Shunichi Shinohara
351cf4f712
Update trivy from 0.35.0 to 0.49.1 ( #1806 )
...
* Update trivy 0.35.0->0.48.0
- Specify oras-go 1.2.4 in indirect dependencies
docker/docker changes a part of its API at 24.0
- registry: return concrete service type · moby/moby@7b3acdf
- 7b3acdff5d (diff-8325eae896b1149bf92c826d07fc29005b1b102000b766ffa5a238d791e0849bR18-R21)mainek00n.1229@gmail.com >
* Update scanner/trivy/jar/parse.go
Co-authored-by: MaineK00n <mainek00n.1229@gmail.com >
* Update scanner/trivy/jar/parse.go
Co-authored-by: MaineK00n <mainek00n.1229@gmail.com >
* Update scanner/trivy/jar/parse.go
Co-authored-by: MaineK00n <mainek00n.1229@gmail.com >
* Update scanner/trivy/jar/parse.go
Co-authored-by: MaineK00n <mainek00n.1229@gmail.com >
* Update scanner/trivy/jar/jar.go
Co-authored-by: MaineK00n <mainek00n.1229@gmail.com >
* Update detector/library.go
Co-authored-by: MaineK00n <mainek00n.1229@gmail.com >
* Update models/library.go
Co-authored-by: MaineK00n <mainek00n.1229@gmail.com >
* Update scanner/base.go
Co-authored-by: MaineK00n <mainek00n.1229@gmail.com >
* Update scanner/trivy/jar/parse.go
Co-authored-by: MaineK00n <mainek00n.1229@gmail.com >
* Update scanner/trivy/jar/parse.go
Co-authored-by: MaineK00n <mainek00n.1229@gmail.com >
* Missing changes in name change
* Update models/github.go
Co-authored-by: MaineK00n <mainek00n.1229@gmail.com >
* Update models/library.go
Co-authored-by: MaineK00n <mainek00n.1229@gmail.com >
* Update models/library.go
Co-authored-by: MaineK00n <mainek00n.1229@gmail.com >
* Update models/library.go
Co-authored-by: MaineK00n <mainek00n.1229@gmail.com >
* Update scanner/base.go
Co-authored-by: MaineK00n <mainek00n.1229@gmail.com >
* Update scanner/base.go
Co-authored-by: MaineK00n <mainek00n.1229@gmail.com >
* Update scanner/trivy/jar/jar.go
Co-authored-by: MaineK00n <mainek00n.1229@gmail.com >
* Don't import fanal/types at github.go
* Rewrite code around java db initialization
* Add comment
* refactor
* Close java db client
* rename
* Let LibraryScanner have java db client
* Update detector/library.go
Co-authored-by: MaineK00n <mainek00n.1229@gmail.com >
* Update detector/library.go
Co-authored-by: MaineK00n <mainek00n.1229@gmail.com >
* Update detector/library.go
Co-authored-by: MaineK00n <mainek00n.1229@gmail.com >
* Update detector/library.go
Co-authored-by: MaineK00n <mainek00n.1229@gmail.com >
* inline variable
* misc
* Fix typo
---------
Co-authored-by: MaineK00n <mainek00n.1229@gmail.com >
2024-02-28 14:25:58 +09:00
MaineK00n
b9db5411cd
feat(scanner): revert lsof command for futurevuls users ( #1770 )
2023-10-20 12:07:20 +09:00
Eng Zer Jun
c1854a3a7b
refactor: remove redundant len check ( #1743 )
...
`len` returns 0 if the slice is nil. From the Go specification [1]:
"1. For a nil slice, the number of iterations is 0."
Therefore, an additional `len(v) != 0` check for before the loop is
unnecessary.
[1]: https://go.dev/ref/spec#For_range
Signed-off-by: Eng Zer Jun <engzerjun@gmail.com >
2023-09-26 18:00:05 +09:00
MaineK00n
1832b4ee3a
feat(macos): support macOS ( #1712 )
2023-09-25 16:51:09 +09:00
MaineK00n
4253550c99
chore(scanner): do not show logs when lsof: no Internet files located ( #1688 )
2023-06-23 16:08:49 +09:00
Wagde Zabit
b2c5b79672
feat(os): support debian 12 ( #1676 )
...
