v2.0-beta

Release Notes: Version 2.0-beta

This version includes a series of significant updates and improvements that enhance the toolset's efficiency and functionality. Below are the details of the changes included in this release.

What's New

README.md Updates

• Updated Content: The README.md now reflects the addition of new tools and updates to existing ones.
  • Closed Issue: #14

Installation Script Enhancements

• Tool and Configuration Checks: We've introduced checks for the presence of tools, wordlists, and configurations before installations or updates, ensuring a smoother setup process.

  • Closes Issue: #3
  • Contributors: @h4r5h1t, @mr-vill4in

• Tool Installation Commands: Updated and optimized to ensure compatibility and efficiency.

  • Replacements and Updates: Enhanced the toolset by incorporating more robust and versatile utilities:
    • Replaced Sublist3r with SUBLIST3R_V2.0.
    • Consolidated URL discovery tools by replacing gau/gauplus and waybackurls with waymore.
    • Reintroduced gau following the discontinuation of gauplus.
  • Path Updates: Corrected paths for lfi.txt payload and gf patterns within the Garud tool.
  • Version Updates: Updated the command for installing amass_linux_i386 to the latest version.
  • Contributor: @0x71rex

Webcopilot Configuration

• Tool Changes: Added the uro tool to filter out duplicate endpoints, streamlining data processing.

  • Closes Issue: #8
  • Contributor: @0x71rex

• Flag Updates: Enhanced functionality and flexibility in command-line options:

  • Introduced -v flag for checking tool versions.
  • Added -f flag to specify a file containing subdomains, effectively addressing and closing Issues #1 and #4.
  • Deprecated the -s flag; subdomain enumeration is now the default behavior.
  • Implemented the -a flag to automatically initiate complete enumeration by default, addressing and closing Issue #16.

Contributors

@0x71rex, @mr-vill4in, @Pxmme and @CicadaMikoto.

Acknowledgments

Thank you to our community for the continuous feedback and support that helps us improve and push boundaries with each version.

v1.0.1

WebCopilot v1.0.1 - Security Patch

Release Highlights:

• Fixed a critical remote code execution vulnerability reported by Jaggar Henry, enhancing the tool's security when scanning third-party domains.

Acknowledgements:

Special thanks to Jaggar Henry for the responsible disclosure of this issue.

Upgrade Guide:

Users are advised to update to v1.0.1 immediately. For details, see the README or run webcopilot -h.

Your feedback and contributions help make WebCopilot safer and better.

v1.0.0

WebCopilot v1.0.0

We are excited to announce the first official release of WebCopilot, v1.0.0. WebCopilot is a comprehensive tool designed for security professionals and penetration testers to automate the process of subdomain enumeration and vulnerability scanning.

Features:

• Subdomain Enumeration: Leverages popular tools like assetfinder, sublist3r, subfinder, and amass to discover subdomains efficiently.
• Active Scanning: Utilizes gobuster for DNS brute-forcing to uncover active subdomains.
• Vulnerability Scanning: Integrates with tools like httpx, nuclei, and dalfox to identify potential security vulnerabilities in identified subdomains.
• Reporting: Generates detailed reports, including subdomain lists, live endpoints, and potential vulnerabilities for further analysis.

Usage:

WebCopilot is designed to be user-friendly with a straightforward CLI interface. For detailed usage instructions, please refer to the README.md file or use the -h flag to get help directly in the terminal.

Note:

This release marks the beginning of official versioning for WebCopilot. Future releases will include more features, enhancements, and fixes based on community feedback and ongoing development.

We welcome contributions, feedback, and suggestions from the community to make WebCopilot even better. Please feel free to open issues or pull requests on GitHub.

Thank you for supporting WebCopilot!