/.github/workflows/hadolint.yml @@ -12,7 +12,7 @@ jobs: name: hadolint runs-on: ubuntu-latest steps: - - uses: actions/checkout@v5 + - uses: actions/checkout@v6 - uses: hadolint/hadolint-action@v3.3.0 with: dockerfile: Dockerfile diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 87f70332..1b40132c 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -13,7 +13,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v5 + uses: actions/checkout@v6 with: fetch-depth: 0 diff --git a/.github/workflows/vhs.yml b/.github/workflows/vhs.yml index 71355d7a..31fa53b8 100644 --- a/.github/workflows/vhs.yml +++ b/.github/workflows/vhs.yml @@ -15,7 +15,7 @@ jobs: vhs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v5 + - uses: actions/checkout@v6 - name: Set up Go uses: actions/setup-go@v6 diff --git a/.github/workflows/yamllint.yml b/.github/workflows/yamllint.yml index d58ce73a..3aac1604 100644 --- a/.github/workflows/yamllint.yml +++ b/.github/workflows/yamllint.yml @@ -13,7 +13,7 @@ jobs: name: yamllint runs-on: ubuntu-latest steps: - - uses: actions/checkout@v5 + - uses: actions/checkout@v6 - uses: karancode/yamllint-github-action@master with: # fail on warnings and errors From 8bfb300465428dd871fade06dedd46b6ef4809fd Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 21 Nov 2025 20:04:48 +0000 Subject: [PATCH 26/51] Bump stefanzweifel/git-auto-commit-action from 5 to 7 Bumps [stefanzweifel/git-auto-commit-action](https://github.com/stefanzweifel/git-auto-commit-action) from 5 to 7. - [Release notes](https://github.com/stefanzweifel/git-auto-commit-action/releases) - [Changelog](https://github.com/stefanzweifel/git-auto-commit-action/blob/master/CHANGELOG.md) - [Commits](https://github.com/stefanzweifel/git-auto-commit-action/compare/v5...v7) --- updated-dependencies: - dependency-name: stefanzweifel/git-auto-commit-action dependency-version: '7' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/update.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/update.yml b/.github/workflows/update.yml index edeff029..1c0bb2d8 100644 --- a/.github/workflows/update.yml +++ b/.github/workflows/update.yml @@ -28,7 +28,7 @@ jobs: go mod tidy - name: Commit and push changes - uses: stefanzweifel/git-auto-commit-action@v5 + uses: stefanzweifel/git-auto-commit-action@v7 with: commit_message: "chore: update dependencies [automated]" branch: dev From c13280af8166dc343db023d145b7dbe4db2c477e Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 21 Nov 2025 20:04:57 +0000 Subject: [PATCH 27/51] Bump actions/checkout from 4 to 6 Bumps [actions/checkout](https://github.com/actions/checkout) from 4 to 6. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v4...v6) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/update.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/update.yml b/.github/workflows/update.yml index edeff029..d530bdda 100644 --- a/.github/workflows/update.yml +++ b/.github/workflows/update.yml @@ -13,7 +13,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: ref: dev From 5b7d7d9a1ae68f8f747783374990fb70ee23d68a Mon Sep 17 00:00:00 2001 From: Atalata <82236839+atalatable@users.noreply.github.com> Date: Tue, 2 Dec 2025 20:12:05 +0100 Subject: [PATCH 28/51] Update method flag description Signed-off-by: Atalata <82236839+atalatable@users.noreply.github.com> --- cli/options.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cli/options.go b/cli/options.go index 7f035744..d610f476 100644 --- a/cli/options.go +++ b/cli/options.go @@ -129,7 +129,7 @@ func CommonHTTPOptions() []cli.Flag { &cli.BoolFlag{Name: "follow-redirect", Aliases: []string{"r"}, Value: false, Usage: "Follow redirects"}, &cli.StringSliceFlag{Name: "headers", Aliases: []string{"H"}, Usage: "Specify HTTP headers, -H 'Header1: val1' -H 'Header2: val2'"}, &cli.BoolFlag{Name: "no-canonicalize-headers", Aliases: []string{"nch"}, Value: false, Usage: "Do not canonicalize HTTP header names. If set header names are sent as is"}, - &cli.StringFlag{Name: "method", Aliases: []string{"m"}, Value: "GET", Usage: "the password to the p12 file"}, + &cli.StringFlag{Name: "method", Aliases: []string{"m"}, Value: "GET", Usage: "Specify HTTP method"}, }...) flags = append(flags, BasicHTTPOptions()...) return flags From 620ff792fb1fb779ca0e1fed18b2fdafbef626fb Mon Sep 17 00:00:00 2001 From: Christian Mehlmauer <105281+firefart@users.noreply.github.com> Date: Wed, 3 Dec 2025 00:26:23 +0100 Subject: [PATCH 29/51] Fix formatting for body-output-dir flag Signed-off-by: Christian Mehlmauer <105281+firefart@users.noreply.github.com> --- cli/options.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cli/options.go b/cli/options.go index ce3d9f02..95302578 100644 --- a/cli/options.go +++ b/cli/options.go @@ -130,7 +130,7 @@ func CommonHTTPOptions() []cli.Flag { &cli.StringSliceFlag{Name: "headers", Aliases: []string{"H"}, Usage: "Specify HTTP headers, -H 'Header1: val1' -H 'Header2: val2'"}, &cli.BoolFlag{Name: "no-canonicalize-headers", Aliases: []string{"nch"}, Value: false, Usage: "Do not canonicalize HTTP header names. If set header names are sent as is"}, &cli.StringFlag{Name: "method", Aliases: []string{"m"}, Value: "GET", Usage: "Specify HTTP method"}, - &cli.StringFlag{Name: "body-output-dir", Usage: "Directory to store response bodies"}, + &cli.StringFlag{Name: "body-output-dir", Usage: "Directory to store response bodies"}, }...) flags = append(flags, BasicHTTPOptions()...) return flags From eeb7edbce16ab970b952a4b7098285c8efc31eed Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 8 Dec 2025 20:02:46 +0000 Subject: [PATCH 30/51] Bump golang.org/x/term from 0.37.0 to 0.38.0 Bumps [golang.org/x/term](https://github.com/golang/term) from 0.37.0 to 0.38.0. - [Commits](https://github.com/golang/term/compare/v0.37.0...v0.38.0) --- updated-dependencies: - dependency-name: golang.org/x/term dependency-version: 0.38.