Dokholliday#19
Conversation
|
This is an awesome PR. Will definitely review it once I finish my ongoing project(s). Thank you for your contribution! |
|
I reviewed the PR and I really appreciate the effort you put into this! While the features you've introduced are impressive, I've encountered a few concerns. Unfortunately, the current implementation produces a significant number of false positives, particularly in the POST data payloads, which affects the precision of the tool. The inclusion of ML and AI is an interesting approach, but it feels a bit overkill for this use case and isn't strictly necessary. In practice, the generated payloads are often invalid, which may be due to insufficient or inconsistent training data provided to the model. On the other hand, the updated report format is a nice touch. However, since this tool is focused primarily on bug bounty/ security researchers, the CLI visuals are usually more than enough. I won’t be closing this PR, as I don't want to shut the door on your contribution. I encourage you to refine the approach or explore ways to reduce the noise and improve the mentioned issues. Thanks again for your work! |
|
I totally didn't even mean for this to be seen by anyone!! my bad!!! I appreciate the kind words though. I have done a lot since then also.... I don't know. I'll share it when i get back to my computer at home. I wasn't going to share it with anyone.... hahaha.. I'm just obsessed with trying to find prototype pollution as of late... |
|
sorry.. I wasn't trying to change your tool... I was trying to save something of my own... my bad... |
2 participants
No description provided.