-
-
Notifications
You must be signed in to change notification settings - Fork 219
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Filter Github Exploit for good output #407
Comments
Hi @jblu42 I'm aware that this feature is currently not ideal. We rely on the trickest collection (https://github.com/trickest/cve) for this feature. If there is some other repository with more accurate details let me know. |
@m-1-k-3 : It seems they have a blacklist. Does it make sense to propose these pages to their blacklist? I think it will probably get filtered out |
It would be worth a try. |
In the meantime we could include a blacklist in EMBA. Could you please create a PR with your blacklisted urls in |
Will you merge your changes first or shall I just do a PR with the blacklist file? |
As Benedikt has already approved the PR it is now merged. |
I have also opened a pull request for trickest/cve, how would the format look like here in the emba blacklist? Is it the full path to github e.g. https://github.com/facebookincubator/nvdtools or just the repository e.g. facebookincubator/nvdtools? I will test it within the next few days |
I did some initial tests with the complete repo name per entry line |
Is your feature request related to a problem? Please describe.
Currently when listing exploits in the F20 module a lot of exploits are listed from github that offer no value e.g. collections of vulnerability details that are direct copies from the CVE information, e.g.
https://github.com/thdusdl1219/CVE-Study
https://github.com/facebookincubator/nvdtools
https://github.com/akiraabe/myapp-container-jaxrs
https://github.com/rostskadat/ziniollc-devops-test-62f1178138d1
https://github.com/turbot/steampipe-plugin-trivy
It would be great to see on first view where PoCs are available
Describe the solution you'd like
As PoC can appear all over github, probably the best solution would be to blacklist some github pages in this module to allow a better overview
Any other ideas on that?
The text was updated successfully, but these errors were encountered: