Filter Github Exploit for good output #407
Comments
|
Hi @jblu42 I'm aware that this feature is currently not ideal. We rely on the trickest collection (https://github.com/trickest/cve) for this feature. If there is some other repository with more accurate details let me know. |
m-1-k-3
added
enhancement
|
@m-1-k-3 : It seems they have a blacklist. Does it make sense to propose these pages to their blacklist? I think it will probably get filtered out |
|
It would be worth a try. |
|
In the meantime we could include a blacklist in EMBA. Could you please create a PR with your blacklisted urls in |
|
Will you merge your changes first or shall I just do a PR with the blacklist file? |
|
As Benedikt has already approved the PR it is now merged. |
|
I have also opened a pull request for trickest/cve, how would the format look like here in the emba blacklist? Is it the full path to github e.g. https://github.com/facebookincubator/nvdtools or just the repository e.g. facebookincubator/nvdtools? I will test it within the next few days |
|
I did some initial tests with the complete repo name per entry line |
Is your feature request related to a problem? Please describe.
Currently when listing exploits in the F20 module a lot of exploits are listed from github that offer no value e.g. collections of vulnerability details that are direct copies from the CVE information, e.g.
https://github.com/thdusdl1219/CVE-Study
https://github.com/facebookincubator/nvdtools
https://github.com/akiraabe/myapp-container-jaxrs
https://github.com/rostskadat/ziniollc-devops-test-62f1178138d1
https://github.com/turbot/steampipe-plugin-trivy
It would be great to see on first view where PoCs are available
Describe the solution you'd like
As PoC can appear all over github, probably the best solution would be to blacklist some github pages in this module to allow a better overview
Any other ideas on that?
The text was updated successfully, but these errors were encountered: