aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorIvan Nardi <nardi.ivan@gmail.com>2025-06-08 13:04:05 +0200
committerIvan Nardi <nardi.ivan@gmail.com>2025-06-08 13:04:05 +0200
commitcc99039e1ff8dbf2e12b71ee96337e2ba819f23d (patch)
treed104f1c32d5a426cc68bf15d6174775d5a4631e2
parenta9433488cd090a5da68179b52bb8c200d42649fa (diff)
Sync unit tests results
Diffstat
-rw-r--r--tests/cfgs/default/result/WebattackSQLinj.pcap.out14
-rw-r--r--tests/cfgs/default/result/WebattackXSS.pcap.out18
-rw-r--r--tests/cfgs/default/result/fuzz-2006-09-29-28586.pcap.out2
-rw-r--r--tests/cfgs/default/result/http_invalid_server.pcap.out3
-rw-r--r--tests/cfgs/default/result/sql_injection.pcap.out2
-rw-r--r--tests/cfgs/default/result/xss.pcap.out2
6 files changed, 20 insertions, 21 deletions
diff --git a/tests/cfgs/default/result/WebattackSQLinj.pcap.out b/tests/cfgs/default/result/WebattackSQLinj.pcap.out
index beb2f8608..bd1d29b54 100644
--- a/tests/cfgs/default/result/WebattackSQLinj.pcap.out
+++ b/tests/cfgs/default/result/WebattackSQLinj.pcap.out
@@ -24,12 +24,12 @@ HTTP 94 30008 9
Acceptable 94 30008 9
- 1 TCP 172.16.0.1:36212 <-> 192.168.10.50:80 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Web/5][7 pkts/1070 bytes <-> 5 pkts/4487 bytes][Goodput ratio: 56/92][5.01 sec][Hostname/SNI: 205.174.165.68][bytes ratio: -0.615 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 1002/3 5000/10 1999/5][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 153/897 666/2767 210/1090][URL: 205.174.165.68/dv/vulnerabilities/sqli/?id=1%27+and+1%3D1+union+select+null%2C+table_name+from+information_schema.tables%23&Submit=Submit][StatusCode: 200][Content-Type: text/html][Server: Apache/2.4.18 (Ubuntu)][User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0][Risk: ** SQL Injection **** HTTP/TLS/QUIC Numeric Hostname/SNI **** HTTP Susp Header **][Risk Score: 260][Risk Info: Expected 192.168.10.50, found 205.174.165.68 / Found host 205.174.165.68 / Suspicious URL [/dv/vulnerabilities/sqli/?id=1%27+a][TCP Fingerprint: 2_64_29200_2e3cee914fc1/Linux][PLAIN TEXT (GET /dv/vulnerabilities/sqli/)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,33]
- 2 TCP 172.16.0.1:36202 <-> 192.168.10.50:80 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Web/5][6 pkts/1004 bytes <-> 5 pkts/4487 bytes][Goodput ratio: 60/92][5.09 sec][Hostname/SNI: 205.174.165.68][bytes ratio: -0.634 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/80 1017/40 5004/80 1994/40][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 167/897 666/4215 223/1659][URL: 205.174.165.68/dv/vulnerabilities/sqli/?id=1%27+and+1%3D1+union+select+null%2C+table_name+from+information_schema.tables%23&Submit=Submit][StatusCode: 200][Content-Type: text/html][Server: Apache/2.4.18 (Ubuntu)][User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0][Risk: ** SQL Injection **** HTTP/TLS/QUIC Numeric Hostname/SNI **** HTTP Susp Header **][Risk Score: 260][Risk Info: Expected 192.168.10.50, found 205.174.165.68 / Found host 205.174.165.68 / Suspicious URL [/dv/vulnerabilities/sqli/?id=1%27+a][TCP Fingerprint: 2_64_29200_2e3cee914fc1/Linux][PLAIN TEXT (GET /dv/vulnerabilities/sqli/)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50]
- 3 TCP 172.16.0.1:36204 <-> 192.168.10.50:80 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Web/5][5 pkts/937 bytes <-> 5 pkts/2359 bytes][Goodput ratio: 64/86][5.01 sec][Hostname/SNI: 205.174.165.68][bytes ratio: -0.431 (Download)][IAT c2s/s2c min/avg/max/stddev: 5/0 1251/1 5000/4 2164/2][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 187/472 665/2087 239/808][URL: 205.174.165.68/dv/vulnerabilities/sqli/?id=1%27+and+1%3D1+union+select+user%2C+password+from+users%23&Submit=Submit][StatusCode: 200][Content-Type: text/html][Server: Apache/2.4.18 (Ubuntu)][User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0][Risk: ** SQL Injection **** HTTP/TLS/QUIC Numeric Hostname/SNI **** HTTP Susp Header **][Risk Score: 260][Risk Info: Expected 192.168.10.50, found 205.174.165.68 / Found host 205.174.165.68 / Suspicious URL [/dv/vulnerabilities/sqli/?id=1%27+a][TCP Fingerprint: 2_64_29200_2e3cee914fc1/Linux][PLAIN TEXT (GET /dv/vulnerabilities/sqli/)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50]
- 4 TCP 172.16.0.1:36200 <-> 192.168.10.50:80 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Web/5][5 pkts/875 bytes <-> 5 pkts/2219 bytes][Goodput ratio: 61/85][5.04 sec][Hostname/SNI: 205.174.165.68][bytes ratio: -0.434 (Download)][IAT c2s/s2c min/avg/max/stddev: 33/0 1259/11 5004/32 2162/15][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 175/444 603/1947 214/752][URL: 205.174.165.68/dv/vulnerabilities/sqli/?id=1%27+and+1%3D1+union+select+database%28%29%2C+user%28%29%23&Submit=Submit][StatusCode: 200][Content-Type: text/html][Server: Apache/2.4.18 (Ubuntu)][User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0][Risk: ** SQL Injection **** HTTP/TLS/QUIC Numeric Hostname/SNI **** HTTP Susp Header **][Risk Score: 260][Risk Info: Expected 192.168.10.50, found 205.174.165.68 / Found host 205.174.165.68 / Suspicious URL [/dv/vulnerabilities/sqli/?id=1%27+a][TCP Fingerprint: 2_64_29200_2e3cee914fc1/Linux][PLAIN TEXT (GET /dv/vulnerabilities/sqli/)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50]
- 5 TCP 172.16.0.1:36210 <-> 192.168.10.50:80 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Web/5][6 pkts/941 bytes <-> 4 pkts/2153 bytes][Goodput ratio: 57/87][5.01 sec][Hostname/SNI: 205.174.165.68][bytes ratio: -0.392 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/5 1001/2 5000/5 2000/2][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 157/538 603/1947 200/813][URL: 205.174.165.68/dv/vulnerabilities/sqli/?id=1%27+and+1%3D1+union+select+database%28%29%2C+user%28%29%23&Submit=Submit][StatusCode: 200][Content-Type: text/html][Server: Apache/2.4.18 (Ubuntu)][User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0][Risk: ** SQL Injection **** HTTP/TLS/QUIC Numeric Hostname/SNI **** HTTP Susp Header **][Risk Score: 260][Risk Info: Expected 192.168.10.50, found 205.174.165.68 / Found host 205.174.165.68 / Suspicious URL [/dv/vulnerabilities/sqli/?id=1%27+a][TCP Fingerprint: 2_64_29200_2e3cee914fc1/Linux][PLAIN TEXT (GET /dv/vulnerabilities/sqli/)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50]
- 6 TCP 172.16.0.1:36208 <-> 192.168.10.50:80 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Web/5][5 pkts/874 bytes <-> 5 pkts/2178 bytes][Goodput ratio: 61/84][5.01 sec][Hostname/SNI: 205.174.165.68][bytes ratio: -0.427 (Download)][IAT c2s/s2c min/avg/max/stddev: 4/0 1252/1 5005/3 2167/1][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 175/436 602/1906 214/735][URL: 205.174.165.68/dv/vulnerabilities/sqli/?id=1%27+and+1%3D1%23&Submit=Submit][StatusCode: 200][Content-Type: text/html][Server: Apache/2.4.18 (Ubuntu)][User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0][Risk: ** SQL Injection **** HTTP/TLS/QUIC Numeric Hostname/SNI **** HTTP Susp Header **][Risk Score: 260][Risk Info: Expected 192.168.10.50, found 205.174.165.68 / Found host 205.174.165.68 / Suspicious URL [/dv/vulnerabilities/sqli/?id=1%27+a][TCP Fingerprint: 2_64_29200_2e3cee914fc1/Linux][PLAIN TEXT (GET /dv/vulnerabilities/sqli/)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50]
