Description
I started coding some attacks/scans into Raccoon - this is done in the owasp branch.
This is supposed to broaden its vulnerability scanning abilities and help it assist with areas it is not addressing fully at the moment.
I have coded most/all of the directory traversal module but I currently have no time to add more scans and attacks from the web application world, let alone write unit tests for the existing ones.
I'd love to get assistance on this, from simple suggestions in this issue to proper PRs - everything is appreciated.
On a side note, I started working on an XSS module as part of this branch but decided to drop it. I don't believe XSS is a good fit for an automated scan. XSS is something that is best done manually - with implications being observed by the attacker immediately, while detecting them using an automated tool is a lot harder and can have a ton of false positives/negatives.