Kota Kanbe
9a32a94806
refactor: fix build warnings ( #1090 )
2020-12-11 06:45:39 +09:00
Shigechika AIKAWA
2534098509
fix(report): wpvulndb poor versioning( #1088 ) ( #1089 )
2020-12-11 05:53:41 +09:00
Kota Kanbe
5fea4eaef8
feat(nocgo): enable to build with CGO_ENABLED=0 ( #1080 )
2020-11-27 09:55:09 +09:00
Kota Kanbe
3f8de02683
fix(portscan): to keep backward compatibility before v0.13.0 ( #1076 )
2020-11-19 16:54:36 +09:00
Kota Kanbe
93059b74c3
feat(report): IgnoredJSONKyes to clear values in result json ( #1071 )
...
* feat(report): IgnoredJSONKyes to clear values in result json
* fix(report): marshal indent in JSON everytime
2020-11-05 20:13:09 +09:00
Kota Kanbe
2fc3462d35
fix(libscan): update trivy deps ( #1070 )
2020-11-05 15:38:12 +09:00
Norihiro NAKAOKA
83bcca6e66
experimental: add smart(fast, minimum ports, silently) TCP port scanner ( #1060 )
...
* add struct ListenPorts
* change parse to models.ListenPorts from string
* change support models.ListenPorts in TUI
* add scanPort template , detectScanDest
* add Test_detectScanDest
* change impl scanPorts template
* fix build error
* change collect scan success address
* add Test_matchListenPorts
* add Test_updatePortStatus
* change display port scan result on tui
* change display scan emoji on report
* Revert "change display scan emoji on report"
This reverts commit e281882cc6
2020-10-19 17:47:20 +09:00
Kota Kanbe
4b680b9960
fix(scan-freebsd): also get installed with pkg info #1042 ( #1051 )
...
* fix(scan-freebsd): also get installed with `pkg info` #1042
* fix test
2020-09-12 05:08:41 +09:00
Norihiro NAKAOKA
7969b343b0
Raspberry Pi OS(Raspbian) scanning using OVAL DB ( #1019 )
...
* change: never refer to ChangeLog
* change raspberry pi os use debian oval at report
* change do not use r.Family
* change gost do not use r.Family
* change use r.Family because family has a large impact
* change replace MaineK00n/goval-dictionary@raspberrypi-oval
* note Raspbian Scan Policy
* add Raspbian Changelog support policy
* change grep Package for Raspbian at fast-scan mode
* add changelog preprocessing for Raspbian
* add take note of TODO
* change Changelog fetch part to function
* change error handling
* change solve one TODO
* change make ChangelogDir once
* add comment
* fix oval support Amazon Linux :refs #824
* change to useScannedCves from ovalSupproted
* change confidence for Raspbian
* change skip package for raspbian in OVAL DB
* change separate raspbian implementation from util
* change error, log format
* change print format
* change log format(delete newline)
* change support changelog.(Debian.)gz
* Revert "change support changelog.(Debian.)gz"
This reverts commit 2265a72c67
2020-08-25 14:11:34 +09:00
Kota Kanbe
58cf1f4c8e
refactor(typo): fix typos ( #1041 )
2020-08-24 16:34:32 +09:00
takuzoo
11a7a0c934
Display metasploit module information for each detected CVE-IDs ( #1011 )
...
* add metasploit
* fix go deps
* fix msf report
* fix msfdb server port number
* delete non-unique msfdb url from fulltext report
* fix(report): validate msfdb config on report (#1 )
* fix(msfdb): update deps (go-msfdb)
* version up go-msfdb v0.1.0
Co-authored-by: Kota Kanbe <kotakanbe@gmail.com >
2020-07-03 14:05:07 +09:00
Kota Kanbe
c11ba27509
fix(libscan): include a lockfile path of libs ( #1012 )
2020-06-24 10:46:00 +09:00
Kota Kanbe
62c9409fe9
add a github actions config ( #985 )
...
* add a github actions config
* fix(log): Don't create a log dir when testing
* remove a meaningless test case
* Thanks for everything, Mr, Travys.
* add golangci
* add goreleaser.yml
* add tidy.yml
* add golang-ci
* fix many lint warnings
2020-05-27 20:11:24 +09:00
Kota Kanbe
ebe5f858c8
update trivy, and unsupport image scanning feature ( #971 )
...
