Skip to content

Version 2.2.0

Latest
Latest

Choose a tag to compare

View all tags
@warriordog warriordog released this 17 Jun 17:25
· 17 commits to main since this release
v2.2.0
f91b0e1

Major Changes:

  • Output can now include information about the matched rules, including vulnerability details, links to more information, and relevant CVEs. These details can be enabled with --rule-desc=y, --rule-links=y, and --rule-cve=y.
  • TSV output now includes a header for easier viewing in TSV/CSV editor applications. Enable with --tsv-header=y.
  • Core refactor - Scanner has been split into three parts:
    • Matcher - contains the rule matching logic
    • Writer - writes match details to output
    • Scanner - glue logic to link Matcher and Writer.

Minor Changes:

  • Fix Malware/Mozi being case-sensitive and matching substrings
  • Rework Payload/Downloader/wget, Payload/Downloader/curl, and Payload/Downloader/nc to use a more efficient and more permissive regular expression. This may result in more false positives, but there will be less false negatives. The rules should also capture more arguments and URLs.
  • Payload/Eval is renamed to Payload/generic/Eval

Full Changelog | Commits since Last Version

Assets 3
Loading