1 files changed, 2 insertions, 2 deletions

diff --git a/tests/cfgs/default/result/WebattackRCE.pcap.out b/tests/cfgs/default/result/WebattackRCE.pcap.out
index da4504459..2a9b29a69 100644
--- a/tests/cfgs/default/result/WebattackRCE.pcap.out
+++ b/tests/cfgs/default/result/WebattackRCE.pcap.out
@@ -224,7 +224,7 @@ Acceptable                     797 191003        797
 	197	TCP 127.0.0.1:51052 -> 127.0.0.1:8080 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 1][cat: Web/5][1 pkts/248 bytes -> 0 pkts/0 bytes][Goodput ratio: 73/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/iisadmpwd/..%255c..%255cwinnt/system32/cmd.exe?/c+dir][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:003296)][Risk: ** Known Proto on Non Std Port **** HTTP/TLS/QUIC Numeric Hostname/SNI **** HTTP Susp URL **** Unidirectional Traffic **][Risk Score: 170][Risk Info: No server to client traffic / Found host 127.0.0.1 / Expected on port 80][PLAIN TEXT (GET /iisadmpwd/..)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
 	198	TCP 127.0.0.1:51060 -> 127.0.0.1:8080 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 1][cat: Web/5][1 pkts/246 bytes -> 0 pkts/0 bytes][Goodput ratio: 73/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/scripts/..%255c..%255cwinnt/system32/cmd.exe?/c+dir][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:003300)][Risk: ** Known Proto on Non Std Port **** HTTP/TLS/QUIC Numeric Hostname/SNI **** HTTP Susp URL **** Unidirectional Traffic **][Risk Score: 170][Risk Info: No server to client traffic / Found host 127.0.0.1 / Expected on port 80][PLAIN TEXT (GET /scripts/..)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
 	199	TCP 127.0.0.1:51062 -> 127.0.0.1:8080 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 1][cat: Web/5][1 pkts/246 bytes -> 0 pkts/0 bytes][Goodput ratio: 73/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/scripts/..%255c..%255cwinnt/system32/cmd.exe?/c+ver][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:003301)][Risk: ** Known Proto on Non Std Port **** HTTP/TLS/QUIC Numeric Hostname/SNI **** HTTP Susp URL **** Unidirectional Traffic **][Risk Score: 170][Risk Info: No server to client traffic / Found host 127.0.0.1 / Expected on port 80][PLAIN TEXT (GET /scripts/..)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
-	200	TCP 127.0.0.1:50562 -> 127.0.0.1:8080 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 1][cat: Web/5][1 pkts/245 bytes -> 0 pkts/0 bytes][Goodput ratio: 73/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/../../../../../../../../../../../../etc/shadow][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:dishwasher)][Risk: ** Known Proto on Non Std Port **** HTTP/TLS/QUIC Numeric Hostname/SNI **** HTTP Susp URL **** Possible Exploit **** Unidirectional Traffic **][Risk Score: 320][Risk Info: No server to client traffic / Found host 127.0.0.1 / URL starting with dot / Expected on port 80][PLAIN TEXT (GET /../../../../../../../../..)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+	200	TCP 127.0.0.1:50562 -> 127.0.0.1:8080 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 1][cat: Web/5][1 pkts/245 bytes -> 0 pkts/0 bytes][Goodput ratio: 73/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/../../../../../../../../../../../../etc/shadow][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:dishwasher)][Risk: ** Known Proto on Non Std Port **** HTTP/TLS/QUIC Numeric Hostname/SNI **** HTTP Susp URL **** Possible Exploit Attempt **** Unidirectional Traffic **][Risk Score: 320][Risk Info: No server to client traffic / Found host 127.0.0.1 / URL starting with dot / Expected on port 80][PLAIN TEXT (GET /../../../../../../../../..)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
 	201	TCP 127.0.0.1:51022 -> 127.0.0.1:8080 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 1][cat: Web/5][1 pkts/245 bytes -> 0 pkts/0 bytes][Goodput ratio: 73/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/iisadmpwd/..%c0%af../winnt/system32/cmd.exe?/c+dir][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:003192)][Risk: ** Known Proto on Non Std Port **** HTTP/TLS/QUIC Numeric Hostname/SNI **** HTTP Susp URL **** Unidirectional Traffic **][Risk Score: 170][Risk Info: No server to client traffic / Found host 127.0.0.1 / Expected on port 80][PLAIN TEXT (GET /iisadmpwd/..)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
 	202	TCP 127.0.0.1:49768 -> 127.0.0.1:8080 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 1][cat: Web/5][1 pkts/243 bytes -> 0 pkts/0 bytes][Goodput ratio: 73/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:apache_expect_xss)][Risk: ** Known Proto on Non Std Port **** HTTP/TLS/QUIC Numeric Hostname/SNI **** Unidirectional Traffic **][Risk Score: 70][Risk Info: No server to client traffic / Found host 127.0.0.1 / Expected on port 80][PLAIN TEXT (GET / HTTP/1.1)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
 	203	TCP 127.0.0.1:51018 -> 127.0.0.1:8080 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 1][cat: Web/5][1 pkts/243 bytes -> 0 pkts/0 bytes][Goodput ratio: 73/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/certsrv/..%c0%af../winnt/system32/cmd.exe?/c+dir][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:003190)][Risk: ** Known Proto on Non Std Port **** HTTP/TLS/QUIC Numeric Hostname/SNI **** HTTP Susp URL **** Unidirectional Traffic **][Risk Score: 170][Risk Info: No server to client traffic / Found host 127.0.0.1 / Expected on port 80][PLAIN TEXT (GET /certsrv/..)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
