Uniscan v6.

2 date 18/08/2012

- Improve HTTPS (SSL) requests.

- Bugfix on crawler.
- Bugfix on checkupdate() function to accept versions 6.2.001 .002 and etc.
- uniscan_gui.pl rewritten.
- Bugfix on Blind SQL Injection plug-in (less false-positive).
- Bugfix on plug-in 9_directoryAdd.pm.
- Add Multi-language support.
- Added new feature: feeding the crawler with parsing the file sitemap.xml.
- Added new feature: added index.php in report directory to show saved reports.

Uniscan v6.1 date 27/07/2012

- Added -w 4 on ping command of Server information module.

- Small bugfix on crawler.
- Bugfix on SQL injection plugin.
- Bugfix on Blind SQL injection plugin.
- Added a new test on Blind SQL injecion plugin.
- Added option to show crawling ignored files.
- Removed fews extensions of "find Backup files" plugin.
- Added option to write all requests done by uniscan on requests.txt.
- Improved FCKeditor plugin.
- Improved checkBackup plugin.
- Added new plugin for crawler: timthumb vulnerability.
- Added new plugin for dynamic tests: timthumb vulnerability.
- Removed a bug that crashed the threads.

Uniscan v6.0 date 18/05/2012

- Crawler improved (a lot bug fix).

- Google seach back to Uniscan.
- Added Web server information module.
- Added Server information module.
- Added simple Web client (index.php).
- Added New Plugin "FCKeditor" for crawler.
- Added New Plugin "FCKeditor" for dynamic tests.
- Added New Plugin "PHP CGI Argument Injection" for dynamic tests.
- Added Auto-update.
- Added simple HTML report.
- Added detection of redirection.
- Added Simple TK GUI.
- Improved plug-in Webshell finder (less false-positive)
- Improved uniscan.pl, now uniscan.pl try detect if a host is responding before
doing the scanning.
- Find for Drupal, Joomla and Wordpress plugins when banner-grabbing detect on of
this CMS.

This release has a great help from Roberto Neves.

Uniscan v5.4 date 02/04/2012

- Crawler improved.
- 4 plug-ins updated.
Uniscan v5.3 date 01/02/2012

- Bug fix on Functions.pm reported by Bl4ck5w4n :-)

- Removed Google search
- Added 4 new plug-ins
- Added a script to download configuration files by LFI.

Uniscan v5.2 date 11/11/2011

- added new regex in crawler

- Bug fix in plig-in SQL-injection

uniscan v5.1 date 01/11/2011

- Added Google search

- Added Bing search
- Bug fix in function get_file()

Uniscan v5.0 date: 05/10/2011

- Redesigned the scanner architecture to support plugins system.

- Bug fix in crawler.
- Added Plugin to identify upload forms.
- Added Plugin to source code disclosure.
- Added Plugin to identify external hosts.
- Added a small module to stress test.

Uniscan v4.3 date: 09/09/2011

- Added URL encode option in configuration file for all tests.

- Bug fix in crawler.

Uniscan v4.2 date: 01/09/2011

- Added Basic access authentication.

- Added Cookie based authentication.
- Added Check for new version.
- Added other Regex in crawler to detect links without quotes(<a href=page.html>).
- Bug fix in crawler.
- Improved Blind SQL-injection detection.
- Improve system threads to be faster.

Uniscan v4.1 date: 23/08/2011

- Bug fix in crawler.

Uniscan v4.0 date: 22/08/2011

- Uniscan is now Modularized.
- Added directory checks.
- Added file checks.
- Added PUT method enabled check.
- Bug fix in crawler when found ../ directory.
- Crawler support POST method.
- Configuration by file uniscan.conf.
- Added checks for backup of files found by crawler.
- Added Blind SQL-i checks.
- Added static RCE, RFI, LFI checks.
- Crawler improved by checking /robots.txt.
- improved XSS vulnerability detection.
- improved SQL-i vulnerability detection.

Uniscan v3.2 date: 03/08/2011

- bug fix in function add_form().

- More detailed log file.

Uniscan v3.1 date: 02/08/2011

- bug fix in XSS detection by GET method.

Uniscan v3.0 date: 01/08/2011

- Secure Socket Layer(SSL) support.

- Identification of LFI and RFI vulnerabilities in Windows environments.
- Option to use proxy.
- Configuration via parameters
-h help
-u <url> example: https://www.example.com/
-f <file> with list of url's
-T <Maximun threads> default: 15
-v <Maximun variation> number of a page, default: 2
-t <timeout> of a connection in seconds, default: 10
-r <Maximun requests> of the crawler, default: 15000
-s <Maximun size> of one request in bytes, default: 1048576 [1MB]
-o <output file> default: Vuls.txt
-b Uniscan go to background
-p <proxy host> example: www.example.com
-l <proxy port> example: 8080

Uniscan v2.1 date: 21/07/2011

- Added two new tests for Remote Command Execution(RCE) Vulnerability.

- File c.txt is now hosted on the project site

Uniscan v2.0 date: 12/07/2011

- Added test for SQL Injection vulnerabilities (SQL-i).
- Added tests for vulnerabilities to Cross-Site Scripting (XSS).
- Added new extensions to be ignored by the crawler.
- Amendment in the detection system vulnerabilities.
- Changes in the function mix () to generate the tests.
- Added two new regular expressions to identify links.

Uniscan v1.2 date: 21/06/2011

- Bugfix in the use of threads in the crawler.

- Fixed bug in identifying the of crawler pages.
- Bugfix in function add_form ().
- Fixed bug in identifying urls.

Uniscan v1.1 date: 20/06/2011

- Implementation of threads in the crawler.

- Fixing bugs in the use of threads in the vulnerabilities tests.

Uniscan v1.0 date: 18/06/2011

- First version of Uniscan