Skip to content

@phosphore phosphore released this Oct 29, 2019 · 12 commits to master since this release

  • This minor release includes several bug fixes for #56, #54, 81d48a8, and other non-tracked issues
  • Support for nodeintegrationinsubframes both for JS/HTML resources #52
  • Introduced of a global check called HTTP_RESOURCES_WITH_NODE_INTEGRATION_GLOBAL_CHECK to review the use of plain HTTP resources loaded in node-integrated contexts 71acdd8
  • Migrated to cli-table3, word wrapping in columns is now working correctly
  • Introduced the -v (--verbose) flag to display the issues' short description 6e14dc8
Assets 2

@phosphore phosphore released this Jul 29, 2019 · 25 commits to master since this release

  • This patch release includes a fix for #53. Weak etags were occasionally returned by Github Raw CDN, breaking the syncing routine of the releases.json file. (0ed8287)
Assets 2
Jul 29, 2019
1.3.1

@phosphore phosphore released this Jun 11, 2019 · 31 commits to master since this release

  • Variable scoping analysis capabilities have been added to inspect the Function and Global variable content, when available.
  • Every check now has an importance and accuracy attribute which helps the auditor to determine the importance of each finding. Consequently, we also introduced some new command line flags to filter the results by severity (--severity) and by confidence (--confidence), useful for tailored Electronegativity integration in your application security pipelines or build systems.
  • Add support for BrowserView and nodeIntegrationInSubFrames
  • Add the -r, --relative flag to display relative path for files
  • Upgraded typescript-estree to @typescript-eslint/typescript-estree
    in order to support newer versions of TypeScript
  • Several bug fixes and improvements (#49, #50, 84316b1, b32b81b, 04016b3)

The official manual for this 1.3.0 release is also available.

Assets 2
  • v1.2.0
  • 69af5ce
  • Compare
    Choose a tag to compare
    Search for a tag
  • v1.2.0
  • 69af5ce
  • Compare
    Choose a tag to compare
    Search for a tag

@phosphore phosphore released this Mar 25, 2019 · 91 commits to master since this release

We now have our official PDF documentation in docs/manual!

This is a special release for the BlackHat Asia 2019 talk "Preloading Insecurity In Your Electron" by Luca Carettoni, one of the tool's authors.

Assets 2

@ikkisoft ikkisoft released this Jan 24, 2019 · 120 commits to master since this release

We’re excited to announce the first public release of Electronegativity. This tool is finally out!

Assets 2
You can’t perform that action at this time.