Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Reserve IDs for Passive Community Scripts #8511

Merged
merged 1 commit into from
Jun 6, 2024
Merged

Reserve IDs for Passive Community Scripts #8511

merged 1 commit into from
Jun 6, 2024

Conversation

ricekot
Copy link
Member

@ricekot ricekot commented Jun 5, 2024

Reserve IDs for the following passive scripts in the zaproxy/community-scripts repo:

  • passive/google_api_keys_finder.js
  • passive/JavaDisclosure.js
  • passive/s3.js

@ricekot
Reserve IDs for Passive Community Scripts
78efe83 
Reserve IDs for the following passive scripts in the
zaproxy/community-scripts repo:

- passive/google_api_keys_finder.js
- passive/JavaDisclosure.js
- passive/s3.js

Signed-off-by: ricekot <github@ricekot.com>
ricekot
ricekot commented Jun 5, 2024
View reviewed changes
docs/scanners.md
@@ -257,6 +257,9 @@ Scan rules:
100031 DNS Email Spoofing [Script]
100032 WordPress Username Enumeration [Script]
100033 Server Side Template Injection [Script]
100034 Information Disclosure - Google API Key [Script]
100035 Information Disclosure - Java Stack Trace [Script]
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is this considered information disclosure? Should this be called "Java Stack Trace Disclosure"?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm good with Info Disclosure

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

At some point we should normalise between Information Leak and Information Disclosure.

@thc202 thc202 merged commit a241131 into zaproxy:main Jun 6, 2024
10 checks passed
@thc202
Copy link
Member

thc202 commented Jun 6, 2024

Thank you!

@github-actions github-actions bot locked and limited conversation to collaborators Jun 6, 2024
@ricekot ricekot deleted the reserve-script-ids branch June 7, 2024 03:51
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@thc202 thc202 thc202 approved these changes

@kingthorin kingthorin kingthorin approved these changes

Assignees
No one assigned
Labels
Type-Task
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@ricekot @thc202 @kingthorin