v1.37

Console

Added scan engine pooling support to support both nmap and masscan. Multiple scan engines can be assigned to a pool, and that pool can be assigned to a site. A site's targets will be evenly distributed between the number of scan engines in the pool.

Caveats are that it does not understand CIDR notation. If the targets are 10.0.0.0/24 192.168.1.0/24 10.1.2.3, it will not evenly distribute the 513 targets (256 + 256 + 1) evenly across the scan engines. If 3 scan engines are in the pool, engine1 will scan 10.0.0.0/24, engine2 will scan 192.168.1.0/24, and engine3 will scan 10.1.2.3.

Another caveat is that the separate scan files (both .xml and .json) for pooled scans are not combined to make a final merged file. That capability will be coming later, for now, the onus is on the user to combine them.

API Client

• The API client has not been updated to utilize the new /api/engine_pools endpoint.

v1.36

• Renamed the 2 major components of Scantron to be more in line with commercial industry scanners and better reflect their purpose. The agents are now referred to as engines, and master is now console.
• No other issues or features were added to this release.

v1.35

Master

• Added missing queryset's back to API views. HTTP 500 was being returned without them.

v1.34

Master

• Added uwsgi_read_timeout 600; and client_max_body_size 4M; to the nginx configuration
• Tuned down max-requests in scantron_uwsgi.ini from 5000 to 50. Was having memory issues when retrieving large masscan result files consecutively.
• Bumped any target type fields to have a max_length of 4194304 (previously 1048576)

API Client

• scantron_api_secrets.json now contains a scantron key with the server details. Allows secrets to be stored in a file containing other secrets.

v1.33

Master

• Validates scan status transitions (#204)
• Allows paused scans to be cancelled without having to go through "cancel" state (#206)
• Bumped Master Django version to 2.2.13 for #211

Agent

• Bumped agent.py to version 1.01 - prettified json scan object for easier reading in logs

v1.32

API Client

• Added CRUD functions for globally excluded targets.

Master

• Bumped fqdn library from 1.2.0 to 1.4.0 to fix a bug with numeric TLDs.
• Added GloballyExcludedTarget to track different globally excluded targets.
• Streamlined views in master/django_scantron/api/views.py with the permission_classes = (IsAuthenticated, IsAdminUser) line to prevent agents from even seeing the other API endpoints. Ensures the agents can only view the /api/scheduled_scans endpoint.
• Removed agent visibility of /results API endpoint.
• Explicitly identified which ScheduledScan fields are read only to prevent an agent from making updates to fields that it shouldn't, such as site_name, scan_agent, or targets against the /api/scheduled_scans endpoint.
• masscan --excludefile and -iL switches can only contain IP addresses. Added logic in master/scan_scheduler.py to remove non-IP addresses if the scan binary is masscan.

v1.31

Agent

Massive overhaul of agent.py. Consolidated all agent-related Python files into a single agent.py file to:

• Utilize native Python libraries and not depend on third party or custom libraries (like requests).
• Be a single file so it can be easily moved, downloaded, or transferred between systems.
• Bumped agent_config.json's default number_of_threads from 1 to 8.
• Added supported_scan_binaries key to agent_config.json to allow agent's to advertise what scan capabilities they have. This is an inert functionality right now, but will hopefully allow Master to provide dynamic scanning templates based on what scan binaries an agent can support.
• Added version to agent.py to start tracking when agent.py is updated

Master

• Added capability to cancel and pause nmap and masscan scans from Master. No need to kill the process manually on the agents. Currently, the scan status state must be updated in the /scantron-admin/django_scantron/scheduledscan/ endpoint, which is not ideal, because that endpoint should not be interfaced with.
• Added master/scan_results/cancelled directory to hold cancelled scan files in the event they are needed at a future time
• Started tracking process ID of nmap / masscan scans.

Misc

• Added some updates to processing logic in master/scan_results/masscan_json_to_csv.py .

v1.30

• Added "cancelled" option to scans status. Currently, cancelling a scan through Master is not supported and must be done manually on the agents by killing an nmap/masscan process. This is more of an informational status right now.

v1.29

• Added the capability to enable/disable a scan. Useful if a periodic scan needs to be disabled for a few days.

v1.28

• Allow multiple email addressees for alert recipients