Changelog
After hard work we are proud to release our next major release of FlowMate! We put a lot of effort into integrating new features and fixing bugs along the way. The changelog below gives an overview of new features.
Release was updated on 2024-04-03 with new pre-built jar due to hotfix being applied to main branch
Features
- AuditFindings
- New heuristics have been added which can lead to an audit finding, including: CrossContentTypeAudit, CrossScopeAudit, HeaderMatchAudit, KeywordMatchAudit, LongDistanceMatchAudit
- Audit findings are now persisted within the burp state and loaded on the start of FlowMate
- AdditionalQueriesTab
- Add new query for parameter names and a checkbox to optionally query with sessions
- Sessions
- Sessions defined in the Session tab are now persisted in the neo4j database and connected accordingly to found InputValues/ParameterMatches/MatchValues
- NoiseReduction
- Added new tab inside of FlowMate in which regex rules can be defined to reduce the noise while matching parameters
- InputValues affected by the rules are not matched and shown as excluded in the Query tab
- The rules are persisted in the burp state
- Default rules are loaded the first time FlowMate is initialized in a burp state
- DeferMatching
- The GettingStarted tab now includes the functionality to match in "Deferred Matching" mode
- While active, FlowMate does not match parameters while browsing, instead matches can be identified later via the "Match now" button
- This approach significantly improves the loading time of websites while FlowMate is running
- Purge Database
- The GettingStarted tab now includes a button to purge the neo4j database and reset FlowMate to it's initial state
- With this feature FlowMate can be easily resetted if a new burp project has been created
- Initializing on existing burp state
- FlowMate can now be initialized on an existing burp state. It will ignore all past requests and responses in the history.
Bugfixes
- Fixed many bugs since the last release and introduction of new features