MaineK00n
db2c502b4a
feat(reporter/s3): support minio ( #1930 )
...
* feat(reporter/s3): support minio
* feat(reporter/s3): disable config/credential: file and some providers
2024-05-28 10:13:39 +09:00
MaineK00n
d8bce94d8c
chore(deps): use aws-sdk-go-v2 ( #1922 )
2024-05-24 19:08:38 +09:00
future-ryunosuketanai
a6cafabfb8
style(log) config.toml template docs url ( #1894 )
...
* fix: config.toml template url
* applied fixes to other places
2024-04-16 12:11:28 +09:00
dependabot[bot]
3cdd2e10d0
chore(deps): bump github.com/emersion/go-smtp from 0.20.2 to 0.21.0 ( #1888 )
...
* chore(deps): bump github.com/emersion/go-smtp from 0.20.2 to 0.21.0
Bumps [github.com/emersion/go-smtp](https://github.com/emersion/go-smtp ) from 0.20.2 to 0.21.0.
- [Release notes](https://github.com/emersion/go-smtp/releases )
- [Commits](https://github.com/emersion/go-smtp/compare/v0.20.2...v0.21.0 )
---
updated-dependencies:
- dependency-name: github.com/emersion/go-smtp
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
* fix(reporter/email): use DialStartTLS instead of StartTLS
---------
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: MaineK00n <mainek00n.1229@gmail.com >
2024-04-05 17:41:41 +09:00
Konstantin Eremin
867bf63bb2
TLS insecure option adding ( #1220 )
...
* TLS InsecureSkipVerify option added to sendMail
* refactor(reporter/email): remove redundant if statement
---------
Co-authored-by: MaineK00n <mainek00n.1229@gmail.com >
2024-04-05 13:12:47 +09:00
dependabot[bot]
5d5dcd5f41
chore(deps): bump github.com/aquasecurity/trivy from 0.49.1 to 0.50.1 ( #1885 )
...
* chore(deps): bump github.com/aquasecurity/trivy from 0.49.1 to 0.50.1
Bumps [github.com/aquasecurity/trivy](https://github.com/aquasecurity/trivy ) from 0.49.1 to 0.50.1.
- [Release notes](https://github.com/aquasecurity/trivy/releases )
- [Changelog](https://github.com/aquasecurity/trivy/blob/main/goreleaser.yml )
- [Commits](https://github.com/aquasecurity/trivy/compare/v0.49.1...v0.50.1 )
---
updated-dependencies:
- dependency-name: github.com/aquasecurity/trivy
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
* refactor(cmd/report): use trivy default for trivy-java-db-repository default value
---------
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: MaineK00n <mainek00n.1229@gmail.com >
2024-03-28 13:09:49 +09:00
Shunichi Shinohara
351cf4f712
Update trivy from 0.35.0 to 0.49.1 ( #1806 )
...
* Update trivy 0.35.0->0.48.0
- Specify oras-go 1.2.4 in indirect dependencies
docker/docker changes a part of its API at 24.0
- registry: return concrete service type · moby/moby@7b3acdf
- 7b3acdff5d (diff-8325eae896b1149bf92c826d07fc29005b1b102000b766ffa5a238d791e0849bR18-R21)mainek00n.1229@gmail.com >
* Update scanner/trivy/jar/parse.go
Co-authored-by: MaineK00n <mainek00n.1229@gmail.com >
* Update scanner/trivy/jar/parse.go
Co-authored-by: MaineK00n <mainek00n.1229@gmail.com >
* Update scanner/trivy/jar/parse.go
Co-authored-by: MaineK00n <mainek00n.1229@gmail.com >
* Update scanner/trivy/jar/parse.go
Co-authored-by: MaineK00n <mainek00n.1229@gmail.com >
* Update scanner/trivy/jar/jar.go
Co-authored-by: MaineK00n <mainek00n.1229@gmail.com >
* Update detector/library.go
Co-authored-by: MaineK00n <mainek00n.1229@gmail.com >
* Update models/library.go
Co-authored-by: MaineK00n <mainek00n.1229@gmail.com >
* Update scanner/base.go
Co-authored-by: MaineK00n <mainek00n.1229@gmail.com >
* Update scanner/trivy/jar/parse.go
Co-authored-by: MaineK00n <mainek00n.1229@gmail.com >
* Update scanner/trivy/jar/parse.go
Co-authored-by: MaineK00n <mainek00n.1229@gmail.com >
* Missing changes in name change
* Update models/github.go
Co-authored-by: MaineK00n <mainek00n.1229@gmail.com >
* Update models/library.go
Co-authored-by: MaineK00n <mainek00n.1229@gmail.com >