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- go.mod | 4 ++-- go.sum | 8 ++++---- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/go.mod b/go.mod index 0f08a407..fac7121a 100644 --- a/go.mod +++ b/go.mod @@ -8,7 +8,7 @@ require ( github.com/pin/tftp/v3 v3.1.0 github.com/urfave/cli/v2 v2.27.7 go.uber.org/automaxprocs v1.6.0 - golang.org/x/term v0.37.0 + golang.org/x/term v0.38.0 software.sslmate.com/src/go-pkcs12 v0.6.0 ) @@ -23,7 +23,7 @@ require ( golang.org/x/mod v0.30.0 // indirect golang.org/x/net v0.47.0 // indirect golang.org/x/sync v0.18.0 // indirect - golang.org/x/sys v0.38.0 // indirect + golang.org/x/sys v0.39.0 // indirect golang.org/x/tools v0.39.0 // indirect mvdan.cc/gofumpt v0.9.2 // indirect ) diff --git a/go.sum b/go.sum index d37bc61d..1c851c99 100644 --- a/go.sum +++ b/go.sum @@ -48,10 +48,10 @@ golang.org/x/sync v0.18.0 h1:kr88TuHDroi+UVf+0hZnirlk8o8T+4MrK6mr60WkH/I= golang.org/x/sync v0.18.0/go.mod h1:9KTHXmSnoGruLpwFjVSX0lNNA75CykiMECbovNTZqGI= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.38.0 h1:3yZWxaJjBmCWXqhN1qh02AkOnCQ1poK6oF+a7xWL6Gc= -golang.org/x/sys v0.38.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks= -golang.org/x/term v0.37.0 h1:8EGAD0qCmHYZg6J17DvsMy9/wJ7/D/4pV/wfnld5lTU= -golang.org/x/term v0.37.0/go.mod h1:5pB4lxRNYYVZuTLmy8oR2BH8dflOR+IbTYFD8fi3254= +golang.org/x/sys v0.39.0 h1:CvCKL8MeisomCi6qNZ+wbb0DN9E5AATixKsvNtMoMFk= +golang.org/x/sys v0.39.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks= +golang.org/x/term v0.38.0 h1:PQ5pkm/rLO6HnxFR7N2lJHOZX6Kez5Y1gDSJla6jo7Q= +golang.org/x/term v0.38.0/go.mod h1:bSEAKrOT1W+VSu9TSCMtoGEOUcKxOKgl3LE5QEF/xVg= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/tools v0.39.0 h1:ik4ho21kwuQln40uelmciQPp9SipgNDdrafrYA4TmQQ= golang.org/x/tools v0.39.0/go.mod h1:JnefbkDPyD8UU2kI5fuf8ZX4/yUeh9W877ZeBONxUqQ= From cd0f400dc3c3cb514c2c818f3ac5f32b75b7ba80 Mon Sep 17 00:00:00 2001 From: firefart <105281+firefart@users.noreply.github.com> Date: Tue, 9 Dec 2025 04:06:56 +0000 Subject: [PATCH 31/51] chore: update dependencies [automated] --- go.mod | 4 ++-- go.sum | 8 ++++---- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/go.mod b/go.mod index fac7121a..298147b8 100644 --- a/go.mod +++ b/go.mod @@ -19,9 +19,9 @@ require ( github.com/mattn/go-isatty v0.0.20 // indirect github.com/russross/blackfriday/v2 v2.1.0 // indirect github.com/xrash/smetrics v0.0.0-20250705151800-55b8f293f342 // indirect - golang.org/x/crypto v0.45.0 // indirect + golang.org/x/crypto v0.46.0 // indirect golang.org/x/mod v0.30.0 // indirect - golang.org/x/net v0.47.0 // indirect + golang.org/x/net v0.48.0 // indirect golang.org/x/sync v0.18.0 // indirect golang.org/x/sys v0.39.0 // indirect golang.org/x/tools v0.39.0 // indirect diff --git a/go.sum b/go.sum index 1c851c99..4893863b 100644 --- a/go.sum +++ b/go.sum @@ -37,13 +37,13 @@ github.com/xrash/smetrics v0.0.0-20250705151800-55b8f293f342/go.mod h1:Ohn+xnUBi go.uber.org/automaxprocs v1.6.0 h1:O3y2/QNTOdbF+e/dpXNNW7Rx2hZ4sTIPyybbxyNqTUs= go.uber.org/automaxprocs v1.6.0/go.mod h1:ifeIMSnPZuznNm6jmdzmU3/bfk01Fe2fotchwEFJ8r8= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= -golang.org/x/crypto v0.45.0 h1:jMBrvKuj23MTlT0bQEOBcAE0mjg8mK9RXFhRH6nyF3Q= -golang.org/x/crypto v0.45.0/go.mod h1:XTGrrkGJve7CYK7J8PEww4aY7gM3qMCElcJQ8n8JdX4= +golang.org/x/crypto v0.46.0 h1:cKRW/pmt1pKAfetfu+RCEvjvZkA9RimPbh7bhFjGVBU= +golang.org/x/crypto v0.46.0/go.mod h1:Evb/oLKmMraqjZ2iQTwDwvCtJkczlDuTmdJXoZVzqU0= golang.org/x/mod v0.30.0 h1:fDEXFVZ/fmCKProc/yAXXUijritrDzahmwwefnjoPFk= golang.org/x/mod v0.30.0/go.mod h1:lAsf5O2EvJeSFMiBxXDki7sCgAxEUcZHXoXMKT4GJKc= golang.org/x/net v0.0.0-20200202094626-16171245cfb2/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.47.0 h1:Mx+4dIFzqraBXUugkia1OOvlD6LemFo1ALMHjrXDOhY= -golang.org/x/net v0.47.0/go.mod h1:/jNxtkgq5yWUGYkaZGqo27cfGZ1c5Nen03aYrrKpVRU= +golang.org/x/net v0.48.0 h1:zyQRTTrjc33Lhh0fBgT/H3oZq9WuvRR5gPC70xpDiQU= +golang.org/x/net v0.48.0/go.mod h1:+ndRgGjkh8FGtu1w1FGbEC31if4VrNVMuKTgcAAnQRY= golang.org/x/sync v0.18.0 h1:kr88TuHDroi+UVf+0hZnirlk8o8T+4MrK6mr60WkH/I= golang.org/x/sync v0.18.0/go.mod h1:9KTHXmSnoGruLpwFjVSX0lNNA75CykiMECbovNTZqGI= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= From 2a54cfd9c7c2dfcbe137d43889088abcfdea8eec Mon Sep 17 00:00:00 2001 From: firefart <105281+firefart@users.noreply.github.com> Date: Tue, 23 Dec 2025 04:13:59 +0000 Subject: [PATCH 32/51] chore: update dependencies [automated] --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index 298147b8..ef88ecae 100644 --- a/go.mod +++ b/go.mod @@ -9,7 +9,7 @@ require ( github.com/urfave/cli/v2 v2.27.7 go.uber.org/automaxprocs v1.6.0 golang.org/x/term v0.38.0 - software.sslmate.com/src/go-pkcs12 v0.6.0 + software.sslmate.com/src/go-pkcs12 v0.7.0 ) require ( diff --git a/go.sum b/go.sum index 4893863b..a2826fe8 100644 --- a/go.sum +++ b/go.sum @@ -59,5 +59,5 @@ gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= mvdan.cc/gofumpt v0.9.2 h1:zsEMWL8SVKGHNztrx6uZrXdp7AX8r421Vvp23sz7ik4= mvdan.cc/gofumpt v0.9.2/go.mod h1:iB7Hn+ai8lPvofHd9ZFGVg2GOr8sBUw1QUWjNbmIL/s= -software.sslmate.com/src/go-pkcs12 v0.6.0 h1:f3sQittAeF+pao32Vb+mkli+ZyT+VwKaD014qFGq6oU= -software.sslmate.com/src/go-pkcs12 v0.6.0/go.mod h1:Qiz0EyvDRJjjxGyUQa2cCNZn/wMyzrRJ/qcDXOQazLI= +software.sslmate.com/src/go-pkcs12 v0.7.0 h1:Db8W44cB54TWD7stUFFSWxdfpdn6fZVcDl0w3R4RVM0= +software.sslmate.com/src/go-pkcs12 v0.7.0/go.mod h1:Qiz0EyvDRJjjxGyUQa2cCNZn/wMyzrRJ/qcDXOQazLI= From e46a1cde02c359149e264790c805240d705d62a3 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 5 Jan 2026 20:04:19 +0000 Subject: [PATCH 33/51] Bump dependabot/fetch-metadata from 2.4.0 to 2.5.0 Bumps [dependabot/fetch-metadata](https://github.com/dependabot/fetch-metadata) from 2.4.0 to 2.5.0. - [Release notes](https://github.com/dependabot/fetch-metadata/releases) - [Commits](https://github.com/dependabot/fetch-metadata/compare/v2.4.0...v2.5.0) --- updated-dependencies: - dependency-name: dependabot/fetch-metadata dependency-version: 2.5.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/auto-merge-dependabot.