* feat(os): support debian 12
* chore(scanner/debian): remove unneeded warn log
---------
Co-authored-by: MaineK00n <mainek00n.1229@gmail.com >
2023-05-13 01:04:31 +09:00
kurita0
e506125017
feat(wp): support csh, no sudo scan ( #1523 )
...
Co-authored-by: MaineK00n <mainek00n.1229@gmail.com >
2023-03-28 21:07:10 +09:00
MaineK00n
947d668452
feat(windows): support Windows ( #1581 )
...
* chore(deps): mod update
* fix(scanner): do not attach tty because there is no need to enter ssh password
* feat(windows): support Windows
2023-03-28 19:00:33 +09:00
Kota Kanbe
f6cd4d9223
feat(libscan): support conan.lock C/C++ ( #1572 )
2022-12-20 11:22:36 +09:00
Kota Kanbe
03c59866d4
feat(libscan): support gradle.lockfile ( #1568 )
...
* feat(libscan): support gradle.lockfile
* add gradle.lockfile to integration test
* fix readme
* chore: update integration
* find *gradle.lockfile
Co-authored-by: MaineK00n <mainek00n.1229@gmail.com >
2022-12-20 08:52:45 +09:00
Kota Kanbe
1d97e91341
fix(libscan): delete map that keeps all file contents detected by FindLock to save memory ( #1556 )
...
* fix(libscan): delete Map that keeps all files detected by FindLock to save memory
* continue analyzing libs if err occurred
* FindLockDirs
* fix
* fix
2022-11-10 10:19:15 +09:00
dependabot[bot]
6eb4c5a5fe
chore(deps): bump github.com/aquasecurity/trivy from 0.31.3 to 0.32.1 ( #1538 )
...
* chore(deps): bump github.com/aquasecurity/trivy from 0.31.3 to 0.32.1
Bumps [github.com/aquasecurity/trivy](https://github.com/aquasecurity/trivy ) from 0.31.3 to 0.32.1.
- [Release notes](https://github.com/aquasecurity/trivy/releases )
- [Changelog](https://github.com/aquasecurity/trivy/blob/main/goreleaser.yml )
- [Commits](https://github.com/aquasecurity/trivy/compare/v0.31.3...v0.32.1 )
---
updated-dependencies:
- dependency-name: github.com/aquasecurity/trivy
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
* chore(deps): bump github.com/aquasecurity/trivy 0.32.1 to 0.33.0
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: MaineK00n <mainek00n.1229@gmail.com >
2022-10-27 01:24:06 +09:00
MaineK00n
2a00339da1
fix(lockfiles): fix privileges in lockfile scan ( #1512 )
...
* fix(lockfiles): fix privileges in lockfile scan
* style(fmt): add space in comment line
2022-09-02 18:18:00 +09:00
kidokidofire
2d959b3af8
Fix func to get EC2 instance ID by IMDSv2. ( #1522 )
...
Co-authored-by: kido3160 <s.kido.fy@future.co.jp >
2022-08-25 14:31:48 +09:00
kidokidofire
595e26db41
Enable to get EC2 instance ID by IMDSv2. ( #1520 )
...
Co-authored-by: kido3160 <s.kido.fy@future.co.jp >
2022-08-24 17:39:45 +09:00
MaineK00n
ab54266f9e
fix(library): fill libraryFixedIns{}.key in ftypes.Pnpm and ftypes.DotNetCore ( #1498 )
...
* fix(library): fill key in ftypes.Pnpm and ftypes.DotNetCore
* chore(library): change the data structure of LibraryMap
2022-07-26 13:53:50 +09:00
dependabot[bot]
139f3a81b6
chore(deps): bump github.com/aquasecurity/trivy from 0.27.1 to 0.30.0 ( #1494 )
...
* chore(deps): bump github.com/aquasecurity/trivy from 0.27.1 to 0.30.0
Bumps [github.com/aquasecurity/trivy](https://github.com/aquasecurity/trivy ) from 0.27.1 to 0.30.0.
- [Release notes](https://github.com/aquasecurity/trivy/releases )
- [Changelog](https://github.com/aquasecurity/trivy/blob/main/goreleaser.yml )
- [Commits](https://github.com/aquasecurity/trivy/compare/v0.27.1...v0.30.0 )
---
updated-dependencies:
- dependency-name: github.com/aquasecurity/trivy
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
* chore(deps): bump github.com/aquasecurity/trivy from 0.30.0 to 0.30.2
* fix(library): change fanal to trivy/pkg/fanal
* chore: update integration
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: MaineK00n <mainek00n.1229@gmail.com >
2022-07-25 16:47:57 +09:00
MaineK00n
5234306ded
feat(cti): add Cyber Threat Intelligence info ( #1442 )
...
