* sarif fully done, dd.json little left
* This is good to go now
* pre-commit fixes
* updated
* removing redundancy and less i/o operations
* ruff fixes
* fixed tests for Path.open
* rabbit suggestions
* added relevant documentation
* slight change in doc
* removing empty files that were added by mistake
* updated datatime format according to coderabbit's suggestions
* removed the vulnerability profile as it a subset of vuln
* removed brute_force profile as it is exactly same as brute
* removed cve_2021_38702 as a profile, its already there in cve, cve2021 and more relevant ones
* removed the puneethreddyrc profile
* removed information_gathering profile, added graphql.yaml to info
* removed the wp profile, it was a subset of wordpress
* removed the infortmation profile
* made relevant changes to the doc
* coderabbit suggestions
* Create paloalto_globalprotect_cve_2025_0133.yaml
new module for CVE-2025-0133
* Updated docs/Modules.md
updated docs
* Update nettacker/modules/vuln/paloalto_globalprotect_cve_2025_0133.yaml
CodeRabbit YAML formatting suggestion - we have this issue pretty much with all YAML files, so a separate tidy-up PR will be needed in the future
Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
Signed-off-by: Sam Stepanyan <sam.stepanyan@owasp.org>
---------
Signed-off-by: Sam Stepanyan <sam.stepanyan@owasp.org>
Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
* feature: exclude certain ports from being scanned
* ruff fixes
* handling exception for vulnerablility modules
* not relying on try and except
* updated documentation, changed flag
* test case for module file
* update test
* mocking the database calls, that's probably the issue
* removed breaking test for now
* coderabbit suggested change, minor code refactoring
* ruff fixes
---------
Signed-off-by: Achintya Jai <153343775+pUrGe12@users.noreply.github.com>
* [feature] add custom headers for http requests via CLI. Removes sensitive info before logging in the database
* better help message
* input validation - coderabbit changes
* ruff fixes
* allow for header chaining with multiple -H flags and for complex headers involving comma separated values
* test case for http.py that include using headers. Added pytest-asyncio for the same
* ruff fixes
* formatting changes suggested by coderabbit
* docs update
* correct usage and en.yaml file
* Update paloalto_panos_cve_2025_0108.yaml added cisa_kev
Adding cisa_kev profile to the module:
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has just added this CVE-2025-0108 impacting Palo Alto Networks PAN-OS to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.
* adding sonicwall_sslvpn_cve_2024_53704_vuln module
* move paloalto_panos_cve_2025_0108.yaml to nettacker/modules/vuln/paloalto_panos_cve_2025_0108.yaml
Fix of the incorrect location for the module
Signed-off-by: Sam Stepanyan <sam.stepanyan@owasp.org>
* Delete Modules.md in wrong location
location fix
Signed-off-by: Sam Stepanyan <sam.stepanyan@owasp.org>
* Update Modules.md with CVE-2025-0108
added CVE-2025-0108 module to the docs
Signed-off-by: Sam Stepanyan <sam.stepanyan@owasp.org>
---------
Signed-off-by: Sam Stepanyan <sam.stepanyan@owasp.org>
Sam Stepanyan
Achintya Jai
Manav Acharya
Arkadii Yakovets
Akshay Behl