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/auto-merge-dependabot.yml b/.github/workflows/auto-merge-dependabot.yml index 1f60f78c..8f235796 100644 --- a/.github/workflows/auto-merge-dependabot.yml +++ b/.github/workflows/auto-merge-dependabot.yml @@ -19,7 +19,7 @@ jobs: steps: - name: Dependabot metadata id: metadata - uses: dependabot/fetch-metadata@v2.4.0 + uses: dependabot/fetch-metadata@v2.5.0 with: github-token: "${{ secrets.GITHUB_TOKEN }}" From 61879944be6ce840cd4a162207a0072235af9ba3 Mon Sep 17 00:00:00 2001 From: firefart <105281+firefart@users.noreply.github.com> Date: Fri, 9 Jan 2026 04:15:28 +0000 Subject: [PATCH 34/51] chore: update dependencies [automated] --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index ef88ecae..ec894a2f 100644 --- a/go.mod +++ b/go.mod @@ -23,7 +23,7 @@ require ( golang.org/x/mod v0.30.0 // indirect golang.org/x/net v0.48.0 // indirect golang.org/x/sync v0.18.0 // indirect - golang.org/x/sys v0.39.0 // indirect + golang.org/x/sys v0.40.0 // indirect golang.org/x/tools v0.39.0 // indirect mvdan.cc/gofumpt v0.9.2 // indirect ) diff --git a/go.sum b/go.sum index a2826fe8..a818ea30 100644 --- a/go.sum +++ b/go.sum @@ -48,8 +48,8 @@ golang.org/x/sync v0.18.0 h1:kr88TuHDroi+UVf+0hZnirlk8o8T+4MrK6mr60WkH/I= golang.org/x/sync v0.18.0/go.mod h1:9KTHXmSnoGruLpwFjVSX0lNNA75CykiMECbovNTZqGI= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.39.0 h1:CvCKL8MeisomCi6qNZ+wbb0DN9E5AATixKsvNtMoMFk= -golang.org/x/sys v0.39.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks= +golang.org/x/sys v0.40.0 h1:DBZZqJ2Rkml6QMQsZywtnjnnGvHza6BTfYFWY9kjEWQ= +golang.org/x/sys v0.40.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks= golang.org/x/term v0.38.0 h1:PQ5pkm/rLO6HnxFR7N2lJHOZX6Kez5Y1gDSJla6jo7Q= golang.org/x/term v0.38.0/go.mod h1:bSEAKrOT1W+VSu9TSCMtoGEOUcKxOKgl3LE5QEF/xVg= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= From ffbdd2d481da0f7a54f81b99aee9ed0853ab6923 Mon Sep 17 00:00:00 2001 From: firefart <105281+firefart@users.noreply.github.com> Date: Sat, 10 Jan 2026 04:11:04 +0000 Subject: [PATCH 35/51] chore: update dependencies [automated] --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index ec894a2f..3876c994 100644 --- a/go.mod +++ b/go.mod @@ -8,7 +8,7 @@ require ( github.com/pin/tftp/v3 v3.1.0 github.com/urfave/cli/v2 v2.27.7 go.uber.org/automaxprocs v1.6.0 - golang.org/x/term v0.38.0 + golang.org/x/term v0.39.0 software.sslmate.com/src/go-pkcs12 v0.7.0 ) diff --git a/go.sum b/go.sum index a818ea30..9c358b53 100644 --- a/go.sum +++ b/go.sum @@ -50,8 +50,8 @@ golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5h golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.40.0 h1:DBZZqJ2Rkml6QMQsZywtnjnnGvHza6BTfYFWY9kjEWQ= golang.org/x/sys v0.40.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks= -golang.org/x/term v0.38.0 h1:PQ5pkm/rLO6HnxFR7N2lJHOZX6Kez5Y1gDSJla6jo7Q= -golang.org/x/term v0.38.0/go.mod h1:bSEAKrOT1W+VSu9TSCMtoGEOUcKxOKgl3LE5QEF/xVg= +golang.org/x/term v0.39.0 h1:RclSuaJf32jOqZz74CkPA9qFuVTX7vhLlpfj/IGWlqY= +golang.org/x/term v0.39.0/go.mod h1:yxzUCTP/U+FzoxfdKmLaA0RV1WgE0VY7hXBwKtY/4ww= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/tools v0.39.0 h1:ik4ho21kwuQln40uelmciQPp9SipgNDdrafrYA4TmQQ= golang.org/x/tools v0.39.0/go.mod h1:JnefbkDPyD8UU2kI5fuf8ZX4/yUeh9W877ZeBONxUqQ= From e133b196cc592383a86c43296442ba5870cc75cd Mon Sep 17 00:00:00 2001 From: firefart <105281+firefart@users.noreply.github.com> Date: Tue, 13 Jan 2026 04:15:41 +0000 Subject: [PATCH 36/51] chore: update dependencies [automated] --- go.mod | 4 ++-- go.sum | 8 ++++---- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/go.mod b/go.mod index 3876c994..909d6042 100644 --- a/go.mod +++ b/go.mod @@ -19,9 +19,9 @@ require ( github.com/mattn/go-isatty v0.0.20 // indirect github.com/russross/blackfriday/v2 v2.1.0 // indirect github.com/xrash/smetrics v0.0.0-20250705151800-55b8f293f342 // indirect - golang.org/x/crypto v0.46.0 // indirect + golang.org/x/crypto v0.47.0 // indirect golang.org/x/mod v0.30.0 // indirect - golang.org/x/net v0.48.0 // indirect + golang.org/x/net v0.49.0 // indirect golang.org/x/sync v0.18.0 // indirect golang.org/x/sys v0.40.0 // indirect golang.org/x/tools v0.39.0 // indirect diff --git a/go.sum b/go.sum index 9c358b53..7ac7c10d 100644 --- a/go.sum +++ b/go.sum @@ -37,13 +37,13 @@ github.com/xrash/smetrics v0.0.0-20250705151800-55b8f293f342/go.mod h1:Ohn+xnUBi go.uber.org/automaxprocs v1.6.0 h1:O3y2/QNTOdbF+e/dpXNNW7Rx2hZ4sTIPyybbxyNqTUs= go.uber.org/automaxprocs v1.6.0/go.mod h1:ifeIMSnPZuznNm6jmdzmU3/bfk01Fe2fotchwEFJ8r8= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= -golang.org/x/crypto v0.46.0 h1:cKRW/pmt1pKAfetfu+RCEvjvZkA9RimPbh7bhFjGVBU= -golang.org/x/crypto v0.46.0/go.mod h1:Evb/oLKmMraqjZ2iQTwDwvCtJkczlDuTmdJXoZVzqU0= +golang.org/x/crypto v0.47.0 h1:V6e3FRj+n4dbpw86FJ8Fv7XVOql7TEwpHapKoMJ/GO8= +golang.org/x/crypto v0.47.0/go.mod h1:ff3Y9VzzKbwSSEzWqJsJVBnWmRwRSHt/6Op5n9bQc4A= golang.org/x/mod v0.30.0 h1:fDEXFVZ/fmCKProc/yAXXUijritrDzahmwwefnjoPFk= golang.org/x/mod v0.30.0/go.mod h1:lAsf5O2EvJeSFMiBxXDki7sCgAxEUcZHXoXMKT4GJKc= golang.org/x/net v0.0.0-20200202094626-16171245cfb2/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.48.0 h1:zyQRTTrjc33Lhh0fBgT/H3oZq9WuvRR5gPC70xpDiQU= -golang.org/x/net v0.48.0/go.mod h1:+ndRgGjkh8FGtu1w1FGbEC31if4VrNVMuKTgcAAnQRY= +golang.org/x/net v0.49.0 h1:eeHFmOGUTtaaPSGNmjBKpbng9MulQsJURQUAfUwY++o= +golang.org/x/net v0.49.0/go.mod h1:/ysNB2EvaqvesRkuLAyjI1ycPZlQHM3q01F02UY/MV8= golang.org/x/sync v0.18.0 h1:kr88TuHDroi+UVf+0hZnirlk8o8T+4MrK6mr60WkH/I= golang.org/x/sync v0.18.0/go.mod h1:9KTHXmSnoGruLpwFjVSX0lNNA75CykiMECbovNTZqGI= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= From 9a59c46291d1adf23eb6e2ec42adc4e6bb967d3a Mon Sep 17 00:00:00 2001 From: firefart <105281+firefart@users.noreply.github.com> Date: Mon, 9 Feb 2026 04:40:03 +0000 Subject: [PATCH 37/51] chore: update dependencies [automated] --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index 909d6042..aa138cd7 100644 --- a/go.mod +++ b/go.mod @@ -23,7 +23,7 @@ require ( golang.org/x/mod v0.30.0 // indirect golang.org/x/net v0.49.0 // indirect golang.org/x/sync v0.18.0 // indirect - golang.org/x/sys v0.40.0 // indirect + golang.org/x/sys v0.41.0 // indirect golang.org/x/tools v0.39.0 // indirect mvdan.cc/gofumpt v0.9.2 // indirect ) diff --git a/go.sum b/go.sum index 7ac7c10d..1820a39a 100644 --- a/go.sum +++ b/go.sum @@ -48,8 +48,8 @@ golang.org/x/sync v0.18.0 h1:kr88TuHDroi+UVf+0hZnirlk8o8T+4MrK6mr60WkH/I= golang.org/x/sync v0.18.0/go.mod h1:9KTHXmSnoGruLpwFjVSX0lNNA75CykiMECbovNTZqGI= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.40.0 h1:DBZZqJ2Rkml6QMQsZywtnjnnGvHza6BTfYFWY9kjEWQ= -golang.org/x/sys v0.40.