* feat(cti): add Cyber Threat Intelligence info
* chore: replace io/ioutil as it is deprecated
* chore: remove --format-csv in stdout writer
* chore(deps): go get go-cti@v0.0.1
* feat(cti): update cti dict(support MITRE ATT&CK v11.1)
* chore(deps): go get go-cti@master
2022-06-15 17:08:12 +09:00
kurita0
ec6e90acd3
fix getting wp core version string via ssh ( #1344 )
...
* fix getting wp core version string via ssh
* check DocRoot
2022-06-09 06:05:15 +09:00
dependabot[bot]
c7eac4e7fe
chore(deps): bump github.com/aquasecurity/trivy from 0.25.4 to 0.27.0 ( #1451 )
...
* chore(deps): bump github.com/aquasecurity/trivy from 0.25.4 to 0.27.0
Bumps [github.com/aquasecurity/trivy](https://github.com/aquasecurity/trivy ) from 0.25.4 to 0.27.0.
- [Release notes](https://github.com/aquasecurity/trivy/releases )
- [Changelog](https://github.com/aquasecurity/trivy/blob/main/goreleaser.yml )
- [Commits](https://github.com/aquasecurity/trivy/compare/v0.25.4...v0.27.0 )
---
updated-dependencies:
- dependency-name: github.com/aquasecurity/trivy
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
* fix(library): support go.mod scan
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: MaineK00n <mainek00n.1229@gmail.com >
2022-04-27 12:46:47 +09:00
MaineK00n
a1cc152e81
feat(library): add auto detect library ( #1417 )
2022-03-17 18:08:40 +09:00
MaineK00n
fe8d252c51
feat(debian): validate running kernel version ( #1382 )
...
* feat(debian): validate running kernel version
* chore(gost/debian): only stash when there is linux package
2022-02-11 12:36:48 +09:00
Kota Kanbe
77049d6cbb
feat(libscan): support trivy v0.23.0 ( #1377 )
...
* feat(libscan): support trivy v0.23.0
* fix lint err
* review
2022-02-01 10:40:16 +09:00
sadayuki-matsuno
b4c23c158b
fix(scanner/base) export libFile fields ( #1366 )
2022-01-18 11:56:12 +09:00
sadayuki-matsuno
964b4aa389
fix(scanner/base) export libFile ( #1365 )
2022-01-18 11:31:36 +09:00
dependabot[bot]
43c05d06fc
chore(deps): bump github.com/aquasecurity/trivy from 0.20.0 to 0.22.0 ( #1350 )
...
* chore(deps): bump github.com/aquasecurity/trivy from 0.20.0 to 0.22.0
Bumps [github.com/aquasecurity/trivy](https://github.com/aquasecurity/trivy ) from 0.20.0 to 0.22.0.
- [Release notes](https://github.com/aquasecurity/trivy/releases )
- [Changelog](https://github.com/aquasecurity/trivy/blob/main/goreleaser.yml )
- [Commits](https://github.com/aquasecurity/trivy/compare/v0.20.0...v0.22.0 )
---
updated-dependencies:
- dependency-name: github.com/aquasecurity/trivy
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
* fix(library): trivy scan
* chore(integration): add lockfiles
* fix(library): support gobinary scan via trivy
* chore: add pom in IsTrivySupportedLib
* chore: fix LIBS
* fix(library): support trivy offline scan
* chore(integration): move vulsio/integration repository
* chore(integration): add integration as git submodule
* chore: update .gitignore
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: MaineK00n <mainek00n.1229@gmail.com >
2022-01-18 08:27:11 +09:00
Kota Kanbe
4a72295de7
feat(saas): support for library-only scanning ( #1300 )
2021-09-10 15:38:35 +09:00
MaineK00n
f24240bf90
feat(library): update trivy v0.19.2 ( #1278 )
2021-08-02 05:40:57 +09:00
Kota Kanbe
f0b3a8b1db
feat(cpescan): Use JVN as a second DB for CPE scan ( #1268 )
...
