Norihiro NAKAOKA
0b9ec05181
Support scanning Ubuntu using Gost ( #1243 )
...
* chore: add vuls binary in gitignore
* feat(gost): support ubuntu
* chore(debian): fix typo
* feat(ubuntu): more detail on CveContent
* chore: update .gitignore
* chore: update gost deps
* feat(ubuntu): add test in gost/ubuntu
* chore: fix typo
* Revert "chore: fix typo"
This reverts commit 9f2f1db233
2021-07-08 08:31:46 +09:00
Norihiro NAKAOKA
0bf12412d6
fix(rocky): fix Scan in Rocky Linux ( #1266 )
...
* fix(rocky): fix OVAL scan in Rocky Linux
* chore: add FreeBSD13 EOL, fix #1245
* chore(rocky): add Rocky Linux EOL tests
* feat(rocky): implement with reference to CentOS
* feat(raspbian): add Raspbian to Server mode
* feat(rocky): support gost scan
* fix(rocky): rocky support lessThan
* chore: update doc and comment
2021-07-08 05:39:48 +09:00
Norihiro NAKAOKA
b8db2e0b74
feat(report): Change the priority of CVE information in Debian ( #1202 )
...
* fix (bug) : using ScanResults refs #1019
* feat(gost): WIP change priority of CVE Info in Debian
* feat(report): change priority of CVE Info in Debian
* refactor: move RemoveRaspbianPackFromResult
* style: remove comment
* fix: lint error
* style: change coding style
* feat(report): support reporting with gost alone
* fix: merge error
* refactor(debian): change code to be simple
2021-06-21 15:14:41 +09:00
Kota Kanbe
231c63cf62
fix(libscan): support empty LibraryFixedIn ( #1252 )
2021-06-16 13:28:12 +09:00
Kota Kanbe
e8e3f4d138
feat(lib): support of Go (go.sum) scan ( #1244 )
...
* chore: update trivy deps
* fix(test): fix sort order in json
* parse go.sum in scanning
* feat(lib): support go.sum
2021-06-03 11:31:37 +09:00
Norihiro NAKAOKA
7eb77f5b51
feat(scan): support external port scanner(nmap) in host machine ( #1207 )
...
* feat(scan): load portscan settings from config.toml
* feat(scan): support external port scanner:nmap
* style: rename variable
* feat(scan): logging apply options
* feat(scan): remove spoof ip address option
* feat(scan): more validate port scan config
* style: change comment
* fix: parse port number as uint16
* feat(discover): add portscan section
* feat(discover): change default scanTechniques
* feat(docker): add nmap and version update
* feat(scan): nmap module upgrade
* fix: wrap err using %w
* feat(scan): print cmd using external port scanner
* feat(scan): more details external port scan command
* feat(scan): add capability check in validation
* fix(scanner): format error
* chore: change format
2021-05-26 09:35:28 +09:00
Kota Kanbe
e553f8b4c5
feat(trivy): go mod update trivy v0.17.2 ( #1235 )
...
* feat(trivy): go mod update trivy v0.17.2
* wg.Wait
* fix reporting
* fix test case
* add gemfile.lock of redmine to integration test
* fix(test): add Pipfile.lock
* add poetry.lock to integration test
* add composer.lock to integration test
* add integration test case
2021-05-12 18:27:55 +09:00
Kota Kanbe
47652ef0fb
fix(report): include the num of criticals in total #1233 ( #1234 )
2021-05-07 07:57:33 +09:00
Kota Kanbe
2d369d0cfe
Fix false positive for Oracle Linux ( #1227 )
...
* fix(oracle): false-positive(handle arch of pkgs)
* fix(oracle): false positive kernel-related CVEs
* add a test case for ksplice1
* fix(scan): handle uek kernel for Oracle linux
* fix(scan): hanlde uek kernel for reboot required
* fix(oracle): false-positive for redis-backend
2021-04-27 20:38:45 +09:00
Kota Kanbe
740781af56
feat(logging): add -log-to-file and don't output to file by default ( #1209 )
...