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks= +golang.org/x/sys v0.41.0 h1:Ivj+2Cp/ylzLiEU89QhWblYnOE9zerudt9Ftecq2C6k= +golang.org/x/sys v0.41.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks= golang.org/x/term v0.39.0 h1:RclSuaJf32jOqZz74CkPA9qFuVTX7vhLlpfj/IGWlqY= golang.org/x/term v0.39.0/go.mod h1:yxzUCTP/U+FzoxfdKmLaA0RV1WgE0VY7hXBwKtY/4ww= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= From b5b15812f39163bb26caa2b2250b9e7966125349 Mon Sep 17 00:00:00 2001 From: firefart <105281+firefart@users.noreply.github.com> Date: Tue, 10 Feb 2026 04:43:03 +0000 Subject: [PATCH 38/51] chore: update dependencies [automated] --- go.mod | 6 +++--- go.sum | 12 ++++++------ 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/go.mod b/go.mod index aa138cd7..db02d2f3 100644 --- a/go.mod +++ b/go.mod @@ -8,7 +8,7 @@ require ( github.com/pin/tftp/v3 v3.1.0 github.com/urfave/cli/v2 v2.27.7 go.uber.org/automaxprocs v1.6.0 - golang.org/x/term v0.39.0 + golang.org/x/term v0.40.0 software.sslmate.com/src/go-pkcs12 v0.7.0 ) @@ -19,9 +19,9 @@ require ( github.com/mattn/go-isatty v0.0.20 // indirect github.com/russross/blackfriday/v2 v2.1.0 // indirect github.com/xrash/smetrics v0.0.0-20250705151800-55b8f293f342 // indirect - golang.org/x/crypto v0.47.0 // indirect + golang.org/x/crypto v0.48.0 // indirect golang.org/x/mod v0.30.0 // indirect - golang.org/x/net v0.49.0 // indirect + golang.org/x/net v0.50.0 // indirect golang.org/x/sync v0.18.0 // indirect golang.org/x/sys v0.41.0 // indirect golang.org/x/tools v0.39.0 // indirect diff --git a/go.sum b/go.sum index 1820a39a..1ea97990 100644 --- a/go.sum +++ b/go.sum @@ -37,21 +37,21 @@ github.com/xrash/smetrics v0.0.0-20250705151800-55b8f293f342/go.mod h1:Ohn+xnUBi go.uber.org/automaxprocs v1.6.0 h1:O3y2/QNTOdbF+e/dpXNNW7Rx2hZ4sTIPyybbxyNqTUs= go.uber.org/automaxprocs v1.6.0/go.mod h1:ifeIMSnPZuznNm6jmdzmU3/bfk01Fe2fotchwEFJ8r8= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= -golang.org/x/crypto v0.47.0 h1:V6e3FRj+n4dbpw86FJ8Fv7XVOql7TEwpHapKoMJ/GO8= -golang.org/x/crypto v0.47.0/go.mod h1:ff3Y9VzzKbwSSEzWqJsJVBnWmRwRSHt/6Op5n9bQc4A= +golang.org/x/crypto v0.48.0 h1:/VRzVqiRSggnhY7gNRxPauEQ5Drw9haKdM0jqfcCFts= +golang.org/x/crypto v0.48.0/go.mod h1:r0kV5h3qnFPlQnBSrULhlsRfryS2pmewsg+XfMgkVos= golang.org/x/mod v0.30.0 h1:fDEXFVZ/fmCKProc/yAXXUijritrDzahmwwefnjoPFk= golang.org/x/mod v0.30.0/go.mod h1:lAsf5O2EvJeSFMiBxXDki7sCgAxEUcZHXoXMKT4GJKc= golang.org/x/net v0.0.0-20200202094626-16171245cfb2/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.49.0 h1:eeHFmOGUTtaaPSGNmjBKpbng9MulQsJURQUAfUwY++o= -golang.org/x/net v0.49.0/go.mod h1:/ysNB2EvaqvesRkuLAyjI1ycPZlQHM3q01F02UY/MV8= +golang.org/x/net v0.50.0 h1:ucWh9eiCGyDR3vtzso0WMQinm2Dnt8cFMuQa9K33J60= +golang.org/x/net v0.50.0/go.mod h1:UgoSli3F/pBgdJBHCTc+tp3gmrU4XswgGRgtnwWTfyM= golang.org/x/sync v0.18.0 h1:kr88TuHDroi+UVf+0hZnirlk8o8T+4MrK6mr60WkH/I= golang.org/x/sync v0.18.0/go.mod h1:9KTHXmSnoGruLpwFjVSX0lNNA75CykiMECbovNTZqGI= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.41.0 h1:Ivj+2Cp/ylzLiEU89QhWblYnOE9zerudt9Ftecq2C6k= golang.org/x/sys v0.41.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks= -golang.org/x/term v0.39.0 h1:RclSuaJf32jOqZz74CkPA9qFuVTX7vhLlpfj/IGWlqY= -golang.org/x/term v0.39.0/go.mod h1:yxzUCTP/U+FzoxfdKmLaA0RV1WgE0VY7hXBwKtY/4ww= +golang.org/x/term v0.40.0 h1:36e4zGLqU4yhjlmxEaagx2KuYbJq3EwY8K943ZsHcvg= +golang.org/x/term v0.40.0/go.mod h1:w2P8uVp06p2iyKKuvXIm7N/y0UCRt3UfJTfZ7oOpglM= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/tools v0.39.0 h1:ik4ho21kwuQln40uelmciQPp9SipgNDdrafrYA4TmQQ= golang.org/x/tools v0.39.0/go.mod h1:JnefbkDPyD8UU2kI5fuf8ZX4/yUeh9W877ZeBONxUqQ= From 9eb6eb84308d9d25ee881e100053af52d7a7b69c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 23 Feb 2026 21:56:51 +0000 Subject: [PATCH 39/51] Bump goreleaser/goreleaser-action from 6.4.0 to 7.0.0 Bumps [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action) from 6.4.0 to 7.0.0. - [Release notes](https://github.com/goreleaser/goreleaser-action/releases) - [Commits](https://github.com/goreleaser/goreleaser-action/compare/v6.4.0...v7.0.0) --- updated-dependencies: - dependency-name: goreleaser/goreleaser-action dependency-version: 7.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 1b40132c..5a19b00c 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -26,7 +26,7 @@ jobs: go-version: "stable" - name: Run GoReleaser - uses: goreleaser/goreleaser-action@v6.4.0 + uses: goreleaser/goreleaser-action@v7.0.0 with: distribution: goreleaser version: latest From 608c9381937ec084d7651470673e9977834c8288 Mon Sep 17 00:00:00 2001 From: firefart <105281+firefart@users.noreply.github.com> Date: Mon, 23 Feb 2026 23:16:55 +0100 Subject: [PATCH 40/51] lint --- go.mod | 6 +++--- go.sum | 12 ++++++------ gobusterdir/gobusterdir.go | 2 +- gobusterfuzz/gobusterfuzz.go | 2 +- gobustervhost/gobustervhost.go | 2 +- libgobuster/helpers.go | 2 +- libgobuster/http.go | 2 +- libgobuster/options_http.go | 2 +- vhs/server.go | 4 ++-- 9 files changed, 17 insertions(+), 17 deletions(-) diff --git a/go.mod b/go.mod index db02d2f3..adc648d6 100644 --- a/go.mod +++ b/go.mod @@ -20,11 +20,11 @@ require ( github.com/russross/blackfriday/v2 v2.1.0 // indirect github.com/xrash/smetrics v0.0.0-20250705151800-55b8f293f342 // indirect golang.org/x/crypto v0.48.0 // indirect - golang.org/x/mod v0.30.0 // indirect + golang.org/x/mod v0.33.0 // indirect golang.org/x/net v0.50.0 // indirect - golang.org/x/sync v0.18.0 // indirect + golang.org/x/sync v0.19.0 // indirect golang.org/x/sys v0.41.0 // indirect - golang.org/x/tools v0.39.0 // indirect + golang.org/x/tools v0.42.0 // indirect mvdan.cc/gofumpt v0.9.2 // indirect ) diff --git a/go.sum b/go.sum index 1ea97990..8a4895be 100644 --- a/go.sum +++ b/go.sum @@ -39,13 +39,13 @@ go.uber.org/automaxprocs v1.6.0/go.mod h1:ifeIMSnPZuznNm6jmdzmU3/bfk01Fe2fotchwE golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.48.0 h1:/VRzVqiRSggnhY7gNRxPauEQ5Drw9haKdM0jqfcCFts= golang.org/x/crypto v0.48.0/go.mod h1:r0kV5h3qnFPlQnBSrULhlsRfryS2pmewsg+XfMgkVos= -golang.org/x/mod v0.30.0 h1:fDEXFVZ/fmCKProc/yAXXUijritrDzahmwwefnjoPFk= -golang.org/x/mod v0.30.0/go.mod h1:lAsf5O2EvJeSFMiBxXDki7sCgAxEUcZHXoXMKT4GJKc= +golang.org/x/mod v0.33.0 h1:tHFzIWbBifEmbwtGz65eaWyGiGZatSrT9prnU8DbVL8= +golang.org/x/mod v0.33.0/go.mod h1:swjeQEj+6r7fODbD2cqrnje9PnziFuw4bmLbBZFrQ5w= golang.org/x/net v0.0.0-20200202094626-16171245cfb2/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.50.0 h1:ucWh9eiCGyDR3vtzso0WMQinm2Dnt8cFMuQa9K33J60= golang.org/x/net v0.50.0/go.mod h1:UgoSli3F/pBgdJBHCTc+tp3gmrU4XswgGRgtnwWTfyM= -golang.org/x/sync v0.18.0 h1:kr88TuHDroi+UVf+0hZnirlk8o8T+4MrK6mr60WkH/I= -golang.org/x/sync v0.18.0/go.mod h1:9KTHXmSnoGruLpwFjVSX0lNNA75CykiMECbovNTZqGI= +golang.org/x/sync v0.19.0 h1:vV+1eWNmZ5geRlYjzm2adRgW2/mcpevXNg50YZtPCE4= +golang.org/x/sync v0.19.0/go.mod h1:9KTHXmSnoGruLpwFjVSX0lNNA75CykiMECbovNTZqGI= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.41.0 h1:Ivj+2Cp/ylzLiEU89QhWblYnOE9zerudt9Ftecq2C6k= @@ -53,8 +53,8 @@ golang.org/x/sys v0.41.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks= golang.org/x/term v0.40.0 h1:36e4zGLqU4yhjlmxEaagx2KuYbJq3EwY8K943ZsHcvg= golang.org/x/term v0.40.0/go.mod h1:w2P8uVp06p2iyKKuvXIm7N/y0UCRt3UfJTfZ7oOpglM= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= -golang.org/x/tools v0.39.0 h1:ik4ho21kwuQln40uelmciQPp9SipgNDdrafrYA4TmQQ= -golang.org/x/tools v0.39.0/go.mod h1:JnefbkDPyD8UU2kI5fuf8ZX4/yUeh9W877ZeBONxUqQ= +golang.org/x/tools v0.42.0 h1:uNgphsn75Tdz5Ji2q36v/nsFSfR/9BRFvqhGBaJGd5k= +golang.org/x/tools v0.42.0/go.mod h1:Ma6lCIwGZvHK6XtgbswSoWroEkhugApmsXyrUmBhfr0= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= mvdan.cc/gofumpt v0.9.2 h1:zsEMWL8SVKGHNztrx6uZrXdp7AX8r421Vvp23sz7ik4= diff --git a/gobusterdir/gobusterdir.go b/gobusterdir/gobusterdir.go index 13b0152c..bd683711 100644 --- a/gobusterdir/gobusterdir.go +++ b/gobusterdir/gobusterdir.go @@ -310,7 +310,7 @@ func (d *GobusterDir) ProcessWord(ctx context.Context, word string, progress *li if d.options.BodyOutputDir != "" && body != nil { fname := libgobuster.SanitizeFilename(fmt.Sprintf("%s_%d.html", strings.Trim(entity, "/"), statusCode)) fpath := filepath.Join(d.options.BodyOutputDir, fname) - err := os.WriteFile(fpath, body, 0o600) + err := os.WriteFile(fpath, body, 0o600) // nolint:gosec if err != nil { progress.MessageChan <- libgobuster.Message{ Level: libgobuster.LevelError, diff --git a/gobusterfuzz/gobusterfuzz.go b/gobusterfuzz/gobusterfuzz.go index 1f5e45d0..f30c55d0 100644 --- a/gobusterfuzz/gobusterfuzz.go +++ b/gobusterfuzz/gobusterfuzz.go @@ -197,7 +197,7 @@ func (d *GobusterFuzz) ProcessWord(ctx context.Context, word string, progress *l if d.options.BodyOutputDir != "" && body != nil { fname := libgobuster.SanitizeFilename(fmt.Sprintf("%s_%d.html", strings.Trim(word, "/"), statusCode)) fpath := filepath.Join(d.options.BodyOutputDir, fname) - err := os.WriteFile(fpath, body, 0o600) + err := os.WriteFile(fpath, body, 0o600) // nolint:gosec if err != nil { progress.MessageChan <- libgobuster.Message{ Level: libgobuster.LevelError, diff --git a/gobustervhost/gobustervhost.go b/gobustervhost/gobustervhost.go index cfebc279..113d7744 100644 --- a/gobustervhost/gobustervhost.go +++ b/gobustervhost/gobustervhost.go @@ -204,7 +204,7 @@ func (v *GobusterVhost) ProcessWord(ctx context.Context, word string, progress * if v.options.BodyOutputDir != "" && body != nil { fname := libgobuster.SanitizeFilename(fmt.Sprintf("%s_%d.html", strings.Trim(word, "/"), statusCode)) fpath := filepath.Join(v.options.BodyOutputDir, fname) - err := os.WriteFile(fpath, body, 0o600) + err := os.WriteFile(fpath, body, 0o600) // nolint:gosec if err != nil { progress.MessageChan <- libgobuster.Message{ Level: libgobuster.LevelError, diff --git a/libgobuster/helpers.go b/libgobuster/helpers.go index 09f4f960..6e7e0b2c 100644 --- a/libgobuster/helpers.go +++ b/libgobuster/helpers.go @@ -86,7 +86,7 @@ func lineCounter(r io.Reader) (int, error) { // store last character received if we got any bytes if c > 0 { - lastChar = buf[c-1] + lastChar = buf[c-1] // nolint:gosec } switch { diff --git a/libgobuster/http.go b/libgobuster/http.go index 9a80e0a5..2e97bad0 100644 --- a/libgobuster/http.go +++ b/libgobuster/http.go @@ -226,7 +226,7 @@ func (client *HTTPClient) makeRequest(ctx context.Context, fullURL url.URL, opts client.logger.Debugf("%s", dump) } - resp, err := client.client.Do(req) + resp, err := client.client.Do(req) // nolint:gosec if err != nil { var ue *url.Error if errors.As(err, &ue) { diff --git a/libgobuster/options_http.go b/libgobuster/options_http.go index 52067a09..e50e497a 100644 --- a/libgobuster/options_http.go +++ b/libgobuster/options_http.go @@ -23,7 +23,7 @@ type BasicHTTPOptions struct { // HTTPOptions is the struct to pass in all http options to Gobuster type HTTPOptions struct { BasicHTTPOptions - Password string + Password string // nolint:gosec URL *url.URL Username string Cookies string diff --git a/vhs/server.go b/vhs/server.go index 749fa97f..c1a5e4be 100644 --- a/vhs/server.go +++ b/vhs/server.go @@ -41,8 +41,8 @@ func main() { })}) x.routes = append(x.routes, &route{regexp.MustCompile(`^/`), http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { w.WriteHeader(http.StatusOK) - if _, err := w.Write([]byte(r.URL.Path)); err != nil { - log.Fatal(err.Error()) + if _, err := w.Write([]byte(r.URL.Path)); err != nil { // nolint:gosec + log.Fatal(err.Error()) // nolint:gosec } })}) From 3637493c2709c1455bf6890cb91fae93b9079e7d Mon Sep 17 00:00:00 2001 From: firefart <105281+firefart@users.noreply.github.com> Date: Thu, 26 Feb 2026 04:32:43 +0000 Subject: [PATCH 41/51] chore: update dependencies [automated] --- go.mod | 4 ++-- go.sum | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/go.mod b/go.mod index adc648d6..8ae05fe8 100644 --- a/go.mod +++ b/go.mod @@ -1,6 +1,6 @@ module github.com/OJ/gobuster/v3 -go 1.25 +go 1.25.0 require ( github.com/fatih/color v1.18.0 @@ -21,7 +21,7 @@ require ( github.com/xrash/smetrics v0.0.0-20250705151800-55b8f293f342 // indirect golang.org/x/crypto v0.48.0 // indirect golang.org/x/mod v0.33.0 // indirect - golang.org/x/net v0.50.0 // indirect + golang.org/x/net v0.51.0 // indirect golang.org/x/sync v0.19.0 // indirect golang.org/x/sys v0.41.0 // indirect golang.org/x/tools v0.42.0 // indirect diff --git a/go.sum b/go.sum index 8a4895be..443b7e0d 100644 --- a/go.sum +++ b/go.sum @@ -42,8 +42,8 @@ golang.org/x/crypto v0.48.0/go.mod h1:r0kV5h3qnFPlQnBSrULhlsRfryS2pmewsg+XfMgkVo golang.org/x/mod v0.33.0 h1:tHFzIWbBifEmbwtGz65eaWyGiGZatSrT9prnU8DbVL8= golang.org/x/mod v0.33.0/go.mod h1:swjeQEj+6r7fODbD2cqrnje9PnziFuw4bmLbBZFrQ5w= golang.org/x/net v0.0.0-20200202094626-16171245cfb2/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.50.0 h1:ucWh9eiCGyDR3vtzso0WMQinm2Dnt8cFMuQa9K33J60= -golang.org/x/net v0.50.0/go.mod h1:UgoSli3F/pBgdJBHCTc+tp3gmrU4XswgGRgtnwWTfyM= +golang.org/x/net v0.51.0 h1:94R/GTO7mt3/4wIKpcR5gkGmRLOuE/2hNGeWq/GBIFo= +golang.org/x/net v0.51.0/go.mod h1:aamm+2QF5ogm02fjy5Bb7CQ0WMt1/WVM7FtyaTLlA9Y= golang.org/x/sync v0.19.0 h1:vV+1eWNmZ5geRlYjzm2adRgW2/mcpevXNg50YZtPCE4= golang.org/x/sync v0.19.0/go.mod h1:9KTHXmSnoGruLpwFjVSX0lNNA75CykiMECbovNTZqGI= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= From f1d49e3b56d1d2cf78267d5cd1aa72d798ea0a62 Mon Sep 17 00:00:00 2001 From: firefart <105281+firefart@users.noreply.github.com> Date: Fri, 27 Feb 2026 04:31:56 +0000 Subject: [PATCH 42/51] chore: update dependencies [automated] --- go.mod | 2 +- go.sum | 8 ++------ 2 files changed, 3 insertions(+), 7 deletions(-) diff --git a/go.mod b/go.mod index 8ae05fe8..18b990eb 100644 --- a/go.mod +++ b/go.mod @@ -5,7 +5,7 @@ go 1.25.0 require ( github.com/fatih/color v1.18.0 github.com/google/uuid v1.6.0 - github.com/pin/tftp/v3 v3.1.0 + github.com/pin/tftp/v3 v3.2.0 github.com/urfave/cli/v2 v2.27.7 go.uber.org/automaxprocs v1.6.0 golang.org/x/term v0.40.0 diff --git a/go.sum b/go.sum index 443b7e0d..0636e7ab 100644 --- a/go.sum +++ b/go.sum @@ -18,8 +18,8 @@ github.com/mattn/go-colorable v0.1.14 h1:9A9LHSqF/7dyVVX6g0U9cwm9pG3kP9gSzcuIPHP github.com/mattn/go-colorable v0.1.14/go.mod h1:6LmQG8QLFO4G5z1gPvYEzlUgJ2wF+stgPZH1UqBm1s8= github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY= github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y= -github.com/pin/tftp/v3 v3.1.0 h1:rQaxd4pGwcAJnpId8zC+O2NX3B2/NscjDZQaqEjuE7c= -github.com/pin/tftp/v3 v3.1.0/go.mod h1:xwQaN4viYL019tM4i8iecm++5cGxSqen6AJEOEyEI0w= +github.com/pin/tftp/v3 v3.2.0 h1:q6K5G6T0TA7e3wDJsB/7VpD3iaWwVEJD/nEuh3q9Sk0= +github.com/pin/tftp/v3 v3.2.0/go.mod h1:qc5ySXB5aOS1H6ULneqB4g5nshqV1CgeV/l/M6rEDms= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/prashantv/gostub v1.1.0 h1:BTyx3RfQjRHnUWaGF9oQos79AlQ5k8WNktv7VGvVH4g= @@ -36,23 +36,19 @@ github.com/xrash/smetrics v0.0.0-20250705151800-55b8f293f342 h1:FnBeRrxr7OU4VvAz github.com/xrash/smetrics v0.0.0-20250705151800-55b8f293f342/go.mod h1:Ohn+xnUBiLI6FVj/9LpzZWtj1/D6lUovWYBkxHVV3aM= go.uber.org/automaxprocs v1.6.0 h1:O3y2/QNTOdbF+e/dpXNNW7Rx2hZ4sTIPyybbxyNqTUs= go.uber.org/automaxprocs v1.6.0/go.mod h1:ifeIMSnPZuznNm6jmdzmU3/bfk01Fe2fotchwEFJ8r8= -golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.48.0 h1:/VRzVqiRSggnhY7gNRxPauEQ5Drw9haKdM0jqfcCFts= golang.org/x/crypto v0.48.0/go.mod h1:r0kV5h3qnFPlQnBSrULhlsRfryS2pmewsg+XfMgkVos= golang.org/x/mod v0.33.0 h1:tHFzIWbBifEmbwtGz65eaWyGiGZatSrT9prnU8DbVL8= golang.org/x/mod v0.33.0/go.mod h1:swjeQEj+6r7fODbD2cqrnje9PnziFuw4bmLbBZFrQ5w= -golang.org/x/net v0.0.0-20200202094626-16171245cfb2/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.51.0 h1:94R/GTO7mt3/4wIKpcR5gkGmRLOuE/2hNGeWq/GBIFo= golang.org/x/net v0.51.0/go.mod h1:aamm+2QF5ogm02fjy5Bb7CQ0WMt1/WVM7FtyaTLlA9Y= golang.org/x/sync v0.19.0 h1:vV+1eWNmZ5geRlYjzm2adRgW2/mcpevXNg50YZtPCE4= golang.org/x/sync v0.19.0/go.mod h1:9KTHXmSnoGruLpwFjVSX0lNNA75CykiMECbovNTZqGI= -golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.41.0 h1:Ivj+2Cp/ylzLiEU89QhWblYnOE9zerudt9Ftecq2C6k= golang.org/x/sys v0.41.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks= golang.org/x/term v0.40.0 h1:36e4zGLqU4yhjlmxEaagx2KuYbJq3EwY8K943ZsHcvg= golang.org/x/term v0.40.0/go.mod h1:w2P8uVp06p2iyKKuvXIm7N/y0UCRt3UfJTfZ7oOpglM= -golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/tools v0.42.0 h1:uNgphsn75Tdz5Ji2q36v/nsFSfR/9BRFvqhGBaJGd5k= golang.org/x/tools v0.42.0/go.mod h1:Ma6lCIwGZvHK6XtgbswSoWroEkhugApmsXyrUmBhfr0= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= From 26ed236c7860f1f55eaf6485004e104d61a6c56a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 4 Mar 2026 20:22:50 +0000 Subject: [PATCH 43/51] Bump docker/login-action from 3 to 4 Bumps [docker/login-action](https://github.com/docker/login-action) from 3 to 4. - [Release notes](https://github.com/docker/login-action/releases) - [Commits](https://github.com/docker/login-action/compare/v3...v4) --- updated-dependencies: - dependency-name: docker/login-action dependency-version: '4' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/docker.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index 3bcae17a..b432b5c8 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -26,7 +26,7 @@ jobs: uses: docker/setup-buildx-action@v3 - name: Login to GitHub Container Registry - uses: docker/login-action@v3 + uses: docker/login-action@v4 with: registry: ghcr.io username: ${{ github.repository_owner }} From fc40744660f5b0a1989c942f6beb888663d3c573 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 4 Mar 2026 20:22:55 +0000 Subject: [PATCH 44/51] Bump docker/setup-qemu-action from 3 to 4 Bumps [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action) from 3 to 4. - [Release notes](https://github.com/docker/setup-qemu-action/releases) - [Commits](https://github.com/docker/setup-qemu-action/compare/v3...v4) --- updated-dependencies: - dependency-name: docker/setup-qemu-action dependency-version: '4' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/docker.