Home
Consulting
Advisories
Software
Articles
Contact

PHP Vulnerability Hunter Change Log

Overview | Screenshots | Guide | Download | Change Log

1.2.0.2
Fixed crash caused by space in path name

1.2.0.1
Added tooltips to GUI
Added input map report
Added automatic error reporting
Added connection timeout setting
Added port setting
Added code coverage accuracy options
Added static analysis phase
Added dynamic function call/class instantiation scan
Added superglobal hook option
Added repair mode
Minor CLI tweaks
Changed default timeout to 60 seconds
Scan mode and input count now shown with each response
Several improvements to code annotation
Updated help menu shortcut to point to local copy of guide
Several launcher improvements
Improved XSS scan
Reports and dumps are now written to subdirectory
Alert messages are now sanitized to remove beep chars
Fixed GUI window size
Fixed client connection error handling
Fixed multiple http implementation bugs

1.1.4.6
Added code coverage report
Updated GUI validation
Several instrumentation fixes
Fixed lingering connection issue
Fixed GUI and report viewer crashes related to working directory

1.1.3.1
Improved arbitrary upload scan
Improved local file inclusion scan
Improved input discovery
Updated crawler
Added report viewer captured data filter
Added option to dump all HTTP messages
Added option to toggle alert beep
Added help option to GUI
Several report viewer UI tweaks
Minor CLI tweaks
Several preloading fixes
Several file scan fixes
Http implementation fixes
Fixed endless loop in input discovery
Fixed GUI crash bug
Fixed unhook crash bug
Fixed connection error handling

1.1.0.6
Cross-site scripting scan enabled in trial version
Http client fix
Several improvements to local file inclusion/arbitrary read scan
Several preloading fixes
Fixed bug in command scan
Added run assistant
Renamed PHPVHLauncher to PHPVH-GUI
Fixed minor interface bugs
Skinned and tweaked interface of report viewer

1.0.9.1
Hooking algorithm fix
File scan improvements
Local file inclusion scan improvements
Fixed post scan cleanup fixes
Fixed bug caused by capitlizing PHP in opening tags
Application now pauses after displaying instructions
XSS scan algorithm fixes
Open redirect scan algorithm added
Fixed bug with -s option
Added GUI launcher
Http implementation fixes

1.0.6.7
Several improvements to file scan algorithm
Several improvements to XSS scan algorithm
Added full path disclosure algorithm
Updated help
Http client fixes
Updated interface

1.0.5.7
Fixed issue file scan caused by document root being on a drive other than C
Fixed issue with XSS anchors not properly incrementing
Several improvements made to SQL injection monitoring
Added cookie value fuzzing
* option added for application path
Added log viewer
Added -v command line option to open viewer upon scan completion
Added new fuzz strings to arbitrary PHP execution scan
Improved arbitrary PHP execution scan algorithm
Fixed bug that caused false positives in arbitary PHP execution scan
Made discovery report optional with -d argument
Several updates to the command scan
Updated hook file
Hook algorithm updates
Several hooking bug fixes
Local file inclusion scan updates

1.0.2.2
Scan algorithm updates that improve the effectiveness of every type of scan
Updated report naming scheme to improve readability
Updated directions
Added user friendly error messages
Minor interface updates
Removed SQL error warnings
Fixed several crash bugs
Miscellaneous bug fixes

1.0.0.9
Added scan overview report
Updated SQL injection scan
Updated command scan
Minor interface updates
Fixed bug caused by use of <? open tag

1.0.0.0
Initial release





Copyright © 2018 AutoSec Tools LLC