* feat(logging): add -log-to-file and don't output to file by default
* update go-cve-dict
* fix lint err
2021-04-05 17:41:07 +09:00
Kota Kanbe
9bfe0627ae
refactor: don't use global Config in private func ( #1197 )
...
* refactor: cve_client.go
* refactor: don't use global Config in private func
* remove import alias for config
* refactor: dbclient
* refactor: resultDir
* refactor: resultsDir
* refactor
* refactor: gost
* refactor: db client
* refactor: cveDB
* refactor: cvedb
* refactor: exploitDB
* refactor: remove detector/dbclient.go
* refactor: writer
* refactor: syslog writer
* refactor: ips
* refactor: ensureResultDir
* refactor: proxy
* fix(db): call CloseDB
* add integration test
* feat(report): sort array in json
* sort func for json diff
* add build-int to makefile
* add int-rds-redis to makefile
* fix: test case, makefile
* fix makefile
* show cve count after diff
* make diff
* diff -c
* sort exploits in json for diff
* sort metasploit, exploit
2021-04-01 13:36:24 +09:00
Kota Kanbe
cda91e0906
refactor: loading owasp dependency check xml ( #1195 )
2021-03-11 08:51:44 +09:00
Kota Kanbe
54e73c2f54
fix(wordpress): enable to detect vulns of WordPress Core ( #1193 )
2021-03-09 10:40:52 +09:00
Kota Kanbe
3f2ac45d71
Refactor logger ( #1185 )
...
* refactor: logger
* refactor: logging
* refactor: rename func
* refactor: logging
* refactor: logging format
2021-02-26 10:36:58 +09:00
Kota Kanbe
03579126fd
refactor(config): localize config used like a global variable ( #1179 )
...
* refactor(report): LocalFileWriter
* refactor -format-json
* refacotr: -format-one-email
* refactor: -format-csv
* refactor: -gzip
* refactor: -format-full-text
* refactor: -format-one-line-text
* refactor: -format-list
* refacotr: remove -to-* from config
* refactor: IgnoreGitHubDismissed
* refactor: GitHub
* refactor: IgnoreUnsocred
* refactor: diff
* refacotr: lang
* refacotr: cacheDBPath
* refactor: Remove config references
* refactor: ScanResults
* refacotr: constant pkg
* chore: comment
* refactor: scanner
* refactor: scanner
* refactor: serverapi.go
* refactor: serverapi
* refactor: change pkg structure
* refactor: serverapi.go
* chore: remove emtpy file
* fix(scan): remove -ssh-native-insecure option
* fix(scan): remove the deprecated option `keypassword`
2021-02-25 05:54:17 +09:00
kazuminn
4c04acbd9e
feat(report) : Differences between vulnerability patched items ( #1157 )
...
* add plusDiff() and minusDiff()
* add plusDiff minusDiff test
Co-authored-by: Kota Kanbe <kotakanbe@gmail.com >
2021-02-10 06:55:48 +09:00
Kota Kanbe
cd6722017b
fix(scan): yum-ps err Failed to find the package ( #1165 )
2021-02-06 08:42:06 +09:00
Kota Kanbe
4dcbd865cc
fix(report): set http timeout 10 sec ( #1154 )
...
* fix(report): set http timeout 10 sec
* fix: add an error handling
2021-01-30 09:40:33 +09:00
Kota Kanbe
51099f42c3
fix(tui): runtime panic when tui with docker-base-setup ( #1148 )
...
* fix(tui): runtime panic when tui with docker-base-setup
* pass test case
2021-01-26 09:40:26 +09:00
Kota Kanbe
3c1489e588
feat(report): range notion calc by severity when no-cvss-score ( #1145 )
2021-01-25 13:22:55 +09:00
Kota Kanbe
e4f1e03f62
feat(github): display GitHub Security Advisory details ( #1143 )
2021-01-24 09:15:04 +09:00
Kota Kanbe
59dc0059bc
fix(model): omit changelog from json if empty ( #1137 )
2021-01-19 09:01:35 +09:00
Kota Kanbe
b5506a1368
chore: go mod update ( #1125 )
2021-01-13 11:56:35 +09:00
Kota Kanbe
0b55f94828
Improve implementation around config ( #1122 )
...
* refactor config
* fix saas config
* feat(config): scanmodule for each server in config.toml
* feat(config): enable to specify containersOnly in config.toml
* add new keys of config.toml to discover.go
* fix summary output, logging
2021-01-13 08:46:27 +09:00
Kota Kanbe
69d32d4511
feat(report): add a err code to wpscan.com API error ( #1119 )
2021-01-07 14:57:49 +09:00
sadayuki-matsuno
669c019287
fix(cvecontent) Fixed not to split empty string ( #1117 )
2021-01-06 15:52:55 +09:00
Kota Kanbe
b13f93a2d3
feat(scan): support dnf modules ( #1114 )
...
* feat(scan): support dnf modules
* change dnf module list --installed to --enabled
* chore: refactor
* feat(report): detect logic for dnf modularity label
* fix func name
* chore: update go mods
2021-01-06 11:36:41 +09:00
Kota Kanbe
83d1f80959
chore(report): remove stride and hipchat support ( #1104 )
2020-12-26 08:52:45 +09:00
Kota Kanbe
5a14a58fe4
refactor(nvdxml): Remove codes related to NVD xml(deprecated) ( #1099 )
2020-12-25 06:16:14 +09:00
Kota Kanbe
fb1fbf8f95
feat(report): Add NVD as a source for mitigations, primarySrc URL and Patch URL ( #1097 )
...
* feat(report): Add NVD as a src for mitigations.
* feat(report): display "Vendor Advisory" URL in NVD
* feat(report): display patch urls in report, tui
2020-12-24 08:37:10 +09:00
Kota Kanbe
cfbf779f9b
feat(exploit): add exploit link in NVD as a source ( #1096 )
...
Added Refs information with NVD's Expoit tag as an information source
for Exploit.
2020-12-16 07:10:18 +09:00
Kota Kanbe
43ed904db1
fix(deps): update dependencies ( #1094 )
...
* fix(dpes): update dependencies
* update go ver
* update go ver
* update go
* update go
2020-12-15 04:32:23 +09:00
Kota Kanbe
9a32a94806
refactor: fix build warnings ( #1090 )
2020-12-11 06:45:39 +09:00
Shigechika AIKAWA
2534098509
fix(report): wpvulndb poor versioning( #1088 ) ( #1089 )
2020-12-11 05:53:41 +09:00
Kota Kanbe
5fea4eaef8
feat(nocgo): enable to build with CGO_ENABLED=0 ( #1080 )
2020-11-27 09:55:09 +09:00
Kota Kanbe
3f8de02683
fix(portscan): to keep backward compatibility before v0.13.0 ( #1076 )
2020-11-19 16:54:36 +09:00
Kota Kanbe
93059b74c3
feat(report): IgnoredJSONKyes to clear values in result json ( #1071 )
...
* feat(report): IgnoredJSONKyes to clear values in result json
* fix(report): marshal indent in JSON everytime
2020-11-05 20:13:09 +09:00
Kota Kanbe
2fc3462d35
fix(libscan): update trivy deps ( #1070 )
2020-11-05 15:38:12 +09:00
Norihiro NAKAOKA
83bcca6e66
experimental: add smart(fast, minimum ports, silently) TCP port scanner ( #1060 )
...
* add struct ListenPorts
* change parse to models.ListenPorts from string
* change support models.ListenPorts in TUI
* add scanPort template , detectScanDest
* add Test_detectScanDest
* change impl scanPorts template
* fix build error
* change collect scan success address
* add Test_matchListenPorts
* add Test_updatePortStatus
* change display port scan result on tui
* change display scan emoji on report
* Revert "change display scan emoji on report"
This reverts commit e281882cc6
2020-10-19 17:47:20 +09:00
Kota Kanbe
4b680b9960
fix(scan-freebsd): also get installed with pkg info #1042 ( #1051 )
...
* fix(scan-freebsd): also get installed with `pkg info` #1042
* fix test
2020-09-12 05:08:41 +09:00
Norihiro NAKAOKA
7969b343b0
Raspberry Pi OS(Raspbian) scanning using OVAL DB ( #1019 )
...
