MaineK00n
dc496468b9
refactor(config): move syslogconf to config/syslog package ( #1865 )
2024-03-05 18:11:45 +09:00
Shunichi Shinohara
351cf4f712
Update trivy from 0.35.0 to 0.49.1 ( #1806 )
...
* Update trivy 0.35.0->0.48.0
- Specify oras-go 1.2.4 in indirect dependencies
docker/docker changes a part of its API at 24.0
- registry: return concrete service type · moby/moby@7b3acdf
- 7b3acdff5d (diff-8325eae896b1149bf92c826d07fc29005b1b102000b766ffa5a238d791e0849bR18-R21)mainek00n.1229@gmail.com >
* Update scanner/trivy/jar/parse.go
Co-authored-by: MaineK00n <mainek00n.1229@gmail.com >
* Update scanner/trivy/jar/parse.go
Co-authored-by: MaineK00n <mainek00n.1229@gmail.com >
* Update scanner/trivy/jar/parse.go
Co-authored-by: MaineK00n <mainek00n.1229@gmail.com >
* Update scanner/trivy/jar/parse.go
Co-authored-by: MaineK00n <mainek00n.1229@gmail.com >
* Update scanner/trivy/jar/jar.go
Co-authored-by: MaineK00n <mainek00n.1229@gmail.com >
* Update detector/library.go
Co-authored-by: MaineK00n <mainek00n.1229@gmail.com >
* Update models/library.go
Co-authored-by: MaineK00n <mainek00n.1229@gmail.com >
* Update scanner/base.go
Co-authored-by: MaineK00n <mainek00n.1229@gmail.com >
* Update scanner/trivy/jar/parse.go
Co-authored-by: MaineK00n <mainek00n.1229@gmail.com >
* Update scanner/trivy/jar/parse.go
Co-authored-by: MaineK00n <mainek00n.1229@gmail.com >
* Missing changes in name change
* Update models/github.go
Co-authored-by: MaineK00n <mainek00n.1229@gmail.com >
* Update models/library.go
Co-authored-by: MaineK00n <mainek00n.1229@gmail.com >
* Update models/library.go
Co-authored-by: MaineK00n <mainek00n.1229@gmail.com >
* Update models/library.go
Co-authored-by: MaineK00n <mainek00n.1229@gmail.com >
* Update scanner/base.go
Co-authored-by: MaineK00n <mainek00n.1229@gmail.com >
* Update scanner/base.go
Co-authored-by: MaineK00n <mainek00n.1229@gmail.com >
* Update scanner/trivy/jar/jar.go
Co-authored-by: MaineK00n <mainek00n.1229@gmail.com >
* Don't import fanal/types at github.go
* Rewrite code around java db initialization
* Add comment
* refactor
* Close java db client
* rename
* Let LibraryScanner have java db client
* Update detector/library.go
Co-authored-by: MaineK00n <mainek00n.1229@gmail.com >
* Update detector/library.go
Co-authored-by: MaineK00n <mainek00n.1229@gmail.com >
* Update detector/library.go
Co-authored-by: MaineK00n <mainek00n.1229@gmail.com >
* Update detector/library.go
Co-authored-by: MaineK00n <mainek00n.1229@gmail.com >
* inline variable
* misc
* Fix typo
---------
Co-authored-by: MaineK00n <mainek00n.1229@gmail.com >
2024-02-28 14:25:58 +09:00
hiroka-wada
f6509a5376
feat(config): Auto-upgrade Windows config.toml from v1 to v2 ( #1726 )
...
* add: README.md
* add: commands(discover,add-server,add-cpe)
* add: implements(discover,add-server,add-cpe)
* fix: changed os.Exit(1) in main.go to return an error
* fix: lint error
* delete: trivy-to-vuls stdIn
* fix: Incomprehesible error logs
* fix: according to review
* add: function converts old config to latest one
* delete: add-server
* fix: lint error
* fix
* fix: remote scan error in Windows
* fix: lint error
* fix
* fix: lint error
* fix: lint error
* add: scanner/scanner.go test normalizeHomeDirForWindows()
* fix
* fix
* fix
* fix: remove pointless assignment
* fix
---------
Co-authored-by: 和田皓翔 <wadahiroka@192.168 .0.4>
Co-authored-by: 和田皓翔 <wadahiroka@192.168 .0.10>
Co-authored-by: 和田皓翔 <wadahiroka@192.168 .0.6>
2023-09-21 16:48:35 +09:00
kurita0
e506125017
feat(wp): support csh, no sudo scan ( #1523 )
...
Co-authored-by: MaineK00n <mainek00n.1229@gmail.com >
2023-03-28 21:07:10 +09:00
MaineK00n
947d668452
feat(windows): support Windows ( #1581 )
...