- 7 TCP 172.16.0.1:36198 <-> 192.168.10.50:80 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Web/5][5 pkts/798 bytes <-> 5 pkts/2178 bytes][Goodput ratio: 58/84][5.07 sec][Hostname/SNI: 205.174.165.68][bytes ratio: -0.464 (Download)][IAT c2s/s2c min/avg/max/stddev: 68/0 1267/22 5001/67 2156/32][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 160/436 526/1906 183/735][URL: 205.174.165.68/dv/vulnerabilities/sqli/?id=1%27+and+1%3D1%23&Submit=Submit][StatusCode: 200][Content-Type: text/html][Server: Apache/2.4.18 (Ubuntu)][User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0][Risk: ** SQL Injection **** HTTP/TLS/QUIC Numeric Hostname/SNI **** HTTP Susp Header **][Risk Score: 260][Risk Info: Expected 192.168.10.50, found 205.174.165.68 / Found host 205.174.165.68 / Suspicious URL [/dv/vulnerabilities/sqli/?id=1%27+a][TCP Fingerprint: 2_64_29200_2e3cee914fc1/Linux][PLAIN TEXT (GET /dv/vulnerabilities/sqli/)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50]
+ 1 TCP 172.16.0.1:36212 <-> 192.168.10.50:80 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Web/5][7 pkts/1070 bytes <-> 5 pkts/4487 bytes][Goodput ratio: 56/92][5.01 sec][Hostname/SNI: 205.174.165.68][bytes ratio: -0.615 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 1002/3 5000/10 1999/5][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 153/897 666/2767 210/1090][URL: 205.174.165.68/dv/vulnerabilities/sqli/?id=1%27+and+1%3D1+union+select+null%2C+table_name+from+information_schema.tables%23&Submit=Submit][StatusCode: 200][Content-Type: text/html][Server: Apache/2.4.18 (Ubuntu)][User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0][Risk: ** SQL Injection **** HTTP/TLS/QUIC Numeric Hostname/SNI **** HTTP Susp Header **][Risk Score: 260][Risk Info: Expected 192.168.10.50, found 205.174.165.68 / Found host 205.174.165.68][TCP Fingerprint: 2_64_29200_2e3cee914fc1/Linux][PLAIN TEXT (GET /dv/vulnerabilities/sqli/)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,33]
+ 2 TCP 172.16.0.1:36202 <-> 192.168.10.50:80 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Web/5][6 pkts/1004 bytes <-> 5 pkts/4487 bytes][Goodput ratio: 60/92][5.09 sec][Hostname/SNI: 205.174.165.68][bytes ratio: -0.634 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/80 1017/40 5004/80 1994/40][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 167/897 666/4215 223/1659][URL: 205.174.165.68/dv/vulnerabilities/sqli/?id=1%27+and+1%3D1+union+select+null%2C+table_name+from+information_schema.tables%23&Submit=Submit][StatusCode: 200][Content-Type: text/html][Server: Apache/2.4.18 (Ubuntu)][User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0][Risk: ** SQL Injection **** HTTP/TLS/QUIC Numeric Hostname/SNI **** HTTP Susp Header **][Risk Score: 260][Risk Info: Expected 192.168.10.50, found 205.174.165.68 / Found host 205.174.165.68][TCP Fingerprint: 2_64_29200_2e3cee914fc1/Linux][PLAIN TEXT (GET /dv/vulnerabilities/sqli/)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50]
+ 3 TCP 172.16.0.1:36204 <-> 192.168.10.50:80 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Web/5][5 pkts/937 bytes <-> 5 pkts/2359 bytes][Goodput ratio: 64/86][5.01 sec][Hostname/SNI: 205.174.165.68][bytes ratio: -0.431 (Download)][IAT c2s/s2c min/avg/max/stddev: 5/0 1251/1 5000/4 2164/2][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 187/472 665/2087 239/808][URL: 205.174.165.68/dv/vulnerabilities/sqli/?id=1%27+and+1%3D1+union+select+user%2C+password+from+users%23&Submit=Submit][StatusCode: 200][Content-Type: text/html][Server: Apache/2.4.18 (Ubuntu)][User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0][Risk: ** SQL Injection **** HTTP/TLS/QUIC Numeric Hostname/SNI **** HTTP Susp Header **][Risk Score: 260][Risk Info: Expected 192.168.10.50, found 205.174.165.68 / Found host 205.174.165.68][TCP Fingerprint: 2_64_29200_2e3cee914fc1/Linux][PLAIN TEXT (GET /dv/vulnerabilities/sqli/)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50]
+ 4 TCP 172.16.0.1:36200 <-> 192.168.10.50:80 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Web/5][5 pkts/875 bytes <-> 5 pkts/2219 bytes][Goodput ratio: 61/85][5.04 sec][Hostname/SNI: 205.174.165.68][bytes ratio: -0.434 (Download)][IAT c2s/s2c min/avg/max/stddev: 33/0 1259/11 5004/32 2162/15][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 175/444 603/1947 214/752][URL: 205.174.165.68/dv/vulnerabilities/sqli/?id=1%27+and+1%3D1+union+select+database%28%29%2C+user%28%29%23&Submit=Submit][StatusCode: 200][Content-Type: text/html][Server: Apache/2.4.18 (Ubuntu)][User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0][Risk: ** SQL Injection **** HTTP/TLS/QUIC Numeric Hostname/SNI **** HTTP Susp Header **][Risk Score: 260][Risk Info: Expected 192.168.10.50, found 205.174.165.68 / Found host 205.174.165.68][TCP Fingerprint: 2_64_29200_2e3cee914fc1/Linux][PLAIN TEXT (GET /dv/vulnerabilities/sqli/)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50]
+ 5 TCP 172.16.0.1:36210 <-> 192.168.10.50:80 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Web/5][6 pkts/941 bytes <-> 4 pkts/2153 bytes][Goodput ratio: 57/87][5.01 sec][Hostname/SNI: 205.174.165.68][bytes ratio: -0.392 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/5 1001/2 5000/5 2000/2][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 157/538 603/1947 200/813][URL: 205.174.165.68/dv/vulnerabilities/sqli/?id=1%27+and+1%3D1+union+select+database%28%29%2C+user%28%29%23&Submit=Submit][StatusCode: 200][Content-Type: text/html][Server: Apache/2.4.18 (Ubuntu)][User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0][Risk: ** SQL Injection **** HTTP/TLS/QUIC Numeric Hostname/SNI **** HTTP Susp Header **][Risk Score: 260][Risk Info: Expected 192.168.10.50, found 205.174.165.68 / Found host 205.174.165.68][TCP Fingerprint: 2_64_29200_2e3cee914fc1/Linux][PLAIN TEXT (GET /dv/vulnerabilities/sqli/)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50]
+ 6 TCP 172.16.0.1:36208 <-> 192.168.10.50:80 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Web/5][5 pkts/874 bytes <-> 5 pkts/2178 bytes][Goodput ratio: 61/84][5.01 sec][Hostname/SNI: 205.174.165.68][bytes ratio: -0.427 (Download)][IAT c2s/s2c min/avg/max/stddev: 4/0 1252/1 5005/3 2167/1][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 175/436 602/1906 214/735][URL: 205.174.165.68/dv/vulnerabilities/sqli/?id=1%27+and+1%3D1%23&Submit=Submit][StatusCode: 200][Content-Type: text/html][Server: Apache/2.4.18 (Ubuntu)][User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0][Risk: ** SQL Injection **** HTTP/TLS/QUIC Numeric Hostname/SNI **** HTTP Susp Header **][Risk Score: 260][Risk Info: Expected 192.168.10.50, found 205.174.165.68 / Found host 205.174.165.68][TCP Fingerprint: 2_64_29200_2e3cee914fc1/Linux][PLAIN TEXT (GET /dv/vulnerabilities/sqli/)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50]
+ 7 TCP 172.16.0.1:36198 <-> 192.168.10.50:80 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Web/5][5 pkts/798 bytes <-> 5 pkts/2178 bytes][Goodput ratio: 58/84][5.07 sec][Hostname/SNI: 205.174.165.68][bytes ratio: -0.464 (Download)][IAT c2s/s2c min/avg/max/stddev: 68/0 1267/22 5001/67 2156/32][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 160/436 526/1906 183/735][URL: 205.174.165.68/dv/vulnerabilities/sqli/?id=1%27+and+1%3D1%23&Submit=Submit][StatusCode: 200][Content-Type: text/html][Server: Apache/2.4.18 (Ubuntu)][User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0][Risk: ** SQL Injection **** HTTP/TLS/QUIC Numeric Hostname/SNI **** HTTP Susp Header **][Risk Score: 260][Risk Info: Expected 192.168.10.50, found 205.174.165.68 / Found host 205.174.165.68][TCP Fingerprint: 2_64_29200_2e3cee914fc1/Linux][PLAIN TEXT (GET /dv/vulnerabilities/sqli/)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50]
8 TCP 172.16.0.1:36206 <-> 192.168.10.50:80 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Web/5][5 pkts/861 bytes <-> 5 pkts/868 bytes][Goodput ratio: 61/61][5.01 sec][Hostname/SNI: 205.174.165.68][bytes ratio: -0.004 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 3/0 1252/1 5005/2 2167/1][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 172/174 589/596 208/211][URL: 205.174.165.68/dv/vulnerabilities/sqli/?id=1%27&Submit=Submit][StatusCode: 200][Content-Type: text/html][Server: Apache/2.4.18 (Ubuntu)][User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0][Risk: ** HTTP/TLS/QUIC Numeric Hostname/SNI **** HTTP Susp Header **][Risk Score: 110][Risk Info: Expected 192.168.10.50, found 205.174.165.68 / Found host 205.174.165.68][TCP Fingerprint: 2_64_29200_2e3cee914fc1/Linux][PLAIN TEXT (GET /dv/vulnerabilities/sqli/)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
9 TCP 172.16.0.1:36196 <-> 192.168.10.50:80 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Web/5][6 pkts/851 bytes <-> 5 pkts/868 bytes][Goodput ratio: 52/61][5.01 sec][Hostname/SNI: 205.174.165.68][bytes ratio: -0.010 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 1251/1 5000/3 2164/1][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 142/174 513/596 166/211][URL: 205.174.165.68/dv/vulnerabilities/sqli/?id=1%27&Submit=Submit][StatusCode: 200][Content-Type: text/html][Server: Apache/2.4.18 (Ubuntu)][User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0][Risk: ** HTTP/TLS/QUIC Numeric Hostname/SNI **** HTTP Susp Header **][Risk Score: 110][Risk Info: Expected 192.168.10.50, found 205.174.165.68 / Found host 205.174.165.68][TCP Fingerprint: 2_64_29200_2e3cee914fc1/Linux][PLAIN TEXT (GET /dv/vulnerabilities/sqli/)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
diff --git a/tests/cfgs/default/result/WebattackXSS.pcap.out b/tests/cfgs/default/result/WebattackXSS.pcap.out
index ff39b6574..55b26fb0f 100644
--- a/tests/cfgs/default/result/WebattackXSS.pcap.out
+++ b/tests/cfgs/default/result/WebattackXSS.pcap.out
@@ -29,22 +29,22 @@ Acceptable 9374 4721148 661
1 TCP 172.16.0.1:59042 <-> 192.168.10.50:80 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Web/5][214 pkts/62915 bytes <-> 107 pkts/190654 bytes][Goodput ratio: 78/96][68.07 sec][Hostname/SNI: 205.174.165.68][bytes ratio: -0.504 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 340/680 4821/4822 530/629][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 294/1782 651/1935 251/393][URL: 205.174.165.68/dv/vulnerabilities/xss_r/][StatusCode: 200][Content-Type: text/html][Server: Apache/2.4.18 (Ubuntu)][User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0][Risk: ** HTTP/TLS/QUIC Numeric Hostname/SNI **** HTTP Susp Header **][Risk Score: 110][Risk Info: Expected 192.168.10.50, found 205.174.165.68 / Found host 205.174.165.68][TCP Fingerprint: 2_64_29200_2e3cee914fc1/Linux][PLAIN TEXT (GET /dv/vulnerabilities/xss)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,25,0,0,0,0,0,0,24,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,49]
2 TCP 172.16.0.1:56306 <-> 192.168.10.50:80 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Web/5][205 pkts/62321 bytes <-> 115 pkts/191204 bytes][Goodput ratio: 78/96][68.15 sec][Hostname/SNI: 205.174.165.68][bytes ratio: -0.508 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 354/600 4804/4805 540/628][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 304/1663 651/1936 252/500][URL: 205.174.165.68/dv/vulnerabilities/xss_r/][StatusCode: 200][Content-Type: text/html][Server: Apache/2.4.18 (Ubuntu)][User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0][Risk: ** HTTP/TLS/QUIC Numeric Hostname/SNI **** HTTP Susp Header **][Risk Score: 110][Risk Info: Expected 192.168.10.50, found 205.174.165.68 / Found host 205.174.165.68][TCP Fingerprint: 2_64_29200_2e3cee914fc1/Linux][PLAIN TEXT (GET /dv/vulnerabilities/xss)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,23,0,5,0,0,0,0,23,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,5,0,42]
- 3 TCP 172.16.0.1:58360 <-> 192.168.10.50:80 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Web/5][210 pkts/62853 bytes <-> 105 pkts/190635 bytes][Goodput ratio: 78/96][67.29 sec][Hostname/SNI: 205.174.165.68][bytes ratio: -0.504 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/2 346/635 3808/3809 494/543][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 299/1816 651/1936 252/351][URL: 205.174.165.68/dv/vulnerabilities/xss_r/?name=%3Cscript%3Econsole.log%28%27MRVS1VO9FLO4CFA5FLJ13I9GULOFH69WHOJQ0PH0OKE2FMG3MQ%27%29%3Bconsole.log%28document.cookie%29%3B%3C%2Fscript%3E][StatusCode: 200][Content-Type: text/html][Server: Apache/2.4.18 (Ubuntu)][User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0][Risk: ** XSS Attack **** HTTP/TLS/QUIC Numeric Hostname/SNI **** HTTP Susp Header **][Risk Score: 260][Risk Info: Expected 192.168.10.50, found 205.174.165.68 / Found host 205.174.165.68 / Suspicious URL [/dv/vulnerabilities/xss_r/?name=%3C][TCP Fingerprint: 2_64_29200_2e3cee914fc1/Linux][PLAIN TEXT (GET /dv/vulnerabilities/xss)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,24,0,0,0,0,0,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50]
+ 3 TCP 172.16.0.1:58360 <-> 192.168.10.50:80 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Web/5][210 pkts/62853 bytes <-> 105 pkts/190635 bytes][Goodput ratio: 78/96][67.29 sec][Hostname/SNI: 205.174.165.68][bytes ratio: -0.504 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/2 346/635 3808/3809 494/543][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 299/1816 651/1936 252/351][URL: 205.174.165.68/dv/vulnerabilities/xss_r/?name=%3Cscript%3Econsole.log%28%27MRVS1VO9FLO4CFA5FLJ13I9GULOFH69WHOJQ0PH0OKE2FMG3MQ%27%29%3Bconsole.log%28document.cookie%29%3B%3C%2Fscript%3E][StatusCode: 200][Content-Type: text/html][Server: Apache/2.4.18 (Ubuntu)][User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0][Risk: ** XSS Attack **** HTTP/TLS/QUIC Numeric Hostname/SNI **** HTTP Susp Header **][Risk Score: 260][Risk Info: Expected 192.168.10.50, found 205.174.165.68 / Found host 205.174.165.68][TCP Fingerprint: 2_64_29200_2e3cee914fc1/Linux][PLAIN TEXT (GET /dv/vulnerabilities/xss)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,24,0,0,0,0,0,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50]
4 TCP 172.16.0.1:33580 <-> 192.168.10.50:80 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Web/5][206 pkts/62387 bytes <-> 110 pkts/190854 bytes][Goodput ratio: 78/96][69.42 sec][Hostname/SNI: 205.174.165.68][bytes ratio: -0.507 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 343/690 4839/4840 532/624][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 303/1735 651/1935 252/442][URL: 205.174.165.68/dv/vulnerabilities/xss_r/][StatusCode: 200][Content-Type: text/html][Server: Apache/2.4.18 (Ubuntu)][User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0][Risk: ** HTTP/TLS/QUIC Numeric Hostname/SNI **** HTTP Susp Header **][Risk Score: 110][Risk Info: Expected 192.168.10.50, found 205.174.165.68 / Found host 205.174.165.68][TCP Fingerprint: 2_64_29200_2e3cee914fc1/Linux][PLAIN TEXT (GET /dv/vulnerabilities/xss)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,24,0,2,0,0,0,0,24,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,46]
- 5 TCP 172.16.0.1:34278 <-> 192.168.10.50:80 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Web/5][206 pkts/62589 bytes <-> 105 pkts/190625 bytes][Goodput ratio: 78/96][67.05 sec][Hostname/SNI: 205.174.165.68][bytes ratio: -0.506 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/3 328/716 2587/2588 440/440][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 304/1815 651/1936 253/351][URL: 205.174.165.68/dv/vulnerabilities/xss_r/?name=%3Cscript%3Econsole.log%28%27TNRH0PFRPCFVXECFZU2OUYBTDZQVIWB8HBZ1VC7EXA9PGMGBWA%27%29%3Bconsole.log%28document.cookie%29%3B%3C%2Fscript%3E][StatusCode: 200][Content-Type: text/html][Server: Apache/2.4.18 (Ubuntu)][User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0][Risk: ** XSS Attack **** HTTP/TLS/QUIC Numeric Hostname/SNI **** HTTP Susp Header **][Risk Score: 260][Risk Info: Expected 192.168.10.50, found 205.174.165.68 / Found host 205.174.165.68 / Suspicious URL [/dv/vulnerabilities/xss_r/?name=%3C][TCP Fingerprint: 2_64_29200_2e3cee914fc1/Linux][PLAIN TEXT (GET /dv/vulnerabilities/xss)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,25,0,0,0,0,0,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,49]
