Merge branch 'edoardottt:main' into trufflehog

Author: hugo-syn

README.md

@@ -38,6 +38,7 @@ Installation 📡
 ----------
 
 ### Homebrew
+
 ```
 brew install cariddi
 ```
@@ -180,7 +181,44 @@ Examples 💡
   - use `powershell.exe -Command "cat urls | .\cariddi.exe"` inside the Command prompt
   - or just `cat urls | cariddi.exe` using PowerShell
 
-- To integrate cariddi with Burpsuite [follow these steps](https://github.com/edoardottt/cariddi/wiki/BurpSuite-Integration).
+- To integrate cariddi with Burpsuite [follow these steps](https://github.com/edoardottt/cariddi/wiki/BurpSuite-Integration) or click the button below:
+
+<details>
+  <summary>Integrate cariddi with Burpsuite</summary>
+
+   Normally you use Burpsuite within your browser, so you just have to trust the burpsuite's certificate in the browser and you're done.  
+   In order to use cariddi with the BurpSuite proxy you should do some steps further.  
+
+   If you try to use cariddi with the option `-proxy http://127.0.0.1:8080` you will find this error in the burpsuite error log section:  
+
+   ```bash
+   Received fatal alert: bad_certificate (or something similar related to the certificate).
+   ```
+
+   To make cariddi working fine with Burpsuite you have also to trust the certificate within your entire pc, not just only the browser. These are the steps you have to follow:
+
+   Go to Proxy tab in Bupsuite, then Options. Click on the CA Certificate button and export Certificate in DER format  
+
+   ```bash
+   openssl x509 -in burp.der -inform DER -out burp.pem -outform PEM
+   sudo chown root:root burp.pem
+   sudo chmod 644 burp.pem
+   sudo cp burp.pem /usr/local/share/ca-certificates/
+   sudo c_rehash
+   cd /etc/ssl/certs/
+   sudo ln -s /usr/local/share/ca-certificates/burp.pem
+   sudo c_rehash .
+   ```
+
+   Source: Trust Burp Proxy certificate in Debian/Ubuntu  
+
+   After these steps, in order to use cariddi with Burpsuite you have to:  
+
+   1. Open Burpsuite, making sure that the proxy is listening.  
+   2. Use cariddi with the flag `-proxy http://127.0.0.1:8080`.  
+   3. You will see that requests and responses will be logged in Burpsuite.
+
+</details>
 
 Changelog 📌
 -------
@@ -202,7 +240,7 @@ If there aren't errors, go ahead :)
 
 **Help me building this!**
 
-Special thanks to: [go-colly](http://go-colly.org/), [ocervell](https://github.com/ocervell), [zricethezav](https://github.com/zricethezav/gitleaks/blob/master/config/default.go), [projectdiscovery](https://github.com/projectdiscovery/nuclei-templates/tree/master/file/keys), [tomnomnom](https://github.com/tomnomnom/gf/tree/master/examples), [RegexPassive](https://github.com/hahwul/RegexPassive) and [all the contributors](https://github.com/edoardottt/cariddi/wiki/Contributors).
+Special thanks to: [go-colly](http://go-colly.org/), [ocervell](https://github.com/ocervell), [zricethezav](https://github.com/gitleaks/gitleaks/blob/master/config/gitleaks.toml), [projectdiscovery](https://github.com/projectdiscovery/nuclei-templates/tree/master/file/keys), [tomnomnom](https://github.com/tomnomnom/gf/tree/master/examples), [RegexPassive](https://github.com/hahwul/RegexPassive) and [all the contributors](https://github.com/edoardottt/cariddi/wiki/Contributors).
 
 License 📝
 -------

internal/slice/slice_test.go

@@ -50,6 +50,11 @@ func TestRemoveDuplicateValues(t *testing.T) {
 			slice: nil,
 			want:  []string{},
 		},
+		{
+			name:  "one element",
+			slice: []string{"a"},
+			want:  []string{"a"},
+		},
 		{
 			name:  "withous duplicates",
 			slice: []string{"a", "b", "c"},
@@ -133,7 +138,7 @@ func TestCheckCookies(t *testing.T) {
 			},
 		},
 		{
-			name:  "several paris",
+			name:  "several pairs",
 			input: "name1:some_value@1;name_2:some$%_value@",
 			want: []*http.Cookie{
 				{
@@ -146,6 +151,24 @@ func TestCheckCookies(t *testing.T) {
 				},
 			},
 		},
+		{
+			name:  "several pairs 2",
+			input: "name1:some_value@1;name_2:some$%_value@;name_3:somevalueeeeee",
+			want: []*http.Cookie{
+				{
+					Name:  "name1",
+					Value: "some_value@1",
+				},
+				{
+					Name:  "name_2",
+					Value: "some$%_value@",
+				},
+				{
+					Name:  "name_3",
+					Value: "somevalueeeeee",
+				},
+			},
+		},
 		{
 			name:  "some pairs are not valid",
 			input: "name1:value:_1;name;2:value2;name_3:value_3",