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index 3bcae17a..43d7b4e3 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -20,7 +20,7 @@ jobs: uses: actions/checkout@v6 - name: Set up QEMU - uses: docker/setup-qemu-action@v3 + uses: docker/setup-qemu-action@v4 - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 From df3d15a6a30d8f57ee142bce44a607db78a8d9fc Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 5 Mar 2026 20:22:55 +0000 Subject: [PATCH 45/51] Bump docker/setup-buildx-action from 3 to 4 Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 3 to 4. - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](https://github.com/docker/setup-buildx-action/compare/v3...v4) --- updated-dependencies: - dependency-name: docker/setup-buildx-action dependency-version: '4' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/docker.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index 2479d052..65ddb3e3 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -23,7 +23,7 @@ jobs: uses: docker/setup-qemu-action@v4 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 + uses: docker/setup-buildx-action@v4 - name: Login to GitHub Container Registry uses: docker/login-action@v4 From 31007a92360608e23fadb9bc7ac09dac87e5d298 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 6 Mar 2026 20:22:57 +0000 Subject: [PATCH 46/51] Bump docker/build-push-action from 6 to 7 Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 6 to 7. - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](https://github.com/docker/build-push-action/compare/v6...v7) --- updated-dependencies: - dependency-name: docker/build-push-action dependency-version: '7' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/docker.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index 2479d052..d9b30e81 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -33,7 +33,7 @@ jobs: password: ${{ secrets.GITHUB_TOKEN }} - name: Build and push - uses: docker/build-push-action@v6 + uses: docker/build-push-action@v7 with: push: true platforms: linux/amd64,linux/arm/v7,linux/arm64/v8,linux/386,linux/ppc64le From 664746cb6ed32abf27cad3a503e1d3d51d3fbdb5 Mon Sep 17 00:00:00 2001 From: firefart <105281+firefart@users.noreply.github.com> Date: Mon, 9 Mar 2026 04:34:10 +0000 Subject: [PATCH 47/51] chore: update dependencies [automated] --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index 18b990eb..64622fcd 100644 --- a/go.mod +++ b/go.mod @@ -23,7 +23,7 @@ require ( golang.org/x/mod v0.33.0 // indirect golang.org/x/net v0.51.0 // indirect golang.org/x/sync v0.19.0 // indirect - golang.org/x/sys v0.41.0 // indirect + golang.org/x/sys v0.42.0 // indirect golang.org/x/tools v0.42.0 // indirect mvdan.cc/gofumpt v0.9.2 // indirect ) diff --git a/go.sum b/go.sum index 0636e7ab..9d23b5c1 100644 --- a/go.sum +++ b/go.sum @@ -45,8 +45,8 @@ golang.org/x/net v0.51.0/go.mod h1:aamm+2QF5ogm02fjy5Bb7CQ0WMt1/WVM7FtyaTLlA9Y= golang.org/x/sync v0.19.0 h1:vV+1eWNmZ5geRlYjzm2adRgW2/mcpevXNg50YZtPCE4= golang.org/x/sync v0.19.0/go.mod h1:9KTHXmSnoGruLpwFjVSX0lNNA75CykiMECbovNTZqGI= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.41.0 h1:Ivj+2Cp/ylzLiEU89QhWblYnOE9zerudt9Ftecq2C6k= -golang.org/x/sys v0.41.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks= +golang.org/x/sys v0.42.0 h1:omrd2nAlyT5ESRdCLYdm3+fMfNFE/+Rf4bDIQImRJeo= +golang.org/x/sys v0.42.0/go.mod h1:4GL1E5IUh+htKOUEOaiffhrAeqysfVGipDYzABqnCmw= golang.org/x/term v0.40.0 h1:36e4zGLqU4yhjlmxEaagx2KuYbJq3EwY8K943ZsHcvg= golang.org/x/term v0.40.0/go.mod h1:w2P8uVp06p2iyKKuvXIm7N/y0UCRt3UfJTfZ7oOpglM= golang.org/x/tools v0.42.0 h1:uNgphsn75Tdz5Ji2q36v/nsFSfR/9BRFvqhGBaJGd5k= From fd0b169b3bcee984021f60c55e400797188a25f9 Mon Sep 17 00:00:00 2001 From: firefart <105281+firefart@users.noreply.github.com> Date: Thu, 12 Mar 2026 04:31:52 +0000 Subject: [PATCH 48/51] chore: update dependencies [automated] --- go.mod | 6 +++--- go.sum | 12 ++++++------ 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/go.mod b/go.mod index 64622fcd..79f1ae28 100644 --- a/go.mod +++ b/go.mod @@ -8,7 +8,7 @@ require ( github.com/pin/tftp/v3 v3.2.0 github.com/urfave/cli/v2 v2.27.7 go.uber.org/automaxprocs v1.6.0 - golang.org/x/term v0.40.0 + golang.org/x/term v0.41.0 software.sslmate.com/src/go-pkcs12 v0.7.0 ) @@ -19,9 +19,9 @@ require ( github.com/mattn/go-isatty v0.0.20 // indirect github.com/russross/blackfriday/v2 v2.1.0 // indirect github.com/xrash/smetrics v0.0.0-20250705151800-55b8f293f342 // indirect - golang.org/x/crypto v0.48.0 // indirect + golang.org/x/crypto v0.49.0 // indirect golang.org/x/mod v0.33.0 // indirect - golang.org/x/net v0.51.0 // indirect + golang.org/x/net v0.52.0 // indirect golang.org/x/sync v0.19.0 // indirect golang.org/x/sys v0.42.0 // indirect golang.org/x/tools v0.42.0 // indirect diff --git a/go.sum b/go.sum index 9d23b5c1..c99a6464 100644 --- a/go.sum +++ b/go.sum @@ -36,19 +36,19 @@ github.com/xrash/smetrics v0.0.0-20250705151800-55b8f293f342 h1:FnBeRrxr7OU4VvAz github.com/xrash/smetrics v0.0.0-20250705151800-55b8f293f342/go.mod h1:Ohn+xnUBiLI6FVj/9LpzZWtj1/D6lUovWYBkxHVV3aM= go.uber.org/automaxprocs v1.6.0 h1:O3y2/QNTOdbF+e/dpXNNW7Rx2hZ4sTIPyybbxyNqTUs= go.uber.org/automaxprocs v1.6.0/go.mod h1:ifeIMSnPZuznNm6jmdzmU3/bfk01Fe2fotchwEFJ8r8= -golang.org/x/crypto v0.48.0 h1:/VRzVqiRSggnhY7gNRxPauEQ5Drw9haKdM0jqfcCFts= -golang.org/x/crypto v0.48.0/go.mod h1:r0kV5h3qnFPlQnBSrULhlsRfryS2pmewsg+XfMgkVos= +golang.org/x/crypto v0.49.0 h1:+Ng2ULVvLHnJ/ZFEq4KdcDd/cfjrrjjNSXNzxg0Y4U4= +golang.org/x/crypto v0.49.0/go.mod h1:ErX4dUh2UM+CFYiXZRTcMpEcN8b/1gxEuv3nODoYtCA= golang.org/x/mod v0.33.0 h1:tHFzIWbBifEmbwtGz65eaWyGiGZatSrT9prnU8DbVL8= golang.org/x/mod v0.33.0/go.mod h1:swjeQEj+6r7fODbD2cqrnje9PnziFuw4bmLbBZFrQ5w= -golang.org/x/net v0.51.0 h1:94R/GTO7mt3/4wIKpcR5gkGmRLOuE/2hNGeWq/GBIFo= -golang.org/x/net v0.51.0/go.mod h1:aamm+2QF5ogm02fjy5Bb7CQ0WMt1/WVM7FtyaTLlA9Y= +golang.org/x/net v0.52.0 h1:He/TN1l0e4mmR3QqHMT2Xab3Aj3L9qjbhRm78/6jrW0= +golang.org/x/net v0.52.0/go.mod h1:R1MAz7uMZxVMualyPXb+VaqGSa3LIaUqk0eEt3w36Sw= golang.org/x/sync v0.19.0 h1:vV+1eWNmZ5geRlYjzm2adRgW2/mcpevXNg50YZtPCE4= golang.org/x/sync v0.19.0/go.mod h1:9KTHXmSnoGruLpwFjVSX0lNNA75CykiMECbovNTZqGI= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.42.0 