- 6 TCP 172.16.0.1:32906 <-> 192.168.10.50:80 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Web/5][205 pkts/62523 bytes <-> 105 pkts/190638 bytes][Goodput ratio: 78/96][68.34 sec][Hostname/SNI: 205.174.165.68][bytes ratio: -0.506 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/1 377/619 3861/3861 508/538][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 305/1816 651/1936 253/351][URL: 205.174.165.68/dv/vulnerabilities/xss_r/?name=%3Cscript%3Econsole.log%28%27UQE70NGV80W4ZBVWQELDMRMBY9BF6W552ZBHL3F4W4MIP7R7K6%27%29%3Bconsole.log%28document.cookie%29%3B%3C%2Fscript%3E][StatusCode: 200][Content-Type: text/html][Server: Apache/2.4.18 (Ubuntu)][User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0][Risk: ** XSS Attack **** HTTP/TLS/QUIC Numeric Hostname/SNI **** HTTP Susp Header **][Risk Score: 260][Risk Info: Expected 192.168.10.50, found 205.174.165.68 / Found host 205.174.165.68 / Suspicious URL [/dv/vulnerabilities/xss_r/?name=%3C][TCP Fingerprint: 2_64_29200_2e3cee914fc1/Linux][PLAIN TEXT (GET /dv/vulnerabilities/xss)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,25,0,0,0,0,0,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50]
- 7 TCP 172.16.0.1:56994 <-> 192.168.10.50:80 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Web/5][205 pkts/62523 bytes <-> 105 pkts/190634 bytes][Goodput ratio: 78/96][67.00 sec][Hostname/SNI: 205.174.165.68][bytes ratio: -0.506 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/1 370/605 3818/3818 505/541][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 305/1816 651/1935 253/351][URL: 205.174.165.68/dv/vulnerabilities/xss_r/?name=%3Cscript%3Econsole.log%28%27AA0U7VCIO18AUKPZNB0ZXFCDF9PVHM0BRGOWM22EICNEPXK5UC%27%29%3Bconsole.log%28document.cookie%29%3B%3C%2Fscript%3E][StatusCode: 200][Content-Type: text/html][Server: Apache/2.4.18 (Ubuntu)][User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0][Risk: ** XSS Attack **** HTTP/TLS/QUIC Numeric Hostname/SNI **** HTTP Susp Header **][Risk Score: 260][Risk Info: Expected 192.168.10.50, found 205.174.165.68 / Found host 205.174.165.68 / Suspicious URL [/dv/vulnerabilities/xss_r/?name=%3C][TCP Fingerprint: 2_64_29200_2e3cee914fc1/Linux][PLAIN TEXT (GET /dv/vulnerabilities/xss)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,25,0,0,0,0,0,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50]
- 8 TCP 172.16.0.1:52910 <-> 192.168.10.50:80 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Web/5][205 pkts/62523 bytes <-> 105 pkts/190630 bytes][Goodput ratio: 78/96][68.12 sec][Hostname/SNI: 205.174.165.68][bytes ratio: -0.506 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/1 376/617 3808/3808 507/537][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 305/1816 651/1935 253/351][URL: 205.174.165.68/dv/vulnerabilities/xss_r/?name=%3Cscript%3Econsole.log%28%27AQ80NQUS4TAQLQVWHMAGXB11KUBK34NZA8RUUD143IFKQDS3P5%27%29%3Bconsole.log%28document.cookie%29%3B%3C%2Fscript%3E][StatusCode: 200][Content-Type: text/html][Server: Apache/2.4.18 (Ubuntu)][User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0][Risk: ** XSS Attack **** HTTP/TLS/QUIC Numeric Hostname/SNI **** HTTP Susp Header **][Risk Score: 260][Risk Info: Expected 192.168.10.50, found 205.174.165.68 / Found host 205.174.165.68 / Suspicious URL [/dv/vulnerabilities/xss_r/?name=%3C][TCP Fingerprint: 2_64_29200_2e3cee914fc1/Linux][PLAIN TEXT (GET /dv/vulnerabilities/xss)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,25,0,0,0,0,0,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50]
- 9 TCP 172.16.0.1:55632 <-> 192.168.10.50:80 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Web/5][205 pkts/62523 bytes <-> 105 pkts/190627 bytes][Goodput ratio: 78/96][67.55 sec][Hostname/SNI: 205.174.165.68][bytes ratio: -0.506 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/1 373/609 3784/3784 507/541][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 305/1815 651/1935 253/351][URL: 205.174.165.68/dv/vulnerabilities/xss_r/?name=%3Cscript%3Econsole.log%28%27JUL2D3WXHEGWRAFJE2PI7OS71Z4Z8RFUHXGNFLUFYVP6M3OL55%27%29%3Bconsole.log%28document.cookie%29%3B%3C%2Fscript%3E][StatusCode: 200][Content-Type: text/html][Server: Apache/2.4.18 (Ubuntu)][User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0][Risk: ** XSS Attack **** HTTP/TLS/QUIC Numeric Hostname/SNI **** HTTP Susp Header **][Risk Score: 260][Risk Info: Expected 192.168.10.50, found 205.174.165.68 / Found host 205.174.165.68 / Suspicious URL [/dv/vulnerabilities/xss_r/?name=%3C][TCP Fingerprint: 2_64_29200_2e3cee914fc1/Linux][PLAIN TEXT (GET /dv/vulnerabilities/xss)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,25,0,0,0,0,0,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50]
- 10 TCP 172.16.0.1:54268 <-> 192.168.10.50:80 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Web/5][205 pkts/62523 bytes <-> 105 pkts/190611 bytes][Goodput ratio: 78/96][67.52 sec][Hostname/SNI: 205.174.165.68][bytes ratio: -0.506 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/1 373/611 3826/3827 507/543][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 305/1815 651/1935 253/351][URL: 205.174.165.68/dv/vulnerabilities/xss_r/?name=%3Cscript%3Econsole.log%28%270XVM4C1CNSWY8VF443GGZ6W527WBY4H29E2XQNGG2QUPQEKW0U%27%29%3Bconsole.log%28document.cookie%29%3B%3C%2Fscript%3E][StatusCode: 200][Content-Type: text/html][Server: Apache/2.4.18 (Ubuntu)][User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0][Risk: ** XSS Attack **** HTTP/TLS/QUIC Numeric Hostname/SNI **** HTTP Susp Header **][Risk Score: 260][Risk Info: Expected 192.168.10.50, found 205.174.165.68 / Found host 205.174.165.68 / Suspicious URL [/dv/vulnerabilities/xss_r/?name=%3C][TCP Fingerprint: 2_64_29200_2e3cee914fc1/Linux][PLAIN TEXT (KGET /dv/vulnerabilities/xss)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,25,0,0,0,0,0,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50]
+ 5 TCP 172.16.0.1:34278 <-> 192.168.10.50:80 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Web/5][206 pkts/62589 bytes <-> 105 pkts/190625 bytes][Goodput ratio: 78/96][67.05 sec][Hostname/SNI: 205.174.165.68][bytes ratio: -0.506 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/3 328/716 2587/2588 440/440][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 304/1815 651/1936 253/351][URL: 205.174.165.68/dv/vulnerabilities/xss_r/?name=%3Cscript%3Econsole.log%28%27TNRH0PFRPCFVXECFZU2OUYBTDZQVIWB8HBZ1VC7EXA9PGMGBWA%27%29%3Bconsole.log%28document.cookie%29%3B%3C%2Fscript%3E][StatusCode: 200][Content-Type: text/html][Server: Apache/2.4.18 (Ubuntu)][User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0][Risk: ** XSS Attack **** HTTP/TLS/QUIC Numeric Hostname/SNI **** HTTP Susp Header **][Risk Score: 260][Risk Info: Expected 192.168.10.50, found 205.174.165.68 / Found host 205.174.165.68][TCP Fingerprint: 2_64_29200_2e3cee914fc1/Linux][PLAIN TEXT (GET /dv/vulnerabilities/xss)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,25,0,0,0,0,0,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,49]