@@ -627,7 +627,7 @@ Acceptable                     797 191003        797
 	600	TCP 127.0.0.1:50402 -> 127.0.0.1:8080 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 1][cat: Web/5][1 pkts/208 bytes -> 0 pkts/0 bytes][Goodput ratio: 68/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/127001.tar][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:sitefiles)][Risk: ** Known Proto on Non Std Port **** HTTP/TLS/QUIC Numeric Hostname/SNI **** Unidirectional Traffic **][Risk Score: 70][Risk Info: No server to client traffic / Found host 127.0.0.1 / Expected on port 80][PLAIN TEXT (GET /127001.tar HTTP/1.1)][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
 	601	TCP 127.0.0.1:50404 -> 127.0.0.1:8080 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 1][cat: Web/5][1 pkts/208 bytes -> 0 pkts/0 bytes][Goodput ratio: 68/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/127001.tar][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:sitefiles)][Risk: ** Known Proto on Non Std Port **** HTTP/TLS/QUIC Numeric Hostname/SNI **** Unidirectional Traffic **][Risk Score: 70][Risk Info: No server to client traffic / Found host 127.0.0.1 / Expected on port 80][PLAIN TEXT (GET /127001.tar HTTP/1.1)][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
 	602	TCP 127.0.0.1:51100 -> 127.0.0.1:8080 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 1][cat: Web/5][1 pkts/208 bytes -> 0 pkts/0 bytes][Goodput ratio: 68/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/hudson/script][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:006999)][Risk: ** Known Proto on Non Std Port **** HTTP/TLS/QUIC Numeric Hostname/SNI **** Unidirectional Traffic **][Risk Score: 70][Risk Info: No server to client traffic / Found host 127.0.0.1 / Expected on port 80][PLAIN TEXT (GET /hudson/script HTTP/1.1)][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
-	603	TCP 127.0.0.1:49552 -> 127.0.0.1:8080 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 1][cat: Web/5][1 pkts/207 bytes -> 0 pkts/0 bytes][Goodput ratio: 68/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/.0hXC6ZUE][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:map_codes)][Risk: ** Known Proto on Non Std Port **** HTTP/TLS/QUIC Numeric Hostname/SNI **** Possible Exploit **** Unidirectional Traffic **][Risk Score: 220][Risk Info: No server to client traffic / Found host 127.0.0.1 / URL starting with dot / Expected on port 80][PLAIN TEXT (GET /.0)][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+	603	TCP 127.0.0.1:49552 -> 127.0.0.1:8080 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 1][cat: Web/5][1 pkts/207 bytes -> 0 pkts/0 bytes][Goodput ratio: 68/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/.0hXC6ZUE][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:map_codes)][Risk: ** Known Proto on Non Std Port **** HTTP/TLS/QUIC Numeric Hostname/SNI **** Possible Exploit Attempt **** Unidirectional Traffic **][Risk Score: 220][Risk Info: No server to client traffic / Found host 127.0.0.1 / URL starting with dot / Expected on port 80][PLAIN TEXT (GET /.0)][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
 	604	TCP 127.0.0.1:49574 -> 127.0.0.1:8080 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 1][cat: Web/5][1 pkts/207 bytes -> 0 pkts/0 bytes][Goodput ratio: 68/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/0hXC6ZUE/][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:map_codes)][Risk: ** Known Proto on Non Std Port **** HTTP/TLS/QUIC Numeric Hostname/SNI **** Unidirectional Traffic **][Risk Score: 70][Risk Info: No server to client traffic / Found host 127.0.0.1 / Expected on port 80][PLAIN TEXT (GET /0h)][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
 	605	TCP 127.0.0.1:49622 -> 127.0.0.1:8080 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 1][cat: Web/5][1 pkts/207 bytes -> 0 pkts/0 bytes][Goodput ratio: 68/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/cgis/][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:cgi dir check)][Risk: ** Known Proto on Non Std Port **** HTTP/TLS/QUIC Numeric Hostname/SNI **** Unidirectional Traffic **][Risk Score: 70][Risk Info: No server to client traffic / Found host 127.0.0.1 / Expected on port 80][PLAIN TEXT (GET /cgis/ HTTP/1.1)][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
 	606	TCP 127.0.0.1:49782 -> 127.0.0.1:8080 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 1][cat: Web/5][1 pkts/207 bytes -> 0 pkts/0 bytes][Goodput ratio: 68/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/12700.war][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:sitefiles)][Risk: ** Known Proto on Non Std Port **** HTTP/TLS/QUIC Numeric Hostname/SNI **** Unidirectional Traffic **][Risk Score: 70][Risk Info: No server to client traffic / Found host 127.0.0.1 / Expected on port 80][PLAIN TEXT (GET /12700.war HTTP/1.1)][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]