* chore(deps): mod update
* fix(scanner): do not attach tty because there is no need to enter ssh password
* feat(windows): support Windows
2023-03-28 19:00:33 +09:00
kl-sinclair
ca64d7fc31
feat(report): Include dependencies into scan result and cyclondex for supply chain security on Integration with GitHub Security Alerts ( #1584 )
...
* feat(report): Enhance scan result and cyclondex for supply chain security on Integration with GitHub Security Alerts
* derive ecosystem/version from dependency graph
* fix vars name && fetch manifest info on GSA && arrange ghpkgToPURL structure
* fix miscs
* typo in error message
* fix ecosystem equally to trivy
* miscs
* refactoring
* recursive dependency graph pagination
* change var name && update comments
* omit map type of ghpkgToPURL in signatures
* fix vars name
* goimports
* make fmt
* fix comment
Co-authored-by: MaineK00n <mainek00n.1229@gmail.com >
2023-01-20 15:32:36 +09:00
Kota Kanbe
1d97e91341
fix(libscan): delete map that keeps all file contents detected by FindLock to save memory ( #1556 )
...
* fix(libscan): delete Map that keeps all files detected by FindLock to save memory
* continue analyzing libs if err occurred
* FindLockDirs
* fix
* fix
2022-11-10 10:19:15 +09:00
MaineK00n
5234306ded
feat(cti): add Cyber Threat Intelligence info ( #1442 )
...
* feat(cti): add Cyber Threat Intelligence info
* chore: replace io/ioutil as it is deprecated
* chore: remove --format-csv in stdout writer
* chore(deps): go get go-cti@v0.0.1
* feat(cti): update cti dict(support MITRE ATT&CK v11.1)
* chore(deps): go get go-cti@master
2022-06-15 17:08:12 +09:00
MaineK00n
86b60e1478
feat(config): support CIDR ( #1415 )
2022-06-10 18:24:25 +09:00
MaineK00n
787604de6a
fix(suse): fix openSUSE, openSUSE Leap, SLES, SLED scan ( #1384 )
...
* fix(suse): fix openSUSE, openSUSE Leap scan
* docs: update README
* fix: unknown CveContent.Type
* fix: tui reporting
* fix: listening port was duplicated in format-full-text
* fix .gitignore
* fix: add EOL data for SLES12.5
Co-authored-by: Kota Kanbe <kotakanbe@gmail.com >
2022-02-15 17:11:54 +09:00
MaineK00n
2923cbc645
fix(centos): identify CentOS and CentOS Stream ( #1360 )
2022-02-03 05:32:03 +09:00
MaineK00n
2b7294a504
feat(amazon): support amazon linux 2022 ( #1338 )
2021-12-09 11:06:44 +09:00
MaineK00n
89d94ad85a
feat(detector): add known exploited vulnerabilities ( #1331 )
...
* feat(kevuln): add known exploited vulnerabilities
* chore: transfer repository owner
* feat: show CISA on top of CERT
* chore: rename var
* chore: rename var
* chore: fix review
* chore: fix message
2021-11-19 15:06:17 +09:00
Kota Kanbe
3e67f04fe4
breaking-change(cpescan): Improve Cpe scan ( #1290 )
...
* chore(cpescan): enable to pass useJvn to detector.DetectCpeURIsCves()
* review comment
* chore: go mod update go-cve
* feat(cpescan): set JvnVendorProductMatch to confidence If detected by JVN
* add NvdExactVersionMatch andd NvdRoughVersionMatch
* add confidence-over option to report
* sort CveContetens
* fix integration-test
2021-09-07 16:18:59 +09:00
kazuminn
ff83cadd6e
feat(os) : support Alma Linux ( #1261 )
...
* support Alma Linux
* fix miss
* feat(os) : support Rocky linux (#1260 )
* support rocky linux scan
* fix miss
* lint
* fix : like #1266 and error Failed to parse CentOS
* pass make test
* fix miss
* fix pointed out with comment
* fix golangci-lint error
2021-08-02 04:36:43 +09:00
Norihiro NAKAOKA
0bf12412d6
fix(rocky): fix Scan in Rocky Linux ( #1266 )
...
* fix(rocky): fix OVAL scan in Rocky Linux
* chore: add FreeBSD13 EOL, fix #1245
* chore(rocky): add Rocky Linux EOL tests
* feat(rocky): implement with reference to CentOS
* feat(raspbian): add Raspbian to Server mode
* feat(rocky): support gost scan
* fix(rocky): rocky support lessThan
* chore: update doc and comment
2021-07-08 05:39:48 +09:00
Shigechika AIKAWA
1c8e074c9d
Feat report googlechat ( #1257 ) ( #1258 )
...
* feat: Support Ubuntu21
* feat(report): Send report via Google Chat
* feat(report): Send report via Google Chat
* Snip too long message as (The rest is omitted).