+ 6 TCP 172.16.0.1:32906 <-> 192.168.10.50:80 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Web/5][205 pkts/62523 bytes <-> 105 pkts/190638 bytes][Goodput ratio: 78/96][68.34 sec][Hostname/SNI: 205.174.165.68][bytes ratio: -0.506 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/1 377/619 3861/3861 508/538][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 305/1816 651/1936 253/351][URL: 205.174.165.68/dv/vulnerabilities/xss_r/?name=%3Cscript%3Econsole.log%28%27UQE70NGV80W4ZBVWQELDMRMBY9BF6W552ZBHL3F4W4MIP7R7K6%27%29%3Bconsole.log%28document.cookie%29%3B%3C%2Fscript%3E][StatusCode: 200][Content-Type: text/html][Server: Apache/2.4.18 (Ubuntu)][User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0][Risk: ** XSS Attack **** HTTP/TLS/QUIC Numeric Hostname/SNI **** HTTP Susp Header **][Risk Score: 260][Risk Info: Expected 192.168.10.50, found 205.174.165.68 / Found host 205.174.165.68][TCP Fingerprint: 2_64_29200_2e3cee914fc1/Linux][PLAIN TEXT (GET /dv/vulnerabilities/xss)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,25,0,0,0,0,0,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50]
+ 7 TCP 172.16.0.1:56994 <-> 192.168.10.50:80 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Web/5][205 pkts/62523 bytes <-> 105 pkts/190634 bytes][Goodput ratio: 78/96][67.00 sec][Hostname/SNI: 205.174.165.68][bytes ratio: -0.506 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/1 370/605 3818/3818 505/541][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 305/1816 651/1935 253/351][URL: 205.174.165.68/dv/vulnerabilities/xss_r/?name=%3Cscript%3Econsole.log%28%27AA0U7VCIO18AUKPZNB0ZXFCDF9PVHM0BRGOWM22EICNEPXK5UC%27%29%3Bconsole.log%28document.cookie%29%3B%3C%2Fscript%3E][StatusCode: 200][Content-Type: text/html][Server: Apache/2.4.18 (Ubuntu)][User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0][Risk: ** XSS Attack **** HTTP/TLS/QUIC Numeric Hostname/SNI **** HTTP Susp Header **][Risk Score: 260][Risk Info: Expected 192.168.10.50, found 205.174.165.68 / Found host 205.174.165.68][TCP Fingerprint: 2_64_29200_2e3cee914fc1/Linux][PLAIN TEXT (GET /dv/vulnerabilities/xss)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,25,0,0,0,0,0,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50]
+ 8 TCP 172.16.0.1:52910 <-> 192.168.10.50:80 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Web/5][205 pkts/62523 bytes <-> 105 pkts/190630 bytes][Goodput ratio: 78/96][68.12 sec][Hostname/SNI: 205.174.165.68][bytes ratio: -0.506 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/1 376/617 3808/3808 507/537][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 305/1816 651/1935 253/351][URL: 205.174.165.68/dv/vulnerabilities/xss_r/?name=%3Cscript%3Econsole.log%28%27AQ80NQUS4TAQLQVWHMAGXB11KUBK34NZA8RUUD143IFKQDS3P5%27%29%3Bconsole.log%28document.cookie%29%3B%3C%2Fscript%3E][StatusCode: 200][Content-Type: text/html][Server: Apache/2.4.18 (Ubuntu)][User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0][Risk: ** XSS Attack **** HTTP/TLS/QUIC Numeric Hostname/SNI **** HTTP Susp Header **][Risk Score: 260][Risk Info: Expected 192.168.10.50, found 205.174.165.68 / Found host 205.174.165.68][TCP Fingerprint: 2_64_29200_2e3cee914fc1/Linux][PLAIN TEXT (GET /dv/vulnerabilities/xss)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,25,0,0,0,0,0,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50]
+ 9 TCP 172.16.0.1:55632 <-> 192.168.10.50:80 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Web/5][205 pkts/62523 bytes <-> 105 pkts/190627 bytes][Goodput ratio: 78/96][67.55 sec][Hostname/SNI: 205.174.165.68][bytes ratio: -0.506 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/1 373/609 3784/3784 507/541][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 305/1815 651/1935 253/351][URL: 205.174.165.68/dv/vulnerabilities/xss_r/?name=%3Cscript%3Econsole.log%28%27JUL2D3WXHEGWRAFJE2PI7OS71Z4Z8RFUHXGNFLUFYVP6M3OL55%27%29%3Bconsole.log%28document.cookie%29%3B%3C%2Fscript%3E][StatusCode: 200][Content-Type: text/html][Server: Apache/2.4.18 (Ubuntu)][User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0][Risk: ** XSS Attack **** HTTP/TLS/QUIC Numeric Hostname/SNI **** HTTP Susp Header **][Risk Score: 260][Risk Info: Expected 192.168.10.50, found 205.174.165.68 / Found host 205.174.165.68][TCP Fingerprint: 2_64_29200_2e3cee914fc1/Linux][PLAIN TEXT (GET /dv/vulnerabilities/xss)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,25,0,0,0,0,0,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50]
+ 10 TCP 172.16.0.1:54268 <-> 192.168.10.50:80 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Web/5][205 pkts/62523 bytes <-> 105 pkts/190611 bytes][Goodput ratio: 78/96][67.52 sec][Hostname/SNI: 205.174.165.68][bytes ratio: -0.506 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/1 373/611 3826/3827 507/543][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 305/1815 651/1935 253/351][URL: 205.174.165.68/dv/vulnerabilities/xss_r/?name=%3Cscript%3Econsole.log%28%270XVM4C1CNSWY8VF443GGZ6W527WBY4H29E2XQNGG2QUPQEKW0U%27%29%3Bconsole.log%28document.cookie%29%3B%3C%2Fscript%3E][StatusCode: 200][Content-Type: text/html][Server: Apache/2.4.18 (Ubuntu)][User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0][Risk: ** XSS Attack **** HTTP/TLS/QUIC Numeric Hostname/SNI **** HTTP Susp Header **][Risk Score: 260][Risk Info: Expected 192.168.10.50, found 205.174.165.68 / Found host 205.174.165.68][TCP Fingerprint: 2_64_29200_2e3cee914fc1/Linux][PLAIN TEXT (KGET /dv/vulnerabilities/xss)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,25,0,0,0,0,0,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50]
11 TCP 172.16.0.1:53584 <-> 192.168.10.50:80 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Web/5][205 pkts/62321 bytes <-> 107 pkts/190662 bytes][Goodput ratio: 78/96][69.30 sec][Hostname/SNI: 205.174.165.68][bytes ratio: -0.507 (Download)][IAT c2s/s2c min/avg/max/stddev: 3/0 354/685 4897/4898 539/630][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 304/1782 651/1935 252/393][URL: 205.174.165.68/dv/vulnerabilities/xss_r/][StatusCode: 200][Content-Type: text/html][Server: Apache/2.4.18 (Ubuntu)][User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0][Risk: ** HTTP/TLS/QUIC Numeric Hostname/SNI **** HTTP Susp Header **][Risk Score: 110][Risk Info: Expected 192.168.10.50, found 205.174.165.68 / Found host 205.174.165.68][TCP Fingerprint: 2_64_29200_2e3cee914fc1/Linux][PLAIN TEXT (GET /dv/vulnerabilities/xss)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,25,0,0,0,0,0,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,48]
12 TCP 172.16.0.1:60464 <-> 192.168.10.50:80 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Web/5][205 pkts/62321 bytes <-> 106 pkts/190596 bytes][Goodput ratio: 78/96][67.94 sec][Hostname/SNI: 205.174.165.68][bytes ratio: -0.507 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 340/695 3581/3582 475/513][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 304/1798 651/1936 252/373][URL: 205.174.165.68/dv/vulnerabilities/xss_r/][StatusCode: 200][Content-Type: text/html][Server: Apache/2.4.18 (Ubuntu)][User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0][Risk: ** HTTP/TLS/QUIC Numeric Hostname/SNI **** HTTP Susp Header **][Risk Score: 110][Risk Info: Expected 192.168.10.50, found 205.174.165.68 / Found host 205.174.165.68][TCP Fingerprint: 2_64_29200_2e3cee914fc1/Linux][PLAIN TEXT (GET /dv/vulnerabilities/xss)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,25,0,0,0,0,0,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,48]
