Skip to content

v2.0
Compare
Choose a tag to compare
@4elta 4elta released this 17 Nov 12:15
· 16 commits to main since this release
v2.0
d5cdbc0
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

improvements

analyzer

  • issue description, recommendations and even references are fetched from a TOML file.
  • recommendations and references for issues are shown at the end of the analysis.
  • allow issue descriptions/recommendations to be translated (currently english and german are available).
  • HTTP parser/analysis:
    • add parser for curl (i.e. HTTP index request)
    • show the actual max-age value for HSTS
    • make regex (in the recommendation document) more readable
    • look for CSP declared via meta element
  • TLS analysis:
    • allow recommendations for cipher suites to be specified via conditionals (e.g. when the encrypt_then_mac extension is used, etc)
    • add recommendation based on BSI TR-02102-2

scanner

  • speed up Nmap scans: only use the UDP scan option (-sU) when the service's transport protocol actually is UDP
  • add more XML output options to some commands in the scan config

misc

  • replace external TOML library with internal; this requires Python 3.11
  • improve project documentation
  • several bug fixes

contributions

several users have made contributions (via PRs, issues or private messages) for release:

thank you very much!

Assets 2