Skip to content

@lrstanley lrstanley released this Mar 11, 2018 · 2 commits to master since this release


9f54c2e add readme template; update readme
34cdfd1 add readme-gen tasks
fd1b36d update goreleaser config to use nfpm
eab1c41 clean up makefile
f15a8cd allow domains not following RFC, for 1 char prefixes
64b124b update irc channel
4bf81e8 add and update readme a bit
35ac652 remove freebsd from build step
f40a6f8 add help info to Makefile, cleanup a bit
385d87f add concurrent compression to build pipeline; clean up makefile
33f6e0a add clean to goreleaser steps
db53811 experimental rpm/deb compiling support using fpm
619e6da change release dir to dest
48003f6 update test to use new domain
d838418 parse tcp6 to address hosts using ipv4-mapped-ipv6; closes #66
209e415 exclude pass-text/fail-text in filtering; closes #63
9acca4f add wildcard to predefined excludes
d809f61 timeout if httpd is hung; closes #61
51eaf87 exclude common cPanel proxy subdomains; closes #64
2eeb0a1 re-add ld-flags for debugging
cb70e21 standardize domain flags
39f11ec update vendor deps
97f5d04 utilize goreleaser and update Makefile
dcf5a4d show as 10, rather than 10.0
faf25cf implement --show-warnings; closes #58
e090a25 remove no longer needed MinScore key
fb8053b make scan and output configs exported, and embedded in json out
a7a3eca cut down on test debugging output
bf901a3 implement TestResult.FailedTests()
50f8e5e minor styling changes
0d68a8f include body in crawl time
da6bcf9 fix bug which prevents html results from appearing
cdbc452 add total score to score box
a58ad05 asset status info, asset graph generation
b69d43d add ContentType header as key for assets
4da76ba add better support for content length data, by actually reading and discarding asset body bytes
2601b53 strip out misc. asset data to lower generated json footprint
d5e64a2 strip out some data from json generated text
396b3cc html: implement listing of headers as well as assets
1930d95 add URLString param for easy string access via json
9a4a583 html: result counter, add bar when there are no results
3d8e8c0 html: implement failed and successul routes/pages
fc4a21c validate null search params
114e109 add more version info; implement style changes; add search functionality on index; fix bugs in url update checks
889a637 implement more specific version information in json output
b85fc51 add documentation links
034227f fix panic due to not properly checking if the webserver isn't bound to a port
429a7d7 add a bunch more data into the result dropdowns, extra styling
27053d4 add coloring and padding to raw data in html
ce9baf2 update non-logged in issue submission
c9f61c3 better support for clicking links and displaying additional details
05bac26 implement skipping of remote redirects during --no-remote; closes #43
d4da523 update errors to be more comparible for scraper/http
40fc9a2 fix process scanning even if /proc/pid/comm doesn't exist; closes #47
b87059e update codebeat badge link
b97ee70 smaller compression ratios for build binary
d71a1b7 Liamraystanley -> lrstanley
6dc12dc update score count styling
9900f2e minor bug fixes and extra docs
609a5a4 utilize TLS handshake wrapper to shorten html/json output
62a3e20 trim host file entries, as well as response body
3e947ca add support for --json and --json-pretty to dump json results to file
b93acba add support for --test-ignore to match against the origin string (e.g. file path)
af91773 add additional virtual test to check for failed assets (closes #39)
7b396ee rename body -> text within tests
a46b502 add "No input file specified" test (closes #45)
39fcf59 quite a bit of refactoring to the frontend
1a28cda rewrite --allow-insecure to be more concise
a744d4b minify html/css/js output, add TimeScanned result
e35f8aa re-add necessary vendoring libraries
46fd5bd correct vendoring
c65adc5 add additional library for minification processing
40f7f28 more work towards html generated pages
ddea5d9 remove unneeded comment
b755b2f start working on generating html results, move tests -> data/tests
ce85355 ignore test.html files
01eb918 select views by clicking
5c36a20 Merge branch 'master' of
51f8f2d fix duplicate scan bug
900e34a Update
d9ac8bd Update
0c82918 Update
580804a Update
67282e7 Update
1523f4a more descriptions and such
e9340d6 fix typo
1da27d9 add limitations and contributing section to the readme
b5322b6 re-implement sub-commands (closes #15)
13921c7 add --http-timeout (closes #40)
afb6fe4 add performance boost for running tests when multiple domains are being tested
427db48 fix issues when --ignore-remote skips resources (closes #42)
22d6bc0 ignore vendor folder during tests
ff4906b Merge branch 'master' of
c95ebd6 update crawling to allow custom domain lists