13 TCP 172.16.0.1:57684 <-> 192.168.10.50:80 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Web/5][205 pkts/62321 bytes <-> 106 pkts/190590 bytes][Goodput ratio: 78/96][66.98 sec][Hostname/SNI: 205.174.165.68][bytes ratio: -0.507 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 339/669 3535/3536 477/517][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 304/1798 651/1935 252/373][URL: 205.174.165.68/dv/vulnerabilities/xss_r/][StatusCode: 200][Content-Type: text/html][Server: Apache/2.4.18 (Ubuntu)][User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0][Risk: ** HTTP/TLS/QUIC Numeric Hostname/SNI **** HTTP Susp Header **][Risk Score: 110][Risk Info: Expected 192.168.10.50, found 205.174.165.68 / Found host 205.174.165.68][TCP Fingerprint: 2_64_29200_2e3cee914fc1/Linux][PLAIN TEXT (GET /dv/vulnerabilities/xss)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,25,0,0,0,0,0,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,48]
14 TCP 172.16.0.1:34940 <-> 192.168.10.50:80 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Web/5][206 pkts/62387 bytes <-> 105 pkts/190510 bytes][Goodput ratio: 78/96][69.37 sec][Hostname/SNI: 205.174.165.68][bytes ratio: -0.507 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/3 368/664 4896/4897 547/631][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 303/1814 651/1935 252/351][URL: 205.174.165.68/dv/vulnerabilities/xss_r/][StatusCode: 200][Content-Type: text/html][Server: Apache/2.4.18 (Ubuntu)][User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0][Risk: ** HTTP/TLS/QUIC Numeric Hostname/SNI **** HTTP Susp Header **][Risk Score: 110][Risk Info: Expected 192.168.10.50, found 205.174.165.68 / Found host 205.174.165.68][TCP Fingerprint: 2_64_29200_2e3cee914fc1/Linux][PLAIN TEXT (GET /dv/vulnerabilities/xss)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,25,0,0,0,0,0,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,49]
15 TCP 172.16.0.1:54956 <-> 192.168.10.50:80 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Web/5][205 pkts/62321 bytes <-> 105 pkts/190525 bytes][Goodput ratio: 78/96][66.90 sec][Hostname/SNI: 205.174.165.68][bytes ratio: -0.507 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/1 325/707 3641/3642 473/524][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 304/1815 651/1935 252/351][URL: 205.174.165.68/dv/vulnerabilities/xss_r/][StatusCode: 200][Content-Type: text/html][Server: Apache/2.4.18 (Ubuntu)][User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0][Risk: ** HTTP/TLS/QUIC Numeric Hostname/SNI **** HTTP Susp Header **][Risk Score: 110][Risk Info: Expected 192.168.10.50, found 205.174.165.68 / Found host 205.174.165.68][TCP Fingerprint: 2_64_29200_2e3cee914fc1/Linux][PLAIN TEXT (GET /dv/vulnerabilities/xss)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,25,0,0,0,0,0,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50]
- 16 TCP 172.16.0.1:59732 <-> 192.168.10.50:80 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Web/5][206 pkts/62299 bytes <-> 106 pkts/190495 bytes][Goodput ratio: 78/96][70.21 sec][Hostname/SNI: 205.174.165.68][bytes ratio: -0.507 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/3 384/681 3766/3767 516/543][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 302/1797 651/1935 251/373][URL: 205.174.165.68/dv/vulnerabilities/xss_r/?name=%3Cscript%3Econsole.log%28%27SZGGJRXX6DR9VWKN864H8LTBEZ6QC3GJPC8TUUNAED3BBL4L8P%27%29%3Bconsole.log%28document.cookie%29%3B%3C%2Fscript%3E][StatusCode: 200][Content-Type: text/html][Server: Apache/2.4.18 (Ubuntu)][User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0][Risk: ** XSS Attack **** HTTP/TLS/QUIC Numeric Hostname/SNI **** HTTP Susp Header **][Risk Score: 260][Risk Info: Expected 192.168.10.50, found 205.174.165.68 / Found host 205.174.165.68 / Suspicious URL [/dv/vulnerabilities/xss_r/?name=%3C][TCP Fingerprint: 2_64_29200_2e3cee914fc1/Linux][PLAIN TEXT (GET /dv/vulnerabilities/xss)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,24,0,1,0,0,0,0,23,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50]
+ 16 TCP 172.16.0.1:59732 <-> 192.168.10.50:80 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Web/5][206 pkts/62299 bytes <-> 106 pkts/190495 bytes][Goodput ratio: 78/96][70.21 sec][Hostname/SNI: 205.174.165.68][bytes ratio: -0.507 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/3 384/681 3766/3767 516/543][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 302/1797 651/1935 251/373][URL: 205.174.165.68/dv/vulnerabilities/xss_r/?name=%3Cscript%3Econsole.log%28%27SZGGJRXX6DR9VWKN864H8LTBEZ6QC3GJPC8TUUNAED3BBL4L8P%27%29%3Bconsole.log%28document.cookie%29%3B%3C%2Fscript%3E][StatusCode: 200][Content-Type: text/html][Server: Apache/2.4.18 (Ubuntu)][User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0][Risk: ** XSS Attack **** HTTP/TLS/QUIC Numeric Hostname/SNI **** HTTP Susp Header **][Risk Score: 260][Risk Info: Expected 192.168.10.50, found 205.174.165.68 / Found host 205.174.165.68][TCP Fingerprint: 2_64_29200_2e3cee914fc1/Linux][PLAIN TEXT (GET /dv/vulnerabilities/xss)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,24,0,1,0,0,0,0,23,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50]
17 TCP 172.16.0.1:52298 <-> 192.168.10.50:80 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Web/5][208 pkts/61639 bytes <-> 107 pkts/190727 bytes][Goodput ratio: 78/96][60.17 sec][Hostname/SNI: 205.174.165.68][bytes ratio: -0.512 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 317/536 1046/1043 421/406][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 296/1782 651/4410 248/575][URL: 205.174.165.68/dv/vulnerabilities/xss_r/][StatusCode: 302][Content-Type: text/html][Server: Apache/2.4.18 (Ubuntu)][User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0][Risk: ** HTTP/TLS/QUIC Numeric Hostname/SNI **** HTTP Susp Header **][Risk Score: 110][Risk Info: Expected 192.168.10.50, found 205.174.165.68 / Found host 205.174.165.68][TCP Fingerprint: 2_64_29200_2e3cee914fc1/Linux][PLAIN TEXT (GET /dv/vulnerabilities/xss)][Plen Bins: 0,0,0,0,0,0,0,0,0,1,1,25,0,0,0,1,0,0,23,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,47]
- 18 TCP 172.16.0.1:35626 <-> 192.168.10.50:80 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Web/5][88 pkts/26722 bytes <-> 45 pkts/81226 bytes][Goodput ratio: 78/96][31.23 sec][Hostname/SNI: 205.174.165.68][bytes ratio: -0.505 (Download)][IAT c2s/s2c min/avg/max/stddev: 3/3 401/695 3953/3953 601/706][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 304/1805 651/1935 253/377][URL: 205.174.165.68/dv/vulnerabilities/xss_r/?name=%3Cscript%3Econsole.log%28%27KGE8ES9SCQ7FORY5VSPTYY4R4UHJNRQTPTAY6L9JR1OU40RPDA%27%29%3Bconsole.log%28document.cookie%29%3B%3C%2Fscript%3E][StatusCode: 200][Content-Type: text/html][Server: Apache/2.4.18 (Ubuntu)][User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0][Risk: ** XSS Attack **** HTTP/TLS/QUIC Numeric Hostname/SNI **** HTTP Susp Header **][Risk Score: 260][Risk Info: Expected 192.168.10.50, found 205.174.165.68 / Found host 205.174.165.68 / Suspicious URL [/dv/vulnerabilities/xss_r/?name=%3C][TCP Fingerprint: 2_64_29200_2e3cee914fc1/Linux][PLAIN TEXT (GET /dv/vulnerabilities/xss)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,24,0,0,0,0,0,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50]
+ 18 TCP 172.16.0.1:35626 <-> 192.168.10.50:80 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Web/5][88 pkts/26722 bytes <-> 45 pkts/81226 bytes][Goodput ratio: 78/96][31.23 sec][Hostname/SNI: 205.174.165.68][bytes ratio: -0.505 (Download)][IAT c2s/s2c min/avg/max/stddev: 3/3 401/695 3953/3953 601/706][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 304/1805 651/1935 253/377][URL: 205.174.165.68/dv/vulnerabilities/xss_r/?name=%3Cscript%3Econsole.log%28%27KGE8ES9SCQ7FORY5VSPTYY4R4UHJNRQTPTAY6L9JR1OU40RPDA%27%29%3Bconsole.log%28document.cookie%29%3B%3C%2Fscript%3E][StatusCode: 200][Content-Type: text/html][Server: Apache/2.4.18 (Ubuntu)][User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0][Risk: ** XSS Attack **** HTTP/TLS/QUIC Numeric Hostname/SNI **** HTTP Susp Header **][Risk Score: 260][Risk Info: Expected 192.168.10.50, found 205.174.165.68 / Found host 205.174.165.68][TCP Fingerprint: 2_64_29200_2e3cee914fc1/Linux][PLAIN TEXT (GET /dv/vulnerabilities/xss)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,24,0,0,0,0,0,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50]
