Burning Cavern

Overview

Minor fixes to handle edge-cases in ZIP handling, as well as adding support for more archive types 🎉

🛠️ New Features

• Support for iso, rpm, and 7z archive types - via libarchive.

🍩 Improvements

• N/A

🐛 Bug Fixes

• Gracefully handle encrypted ZIPs and ZIPs with invalid members.

Blood Moon

🛠️ New Features

• N/A

🍩 Improvements

• Moving stacs to stacs.scan for improved interoperability with other STACS components.

🐛 Bug Fixes

• A few non-impacting updates to docstrings

Wind Mountain

🛠️ New Features

• Pulled in latest STACS rules, which includes new rules for the following crypt hashes:
  • md5
  • sha1
  • sha256
  • sha512
  • bcrypt
  • nthash

🍩 Improvements

• Better path expansion (with thanks to @renbou!)

🐛 Bug Fixes

• Spelling fixes and code clean-up (with thanks to @renbou!)

Thunder Mountain

🛠️ New Features

• Recursive archive scanning (tar, gz, xz, bz2, zip formats).
  • Based on identified file formats, rather than file suffix.
  • Able to support formats based on these types - such as apk, jar, etc.
• Composable ignore lists.
  • Composable from local files.
• Composable rule packs.
  • Composable from local files.
• SARIF format output.
• 20-byte "Context" for findings.
  • Provides information about lines / bytes before and after the finding.
• CLI support.
• Docker container support.
  • Scan results are sent to STDOUT and log messages to STDERR.

🍩 Improvements

• N/A

🐛 Bug Fixes

• Fixes binary context encoding issue during SARIF output.