Skip to content

v1.0.3

Latest

Choose a tag to compare

@kernelstub kernelstub released this 06 Jul 11:42

Add PDF/CSV/XML report formats, fix a broad set of correctness bugs, strip all comments

Report formats:

  • add PDF, CSV, and XML generators alongside the existing json/markdown/
    html/sarif/hackerone/bugcrowd, wired into nox report --format
  • CSV output is sanitized against formula/CSV injection from
    scanned-target-derived finding data

Bug fixes:

  • scope: IsCIDRInScope only checked a candidate range's base address,
    letting a wider out-of-scope CIDR slip in under a narrower allowed one
  • report: HTML report generation was completely broken (text/template
    can't index a map[Severity]int with a bare string literal) - likely
    never worked in production
  • cli: replace the os.Exit(1)-after-defer pattern throughout with
    returned errors, so Storage.Close/Engine.Stop/log flush actually run
    on every error path
  • engine: fix a worker-pool deadlock on scan cancellation and a rate
    limiter bypass for workflow-driven scans
  • runners: fix a hang when a subprocess writes past the output cap
  • storage: fix orphaned checkpoint rows on scan delete and a missing
    foreign_keys pragma for :memory: databases
  • httpclient/capture/evasion: ctx not bound to outgoing requests, an
    off-by-one in truncation detection, and a 429 retry that could
    resend a drained body
  • crawler: fix a send-on-closed-channel panic/race on cancellation
  • several scanning-module false positive/negative fixes: 2FA
    brute-force check, wrong apex-domain extraction, a broken scheme
    check duplicated across 8 files, subdomain-takeover false positives,
    DNS-error-as-missing-record conflation, and others