Gh0st
/
Nettacker
mirror of https://github.com/OWASP/Nettacker.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
2,682 Commits 14 Branches 13 Tags 27 MiB
Commit Graph

2682 Commits

Author SHA1 Message Date
Sam Stepanyan e806518878
Update wp_plugin_small.txt Add: really-simple-ssl (#962) 
Adding  'really-simple-ssl' Wordpress plugin to the list of plugins detected by Nettacker to help identify Wordpress sites vulnerable to CVE-2024-10924
 2024-11-17 00:56:32 +00:00
Sam Stepanyan ccdc3be7d7
Update wp_plugin_small.txt: chart-builder & happy-elementor-addons (#959) 
Adding happy-elementor-addons and chart-builder to the wordpress plugin list due to the latest CVEs: 
CVE-2024-10538(Stored XSS)  & CVE-2024-10571 (Unauth LFI)

Signed-off-by: Sam Stepanyan <sam.stepanyan@owasp.org>
 2024-11-14 16:26:34 +00:00
Arkadii Yakovets 9f51867da3
Update PR template (#951) 
* Update PR template

* Update Developers.md

---------

Co-authored-by: Sam Stepanyan <sam.stepanyan@owasp.org>
 2024-11-14 09:25:12 +00:00
dependabot[bot] 4b7f89dbe1
Bump zipp from 3.20.2 to 3.21.0 (#956) 
Bumps [zipp](https://github.com/jaraco/zipp) from 3.20.2 to 3.21.0.
- [Release notes](https://github.com/jaraco/zipp/releases)
- [Changelog](https://github.com/jaraco/zipp/blob/main/NEWS.rst)
- [Commits](https://github.com/jaraco/zipp/compare/v3.20.2...v3.21.0)

---
updated-dependencies:
- dependency-name: zipp
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-11-11 23:38:37 +00:00
dependabot[bot] dda7b32d1c
Bump ruff from 0.7.2 to 0.7.3 (#955) 
Bumps [ruff](https://github.com/astral-sh/ruff) from 0.7.2 to 0.7.3.
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](https://github.com/astral-sh/ruff/compare/0.7.2...0.7.3)

---
updated-dependencies:
- dependency-name: ruff
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-11-08 23:22:40 +00:00
Arkadii Yakovets 5f6bc8e0b3
Remove `numpy` dependency (#947) 
* Refactor code for future `numpy` removal

* Remove `numpy` dependency

* Update dependencies
 2024-11-05 18:38:42 +00:00
dependabot[bot] a5f55386b3
Bump ruff from 0.7.1 to 0.7.2 (#954) 
Bumps [ruff](https://github.com/astral-sh/ruff) from 0.7.1 to 0.7.2.
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](https://github.com/astral-sh/ruff/compare/0.7.1...0.7.2)

---
updated-dependencies:
- dependency-name: ruff
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-11-01 23:47:23 +00:00
dependabot[bot] 2dc69b6f3c
Bump pytest-cov from 5.0.0 to 6.0.0 (#953) 
Bumps [pytest-cov](https://github.com/pytest-dev/pytest-cov) from 5.0.0 to 6.0.0.
- [Changelog](https://github.com/pytest-dev/pytest-cov/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/pytest-dev/pytest-cov/compare/v5.0.0...v6.0.0)

---
updated-dependencies:
- dependency-name: pytest-cov
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-10-29 23:59:18 +00:00
Arkadii Yakovets 1391affeb4
Refactor code for future `numpy` removal (#946) 2024-10-27 16:40:44 +00:00
Phantomwise 3583272ecc
Update fr.yaml with scan comparision messages (#952) 2024-10-27 11:17:59 +00:00
dependabot[bot] cd8c7f41cc
Bump werkzeug from 3.0.4 to 3.0.6 (#950) 
Bumps [werkzeug](https://github.com/pallets/werkzeug) from 3.0.4 to 3.0.6.
- [Release notes](https://github.com/pallets/werkzeug/releases)
- [Changelog](https://github.com/pallets/werkzeug/blob/main/CHANGES.rst)
- [Commits](https://github.com/pallets/werkzeug/compare/3.0.4...3.0.6)