h1:omrd2nAlyT5ESRdCLYdm3+fMfNFE/+Rf4bDIQImRJeo= golang.org/x/sys v0.42.0/go.mod h1:4GL1E5IUh+htKOUEOaiffhrAeqysfVGipDYzABqnCmw= -golang.org/x/term v0.40.0 h1:36e4zGLqU4yhjlmxEaagx2KuYbJq3EwY8K943ZsHcvg= -golang.org/x/term v0.40.0/go.mod h1:w2P8uVp06p2iyKKuvXIm7N/y0UCRt3UfJTfZ7oOpglM= +golang.org/x/term v0.41.0 h1:QCgPso/Q3RTJx2Th4bDLqML4W6iJiaXFq2/ftQF13YU= +golang.org/x/term v0.41.0/go.mod h1:3pfBgksrReYfZ5lvYM0kSO0LIkAl4Yl2bXOkKP7Ec2A= golang.org/x/tools v0.42.0 h1:uNgphsn75Tdz5Ji2q36v/nsFSfR/9BRFvqhGBaJGd5k= golang.org/x/tools v0.42.0/go.mod h1:Ma6lCIwGZvHK6XtgbswSoWroEkhugApmsXyrUmBhfr0= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= From 1f9081f41ab420786766da2737d144f211fa4939 Mon Sep 17 00:00:00 2001 From: firefart <105281+firefart@users.noreply.github.com> Date: Sat, 21 Mar 2026 04:29:45 +0000 Subject: [PATCH 49/51] chore: update dependencies [automated] --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index 79f1ae28..f09009f5 100644 --- a/go.mod +++ b/go.mod @@ -3,7 +3,7 @@ module github.com/OJ/gobuster/v3 go 1.25.0 require ( - github.com/fatih/color v1.18.0 + github.com/fatih/color v1.19.0 github.com/google/uuid v1.6.0 github.com/pin/tftp/v3 v3.2.0 github.com/urfave/cli/v2 v2.27.7 diff --git a/go.sum b/go.sum index c99a6464..951d1af1 100644 --- a/go.sum +++ b/go.sum @@ -2,8 +2,8 @@ github.com/cpuguy83/go-md2man/v2 v2.0.7 h1:zbFlGlXEAKlwXpmvle3d8Oe3YnkKIK4xSRTd3 github.com/cpuguy83/go-md2man/v2 v2.0.7/go.mod h1:oOW0eioCTA6cOiMLiUPZOpcVxMig6NIQQ7OS05n1F4g= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/fatih/color v1.18.0 h1:S8gINlzdQ840/4pfAwic/ZE0djQEH3wM94VfqLTZcOM= -github.com/fatih/color v1.18.0/go.mod h1:4FelSpRwEGDpQ12mAdzqdOukCy4u8WUtOY6lkT/6HfU= +github.com/fatih/color v1.19.0 h1:Zp3PiM21/9Ld6FzSKyL5c/BULoe/ONr9KlbYVOfG8+w= +github.com/fatih/color v1.19.0/go.mod h1:zNk67I0ZUT1bEGsSGyCZYZNrHuTkJJB+r6Q9VuMi0LE= github.com/go-quicktest/qt v1.101.0 h1:O1K29Txy5P2OK0dGo59b7b0LR6wKfIhttaAhHUyn7eI= github.com/go-quicktest/qt v1.101.0/go.mod h1:14Bz/f7NwaXPtdYEgzsx46kqSxVwTbzVZsDC26tQJow= github.com/google/go-cmp v0.7.0 h1:wk8382ETsv4JYUZwIsn6YpYiWiBsYLSJiTsyBybVuN8= From a7f5b587528db312b9786bbc55b2c3ef4b1c44e9 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 26 Mar 2026 20:23:06 +0000 Subject: [PATCH 50/51] Bump dependabot/fetch-metadata from 2.5.0 to 3.0.0 Bumps [dependabot/fetch-metadata](https://github.com/dependabot/fetch-metadata) from 2.5.0 to 3.0.0. - [Release notes](https://github.com/dependabot/fetch-metadata/releases) - [Commits](https://github.com/dependabot/fetch-metadata/compare/v2.5.0...v3.0.0) --- updated-dependencies: - dependency-name: dependabot/fetch-metadata dependency-version: 3.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/auto-merge-dependabot.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/auto-merge-dependabot.yml b/.github/workflows/auto-merge-dependabot.yml index 8f235796..61116038 100644 --- a/.github/workflows/auto-merge-dependabot.yml +++ b/.github/workflows/auto-merge-dependabot.yml @@ -19,7 +19,7 @@ jobs: steps: - name: Dependabot metadata id: metadata - uses: dependabot/fetch-metadata@v2.5.0 + uses: dependabot/fetch-metadata@v3.0.0 with: github-token: "${{ secrets.GITHUB_TOKEN }}" From 98243875231a8c849f9e23b1fdb0dd5705954fd2 Mon Sep 17 00:00:00 2001 From: firefart <105281+firefart@users.noreply.github.com> Date: Thu, 9 Apr 2026 04:45:14 +0000 Subject: [PATCH 51/51] chore: update dependencies [automated] --- go.mod | 4 ++-- go.sum | 9 ++++----- 2 files changed, 6 insertions(+), 7 deletions(-) diff --git a/go.mod b/go.mod index f09009f5..8c45bc16 100644 --- a/go.mod +++ b/go.mod @@ -16,14 +16,14 @@ require ( github.com/cpuguy83/go-md2man/v2 v2.0.7 // indirect github.com/google/go-cmp v0.7.0 // indirect github.com/mattn/go-colorable v0.1.14 // indirect - github.com/mattn/go-isatty v0.0.20 // indirect + github.com/mattn/go-isatty v0.0.21 // indirect github.com/russross/blackfriday/v2 v2.1.0 // indirect github.com/xrash/smetrics v0.0.0-20250705151800-55b8f293f342 // indirect golang.org/x/crypto v0.49.0 // indirect golang.org/x/mod v0.33.0 // indirect golang.org/x/net v0.52.0 // indirect golang.org/x/sync v0.19.0 // indirect - golang.org/x/sys v0.42.0 // indirect + golang.org/x/sys v0.43.0 // indirect golang.org/x/tools v0.42.0 // indirect mvdan.cc/gofumpt v0.9.2 // indirect ) diff --git a/go.sum b/go.sum index 951d1af1..07d8842a 100644 --- a/go.sum +++ b/go.sum @@ -16,8 +16,8 @@ github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= github.com/mattn/go-colorable v0.1.14 h1:9A9LHSqF/7dyVVX6g0U9cwm9pG3kP9gSzcuIPHPsaIE= github.com/mattn/go-colorable v0.1.14/go.mod h1:6LmQG8QLFO4G5z1gPvYEzlUgJ2wF+stgPZH1UqBm1s8= -github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY= -github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y= +github.com/mattn/go-isatty v0.0.21 h1:xYae+lCNBP7QuW4PUnNG61ffM4hVIfm+zUzDuSzYLGs= +github.com/mattn/go-isatty v0.0.21/go.mod h1:ZXfXG4SQHsB/w3ZeOYbR0PrPwLy+n6xiMrJlRFqopa4= github.com/pin/tftp/v3 v3.2.0 h1:q6K5G6T0TA7e3wDJsB/7VpD3iaWwVEJD/nEuh3q9Sk0= github.com/pin/tftp/v3 v3.2.0/go.mod h1:qc5ySXB5aOS1H6ULneqB4g5nshqV1CgeV/l/M6rEDms= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= @@ -44,9 +44,8 @@ golang.org/x/net v0.52.0 h1:He/TN1l0e4mmR3QqHMT2Xab3Aj3L9qjbhRm78/6jrW0= golang.org/x/net v0.52.0/go.mod h1:R1MAz7uMZxVMualyPXb+VaqGSa3LIaUqk0eEt3w36Sw= golang.org/x/sync v0.19.0 h1:vV+1eWNmZ5geRlYjzm2adRgW2/mcpevXNg50YZtPCE4= golang.org/x/sync v0.19.0/go.mod h1:9KTHXmSnoGruLpwFjVSX0lNNA75CykiMECbovNTZqGI= -golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.42.0 h1:omrd2nAlyT5ESRdCLYdm3+fMfNFE/+Rf4bDIQImRJeo= -golang.org/x/sys v0.42.0/go.mod h1:4GL1E5IUh+htKOUEOaiffhrAeqysfVGipDYzABqnCmw= +golang.org/x/sys v0.43.0 h1:Rlag2XtaFTxp19wS8MXlJwTvoh8ArU6ezoyFsMyCTNI= +golang.org/x/sys v0.43.0/go.mod h1:4GL1E5IUh+htKOUEOaiffhrAeqysfVGipDYzABqnCmw= golang.org/x/term v0.41.0 h1:QCgPso/Q3RTJx2Th4bDLqML4W6iJiaXFq2/ftQF13YU= golang.org/x/term v0.41.0/go.mod h1:3pfBgksrReYfZ5lvYM0kSO0LIkAl4Yl2bXOkKP7Ec2A= golang.org/x/tools v0.42.0 h1:uNgphsn75Tdz5Ji2q36v/nsFSfR/9BRFvqhGBaJGd5k=