* feat(cpescan): Use JVN as a second DB for CPE scan
* feat(tui): display score of detectionmethod
* update go.mod
2021-07-08 12:39:46 +09:00
Kota Kanbe
0095c40e69
fix(vet): go vet err of make build-scanner ( #1248 )
2021-06-09 08:00:52 +09:00
sadayuki-matsuno
40988401bd
feat(scanner) separate func analize libraries ( #1246 )
...
* feat(scanner) separate func analize libraries
* fix(scanner) fix typo
2021-06-04 07:42:29 +09:00
Kota Kanbe
e8e3f4d138
feat(lib): support of Go (go.sum) scan ( #1244 )
...
* chore: update trivy deps
* fix(test): fix sort order in json
* parse go.sum in scanning
* feat(lib): support go.sum
2021-06-03 11:31:37 +09:00
Norihiro NAKAOKA
7eb77f5b51
feat(scan): support external port scanner(nmap) in host machine ( #1207 )
...
* feat(scan): load portscan settings from config.toml
* feat(scan): support external port scanner:nmap
* style: rename variable
* feat(scan): logging apply options
* feat(scan): remove spoof ip address option
* feat(scan): more validate port scan config
* style: change comment
* fix: parse port number as uint16
* feat(discover): add portscan section
* feat(discover): change default scanTechniques
* feat(docker): add nmap and version update
* feat(scan): nmap module upgrade
* fix: wrap err using %w
* feat(scan): print cmd using external port scanner
* feat(scan): more details external port scan command
* feat(scan): add capability check in validation
* fix(scanner): format error
* chore: change format
2021-05-26 09:35:28 +09:00
Kota Kanbe
e553f8b4c5
feat(trivy): go mod update trivy v0.17.2 ( #1235 )
...
* feat(trivy): go mod update trivy v0.17.2
* wg.Wait
* fix reporting
* fix test case
* add gemfile.lock of redmine to integration test
* fix(test): add Pipfile.lock
* add poetry.lock to integration test
* add composer.lock to integration test
* add integration test case
2021-05-12 18:27:55 +09:00
Kota Kanbe
a2a697900a
refactor: move const to constant pkg ( #1205 )
2021-04-02 15:33:02 +09:00
Kota Kanbe
9bfe0627ae
refactor: don't use global Config in private func ( #1197 )
...
* refactor: cve_client.go
* refactor: don't use global Config in private func
* remove import alias for config
* refactor: dbclient
* refactor: resultDir
* refactor: resultsDir
* refactor
* refactor: gost
* refactor: db client
* refactor: cveDB
* refactor: cvedb
* refactor: exploitDB
* refactor: remove detector/dbclient.go
* refactor: writer
* refactor: syslog writer
* refactor: ips
* refactor: ensureResultDir
* refactor: proxy
* fix(db): call CloseDB
* add integration test
* feat(report): sort array in json
* sort func for json diff
* add build-int to makefile
* add int-rds-redis to makefile
* fix: test case, makefile
* fix makefile
* show cve count after diff
* make diff
* diff -c
* sort exploits in json for diff
* sort metasploit, exploit
2021-04-01 13:36:24 +09:00
Kota Kanbe
3f2ac45d71
Refactor logger ( #1185 )
...
* refactor: logger
* refactor: logging
* refactor: rename func
* refactor: logging
* refactor: logging format
2021-02-26 10:36:58 +09:00
Kota Kanbe
03579126fd
refactor(config): localize config used like a global variable ( #1179 )
...
* refactor(report): LocalFileWriter
* refactor -format-json
* refacotr: -format-one-email
* refactor: -format-csv
* refactor: -gzip
* refactor: -format-full-text
* refactor: -format-one-line-text
* refactor: -format-list
* refacotr: remove -to-* from config
* refactor: IgnoreGitHubDismissed
* refactor: GitHub
* refactor: IgnoreUnsocred
* refactor: diff
* refacotr: lang
* refacotr: cacheDBPath
* refactor: Remove config references
* refactor: ScanResults
* refacotr: constant pkg
* chore: comment
* refactor: scanner
* refactor: scanner
* refactor: serverapi.go
* refactor: serverapi
* refactor: change pkg structure
* refactor: serverapi.go
* chore: remove emtpy file
* fix(scan): remove -ssh-native-insecure option
* fix(scan): remove the deprecated option `keypassword`
2021-02-25 05:54:17 +09:00
