Skip to content

Tags: polaris64/web_exploit_detector

Tags

v1.1.6

Version 1.1.6: modified behaviour for files that cannot be read

 - src/web_exploit_detector.js: processRulesOnFile(): previously if a
   path match succeeded but the file requires a content check and cannot
   be read, the result of the test was the result of the path check.
   This has now been changed to avoid false positives; if a file passes
   a path check then the result will depend on the content check and
   file access. If the file can be accessed then it depends on the
   content check result as usual. If it cannot be read then the result
   be false unless the rule requires no content check, in which case the
   result will be set to the result of the path check.

v1.1.5

Version 1.1.5: added readFileAsync() Promise rejection handler

 - src/web_exploit_detector.js: processRulesOnFile(): -
   - Added additional "logger" optional argument which is used to
     display a warning if a file cannot be read.
   - Added catch() to Promise from readFileAsync() which returns the
     result from the path checks and displays a warning.

v1.1.4

Version 1.1.4: added new URLs for certain rules

 - New blog post regarding obfuscation has been written so added URL to
   rules relating to obfuscation.

v1.1.3

Version 1.1.3

v1.1.2

Version 1.1.2

v1.1.1

1.1.1: updated README.md

v1.1.0

1.1.0: added new commands, fixed typo, updated README

 - Added "wed-generate-snapshot" and "wed-compare-snapshot" commands.
 - Updated README.md to include information about directory snapshots.
 - src/compare_snapshot.js: fixed typo in usage message.
 - Updated to version 1.1.0.

v1.0.2

exceptions.json now stored in user home directory

When using the application as an NPM module (installed globally),
writing to the application directory is not always simple (e.g. no
privileges), so the exceptions.json file is now written to the user's
home directory and is now called "wed-exceptions.json".

v1.0.1

Modified README, fixed bugs with results_to_exceptions

 - Added information about NPM module and ESLint to README.
 - prompt: functions are now exported rather than an object.
 - results_to_exceptions: -
   - Modified "prompt" imports (see above).
   - Modified path to "exceptions.json".

v1.0.0

Added npm bin scripts

This change is to allow the project to operate as a globally installed
npm module, making it easier for users to install and run.

 - Added the following bin scripts: -
   - "wed-scanner": the main scanner, equivalent to running "node
     index.js" from the project root.
   - "wed-results-to-exceptions": the script to build exceptions from
     scan results, equivalent to running "node results_to_exceptions.js"
     from the project root.