* sorry for mixed feat-ubuntu21 branch. exlucded it
* append diff, attack vector and exploits info
* add ServerName filter by regexp
* rename variables and rewrite validators
* fix renaming miss
* fix renaming miss, again
2021-07-02 05:32:00 +09:00
Norihiro NAKAOKA
7eb77f5b51
feat(scan): support external port scanner(nmap) in host machine ( #1207 )
...
* feat(scan): load portscan settings from config.toml
* feat(scan): support external port scanner:nmap
* style: rename variable
* feat(scan): logging apply options
* feat(scan): remove spoof ip address option
* feat(scan): more validate port scan config
* style: change comment
* fix: parse port number as uint16
* feat(discover): add portscan section
* feat(discover): change default scanTechniques
* feat(docker): add nmap and version update
* feat(scan): nmap module upgrade
* fix: wrap err using %w
* feat(scan): print cmd using external port scanner
* feat(scan): more details external port scan command
* feat(scan): add capability check in validation
* fix(scanner): format error
* chore: change format
2021-05-26 09:35:28 +09:00
otuki
dc9c0edece
refactor(git-conf): Specifing ignoreGitHubDismissed per repository ( #1224 )
...
* refactor(git-conf): Specifing ignoreGitHubDismissed per repository with config.toml
* refactor(git-conf): change json tag into camelCase
* refactor(git-conf): change first char of json tag into lowercase
2021-04-28 13:41:38 +09:00
Kota Kanbe
9bfe0627ae
refactor: don't use global Config in private func ( #1197 )
...
* refactor: cve_client.go
* refactor: don't use global Config in private func
* remove import alias for config
* refactor: dbclient
* refactor: resultDir
* refactor: resultsDir
* refactor
* refactor: gost
* refactor: db client
* refactor: cveDB
* refactor: cvedb
* refactor: exploitDB
* refactor: remove detector/dbclient.go
* refactor: writer
* refactor: syslog writer
* refactor: ips
* refactor: ensureResultDir
* refactor: proxy
* fix(db): call CloseDB
* add integration test
* feat(report): sort array in json
* sort func for json diff
* add build-int to makefile
* add int-rds-redis to makefile
* fix: test case, makefile
* fix makefile
* show cve count after diff
* make diff
* diff -c
* sort exploits in json for diff
* sort metasploit, exploit
2021-04-01 13:36:24 +09:00
Kota Kanbe
5d47adb5c9
fix(report): prioritize env vars over config.toml ( #1194 )
2021-03-10 07:39:58 +09:00
Kota Kanbe
3f2ac45d71
Refactor logger ( #1185 )
...
* refactor: logger
* refactor: logging
* refactor: rename func
* refactor: logging
* refactor: logging format
2021-02-26 10:36:58 +09:00
Kota Kanbe
518f4dc039
refactor: VulnDict ( #1183 )
2021-02-25 10:13:51 +09:00
Kota Kanbe
2cdeef4ffe
refactor(config): validateOnReport ( #1182 )
2021-02-25 07:41:49 +09:00
Kota Kanbe
03579126fd
refactor(config): localize config used like a global variable ( #1179 )
...
* refactor(report): LocalFileWriter
* refactor -format-json
* refacotr: -format-one-email
* refactor: -format-csv
* refactor: -gzip
* refactor: -format-full-text
* refactor: -format-one-line-text
* refactor: -format-list
* refacotr: remove -to-* from config
* refactor: IgnoreGitHubDismissed
* refactor: GitHub
* refactor: IgnoreUnsocred
* refactor: diff
* refacotr: lang
* refacotr: cacheDBPath
* refactor: Remove config references
* refactor: ScanResults
* refacotr: constant pkg
* chore: comment
* refactor: scanner
* refactor: scanner
* refactor: serverapi.go
* refactor: serverapi
* refactor: change pkg structure
* refactor: serverapi.go
* chore: remove emtpy file
* fix(scan): remove -ssh-native-insecure option
* fix(scan): remove the deprecated option `keypassword`
2021-02-25 05:54:17 +09:00
kazuminn
4c04acbd9e
feat(report) : Differences between vulnerability patched items ( #1157 )
...
* add plusDiff() and minusDiff()
* add plusDiff minusDiff test
Co-authored-by: Kota Kanbe <kotakanbe@gmail.com >
2021-02-10 06:55:48 +09:00
Kota Kanbe
3dbdd01f97
fix(report): wordrpess scanning skipped when package is emtpy ( #1150 )
2021-01-28 08:24:03 +09:00
Kota Kanbe
88899f0e89
refactor: around CheckHTTPHealth ( #1139 )
2021-01-20 07:41:29 +09:00
Kota Kanbe
d6435d2885
fix(xml): remove -format-xml #1068 ( #1134 )
2021-01-18 04:38:00 +09:00
Kota Kanbe
0b55f94828
Improve implementation around config ( #1122 )
...