96038a3 remove make all from build, only run tests
a9ac946 remove 1.7.1 from tests too, just use tip
baccb55 remove 1.6.x from testing
3609c69 Update
749c6e4 Update
5f0f1eb add common err msg checking for non-english languages (closes #37)
c98fbe0 similitude for other readme sections
5c5cab2 remove linting from testextended
35347d6 moar linting
622b6ea fix spelling mistake
5dbaf88 increase duplicate char checks and fix spelling mistake
15f2f29 utilize finder struct field
7305fe5 redesign 'make lint' and add 'lintextended'; add 'testextended' and now 'make test' uses short tests by default
b7f6131 useless use of err != nil
e7f8a62 correct documentation
bf3f4b9 move around Makefile to put tool dep. fetching into separate hooks
f2515ad remove items from gitignore
b679142 start using govendor for version dependencies
5e0f0cd don't ignore govendor files
aa9d827 re-fix issues with gocui api breakage
1c80153 re-add httpbin tests
ec14d3a add legend to bottom of the screen
37011fd update failures view to actually show errors
e9ec14c add full server scan support with delegated output
1a34d65 temporarily disable httpbin tests until httpbin has resolved it's remote issues
c34ced5 add additional doc for Scan
9d30f94 Merge branch 'master' of
6b48c4d add super basic scan all function
6d3de17 check if the host is an ip before applying it within the Host header
fbae239 fix issues with setcurrentview and ui
7429b53 move additional headers to request wrap
269f640 some brief unit testing for html tag uris
66fe515 additional checks to prevent errors
873518d fix bug with some rare relative path situations
e487921 split out tag parsing
e7253c4 add accept-language headers to request for sites that require this (closes #34)
d9b0db9 add data leak checks (closes #35)
ad8710d additional relative path bug fixes
f2f85dd additional documentation
85e52e4 fix bug with some relative urls during asset search
85b9b17 add additional debug logging and refactoring
a5b8b4c ensure utils/net checks for wildcard domains
a63caf3 add a wildcard hostname check
3c69d44 create basic view layout
4dc86ba move worker pool to external package reference
4244cc7 fix bug when url + ip address is being used with --domains
28c9582 update readme with better testing commands
32174ff refactor scraper a bit
4867042 rename test Domain -> Result, and Results -> FetchResults for clarification
06fd563 rename flag --resources to --assets
83cce72 rename Resources -> Assets
5423b29 move GetResults into tests
287fd5b add support for --ignore-insecure (closes #29)
9716c82 added alpha warning (closes #32)
adfc50d allow using stdin, rather than --domains
7aff6a8 add interactive count of how many matched (e.g. X number of resources)
bdc24a2 fix bug which was only applying duplicate matches as a single weight
c8d14ff add table of contents
ee34b30 fix syntax for command in readme
84f3578 add FAQ to readme, to help answer misc. questions
f9cb1fd remove some unnecessary codes, add some new ones. split out codes into 4 sections, now with different weight.
226c32a remove status codes that can be used for successful responses
ae9e474 add joomla exception page test
3e8af1d fix bug which caused a panic if only url (host + path) is specified with --domains
8dad96b add mysql extension/module error test

Built with go version go1.10 linux/amd64

Assets 6

@lrstanley lrstanley released this Oct 7, 2016 · 161 commits to master since this release

quuuuite a few commits in this one:

see the list of commits here

Assets 3

@lrstanley lrstanley released this Sep 27, 2016 · 226 commits to master since this release

Quite a few flags have changed, output has changed, and new commands have been added.

  • marill scan command has been added. this is an alias for just running marill without any arguments.
  • marill urls command has been added, replacing marill --print-urls.
  • marill tests and marill tests-extended have been added. these will list the currently loaded tests.
  • --domains has been added, which allows manually supplying the list of domain/ip/port pairs to scan.
  • --min-score for tests has been added. any domain which score falls below this line auto-fails.
  • --domain-* flags now also match domain/url hosts.
  • various --test* flags have been added with the new testing system.
  • --ignore-std-tests has been added which will bypass all builtin tests.
  • --recursive has been added to test sites recursively (not default!)
  • And many more things..
Assets 3

@lrstanley lrstanley released this Sep 15, 2016 · 282 commits to master since this release

Initial semi-working release. Proceed with caution, as likely contains bugs.

Assets 3
You can’t perform that action at this time.