Feature: Site crawling

[0x27]

Another nice feature to have would be the ability to crawl/spider a site. See also: #10, #11

[cainiaocome]

disagree with crawling, form parsing , url list handling.

this is not what one tool should do, these job should be done independently and then feed to tqlmap.

tplmap should not be a universal attack platform, it should just be tplinjection detect and exploit tool.

[0x27]

@cainiaocome - Perhaps. To be fair, if #1 gets closed, it actually resolves the requirement for those functionalities pretty much for most users.

If one could feed the tool HTTP requests (i.e. a Burp/ZAP log), and just let it work away on that, you offload all the spidering nonsense to Burp/Zap entirely. Might be more sensible option than the --crawl --forms ideas :)

[epinna]

Burp integration is now implemented (see #27 ).

[0x27]

This closes all of them. Currently test driving the Burp plugin. Took a bit of work to get Jython working properly, but whoa, this thing works phenomenally well :D

[epinna]

Thanks for the tests then :)