---
updated-dependencies:
- dependency-name: werkzeug
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-10-26 17:58:43 +00:00
dependabot[bot] 0ba7392a9a
Bump ruff from 0.7.0 to 0.7.1 (#949) 
Bumps [ruff](https://github.com/astral-sh/ruff) from 0.7.0 to 0.7.1.
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](https://github.com/astral-sh/ruff/compare/0.7.0...0.7.1)

---
updated-dependencies:
- dependency-name: ruff
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-10-25 17:01:08 +00:00
dependabot[bot] 80615c984a
Bump coverage from 7.6.3 to 7.6.4 (#948) 
Bumps [coverage](https://github.com/nedbat/coveragepy) from 7.6.3 to 7.6.4.
- [Release notes](https://github.com/nedbat/coveragepy/releases)
- [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst)
- [Commits](https://github.com/nedbat/coveragepy/compare/7.6.3...7.6.4)

---
updated-dependencies:
- dependency-name: coverage
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-10-21 22:35:46 +00:00
dependabot[bot] 637aa76508
Bump ruff from 0.6.9 to 0.7.0 (#945) 
Bumps [ruff](https://github.com/astral-sh/ruff) from 0.6.9 to 0.7.0.
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](https://github.com/astral-sh/ruff/compare/0.6.9...0.7.0)

---
updated-dependencies:
- dependency-name: ruff
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-10-18 16:36:35 +00:00
dependabot[bot] 3078b0c308
Bump sqlalchemy from 2.0.35 to 2.0.36 (#944) 
Bumps [sqlalchemy](https://github.com/sqlalchemy/sqlalchemy) from 2.0.35 to 2.0.36.
- [Release notes](https://github.com/sqlalchemy/sqlalchemy/releases)
- [Changelog](https://github.com/sqlalchemy/sqlalchemy/blob/main/CHANGES.rst)
- [Commits](https://github.com/sqlalchemy/sqlalchemy/commits)

---
updated-dependencies:
- dependency-name: sqlalchemy
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-10-16 15:39:04 +00:00
dependabot[bot] 4d4600620c
Bump coverage from 7.6.1 to 7.6.3 (#942) 
Bumps [coverage](https://github.com/nedbat/coveragepy) from 7.6.1 to 7.6.3.
- [Release notes](https://github.com/nedbat/coveragepy/releases)
- [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst)
- [Commits](https://github.com/nedbat/coveragepy/compare/7.6.1...7.6.3)

---
updated-dependencies:
- dependency-name: coverage
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-10-15 17:39:38 +00:00
Sam Stepanyan c26625de4e
Adding litespeed-cache to wp_plugin_small.txt (#941) 
Adding litespeed-cache plugin affected by CVE-2024-47374 to the list of WordPress plugins to scan for

Signed-off-by: Sam Stepanyan <sam.stepanyan@owasp.org>
 2024-10-14 01:35:10 +00:00
dependabot[bot] 942c398c1e
Bump ruff from 0.6.8 to 0.6.9 (#936) 
Bumps [ruff](https://github.com/astral-sh/ruff) from 0.6.8 to 0.6.9.
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](https://github.com/astral-sh/ruff/compare/0.6.8...0.6.9)

