Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

✨ Add Passive Scan Feature #420

Merged
merged 22 commits into from
Sep 30, 2024
Merged

✨ Add Passive Scan Feature #420

merged 22 commits into from
Sep 30, 2024

Conversation

hahwul
Copy link
Member

@hahwul hahwul commented Sep 27, 2024
edited
Loading

Closed #419

Signed-off-by: HAHWUL [email protected]

@github-actions github-actions bot added 🦺 github-action Issue for GitHub actions 🛥️ workflow Issue for Workflows labels Sep 27, 2024
@hahwul hahwul self-assigned this Sep 27, 2024
@hahwul hahwul linked an issue Sep 27, 2024 that may be closed by this pull request
Add Passive Scan #419
Closed
@hahwul hahwul added this to the v0.18.0 milestone Sep 27, 2024
@hahwul hahwul changed the title ✨ Init passive_scan ✨ Add Passive Scan Feature Sep 28, 2024
@github-actions github-actions bot added ⚙️ options Issue for options (flag) ⛱️ config Issue for Configuration labels Sep 29, 2024
@github-actions github-actions bot added the 🔎 detector Issue for Detector label Sep 29, 2024
@github-actions github-actions bot added the 📦 output-builder Issue for output builder (format) label Sep 29, 2024
@hahwul
Copy link
Member Author

hahwul commented Sep 29, 2024
edited
Loading

Interim review

....
GET /token
  ○ body: client_id=&redirect_url=&grant_type=

GET /socket [websocket]

GET /1.html

GET /2.html

Passive Results:
ID: ...
Info: PassiveScan::Info(@name="ABCD", @author=["abcd", "aaaa"], @severity="critical", @description="....", @reference=["https://google.com"])
Matchers: [PassiveScan::Matcher(@type="word", @patterns=["api"], @condition="or"), PassiveScan::Matcher(@type="regex", @patterns=[".*", "^a"], @condition="or")]
Matchers Condition: and
Category: secret
Techs: *, ruby-rails
File Path: ./spec/functional_test/fixtures/crystal_kemal/src/testapp.cr
Line Number: 4
Extract:   env.request.headers["x-api-key"].as(String)

{
"passive_results": [
    {
      "id": "...",
      "info": {
        "name": "ABCD",
        "author": [
          "abcd",
          "aaaa"
        ],
        "severity": "critical",
        "description": "....",
        "reference": [
          "https://google.com"
        ]
      },
      "category": "secret",
      "techs": [
        "*",
        "ruby-rails"
      ],
      "file_path": "./spec/functional_test/fixtures/crystal_kemal/src/testapp.cr",
      "line_number": 4,
      "extract": "  env.request.headers[\"x-api-key\"].as(String)"
    }
]
}

@hahwul
Copy link
Member Author

hahwul commented Sep 29, 2024

스크린샷 2024-09-29 오후 10 50 08

@github-actions github-actions bot added the 💊 spec Issue for test codes label Sep 29, 2024
@github-actions github-actions bot added the 📑 documentation Improvements or additions to documentation label Sep 29, 2024
@hahwul
Copy link
Member Author

hahwul commented Sep 29, 2024

스크린샷 2024-09-29 오후 11 28 25

@hahwul hahwul marked this pull request as ready for review September 29, 2024 14:31
@hahwul
Copy link
Member Author

hahwul commented Sep 29, 2024

스크린샷 2024-09-29 오후 11 42 22

@hahwul hahwul merged commit cab41b7 into dev Sep 30, 2024
9 checks passed
@hahwul hahwul deleted the add-passive-scan branch September 30, 2024 09:43
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@hahwul hahwul

Labels
⛱️ config Issue for Configuration 🔎 detector Issue for Detector 📑 documentation Improvements or additions to documentation 🦺 github-action Issue for GitHub actions ⚙️ options Issue for options (flag) 📦 output-builder Issue for output builder (format) 🚔 passive-scan 💊 spec Issue for test codes 🛥️ workflow Issue for Workflows
Projects
None yet
Milestone
v0.18.0
Development

Successfully merging this pull request may close these issues.

Add Passive Scan
1 participant
@hahwul