* update trivy, fanal. unsupport image scanning
* Update models/library.go
Co-authored-by: Teppei Fukuda <teppei@elab.ic .i.u-tokyo.ac.jp>
* add -no-progress flag to report/tui cmd
* Display trivy vuln info to tui/report
* add detection method to vulninfo detected by trivy
* fix(uuid): change uuid lib to go-uuid #929 (#969 )
* update trivy, fanal. unsupport image scanning
* Update models/library.go
Co-authored-by: Teppei Fukuda <teppei@elab.ic .i.u-tokyo.ac.jp>
* add -no-progress flag to report/tui cmd
* Display trivy vuln info to tui/report
* add detection method to vulninfo detected by trivy
* unique ref links in TUI
* download trivy DB only when lock file is specified in config.toml
Co-authored-by: Teppei Fukuda <teppei@elab.ic .i.u-tokyo.ac.jp>
2020-05-08 15:24:39 +09:00
Wagde Zabit
c0ebac305a
composer.lock insteaad of composer.json ( #973 )
...
Co-authored-by: Wagde Zabit <wagde@orcasecurity.io >
2020-05-01 15:20:33 +09:00
Kota Kanbe
0ff7641471
feat(report): display "fixed" when updatable even in fast mode ( #957 )
2020-04-13 18:20:32 +09:00
Kota Kanbe
464d523c42
Display fixed-in version for each package in report ( #801 )
...
* refactor(model): PackageFixStatus.Name to BinName
* refacotr(oval): change var name
* feat(report): Add FixedIn in JSON
* refactor(tui): chage args
* display fixedin in report
* refactor(model): change fileld name
* remove unused field of PackageFixStatus
2020-04-08 21:26:34 +09:00
gy741
a10dd67e0f
Fix typo in models/scanresults.go ( #942 )
2020-04-06 15:00:43 +09:00
segatomo
5729ad6026
Add CWE Top25 and SANS Top25 ( #925 )
...
* add top25 rank
* add CweTop25 and SansTop25
* fix report
* add cwetop25 and sanstop25 url
* fix condition branch
* fix condition branch
2020-03-03 17:33:06 +09:00
Tomoya Amachi
9aa0d87a21
feat : scan with image digest ( #939 )
2020-03-03 16:51:06 +09:00
Kota Kanbe
5811dffe7a
fix(report): Support CVSS 3.1 for Red Hat OVAL #930 ( #932 )
2020-01-30 22:48:04 +09:00
Kota Kanbe
c61f462948
fix(report): show POC, CERT in tui and format-list. use vendor summary over NVD ( #902 )
...
* fix(report): show POC, CERT in tui and format-list. show vendor summary
* fix test case
2019-09-10 10:00:17 +09:00
Kota Kanbe
3ffed18e02
Change GPL v3 to AGPL v3 because of aquasecurity/trivy dependency ( #897 )
2019-09-09 21:12:17 +09:00
Kota Kanbe
f54e7257d1
fix(report): fill cert alerts from NVD and JVN feeds ( #899 )
...
* fix(report): fill cert alerts from NVD and JVN feeds
* fix import alias cve to cvemodels
* fix import alias cve to cvemodels
* remove unnecessary func
2019-09-09 21:11:59 +09:00
Tomoya Amachi
af58122c91
for Amazon Linux image ( #896 )
...
* fit amazon linux image's version to OVAL
* add Arch to SrcPackage
* lint go.mod
* make fmt
2019-09-06 10:34:14 +09:00
Kota Kanbe
b7ca5e5590
feat(scan): add -wordpress-only and -libs-only flag ( #898 )
2019-09-06 10:33:03 +09:00
Kota Kanbe
1fbd516b83
fix(report): fix too many variables while reporting ( #888 )
2019-08-25 17:56:47 +09:00
Kota Kanbe
836e4704f8
feat(scan): Display listen port of affected procs for each vulnerable pkgs ( #859 )
...
* refactor(redhat): move rpmQa and rpmQf to redhatbase.go
* feat(scan): Display listen port of affected procs
2019-07-03 23:01:59 +09:00
Tomoya Amachi
7b78ebbc42
retrieve ips(deep security) identifiers ( #852 )
...
* retrieve ips identifiers
* fix golangci
* use IPS type
* fix log message
* fix lockfiles config
* change label
* IPS : only work with fast-root mode
2019-07-02 10:06:30 +09:00
Kota Kanbe
b81f64058c
fix(report): remove extra check logic #802 ( #835 )
2019-06-13 21:45:22 +09:00
Kota Kanbe
17bb575002
fix(scan): enable to report if some warnings occured on scanning ( #805 )
...
* fix(scan): enable to report if some warnings occured on scanning
* alpine, debian, freebsd, suse
* -format-full-text, -format-list, -format-one-line-text
* implement slack.go
* implement tui.go
* go fmt
2019-06-12 21:35:21 +09:00
Tomoya Amachi
abcea1a14d
add Library Scan (with image scan) ( #829 )
...