* Update models/library.go
Co-authored-by: MaineK00n <mainek00n.1229@gmail.com >
* Update models/library.go
Co-authored-by: MaineK00n <mainek00n.1229@gmail.com >
* Update scanner/base.go
Co-authored-by: MaineK00n <mainek00n.1229@gmail.com >
* Update scanner/base.go
Co-authored-by: MaineK00n <mainek00n.1229@gmail.com >
* Update scanner/trivy/jar/jar.go
Co-authored-by: MaineK00n <mainek00n.1229@gmail.com >
* Don't import fanal/types at github.go
* Rewrite code around java db initialization
* Add comment
* refactor
* Close java db client
* rename
* Let LibraryScanner have java db client
* Update detector/library.go
Co-authored-by: MaineK00n <mainek00n.1229@gmail.com >
* Update detector/library.go
Co-authored-by: MaineK00n <mainek00n.1229@gmail.com >
* Update detector/library.go
Co-authored-by: MaineK00n <mainek00n.1229@gmail.com >
* Update detector/library.go
Co-authored-by: MaineK00n <mainek00n.1229@gmail.com >
* inline variable
* misc
* Fix typo
---------
Co-authored-by: MaineK00n <mainek00n.1229@gmail.com >
2024-02-28 14:25:58 +09:00
MaineK00n
3cc7e92ce5
fix(saas): remove current directory part ( #1666 )
2023-04-27 12:09:34 +09:00
kurita0
e506125017
feat(wp): support csh, no sudo scan ( #1523 )
...
Co-authored-by: MaineK00n <mainek00n.1229@gmail.com >
2023-03-28 21:07:10 +09:00
MaineK00n
947d668452
feat(windows): support Windows ( #1581 )
...
* chore(deps): mod update
* fix(scanner): do not attach tty because there is no need to enter ssh password
* feat(windows): support Windows
2023-03-28 19:00:33 +09:00
Kota Kanbe
a528362663
fix(saas): upload JSON if err occured during scan ( #1615 )
2023-03-01 14:52:03 +09:00
Kota Kanbe
1d97e91341
fix(libscan): delete map that keeps all file contents detected by FindLock to save memory ( #1556 )
...
* fix(libscan): delete Map that keeps all files detected by FindLock to save memory
* continue analyzing libs if err occurred
* FindLockDirs
* fix
* fix
2022-11-10 10:19:15 +09:00
MaineK00n
dea80f860c
feat(report): add cyclonedx format ( #1543 )
2022-11-01 13:58:31 +09:00
MaineK00n
48f7597bcf
feat(ms): import gost:MaineK00n/new-windows ( #1481 )
...
* feat(ms): import gost:MaineK00n/new-windows
* chore(discover): add CTI section
* feat(ms): fill KB with VulnInfo.DistroAdvisories instead of CveContent.Optional
* fix(ms): Change bitSize from 32 to 64
* fix(ms): delete KB prefix
* chore(ms): change logger
* fix(ms): fill in correct AdvisoryID
Co-authored-by: Sadayuki Matsuno <sadayuki.matsuno@gmail.com >
2022-07-04 14:26:41 +09:00
MaineK00n
5234306ded
feat(cti): add Cyber Threat Intelligence info ( #1442 )
...
* feat(cti): add Cyber Threat Intelligence info
* chore: replace io/ioutil as it is deprecated
* chore: remove --format-csv in stdout writer
* chore(deps): go get go-cti@v0.0.1
* feat(cti): update cti dict(support MITRE ATT&CK v11.1)
* chore(deps): go get go-cti@master
2022-06-15 17:08:12 +09:00
MaineK00n
86b60e1478
feat(config): support CIDR ( #1415 )
2022-06-10 18:24:25 +09:00
MaineK00n
a1cc152e81
feat(library): add auto detect library ( #1417 )
2022-03-17 18:08:40 +09:00
MaineK00n
7d8a24ee1a
refactor(detector): standardize db.NewDB to db.CloseDB ( #1380 )
...
* feat(subcmds/report,server): read environment variables when configPath is ""
* refactor: standardize db.NewDB to db.CloseDB
* chore: clean up import
* chore: error wrap
* chore: update goval-dictionary
* fix(oval): return Pseudo instead of nil for client
* chore: fix comment
* fix: lint error
2022-02-19 09:20:45 +09:00
MaineK00n
07335617d3
fix(configtest,scan): support SSH config file ( #1388 )
...
* fix(configtest,scan): support SSH config file
* chore(subcmds): remove askKeyPassword flag
2022-02-12 21:50:56 +09:00
MaineK00n
89d94ad85a
feat(detector): add known exploited vulnerabilities ( #1331 )
...
