/// <summary>
        ///  attack all input fields with xss pattern.
        /// </summary>
        public void attackAllInputfields(string URL)
        {
            // get page content
            WebCrawler spider = new WebCrawler(URL);
            string htmlContent = spider.fetchPage();
            HtmlParser p = new HtmlParser(URL,htmlContent);

            // fetch forms input fields
            List<List<string>> inputFields = p.getFormsInputFields();

            //for each form
            for (int currentFormID = 0; currentFormID < inputFields.Count; currentFormID++)
            {
                string currentFormURL = inputFields[currentFormID][0];
                string currentFormFieldsHeader = string.Empty;
                // for each input field
                for (int currentInputFieldID = 1; currentInputFieldID < inputFields[currentFormID].Count; currentInputFieldID++)
                {
                    //xss the current input field only
                    if (currentFormFieldsHeader != string.Empty) // second param
                    {
                        currentFormFieldsHeader += "&" + inputFields[currentFormID][currentInputFieldID] + "=" + xssAttackPattern;
                    }
                    else // first param
                    {
                        currentFormFieldsHeader += inputFields[currentFormID][currentInputFieldID] + "=" + xssAttackPattern;
                    }
                }

                //just for tests
                //System.Windows.Forms.MessageBox.Show(currentFormFieldsHeader);

                // send the post request here
                WebPostRequest myPost = new WebPostRequest(currentFormURL);
                myPost.AddParamsToHeader(currentFormFieldsHeader);
                string resultHTML = myPost.GetResponse();

                //check the results
                if (resultHTML.Contains(xssAttackPattern))
                {
                    // it is a vulnerable page !
                    SharedVariables.myTestingForm.displayOutputActivity("the page : " + currentFormURL + " has an XSS vulnerable in one of its form fields \n\r saving the vulnerability for later reviews\n\r");
                    ExploitsManager e = new ExploitsManager();
                    e.add(_profileID.ToString(), "XSS", currentFormURL + "\n\r form fields values : " + currentFormFieldsHeader, "Unknown");
                }
                //else
                //{
                //    // it is safe page againest XSS.
                //    // it is a vulnerable page !
                //    SharedVariables.myTestingForm.displayOutputActivity("the page : " + currentFormURL + " form fields are safe againest XSS attacks.\n\r");
                //}
            }
        }
        /// <summary>
        ///  attack each input field with sql injection pattern to know exactly where is the exploit.
        /// </summary>
        public void attackEachInputfield(string URL)
        {
            // get page content
            WebCrawler spider = new WebCrawler(URL);
            string htmlContent = spider.fetchPage();
            HtmlParser parser = new HtmlParser(URL, htmlContent);
            // fetch forms input fields
            List<List<string>> inputFields = parser.getFormsInputFields();
            //for each form
            for (int currentFormID = 0; currentFormID < inputFields.Count; currentFormID++)
            {
                string currentFormURL = inputFields[currentFormID][0];
                // for each input field
                for (int currentInputFieldID = 1; currentInputFieldID < inputFields[currentFormID].Count; currentInputFieldID++)
                {
                    string currentFormFieldsHeader = string.Empty;
                    //sql injection the current input field only
                    if (currentFormFieldsHeader != string.Empty) // second param
                    {
                        currentFormFieldsHeader += "&" + inputFields[currentFormID][currentInputFieldID] + "=" + sqlAttackPattern;
                    }
                    else // first param
                    {
                        currentFormFieldsHeader += inputFields[currentFormID][currentInputFieldID] + "=" + sqlAttackPattern;
                    }
                    //fill other fields with regular values = for ex '11'.
                    for (int i = 1; i < inputFields[currentFormID].Count; i++)
                    {
                        if (i != currentInputFieldID) // not to add the same param twice
                        {
                            //sql injection the current input field only
                            if (currentFormFieldsHeader != string.Empty) // second param
                            {
                                currentFormFieldsHeader += "&" + inputFields[currentFormID][i] + "=11";
                            }
                            else // first param
                            {
                                currentFormFieldsHeader += inputFields[currentFormID][i] + "=11";
                            }
                        }
                    }

                    //just for tests
                    //System.Windows.Forms.MessageBox.Show(currentFormFieldsHeader);
                    string resultHTML = string.Empty;
                    try
                    {
                        WebPostRequest myPost = new WebPostRequest(currentFormURL);
                        myPost.AddParamsToHeader(currentFormFieldsHeader);
                        resultHTML = myPost.GetResponse();
                    }
                    catch (WebException exep)
                    {

                        SharedVariables.myTestingForm.displayOutputActivity(string.Format("Unknown error : {0}\n\r", exep.Message));
                        // it is a vulnerable page !
                        SharedVariables.myTestingForm.displayOutputActivity("the page : " + currentFormURL + " maybe has a SQL Injection vulnerable in \"" + inputFields[currentFormID][currentInputFieldID] + "\" form field\n\r saving the vulnerability for later reviews\n\r");
                        ExploitsManager e = new ExploitsManager();
                        e.add(_profileID.ToString(), "Maybe SQL Injection", currentFormURL + " \n\r form fields values : " + currentFormFieldsHeader, inputFields[currentFormID][currentInputFieldID]);
                    }

                    //check the returned page

                    foreach (string s in sqlSuccessResult)
                    {
                        if (resultHTML.Contains(s))
                        {
                            // it is a vulnerable page !
                            SharedVariables.myTestingForm.displayOutputActivity("the page : " + currentFormURL + " has a SQL Injection vulnerable in \"" + inputFields[currentFormID][currentInputFieldID] + "\" form field\n\r saving the vulnerability for later reviews\n\r");
                            ExploitsManager e = new ExploitsManager();
                            e.add(_profileID.ToString(), "SQL Injection", currentFormURL + " \n\r form fields values : " + currentFormFieldsHeader, inputFields[currentFormID][currentInputFieldID]);
                            continue;
                        }
                    }
                }
            }
        }