19 TCP 172.16.0.1:52200 <-> 192.168.10.50:80 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Web/5][21 pkts/4366 bytes <-> 12 pkts/14453 bytes][Goodput ratio: 68/94][4.02 sec][Hostname/SNI: 205.174.165.68][bytes ratio: -0.536 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 71/140 842/846 196/272][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 208/1204 625/7992 186/2089][URL: 205.174.165.68/dv/vulnerabilities/xss_r/][StatusCode: 302][Content-Type: text/html][Server: Apache/2.4.18 (Ubuntu)][User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0][Risk: ** HTTP/TLS/QUIC Numeric Hostname/SNI **** HTTP Susp Header **][Risk Score: 110][Risk Info: Expected 192.168.10.50, found 205.174.165.68 / Found host 205.174.165.68][TCP Fingerprint: 2_64_29200_2e3cee914fc1/Linux][PLAIN TEXT (GET /dv/vulnerabilities/xss)][Plen Bins: 0,0,0,0,0,0,0,0,0,12,12,18,5,0,0,12,12,5,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,5,0,5]
20 TCP 172.16.0.1:52098 <-> 192.168.10.50:80 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Web/5][17 pkts/3745 bytes <-> 13 pkts/13999 bytes][Goodput ratio: 70/94][6.08 sec][Hostname/SNI: 205.174.165.68][bytes ratio: -0.578 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 431/104 5005/845 1286/263][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 220/1077 625/7306 191/1849][URL: 205.174.165.68/dv/vulnerabilities/xss_r/][StatusCode: 302][Content-Type: text/html][Server: Apache/2.4.18 (Ubuntu)][User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0][Risk: ** HTTP/TLS/QUIC Numeric Hostname/SNI **** HTTP Susp Header **][Risk Score: 110][Risk Info: Expected 192.168.10.50, found 205.174.165.68 / Found host 205.174.165.68][TCP Fingerprint: 2_64_29200_2e3cee914fc1/Linux][PLAIN TEXT (GET /dv/vulnerabilities/xss)][Plen Bins: 0,0,0,0,0,0,0,0,0,12,12,12,6,0,0,12,6,6,0,0,0,6,0,6,0,0,0,0,0,0,0,0,0,0,0,6,0,0,0,0,0,0,0,0,0,6,0,6]
21 TCP 172.16.0.1:52300 <-> 192.168.10.50:80 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Web/5][7 pkts/1229 bytes <-> 6 pkts/6497 bytes][Goodput ratio: 62/94][6.24 sec][Hostname/SNI: 205.174.165.68][bytes ratio: -0.682 (Download)][IAT c2s/s2c min/avg/max/stddev: 8/0 246/308 1185/1186 470/507][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 176/1083 461/5396 171/1949][URL: 205.174.165.68/dv/dvwa/js/dvwaPage.js][StatusCode: 200][Content-Type: application/javascript][Server: Apache/2.4.18 (Ubuntu)][User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0][Risk: ** HTTP/TLS/QUIC Numeric Hostname/SNI **** HTTP Susp Header **][Risk Score: 110][Risk Info: Expected 192.168.10.50, found 205.174.165.68 / Found host 205.174.165.68][TCP Fingerprint: 2_64_29200_2e3cee914fc1/Linux][PLAIN TEXT (GET /dv/dvwa/js/dvwaPage.js HTT)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,25,25,0,0,0,0,0,0,0,0,0,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25]
diff --git a/tests/cfgs/default/result/fuzz-2006-09-29-28586.pcap.out b/tests/cfgs/default/result/fuzz-2006-09-29-28586.pcap.out
index 2277b3562..40e4b01c8 100644
--- a/tests/cfgs/default/result/fuzz-2006-09-29-28586.pcap.out
+++ b/tests/cfgs/default/result/fuzz-2006-09-29-28586.pcap.out
@@ -35,7 +35,7 @@ Unrated 3 655 3
1 TCP 172.20.3.13:80 <-> 172.20.3.5:2601 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 11][cat: Web/5][3 pkts/166 bytes <-> 8 pkts/6283 bytes][Goodput ratio: 0/93][11.25 sec][bytes ratio: -0.949 (Download)][IAT c2s/s2c min/avg/max/stddev: 104/0 5626/0 11147/0 5522/0][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 55/785 58/1514 2/725][Req Content-Type: application/vnd.wap.mms-message][User-Agent: SonyEricssonT68/R201A][PLAIN TEXT (POST /servlets/mms HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0]
2 TCP 172.20.3.5:2606 <-> 172.20.3.13:80 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 12][cat: Web/5][8 pkts/2287 bytes <-> 5 pkts/2963 bytes][Goodput ratio: 80/91][11.18 sec][Hostname/SNI: 172.20.3.13][bytes ratio: -0.129 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 58/58 177/172 83/81][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 286/593 1514/1514 478/662][URL: 172.20.3.13/servlets/mms?message-id=189301][Risk: ** HTTP Susp User-Agent **** HTTP/TLS/QUIC Numeric Hostname/SNI **][Risk Score: 110][Risk Info: Found host 172.20.3.13 / Empty or missing User-Agent][TCP Fingerprint: 2_128_8192_6bbe28597824/Unknown][PLAIN TEXT (GET /servlets/mms)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25,0,0,0,0,0,0,50,0,0]
3 TCP 172.20.3.5:2604 <-> 172.20.3.13:80 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Web/5][5 pkts/1754 bytes <-> 4 pkts/583 bytes][Goodput ratio: 83/62][11.17 sec][Hostname/SNI: 172.20.3.13][bytes ratio: 0.501 (Upload)][IAT c2s/s2c min/avg/max/stddev: 307/81 2793/3724 10864/10997 4662/5143][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 351/146 1514/417 582/157][URL: 172.20.3.13/servlets/mms?message-id=189001][StatusCode: 200][Server: Resin/2.0.1][User-Agent: SonyEricssonT68/R201A][Risk: ** HTTP/TLS/QUIC Numeric Hostname/SNI **][Risk Score: 10][Risk Info: Found host 172.20.3.13][TCP Fingerprint: 2_128_8192_6bbe28597824/Unknown][PLAIN TEXT (GET /servlets/mms)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0]
- 4 TCP 172.20.3.13:53132 <-> 172.20.3.5:80 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 12][cat: Web/5][9 pkts/1650 bytes <-> 4 pkts/240 bytes][Goodput ratio: 70/0][5.14 sec][Username: lmc_w][Password: Test1234][Hostname/SNI: %s][bytes ratio: 0.746 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/1 734/1 4911/1 1706/0][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 183/60 894/60 270/0][URL: %s][Req Content-Type: multipart/related][User-Agent: MMS-Relay-DeliveryInitiator][Risk: ** Clear-Text Credentials **** Non-Printable/Invalid Chars Detected **** Possible Exploit Attempt **][Risk Score: 350][Risk Info: Suspicious hostname [%s]: attack ? / Invalid host %s / Found credentials in HTTP Auth Line][TCP Fingerprint: 2_64_33580_4ba1d4d16cb9/Unknown][PLAIN TEXT (POST /ppgctrl/ppgcontrollogic.d)][Plen Bins: 0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 4 TCP 172.20.3.13:53132 <-> 172.20.3.5:80 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 12][cat: Web/5][9 pkts/1650 bytes <-> 4 pkts/240 bytes][Goodput ratio: 70/0][5.14 sec][Username: lmc_w][Password: Test1234][Hostname/SNI: %s][bytes ratio: 0.746 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/1 734/1 4911/1 1706/0][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 183/60 894/60 270/0][URL: %s][Req Content-Type: multipart/related][User-Agent: MMS-Relay-DeliveryInitiator][Risk: ** Clear-Text Credentials **** Non-Printable/Invalid Chars Detected **** Possible Exploit Attempt **][Risk Score: 350][Risk Info: Suspicious hostname: attack ? / Invalid host %s / Found credentials in HTTP Auth Line][TCP Fingerprint: 2_64_33580_4ba1d4d16cb9/Unknown][PLAIN TEXT (POST /ppgctrl/ppgcontrollogic.d)][Plen Bins: 0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
5 TCP 172.20.3.5:2602 <-> 172.20.3.13:80 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 3][cat: Web/5][4 pkts/942 bytes <-> 4 pkts/703 bytes][Goodput ratio: 75/69][11.10 sec][Hostname/SNI: 172.20.3.13][bytes ratio: 0.145 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/106 3699/5548 10844/10989 5054/5442][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 236/176 762/541 304/211][URL: 172.20.3.13.servlets/mms][StatusCode: 200][Req Content-Type: application/xml][Content-Type: application/xml][Server: Resin/2.0.1][Risk: ** HTTP Susp User-Agent **** HTTP/TLS/QUIC Numeric Hostname/SNI **][Risk Score: 110][Risk Info: Found host 172.20.3.13 / Empty or missing User-Agent][PLAIN TEXT (POST .servlets/mms HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