* feat(kevuln): add known exploited vulnerabilities
* chore: transfer repository owner
* feat: show CISA on top of CERT
* chore: rename var
* chore: rename var
* chore: fix review
* chore: fix message
2021-11-19 15:06:17 +09:00
Kota Kanbe
f047a6fe0c
breaking-change: Update vuls-dictionaries ( #1307 )
...
* chore: udpate dictionaries
* update gost
* chore: update gost
* chore(go-cve-dict): use v0.8.1
* chore: change linter from golint to revive
* chore(linter): set revive config
* chore: fix commands and update golangci-lint version
* fix: lint errs
* chore: update gost
Co-authored-by: MaineK00n <mainek00n.1229@gmail.com >
2021-09-21 05:10:29 +09:00
Kota Kanbe
3e67f04fe4
breaking-change(cpescan): Improve Cpe scan ( #1290 )
...
* chore(cpescan): enable to pass useJvn to detector.DetectCpeURIsCves()
* review comment
* chore: go mod update go-cve
* feat(cpescan): set JvnVendorProductMatch to confidence If detected by JVN
* add NvdExactVersionMatch andd NvdRoughVersionMatch
* add confidence-over option to report
* sort CveContetens
* fix integration-test
2021-09-07 16:18:59 +09:00
Kota Kanbe
1003f62212
chore: update go-cve-dictionary ( #1292 )
2021-08-26 13:45:40 +09:00
Shigechika AIKAWA
1c8e074c9d
Feat report googlechat ( #1257 ) ( #1258 )
...
* feat: Support Ubuntu21
* feat(report): Send report via Google Chat
* feat(report): Send report via Google Chat
* Snip too long message as (The rest is omitted).
* sorry for mixed feat-ubuntu21 branch. exlucded it
* append diff, attack vector and exploits info
* add ServerName filter by regexp
* rename variables and rewrite validators
* fix renaming miss
* fix renaming miss, again
2021-07-02 05:32:00 +09:00
Norihiro NAKAOKA
7eb77f5b51
feat(scan): support external port scanner(nmap) in host machine ( #1207 )
...
* feat(scan): load portscan settings from config.toml
* feat(scan): support external port scanner:nmap
* style: rename variable
* feat(scan): logging apply options
* feat(scan): remove spoof ip address option
* feat(scan): more validate port scan config
* style: change comment
* fix: parse port number as uint16
* feat(discover): add portscan section
* feat(discover): change default scanTechniques
* feat(docker): add nmap and version update
* feat(scan): nmap module upgrade
* fix: wrap err using %w
* feat(scan): print cmd using external port scanner
* feat(scan): more details external port scan command
* feat(scan): add capability check in validation
* fix(scanner): format error
* chore: change format
2021-05-26 09:35:28 +09:00
otuki
a7b0ce1c85
refactor(git-conf): config template in github section changed ( #1229 )
2021-04-28 14:53:11 +09:00
otuki
dc9c0edece
refactor(git-conf): Specifing ignoreGitHubDismissed per repository ( #1224 )
...
* refactor(git-conf): Specifing ignoreGitHubDismissed per repository with config.toml
* refactor(git-conf): change json tag into camelCase
* refactor(git-conf): change first char of json tag into lowercase
2021-04-28 13:41:38 +09:00
otuki
e7ca491a94
fix(report): Avoid http reports error ( #1216 )
2021-04-21 10:00:58 +09:00
Kota Kanbe
27b3e17b79
feat(saas): delete json dir automatically after upload ( #1212 )
...
* feat(saas): delete json dir automatically after upload
* fix lint err
2021-04-15 05:58:41 +09:00
Kota Kanbe
740781af56
feat(logging): add -log-to-file and don't output to file by default ( #1209 )
...
* feat(logging): add -log-to-file and don't output to file by default
* update go-cve-dict
* fix lint err
2021-04-05 17:41:07 +09:00
Kota Kanbe
9bfe0627ae
refactor: don't use global Config in private func ( #1197 )
...
