| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Changes:
0.0.12
------
Adds one more exception that the HTML parser could raise.
0.0.11
------
Add desktop.ini tests.
Add symfony debugging on 404 pages.
Support php-cs-fixer v3 cache file format.
Add apache server-info check.
0.0.10
------
New test for thumbs.db (Windows metadata).
New test for Wordpress duplicator installer files and directory listings.
|
|
|
|
They now have a tool dependency on py-setuptools instead of a DEPENDS
|
|
For the Python 3.8 default switch.
|
|
Changes:
0.0.9
-----
- Add .orig extension to backupfiles test.
- Add new tests for wordpress debug.log files and url-encoded HTTP header.
- Minor bugfixes.
|
|
Changes:
0.0.8
-----
- add vb_test.php check
- add phpinfo test
0.0.7
-----
- add a test for openelasticsearch
- add check for django debugging on error pages
- print more information about invalid hostnames
- add laravel telescope test
|
|
Changes:
(No changelog available but main changes inspecting commits):
- Add check for wordpress installer in subdir
- Remove CVS test, produces too false positives and hardly any true positives
- Add installer check for common PHP web applications
- Add info check for composer files
- Add info check for mailman
- Add check for monit default webinterface credentials
- Rework optionsbleed check and avoid ReDoS attack (upstream issue #24)
|
|
snallygaster is a tool that looks for files accessible on web servers that
shouldn't be public and can pose a security risk.
Typical examples include publicly accessible git repositories, backup files
potentially containing passwords or database dumps. In addition it contains a
few checks for other security vulnerabilities.
|
