4.1-stable

• Fixed: Multiple bug-fixes regarding several reported unhandled exceptions.
• Fixed: Handling of parameter names containing non-ASCII characters.
• Fixed: Handling of non-ASCII characters in URLs to ensure proper request encoding.
• Revised: Refactored with improved page decompression and safer HTTP response handling.
• Revised: Refactored OS looping to respect user-specified targets or automatically iterate over supported OSes if none are specified or detected.
• Revised: Refactored User-Agent strings to be loaded from external files rather than being hardcoded.
• Revised: Improved handling of URL redirections and associated HTTP responses.
• Revised: Improved prompts when merging or applying server-set cookies.
• Added: New switch --http1.0 to force all outgoing requests to use HTTP/1.0 protocol.
• Revised: Enhanced validation of user-specified parameters by detecting and reporting those that are not part of any recognized testable source.
• Revised: Enhanced injection logic with better handling of custom injection marker (i.e. asterisk *) and improved tracking of tested parameters.
• Revised: Improved detection of custom injection marker (i.e. asterisk *) across HTTP input vectors (e.g., URL params, POST data, cookies, headers).
• Revised: Improved heuristics for processing custom HTTP headers to correctly handle injection markers (i.e. asterisk *).
• Revised: Enhanced target encoding detection with improved charset extraction and prioritization from HTTP headers and HTML meta tags.
• Added: Ability to verify target URL content stability by comparing responses across delayed requests.
• Revised: Improved session handler for enhanced stability and data integrity.
• Revised: Improved semiblind ("file-based") technique with filename customization prompt (random or user-defined).
• Fixed: Improved handling of non-ASCII characters in URL path and query components.
• Fixed: Improved handling of HTTP errors missing response codes during authentication.
• Fixed: Improved handling of URLError without HTTP response.
• Fixed: Minor bug fix for missing .txt files during setup/install.
• Revised: Minor code refactoring to enhance the authentication process with detailed HTTP traffic inspection.
• Fixed: Improved handling of terminal input to prevent encoding errors.
• Fixed: Minor bug-fix in parsing improperly padded Base64 in Authorization headers.
• Revised: Minor code refactoring to enhance file I/O reliability.
• Revised: Minor code refactoring to ensure compliance with PEP 440 versioning standards.
• Revised: Improved key transformation for nested structures using bracket notation and dot syntax.
• Fixed: Minor bug-fix in parsing improperly escaped characters in JSON objects.
• Fixed: Minor bug-fix in parsing empty or invalid JSON object.
• Added: New tamper script "randomcase.py" that replaces each character in a user-supplied OS command with a random case.
• Revised: Minor code refactoring regarding multiple tamper scripts.
• Revised: Minor code refactoring regarding payloads for time-related techniques (i.e. "time-based", "tempfile-based").
• Revised: Improvement regarding tamper script "backticks.py" for supporting time-related techniques (i.e. "time-based", "tempfile-based").

Note: For more check the detailed changeset.