6 TCP 172.20.3.13:53136 <-> 172.20.3.5:80 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 4][cat: Web/5][5 pkts/586 bytes <-> 6 pkts/999 bytes][Goodput ratio: 54/66][5.21 sec][Hostname/SNI: 172.20.3.5][bytes ratio: -0.261 (Download)][IAT c2s/s2c min/avg/max/stddev: 1/96 1737/1302 4910/5010 2247/2141][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 117/166 370/481 126/150][StatusCode: 100][Req Content-Type: multipart/related][Server: Microsoft-IIS/4.0][User-Agent: MMS-Relay-DeliveryInitiator][PLAIN TEXT (POST /ppgctrl/ppgcon)][Plen Bins: 0,0,25,0,25,0,0,0,0,25,0,0,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
7 TCP 172.20.3.5:9587 -> 172.20.3.13:80 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 1][cat: Web/5][1 pkts/1514 bytes -> 0 pkts/0 bytes][Goodput ratio: 96/0][< 1 sec][Risk: ** HTTP Susp User-Agent **** Unidirectional Traffic **][Risk Score: 110][Risk Info: No server to client traffic / Empty or missing User-Agent][PLAIN TEXT (POST /servlets/mms HTTP/)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0]
diff --git a/tests/cfgs/default/result/http_invalid_server.pcap.out b/tests/cfgs/default/result/http_invalid_server.pcap.out
index 55bc6cdeb..df178e031 100644
--- a/tests/cfgs/default/result/http_invalid_server.pcap.out
+++ b/tests/cfgs/default/result/http_invalid_server.pcap.out
@@ -24,5 +24,4 @@ OCSP 12 1301 1
Safe 12 1301 1
- 1 TCP 192.168.1.29:51536 <-> 143.204.14.183:80 [proto: 7.63/HTTP.OCSP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 6][cat: Network/14][7 pkts/556 bytes <-> 5 pkts/745 bytes][Goodput ratio: 15/55][0.04 sec][Hostname/SNI: ocsp.rootg2.amazontrust.com][bytes ratio: -0.145 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 5/4 12/12 6/6][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 79/149 148/468 28/160][URL: ocsp.rootg2.amazontrust.com/][StatusCode: 200][Content-Type: application/ocsp-response][Server: ¯\_(ツ)_/¯][User-Agent: **][Risk: ** HTTP Susp User-Agent **** HTTP Susp Header **][Risk Score: 200][Risk Info: Suspicious Agent [¯\_(ツ)_/¯
-X-Content-Type-Options: nosnif / Suspicious Log4J][TCP Fingerprint: 2_64_65535_d29295416479/macOS][PLAIN TEXT (GET / HTTP/1.1)][Plen Bins: 33,0,33,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 1 TCP 192.168.1.29:51536 <-> 143.204.14.183:80 [proto: 7.63/HTTP.OCSP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 6][cat: Network/14][7 pkts/556 bytes <-> 5 pkts/745 bytes][Goodput ratio: 15/55][0.04 sec][Hostname/SNI: ocsp.rootg2.amazontrust.com][bytes ratio: -0.145 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 5/4 12/12 6/6][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 79/149 148/468 28/160][URL: ocsp.rootg2.amazontrust.com/][StatusCode: 200][Content-Type: application/ocsp-response][Server: ¯\_(ツ)_/¯][User-Agent: **][Risk: ** HTTP Susp User-Agent **** HTTP Susp Header **][Risk Score: 200][Risk Info: Suspicious Agent / Suspicious Log4J][TCP Fingerprint: 2_64_65535_d29295416479/macOS][PLAIN TEXT (GET / HTTP/1.1)][Plen Bins: 33,0,33,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
diff --git a/tests/cfgs/default/result/sql_injection.pcap.out b/tests/cfgs/default/result/sql_injection.pcap.out
index 36c0409bd..f9f41d70c 100644
--- a/tests/cfgs/default/result/sql_injection.pcap.out
+++ b/tests/cfgs/default/result/sql_injection.pcap.out
@@ -24,4 +24,4 @@ HTTP 5 2748 1
Acceptable 5 2748 1
- 1 TCP 192.168.3.109:53528 <-> 192.168.3.107:80 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 3][cat: Web/5][2 pkts/823 bytes <-> 3 pkts/1925 bytes][Goodput ratio: 84/90][0.00 sec][Hostname/SNI: 192.168.3.107][URL: 192.168.3.107/DVWA-master/vulnerabilities/sqli/?id=%3Fid%3Da%27+UNION+SELECT+%22text1%22%2C%22text2%22%3B--+-%26Submit%3DSubmit&Submit=Submit][StatusCode: 200][Content-Type: text/html][Server: Apache/2.4.41 (Ubuntu)][User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.0.0 Safari/537.36][Risk: ** SQL Injection **** HTTP/TLS/QUIC Numeric Hostname/SNI **][Risk Score: 160][Risk Info: Found host 192.168.3.107 / Suspicious URL [/DVWA-master/vulnerabilities/sqli/?id=%3Fid%3Da%27+UNION+SELECT+%22text1%22%2C%22te][PLAIN TEXT (GET /DV)][Plen Bins: 0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0]
+ 1 TCP 192.168.3.109:53528 <-> 192.168.3.107:80 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 3][cat: Web/5][2 pkts/823 bytes <-> 3 pkts/1925 bytes][Goodput ratio: 84/90][0.00 sec][Hostname/SNI: 192.168.3.107][URL: 192.168.3.107/DVWA-master/vulnerabilities/sqli/?id=%3Fid%3Da%27+UNION+SELECT+%22text1%22%2C%22text2%22%3B--+-%26Submit%3DSubmit&Submit=Submit][StatusCode: 200][Content-Type: text/html][Server: Apache/2.4.41 (Ubuntu)][User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.0.0 Safari/537.36][Risk: ** SQL Injection **** HTTP/TLS/QUIC Numeric Hostname/SNI **][Risk Score: 160][Risk Info: Found host 192.168.3.107][PLAIN TEXT (GET /DV)][Plen Bins: 0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0]
diff --git a/tests/cfgs/default/result/xss.pcap.out b/tests/cfgs/default/result/xss.pcap.out
index e188e1516..6fbee32d8 100644
--- a/tests/cfgs/default/result/xss.pcap.out
+++ b/tests/cfgs/default/result/xss.pcap.out
@@ -27,5 +27,5 @@ HTTP 11 3209 2
Acceptable 11 3209 2
- 1 TCP 192.168.3.109:53514 <-> 192.168.3.107:80 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Web/5][4 pkts/880 bytes <-> 4 pkts/2115 bytes][Goodput ratio: 69/87][0.01 sec][Hostname/SNI: 192.168.3.107][bytes ratio: -0.412 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 3/2 5/4 2/2][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 220/529 674/1514 262/591][URL: 192.168.3.107/DVWA-master/vulnerabilities/xss_d/?default=English%3Cscript%3Ealert(1)%3C/script%3E][StatusCode: 200][Content-Type: text/html][Server: Apache/2.4.41 (Ubuntu)][User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.0.0 Safari/537.36][Risk: ** XSS Attack **** HTTP/TLS/QUIC Numeric Hostname/SNI **][Risk Score: 160][Risk Info: Found host 192.168.3.107 / Suspicious URL [/DVWA-master/vulnerabilities/xss_d/?default=English%3Cscript%3Ealert(1)%3C/script%3][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][PLAIN TEXT (FGET /DVWA)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0]
+ 1 TCP 192.168.3.109:53514 <-> 192.168.3.107:80 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Web/5][4 pkts/880 bytes <-> 4 pkts/2115 bytes][Goodput ratio: 69/87][0.01 sec][Hostname/SNI: 192.168.3.107][bytes ratio: -0.412 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 3/2 5/4 2/2][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 220/529 674/1514 262/591][URL: 192.168.3.107/DVWA-master/vulnerabilities/xss_d/?default=English%3Cscript%3Ealert(1)%3C/script%3E][StatusCode: 200][Content-Type: text/html][Server: Apache/2.4.41 (Ubuntu)][User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.0.0 Safari/537.36][Risk: ** XSS Attack **** HTTP/TLS/QUIC Numeric Hostname/SNI **][Risk Score: 160][Risk Info: Found host 192.168.3.107][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][PLAIN TEXT (FGET /DVWA)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0]
2 TCP 192.168.3.109:53516 <-> 192.168.3.107:80 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 3][cat: Web/5][2 pkts/140 bytes <-> 1 pkts/74 bytes][Goodput ratio: 0/0][0.00 sec][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
Powered by cgit, Themed by Ted Yin.