pkg/crawler/useragents.go

@@ -37,7 +37,9 @@ import (
 
 // genOsString generates a random OS string for a User Agent.
 func genOsString() string {
-	rand.Seed(time.Now().UnixNano())
+	source := rand.NewSource(time.Now().UnixNano())
+	rng := rand.New(source)
+
 	// Operating system.
 	var OsStrings = []string{
 		"Macintosh; Intel Mac OS X 10_10",
@@ -48,15 +50,43 @@ func genOsString() string {
 		"X11; Linux x86_64",
 	}
 
-	return OsStrings[rand.Intn(len(OsStrings))]
+	return OsStrings[rng.Intn(len(OsStrings))]
 }
 
 // genFirefoxUA generates a random Firefox User Agent.
 func genFirefoxUA() string {
-	rand.Seed(time.Now().UnixNano())
+	source := rand.NewSource(time.Now().UnixNano())
+	rng := rand.New(source)
 
 	// Firefox versions.
 	var FirefoxVersions = []float32{
+		127.0,
+		126.0,
+		124.0,
+		123.0,
+		122.0,
+		121.0,
+		120.0,
+		119.0,
+		118.0,
+		117.0,
+		116.0,
+		115.0,
+		114.0,
+		113.0,
+		112.0,
+		111.0,
+		110.0,
+		109.0,
+		108.0,
+		107.0,
+		106.0,
+		105.0,
+		104.0,
+		103.0,
+		102.0,
+		101.0,
+		100.0,
 		58.0,
 		57.0,
 		56.0,
@@ -66,25 +96,50 @@ func genFirefoxUA() string {
 		35.0,
 	}
 
-	version := FirefoxVersions[rand.Intn(len(FirefoxVersions))]
+	version := FirefoxVersions[rng.Intn(len(FirefoxVersions))]
 
 	return fmt.Sprintf("Mozilla/5.0 (%s; rv:%.1f) Gecko/20100101 Firefox/%.1f", genOsString(), version, version)
 }
 
 // genChromeUA generates a random Chrome User Agent.
 func genChromeUA() string {
-	rand.Seed(time.Now().UnixNano())
+	source := rand.NewSource(time.Now().UnixNano())
+	rng := rand.New(source)
 
 	// Chrome versions.
 	var ChromeVersions = []string{
+		"126.0.6478.126",
+		"124.0.6367.60",
+		"123.0.6312.105",
+		"121.0.6167.160",
+		"120.0.6099.199",
+		"119.0.6045.199",
+		"118.0.5993.70",
+		"117.0.5938.149",
+		"116.0.5845.140",
+		"115.0.5790.170",
+		"114.0.5735.90",
+		"113.0.5672.126",
+		"112.0.5615.137",
+		"111.0.5563.110",
+		"109.0.5414.119",
+		"108.0.5359.94",
+		"107.0.5304.62",
+		"106.0.5249.15",
+		"105.0.5195.51",
+		"104.0.5112.105",
+		"103.0.5060.2",
+		"102.0.5005.156",
+		"101.0.4951.69",
+		"100.0.4896.163",
 		"65.0.3325.146",
 		"64.0.3282.0",
 		"41.0.2228.0",
 		"40.0.2214.93",
 		"37.0.2062.124",
 	}
 
-	version := ChromeVersions[rand.Intn(len(ChromeVersions))]
+	version := ChromeVersions[rng.Intn(len(ChromeVersions))]
 
 	return fmt.Sprintf("Mozilla/5.0 (%s) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/%s Safari/537.36",
 		genOsString(), version)
@@ -93,9 +148,10 @@ func genChromeUA() string {
 // GenerateRandomUserAgent generates a random user agent
 // (can be Chrome or Firefox).
 func GenerateRandomUserAgent() string {
-	rand.Seed(time.Now().UnixNano())
+	source := rand.NewSource(time.Now().UnixNano())
+	rng := rand.New(source)
 
-	decision := rand.Intn(100)
+	decision := rng.Intn(100)
 
 	var ua string
 	if decision%2 == 0 {

pkg/output/banner.go

@@ -35,7 +35,7 @@ import (
 
 // nolint: checknoglobals
 const (
-	version = "v1.3.4"
+	version = "v1.3.5"
 	banner  = `                 _     _     _ _ 
                 (_)   | |   | (_)
    ___ __ _ _ __ _  __| | __| |_