* refactor: cve_client.go
* refactor: don't use global Config in private func
* remove import alias for config
* refactor: dbclient
* refactor: resultDir
* refactor: resultsDir
* refactor
* refactor: gost
* refactor: db client
* refactor: cveDB
* refactor: cvedb
* refactor: exploitDB
* refactor: remove detector/dbclient.go
* refactor: writer
* refactor: syslog writer
* refactor: ips
* refactor: ensureResultDir
* refactor: proxy
* fix(db): call CloseDB
* add integration test
* feat(report): sort array in json
* sort func for json diff
* add build-int to makefile
* add int-rds-redis to makefile
* fix: test case, makefile
* fix makefile
* show cve count after diff
* make diff
* diff -c
* sort exploits in json for diff
* sort metasploit, exploit
2021-04-01 13:36:24 +09:00
Kota Kanbe
5d47adb5c9
fix(report): prioritize env vars over config.toml ( #1194 )
2021-03-10 07:39:58 +09:00
Kota Kanbe
2a8ee4b22b
refactor(report): azure and aws writer ( #1190 )
2021-03-04 07:42:38 +09:00
Kota Kanbe
1ec31d7be9
fix(configtest): all servers in the config if no args #1184 ( #1189 )
2021-03-03 12:51:07 +09:00
Kota Kanbe
02286b0c59
fix(scan): scan all servers in the config if no args #1184 ( #1188 )
2021-03-03 12:30:30 +09:00
Kota Kanbe
1c4a12c4b7
refactor(report): initialize DB connection ( #1186 )
2021-03-02 06:34:46 +09:00
Kota Kanbe
3f2ac45d71
Refactor logger ( #1185 )
...
* refactor: logger
* refactor: logging
* refactor: rename func
* refactor: logging
* refactor: logging format
2021-02-26 10:36:58 +09:00
Kota Kanbe
518f4dc039
refactor: VulnDict ( #1183 )
2021-02-25 10:13:51 +09:00
Kota Kanbe
03579126fd
refactor(config): localize config used like a global variable ( #1179 )
...
* refactor(report): LocalFileWriter
* refactor -format-json
* refacotr: -format-one-email
* refactor: -format-csv
* refactor: -gzip
* refactor: -format-full-text
* refactor: -format-one-line-text
* refactor: -format-list
* refacotr: remove -to-* from config
* refactor: IgnoreGitHubDismissed
* refactor: GitHub
* refactor: IgnoreUnsocred
* refactor: diff
* refacotr: lang
* refacotr: cacheDBPath
* refactor: Remove config references
* refactor: ScanResults
* refacotr: constant pkg
* chore: comment
* refactor: scanner
* refactor: scanner
* refactor: serverapi.go
* refactor: serverapi
* refactor: change pkg structure
* refactor: serverapi.go
* chore: remove emtpy file
* fix(scan): remove -ssh-native-insecure option
* fix(scan): remove the deprecated option `keypassword`
2021-02-25 05:54:17 +09:00
Kota Kanbe
e3c27e1817
fix(saas): Don't overwrite config.toml if UUID already set ( #1180 )
...
* fix(saas): Don't overwrite config.toml if UUID already set
* add a test case
2021-02-19 06:42:22 +09:00
kazuminn
4c04acbd9e
feat(report) : Differences between vulnerability patched items ( #1157 )
...
* add plusDiff() and minusDiff()
* add plusDiff minusDiff test
Co-authored-by: Kota Kanbe <kotakanbe@gmail.com >
2021-02-10 06:55:48 +09:00
Kota Kanbe
d4af341b0f
fix(report): remove duplicated refreshing logic when report with -diff ( #1160 )
2021-02-03 07:37:19 +09:00
Kota Kanbe
88899f0e89
refactor: around CheckHTTPHealth ( #1139 )
2021-01-20 07:41:29 +09:00
Kota Kanbe
d6435d2885
fix(xml): remove -format-xml #1068 ( #1134 )
2021-01-18 04:38:00 +09:00
Kota Kanbe
705ed0a0ac
fix(discover): change config.toml template ( #1132 )
2021-01-16 07:58:46 +09:00
Kota Kanbe
0b55f94828
Improve implementation around config ( #1122 )
...
* refactor config
* fix saas config
* feat(config): scanmodule for each server in config.toml
* feat(config): enable to specify containersOnly in config.toml
* add new keys of config.toml to discover.go
* fix summary output, logging
2021-01-13 08:46:27 +09:00
Kota Kanbe
6eff6a9329
feat(report): display EOL information to scan summary ( #1120 )
...
* feat(report): display EOL information to scan summary
* detect Amazon linux EOL
2021-01-09 07:58:55 +09:00
Kota Kanbe
aaea15e516
refactor(report): remove Integration.apply ( #1105 )
...
* refactor(report): remove Integration.apply
* add an err check
2020-12-29 06:59:48 +09:00
Kota Kanbe
83d1f80959
chore(report): remove stride and hipchat support ( #1104 )
2020-12-26 08:52:45 +09:00
Kota Kanbe
a33cff8f13
fix(reprot): use SQLite3 in current dir if not specified ( #1103 )
2020-12-26 08:24:17 +09:00