* change: never refer to ChangeLog
* change raspberry pi os use debian oval at report
* change do not use r.Family
* change gost do not use r.Family
* change use r.Family because family has a large impact
* change replace MaineK00n/goval-dictionary@raspberrypi-oval
* note Raspbian Scan Policy
* add Raspbian Changelog support policy
* change grep Package for Raspbian at fast-scan mode
* add changelog preprocessing for Raspbian
* add take note of TODO
* change Changelog fetch part to function
* change error handling
* change solve one TODO
* change make ChangelogDir once
* add comment
* fix oval support Amazon Linux :refs #824
* change to useScannedCves from ovalSupproted
* change confidence for Raspbian
* change skip package for raspbian in OVAL DB
* change separate raspbian implementation from util
* change error, log format
* change print format
* change log format(delete newline)
* change support changelog.(Debian.)gz
* Revert "change support changelog.(Debian.)gz"
This reverts commit 2265a72c67
2020-08-25 14:11:34 +09:00
Kota Kanbe
58cf1f4c8e
refactor(typo): fix typos ( #1041 )
2020-08-24 16:34:32 +09:00
takuzoo
11a7a0c934
Display metasploit module information for each detected CVE-IDs ( #1011 )
...
* add metasploit
* fix go deps
* fix msf report
* fix msfdb server port number
* delete non-unique msfdb url from fulltext report
* fix(report): validate msfdb config on report (#1 )
* fix(msfdb): update deps (go-msfdb)
* version up go-msfdb v0.1.0
Co-authored-by: Kota Kanbe <kotakanbe@gmail.com >
2020-07-03 14:05:07 +09:00
Kota Kanbe
c11ba27509
fix(libscan): include a lockfile path of libs ( #1012 )
2020-06-24 10:46:00 +09:00
Kota Kanbe
62c9409fe9
add a github actions config ( #985 )
...
* add a github actions config
* fix(log): Don't create a log dir when testing
* remove a meaningless test case
* Thanks for everything, Mr, Travys.
* add golangci
* add goreleaser.yml
* add tidy.yml
* add golang-ci
* fix many lint warnings
2020-05-27 20:11:24 +09:00
Kota Kanbe
ebe5f858c8
update trivy, and unsupport image scanning feature ( #971 )
...
* update trivy, fanal. unsupport image scanning
* Update models/library.go
Co-authored-by: Teppei Fukuda <teppei@elab.ic .i.u-tokyo.ac.jp>
* add -no-progress flag to report/tui cmd
* Display trivy vuln info to tui/report
* add detection method to vulninfo detected by trivy
* fix(uuid): change uuid lib to go-uuid #929 (#969 )
* update trivy, fanal. unsupport image scanning
* Update models/library.go
Co-authored-by: Teppei Fukuda <teppei@elab.ic .i.u-tokyo.ac.jp>
* add -no-progress flag to report/tui cmd
* Display trivy vuln info to tui/report
* add detection method to vulninfo detected by trivy
* unique ref links in TUI
* download trivy DB only when lock file is specified in config.toml
Co-authored-by: Teppei Fukuda <teppei@elab.ic .i.u-tokyo.ac.jp>
2020-05-08 15:24:39 +09:00
Wagde Zabit
c0ebac305a
composer.lock insteaad of composer.json ( #973 )
...
Co-authored-by: Wagde Zabit <wagde@orcasecurity.io >
2020-05-01 15:20:33 +09:00
Kota Kanbe
0ff7641471
feat(report): display "fixed" when updatable even in fast mode ( #957 )
2020-04-13 18:20:32 +09:00
Kota Kanbe
464d523c42
Display fixed-in version for each package in report ( #801 )
...
* refactor(model): PackageFixStatus.Name to BinName
* refacotr(oval): change var name
* feat(report): Add FixedIn in JSON
* refactor(tui): chage args
* display fixedin in report
* refactor(model): change fileld name
* remove unused field of PackageFixStatus
2020-04-08 21:26:34 +09:00
gy741
a10dd67e0f
Fix typo in models/scanresults.go ( #942 )
2020-04-06 15:00:43 +09:00