* add static container image scan
* server has many staticContainers
* use go module
* for staticContainer
* fix typo
* fix setErrs error
* change name : StaticContainer -> Image
* add scan -images-only flag
* fix makefile
* fix makefile for go module
* use rpmcmd instead of rpm
* add scrutinizer.yml
* change scrutinizer.yml
* fix scrutinizer.yml
* fix scrutinizer.yml
* fix scrutinizer.yml
* fix scrutinizer.yml
* delete scrutinizer
* add report test
* add sourcePackages and Arch
* fix for sider
* fix staticContainer -> image
* init scan library
* add library scan for servers
* fix tui bug
* fix lint error
* divide WpPackageFixStats and LibraryPackageFixedIns
* fix error
* Delete libManager_test.go
* stop use alpine os if err occurred in container
* merge upstream/master
* Delete libManager.go
* update goval-dictionary
* fix go.mod
* update Readme
* add feature : auto detect lockfiles
2019-06-12 18:50:07 +09:00
Kota Kanbe
269095d034
feat(report): support Amazon OVAL scanning ( #824 )
...
* feat(report): support Amazon OVAL scanning
* add distroAdvisories
* see goval/master
2019-06-10 23:20:39 +09:00
Kota Kanbe
276363e793
fix(scan): a bug of kernel Vulns detection on Ubuntu18 ( #818 )
...
* fix(scan): a bug of kernel Vulns detection on Ubuntu18
* fix the test case
2019-05-23 17:00:33 +09:00
Kota Kanbe
e750bd53fc
fix(report): fix the number of fixed/total in reporting ( #817 )
2019-05-20 14:30:29 +09:00
sadayuki-matsuno
53aaea9fe2
add scannedVia field to know the way of access such as SSH, local or pseudo ( #811 )
...
* add sacnned via
* change scannedVia type to const
2019-05-15 13:33:09 +09:00
Kota Kanbe
533d05a1b5
fix(report): Error when GitHub integration failed ( #800 )
2019-04-15 21:51:04 +09:00
kazuminn
99c65eff48
feat(scan): WordPress Vulnerability Scan (core, plugin, theme) ( #769 )
...
https://github.com/future-architect/vuls/pull/769
2019-04-08 17:27:44 +09:00
Iskander (Alex) Sharipov
cf6fb0c8a5
models: fix no-op append calls ( #785 )
...
Fixed simplest cases of append calls that have no
effect aside from driving Go static analysis tools crazy.
One issue remains (#784 ) since I'm not sure
what would be the right behavior there.
2019-03-07 11:28:44 +09:00
Kota Kanbe
56d7d43768
feat(report): GitHub security alerts integration ( #775 )
...
feat(report): integrate to GitHub security alerts
2019-02-20 12:04:10 +09:00
Tomoya Amachi
967c56909d
add ScannedIPv4Addrs and ScannedIPv6Addrs ( #764 )
2019-01-19 22:19:06 +09:00
sadayuki-matsuno
63b7f4a8db
delete paperr ( #758 )
2019-01-12 22:40:56 +09:00
Tomoya Amachi
a5a800fa0a
add alert data to result json ( #747 )
...
* add alert data to result json
* delete omitempty from AlertDict
2018-12-05 15:38:23 +09:00
Tomoya Amachi
9147ec148d
Beautify alert ( #746 )
...
* update dep
* to make easy edit alert data manually
* fix alert data bug
2018-12-05 12:30:04 +09:00
Kota Kanbe
6e82981ee3
feat(report): Display CERT information to reports ( #741 )
...
* fix(tui): show JPCERT Alert URL in TUI
* feat(tui): show `!` when the CVE-ID corresponds to USCERT or JPCERT alert
* feat(report): display cert alert info to stdout report
* fix(report): Display CVEs detected by CPEs with -ignore-unfixed flag
2018-11-30 15:41:59 +09:00
Tomoya Amachi
9d7b115bb5
add JPCERT and USCERT alert dictionary ( #740 )
...
* add alert dictionary
* fix for sider review
* fix for sider review
2018-11-30 14:17:17 +09:00
Kota Kanbe
8eae5002a3
fix(report): return both scores of gost and oval ( #739 )
2018-11-29 12:17:19 +09:00
Kota Kanbe
7585f9d537
fix(report): fix cvedb-url, add -cvedb-type=http ( #734 )
...
* fix(report): fix cvedb-url, add -cvedb-type=http
* feat(report): support go-exploitdb server mode
* update deps
* implement tui
* fix server mode
* fix(tui): default value of cvedb-type to ""
* update deps
2018-11-16 21:22:18 +09:00
sadayuki-matsuno
98c5421edc
fix exploit db ( #733 )
2018-11-12 17:36:53 +09:00
sadayuki-matsuno
6ed9cf3fb4
add scan mode ( #731 )
2018-11-05 15:35:50 +09:00
