Merge pull request #101 from stanislav-web/release/v5.15.1

Release v5.15.1

Author: stanislav-web

CHANGELOG.md

@@ -1,6 +1,20 @@
 CHANGELOG
 =======
 
+v5.15.1 (03.05.2026)
+---------------------------
+- (fix) removed literal `opendoor` markers from active fingerprint 404-baseline, HTTP calibration and DNS wildcard calibration probe paths
+- (fix) fingerprint 404-baseline now uses a neutral randomized `.well-known` missing-resource path instead of `/.opendoor-fingerprint-not-found-probe`
+- (tests) updated fingerprint, HTTP calibration and DNS wildcard calibration coverage for neutral probe paths
+- (enhancement) added runtime-aware technology stack fingerprinting for PHP, Node.js, JavaScript, Python, Ruby, .NET, Java/JVM, Elixir and static-site targets
+- (enhancement) preserved runtime stack metadata in fingerprint results as `fingerprint.runtime`
+- (enhancement) included runtime stack fields in standard, text, CSV, HTML, SQLite, JSON and SARIF reports
+- (enhancement) added `runtime_signals` storage to SQLite reports and runtime properties to SARIF results
+- (enhancement) logo update
+- (docs) documented runtime-aware fingerprinting and report fields
+- (tests) added regression coverage for runtime detection and report propagation
+- (tests) coverage gate remains configured at `99%`
+
 v5.15.0 (02.05.2026)
 ---------------------------
 - (feature) added SARIF 2.1.0 report output via `--reports sarif` for CI/CD security workflows

README.md

@@ -46,6 +46,7 @@ It helps security researchers, penetration testers, bug bounty hunters, DevSecOp
 - [AUR package](https://aur.archlinux.org/packages/opendoor)
 - [BlackArch package](https://blackarch.org/webapp.html)
 - [Issues](https://github.com/stanislav-web/OpenDoor/issues)
+- [Contributors](https://github.com/stanislav-web/OpenDoor/graphs/contributors)
 
 ---
 
@@ -60,7 +61,7 @@ It helps security researchers, penetration testers, bug bounty hunters, DevSecOp
 - custom request headers, cookies, and raw HTTP request templates;
 - response filters by status, size, text, regex, and body length;
 - smart auto-calibration for soft-404, wildcard, catch-all, semantic response-diff, and DNS wildcard cases;
-- technology fingerprint detection CMS, ecommerce platforms, frameworks;
+- technology fingerprint detection for CMS, ecommerce platforms, frameworks, and runtime stacks;
 - passive WAF detection and WAF-safe scan mode;
 - controlled header and path bypass probes for blocked `401` and `403` resources;
 - resumable scan sessions with checkpoint autosave;
@@ -101,6 +102,7 @@ OpenDoor includes a heuristic fingerprint engine for detecting probable applicat
 | CMS | WordPress, Drupal, Joomla, TYPO3, Open Journal Systems, InstantCMS, CMS.S3 / Megagroup, Discuz!, NetCat |
 | E-commerce | Magento, WooCommerce, Shopify, PrestaShop, OpenCart, Shopware, Webasyst / Shop-Script |
 | Frameworks / app platforms | Laravel, Symfony, Django, Flask, FastAPI, Express, NestJS, Next.js, Nuxt, Rails, Spring |
+| Runtime / language stack | PHP, Node.js, JavaScript, Python, Ruby, .NET, Java/JVM, Elixir, static-site targets |
 | Site builders | Wix, Webflow, Squarespace, Tilda, Duda, Hostinger Website Builder |
 | Static / docs generators | MkDocs, Docusaurus, Hugo, Jekyll, VitePress |
 | Infrastructure / hosting | Cloudflare, AWS, Vercel, Netlify, GitHub Pages, GitLab Pages, Heroku, Azure, Google Cloud, Fastly, Akamai, Hostinger, DDoS-Guard, Tencent Cloud |
@@ -479,6 +481,10 @@ See [CHANGELOG.md](CHANGELOG.md) and [GitHub Releases](https://github.com/stanis
 Pull requests are welcome.
 
 Before contributing, read the [contribution guide](https://opendoor.readthedocs.io/Contribution/) and run the relevant tests.
+OpenDoor improves through code contributions, documentation updates, testing, issue reports, security feedback, feature ideas, and community validation.
+Thanks to everyone who has helped improve the project.
+
+[![Contributors](https://contrib.rocks/image?repo=stanislav-web/OpenDoor)](https://github.com/stanislav-web/OpenDoor/graphs/contributors)
 
 ---
 

VERSION

@@ -1 +1 @@
-5.15.0
+5.15.1

data/directories.dat

@@ -4,10 +4,22 @@
 0000
 000000
 00000000
+users-v2
+users-new
 0-0-1
 0-9.html
+disk
+disk.php
 0-12
 0-a.html
+demo_razrabotka
+demo.php
+demo.html
+webservices/rest/v1
+webservices/rest
+pluginfile.php
+tag/edit.php
+enrol
 00-backup
 00-cache
 00-img
@@ -56057,44 +56069,44 @@ includes/1.php
 includes/2.php
 includes/123.php
 includes/.gitignore
-includes//2.php
-includes//admin.php
-includes//amad.php
-includes//awstats
-includes//back.sql
-includes//backup.sql
-includes//Black.php
-includes//cpanel
-includes//data.sql
-includes//dz.php
-includes//error
-includes//error_log
-includes//forum.rar
-includes//forum.sql
-includes//forum.tar
-includes//forum.tar.gz
-includes//forum.zip
-includes//ftp.txt
-includes//gaza.php
-includes//home.rar
-includes//home.tar
-includes//home.tar.gz
-includes//home.zip
-includes//r57.php
-includes//sa2.php
-includes//sa.php
-includes//shell.php
-includes//site.rar
-includes//site.sql
-includes//site.tar.gz
-includes//site.txt
-includes//t00.php
-includes//test.txt
-includes//up.php
-includes//upload.php
-includes//uploads.php
-includes//user.txt
-includes//vb.sql
+includes/2.php
+includes/admin.php
+includes/amad.php
+includes/awstats
+includes/back.sql
+includes/backup.sql
+includes/Black.php
+includes/cpanel
+includes/data.sql
+includes/dz.php
+includes/error
+includes/error_log
+includes/forum.rar
+includes/forum.sql
+includes/forum.tar
+includes/forum.tar.gz
+includes/forum.zip
+includes/ftp.txt
+includes/gaza.php
+includes/home.rar
+includes/home.tar
+includes/home.tar.gz
+includes/home.zip
+includes/r57.php
+includes/sa2.php
+includes/sa.php
+includes/shell.php
+includes/site.rar
+includes/site.sql
+includes/site.tar.gz
+includes/site.txt
+includes/t00.php
+includes/test.txt
+includes/up.php
+includes/upload.php
+includes/uploads.php
+includes/user.txt
+includes/vb.sql
 includes/abuhlail.php
 includes/admin1
 includes/admin1.php
@@ -59274,7 +59286,7 @@ jbc
 jbook
 jboss
 jboss-net
-jboss-net//happyaxis.jsp
+jboss-net/happyaxis.jsp
 jboss-net/happyaxis.jsp
 jboss/server/all/deploy/project.ext
 jboss/server/all/deployproject.ext
@@ -99987,44 +99999,44 @@ templates/beez3
 templates/beez5/index.php
 templates/beez/0day.php
 templates/beez/123.php
-templates/beez//2.php
-templates/beez//admin.php
-templates/beez//amad.php
-templates/beez//awstats
-templates/beez//back.sql
-templates/beez//backup.sql
-templates/beez//Black.php
-templates/beez//cpanel
-templates/beez//data.sql
-templates/beez//dz.php
-templates/beez//error
-templates/beez//error_log
-templates/beez//forum.rar
-templates/beez//forum.sql
-templates/beez//forum.tar
-templates/beez//forum.tar.gz
-templates/beez//forum.zip
-templates/beez//ftp.txt
-templates/beez//gaza.php
-templates/beez//home.rar
-templates/beez//home.tar
-templates/beez//home.tar.gz
-templates/beez//home.zip
-templates/beez//r57.php
