Version 1.1.4 - Body Parameter Concatenation Fix

Changelog

• Body Parameter Concatenation Fix by @CrispyJonesDev (PR #11)
• Upgraded deps afb5725

Version 1.1.3 - Raw HTTP Request File Fixes

Changelog

• TInjA now prefers scheme/host from the http request's path, if specified 8c83911 (Thanks @double16 for pointing this out #9)
• fixed http flag 8c83911
• updated deps dd8fbb4

Version 1.1.2 - Specify Headers to Test

Specify Headers to Test for Template Injection

--testheaders has been introduced as a new flag. It takes one or more comma-separated header names as argument. The specified headers are used to test for template injection.
Example: --testheaders Host,Origin,X-Forwarded-For

Changelog

• added --testheaders flag dd4657f
• updated dependencies 7974f63

Version 1.1.1 - Fixed runtime error

Changelog

A runtime error was fixed (#7) c192aa1

Version 1.1.0 - Hybrid Approach and Raw HTTP Request Files

TInjA now uses the "hybrid approach"

Polyglots enable efficient scanning, but may be susceptible to false positives. For this reason, a verification request is sent after a template injection has been detected and the template engine has been identified. This verification request contains a template expression tailored to the template engine.

Raw Read Function

TInjA can now read raw HTTP request files. So you can, for example, save a HTTP request from your favorite proxy tool and import it with TInjA using tinja raw -R "/path/to/file".

Thanks @n00b-bot for this feature! PR 1

Miscellaneous

• smaller bugfixes
• improved the report and output
• upgraded dependencies
• fixed typos

Version 1.0.5 -- First Public Release

Available binaries:

• Windows amd64
• Linux amd64
• Linux arm64
• Darwin/MacOS amd64
• Darwin/MacOS arm64
• FreeBSD amd64
• OpenBSD amd64