* refactor config
* fix saas config
* feat(config): scanmodule for each server in config.toml
* feat(config): enable to specify containersOnly in config.toml
* add new keys of config.toml to discover.go
* fix summary output, logging
2021-01-13 08:46:27 +09:00
Kota Kanbe
6eff6a9329
feat(report): display EOL information to scan summary ( #1120 )
...
* feat(report): display EOL information to scan summary
* detect Amazon linux EOL
2021-01-09 07:58:55 +09:00
Kota Kanbe
f4253d74ae
fix(wordpress): wpscan.com unmarshal error ( #1106 )
...
* refactor(report): remove Integration.apply
* add an err check
* fix(wordpress): wpscan.com unmarshal error
* fix warnings
2020-12-29 07:11:04 +09:00
Kota Kanbe
aaea15e516
refactor(report): remove Integration.apply ( #1105 )
...
* refactor(report): remove Integration.apply
* add an err check
2020-12-29 06:59:48 +09:00
Kota Kanbe
83d1f80959
chore(report): remove stride and hipchat support ( #1104 )
2020-12-26 08:52:45 +09:00
Kota Kanbe
a33cff8f13
fix(reprot): use SQLite3 in current dir if not specified ( #1103 )
2020-12-26 08:24:17 +09:00
Kota Kanbe
53deaee3d7
refactor(config): remove DependencyCheckXMLPath in config.toml ( #1100 )
2020-12-25 06:38:00 +09:00
Kota Kanbe
d576b6c6c1
refactor(report): around FillCveInfo ( #1095 )
...
* refactor(report): around FillCveInfo
* refacotr(report): around FillCveInfo
2020-12-15 15:48:23 +09:00
gy741
ebd3834a35
add(report) -format-csv option ( #1034 )
2020-11-05 20:56:19 +09:00
Kota Kanbe
93059b74c3
feat(report): IgnoredJSONKyes to clear values in result json ( #1071 )
...
* feat(report): IgnoredJSONKyes to clear values in result json
* fix(report): marshal indent in JSON everytime
2020-11-05 20:13:09 +09:00
Kota Kanbe
a124518d78
fix: hard-coded version #1057 ( #1059 )
2020-10-16 20:42:31 +09:00
Kota Kanbe
58cf1f4c8e
refactor(typo): fix typos ( #1041 )
2020-08-24 16:34:32 +09:00
Kota Kanbe
59daa8570a
fix(gost): suppress err logging when unsupported debian ( #1031 )
2020-08-05 20:05:50 +09:00
takuzoo
11a7a0c934
Display metasploit module information for each detected CVE-IDs ( #1011 )
...
* add metasploit
* fix go deps
* fix msf report
* fix msfdb server port number
* delete non-unique msfdb url from fulltext report
* fix(report): validate msfdb config on report (#1 )
* fix(msfdb): update deps (go-msfdb)
* version up go-msfdb v0.1.0
Co-authored-by: Kota Kanbe <kotakanbe@gmail.com >
2020-07-03 14:05:07 +09:00
Kota Kanbe
72457cbf8e
bump up version
2020-06-24 10:57:39 +09:00
Kota Kanbe
4a73875e4d
bump up version ( #1007 )
2020-06-17 12:21:26 +09:00
shopper
d9d5e612ff
Support ProxyJump option when using ssh command ( #1004 )
...
* Add proxyjump func
* Run go mod tidy
* Run make fmt
2020-06-17 12:15:12 +09:00
Norihiro NAKAOKA
59c7061d29
Fix SSH failure due to .ssh/config owner ( #1005 )
...
* use -F option, success configtest and scan
* add sshConfigPath in config.toml
* Use sshConfigPath in config.toml when using ssh -F
* change -ssh-config to deprecated
* fix typo
* add sshConfigPath in tomltemplate
2020-06-16 05:48:31 +09:00
sadayuki-matsuno
d18e7a751d
add trivy parser ( #981 )
...
* add trivy parser
* fix test
* format
* add title and summary
* add trivy parse command
* add uploader
* set args by env
* add README
* add err check
* fix
* fix
* fix
* fix test
* update trivy
* refactor
* delete require uuid
* delete uuid from trivy parser
Co-authored-by: Kota Kanbe <kotakanbe@gmail.com >
2020-05-29 18:06:45 +09:00
kazuminn
8d5ea98e50
add -wp-ignore-inactive flag which ignores inactive plugin or themes ( #974 )
...
* command
* config
* ignore inactive
* fix
* add test
* fmt
* add unset test
* rename
* add test
* refactor
* fix
* refactor
* refactor
* fix golangci-lint error
2020-05-29 15:27:47 +09:00
Kota Kanbe
2374f578ed
Bump up version
2020-05-26 09:32:10 +09:00