-templates/beez//sa2.php
-templates/beez//sa.php
-templates/beez//shell.php
-templates/beez//site.rar
-templates/beez//site.sql
-templates/beez//site.tar.gz
-templates/beez//site.txt
-templates/beez//t00.php
-templates/beez//test.txt
-templates/beez//up.php
-templates/beez//upload.php
-templates/beez//uploads.php
-templates/beez//user.txt
-templates/beez//vb.sql
+templates/beez/2.php
+templates/beez/admin.php
+templates/beez/amad.php
+templates/beez/awstats
+templates/beez/back.sql
+templates/beez/backup.sql
+templates/beez/Black.php
+templates/beez/cpanel
+templates/beez/data.sql
+templates/beez/dz.php
+templates/beez/error
+templates/beez/error_log
+templates/beez/forum.rar
+templates/beez/forum.sql
+templates/beez/forum.tar
+templates/beez/forum.tar.gz
+templates/beez/forum.zip
+templates/beez/ftp.txt
+templates/beez/gaza.php
+templates/beez/home.rar
+templates/beez/home.tar
+templates/beez/home.tar.gz
+templates/beez/home.zip
+templates/beez/r57.php
+templates/beez/sa2.php
+templates/beez/sa.php
+templates/beez/shell.php
+templates/beez/site.rar
+templates/beez/site.sql
+templates/beez/site.tar.gz
+templates/beez/site.txt
+templates/beez/t00.php
+templates/beez/test.txt
+templates/beez/up.php
+templates/beez/upload.php
+templates/beez/uploads.php
+templates/beez/user.txt
+templates/beez/vb.sql
 templates/beez/abuhlail.php
 templates/beez/admin1.php
 templates/beez/admin2.asp
@@ -100140,44 +100152,44 @@ templates/rhuk_milkyway/0day.php
 templates/rhuk_milkyway/1.php
 templates/rhuk_milkyway/2.php
 templates/rhuk_milkyway/123.php
-templates/rhuk_milkyway//2.php
-templates/rhuk_milkyway//admin.php
-templates/rhuk_milkyway//amad.php
-templates/rhuk_milkyway//awstats
-templates/rhuk_milkyway//back.sql
-templates/rhuk_milkyway//backup.sql
-templates/rhuk_milkyway//Black.php
-templates/rhuk_milkyway//cpanel
-templates/rhuk_milkyway//data.sql
-templates/rhuk_milkyway//dz.php
-templates/rhuk_milkyway//error
-templates/rhuk_milkyway//error_log
-templates/rhuk_milkyway//forum.rar
-templates/rhuk_milkyway//forum.sql
-templates/rhuk_milkyway//forum.tar
-templates/rhuk_milkyway//forum.tar.gz
-templates/rhuk_milkyway//forum.zip
-templates/rhuk_milkyway//ftp.txt
-templates/rhuk_milkyway//gaza.php
-templates/rhuk_milkyway//home.rar
-templates/rhuk_milkyway//home.tar
-templates/rhuk_milkyway//home.tar.gz
-templates/rhuk_milkyway//home.zip
-templates/rhuk_milkyway//r57.php
-templates/rhuk_milkyway//sa2.php
-templates/rhuk_milkyway//sa.php
-templates/rhuk_milkyway//shell.php
-templates/rhuk_milkyway//site.rar
-templates/rhuk_milkyway//site.sql
-templates/rhuk_milkyway//site.tar.gz
-templates/rhuk_milkyway//site.txt
-templates/rhuk_milkyway//t00.php
-templates/rhuk_milkyway//test.txt
-templates/rhuk_milkyway//up.php
-templates/rhuk_milkyway//upload.php
-templates/rhuk_milkyway//uploads.php
-templates/rhuk_milkyway//user.txt
-templates/rhuk_milkyway//vb.sql
+templates/rhuk_milkyway/2.php
+templates/rhuk_milkyway/admin.php
+templates/rhuk_milkyway/amad.php
+templates/rhuk_milkyway/awstats
+templates/rhuk_milkyway/back.sql
+templates/rhuk_milkyway/backup.sql
+templates/rhuk_milkyway/Black.php
+templates/rhuk_milkyway/cpanel
+templates/rhuk_milkyway/data.sql
+templates/rhuk_milkyway/dz.php
+templates/rhuk_milkyway/error
+templates/rhuk_milkyway/error_log
+templates/rhuk_milkyway/forum.rar
+templates/rhuk_milkyway/forum.sql
+templates/rhuk_milkyway/forum.tar
+templates/rhuk_milkyway/forum.tar.gz
+templates/rhuk_milkyway/forum.zip
+templates/rhuk_milkyway/ftp.txt
+templates/rhuk_milkyway/gaza.php
+templates/rhuk_milkyway/home.rar
+templates/rhuk_milkyway/home.tar
+templates/rhuk_milkyway/home.tar.gz
+templates/rhuk_milkyway/home.zip
+templates/rhuk_milkyway/r57.php
+templates/rhuk_milkyway/sa2.php
+templates/rhuk_milkyway/sa.php
+templates/rhuk_milkyway/shell.php
+templates/rhuk_milkyway/site.rar
+templates/rhuk_milkyway/site.sql
+templates/rhuk_milkyway/site.tar.gz
+templates/rhuk_milkyway/site.txt
+templates/rhuk_milkyway/t00.php
+templates/rhuk_milkyway/test.txt
+templates/rhuk_milkyway/up.php
+templates/rhuk_milkyway/upload.php
+templates/rhuk_milkyway/uploads.php
+templates/rhuk_milkyway/user.txt
+templates/rhuk_milkyway/vb.sql
 templates/rhuk_milkyway/a.php
 templates/rhuk_milkyway/abuhlail.php
 templates/rhuk_milkyway/admin1.php
@@ -112058,19 +112070,19 @@ wp-content/plugins/adminer/inc/editorindex.php
 wp-content/plugins/akismet
 wp-content/plugins/akismet/0day.php
 wp-content/plugins/akismet/123.php
-wp-content/plugins/akismet//awstats
-wp-content/plugins/akismet//back.sql
-wp-content/plugins/akismet//backup.sql
-wp-content/plugins/akismet//cpanel
-wp-content/plugins/akismet//data.sql
-wp-content/plugins/akismet//error
-wp-content/plugins/akismet//error_log
-wp-content/plugins/akismet//forum.sql
-wp-content/plugins/akismet//ftp.txt
-wp-content/plugins/akismet//site.sql
-wp-content/plugins/akismet//site.txt
-wp-content/plugins/akismet//user.txt
-wp-content/plugins/akismet//vb.sql
+wp-content/plugins/akismet/awstats
+wp-content/plugins/akismet/back.sql
+wp-content/plugins/akismet/backup.sql
+wp-content/plugins/akismet/cpanel
+wp-content/plugins/akismet/data.sql
+wp-content/plugins/akismet/error
+wp-content/plugins/akismet/error_log
+wp-content/plugins/akismet/forum.sql
+wp-content/plugins/akismet/ftp.txt
+wp-content/plugins/akismet/site.sql
+wp-content/plugins/akismet/site.txt
+wp-content/plugins/akismet/user.txt
+wp-content/plugins/akismet/vb.sql
 wp-content/plugins/akismet/abuhlail.php
 wp-content/plugins/akismet/admin1.php
 wp-content/plugins/akismet/admin2.asp
@@ -112228,14 +112240,14 @@ wp-content/plugins/disqus-comment-system/zone-h.php
 wp-content/plugins/disqus-comment-systemdisqus.php
 wp-content/plugins/duplicator
 wp-content/plugins/elementor
-wp-content/plugins/google-sitemap-generator//awstats
-wp-content/plugins/google-sitemap-generator//back.sql
-wp-content/plugins/google-sitemap-generator//backup.sql
-wp-content/plugins/google-sitemap-generator//cpanel
-wp-content/plugins/google-sitemap-generator//data.sql
-wp-content/plugins/google-sitemap-generator//forum.sql
-wp-content/plugins/google-sitemap-generator//site.sql
-wp-content/plugins/google-sitemap-generator//vb.sql
+wp-content/plugins/google-sitemap-generator/awstats
+wp-content/plugins/google-sitemap-generator/back.sql
+wp-content/plugins/google-sitemap-generator/backup.sql
+wp-content/plugins/google-sitemap-generator/cpanel
+wp-content/plugins/google-sitemap-generator/data.sql
+wp-content/plugins/google-sitemap-generator/forum.sql
+wp-content/plugins/google-sitemap-generator/site.sql
+wp-content/plugins/google-sitemap-generator/vb.sql
 wp-content/plugins/google-sitemap-generator/admins
 wp-content/plugins/google-sitemap-generator/admins.asp
 wp-content/plugins/google-sitemap-generator/admins.php