---
updated-dependencies:
- dependency-name: ruff
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-10-05 05:27:55 +00:00
Sam Stepanyan 5dd0fdfb73
Merge pull request #935 from arkid15r/update-ci-cd 
Update ci cd
 2024-10-03 18:22:32 +00:00
Sam Stepanyan 7afe41519d
Merge branch 'master' into update-ci-cd 2024-10-03 19:13:24 +01:00
Arkadii Yakovets bffb531731
Merge pull request #930 from OWASP/dependabot/pip/aiohttp-3.10.8 
Bump aiohttp from 3.10.5 to 3.10.8
 2024-10-03 15:51:57 +00:00
Arkadii Yakovets dc40d1912b
Merge pull request #931 from OWASP/dependabot/pip/multiprocess-0.70.17 
Bump multiprocess from 0.70.16 to 0.70.17
 2024-10-03 15:41:55 +00:00
Arkadii Yakovets d61e78a2f5
Merge pull request #934 from tadash10/patch-2 
Added Spanish translations for scan comparison (issue  #905 )
 2024-10-03 15:38:57 +00:00
Arkadii Yakovets 4d4751905e
Update the branch name 2024-10-02 08:49:33 -07:00
Arkadii Yakovets 6f60092f42
Update CI/CD triggers 
Add main branch push
 2024-10-02 08:41:49 -07:00
T1 536b5f0c1f
Update es.yaml 
Added Spanish translations for scan comparison (issue  #905 )

Signed-off-by: T1 <126980610+tadash10@users.noreply.github.com>
 2024-10-01 18:09:32 -03:00
dependabot[bot] a1b382cd56
Bump multiprocess from 0.70.16 to 0.70.17 
Bumps [multiprocess](https://github.com/uqfoundation/multiprocess) from 0.70.16 to 0.70.17.
- [Release notes](https://github.com/uqfoundation/multiprocess/releases)
- [Commits](https://github.com/uqfoundation/multiprocess/compare/0.70.16...0.70.17)

---
updated-dependencies:
- dependency-name: multiprocess
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-09-30 22:45:59 +00:00
dependabot[bot] 8b20d5c79d
Bump aiohttp from 3.10.5 to 3.10.8 
Bumps [aiohttp](https://github.com/aio-libs/aiohttp) from 3.10.5 to 3.10.8.
- [Release notes](https://github.com/aio-libs/aiohttp/releases)
- [Changelog](https://github.com/aio-libs/aiohttp/blob/master/CHANGES.rst)
- [Commits](https://github.com/aio-libs/aiohttp/compare/v3.10.5...v3.10.8)

---
updated-dependencies:
- dependency-name: aiohttp
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-09-30 22:45:12 +00:00
Arkadii Yakovets 2fbd9f6fa6
Merge pull request #928 from OWASP/cups_cve 
New module: cups_version_scan to help with the vulnerable CUPS printe…
 2024-09-29 18:52:37 +00:00
Sam Stepanyan 546042dea5 New module: cups_version_scan to help with the vulnerable CUPS printer detection 2024-09-29 19:41:48 +01:00
Arkadii Yakovets ce06bc504a
Add `merge_group` trigger (#927) 2024-09-29 11:36:10 -07:00
Sam Stepanyan b0db4adb68
Updated wp_plugin_small.txt with the-events-calendar (CVE-2024-8275) (#926) 
Added  the-events-calendar to the list as it has Unauthenticated SQL Injection vulnerability (SQLi) CVE-2024-8275

Signed-off-by: Sam Stepanyan <sam.stepanyan@owasp.org>
 2024-09-29 11:13:49 -07:00
Sam Stepanyan ce60702ef0
Merge pull request #923 from OWASP/securestep9-docs-0.4.0-installation-patch-1 
Update docs Installation.md for 0.4.0
 2024-09-27 17:11:50 +01:00
Sam Stepanyan 3f1a861200
Update docs/Installation.md 
Co-authored-by: Arkadii Yakovets <2201626+arkid15r@users.noreply.github.com>
Signed-off-by: Sam Stepanyan <sam.stepanyan@owasp.org>
 2024-09-27 15:20:58 +01:00
Sam Stepanyan 3131ab0093
Update docs/Installation.md 
Co-authored-by: Arkadii Yakovets <2201626+arkid15r@users.noreply.github.com>
Signed-off-by: Sam Stepanyan <sam.stepanyan@owasp.org>
 2024-09-27 15:20:51 +01:00
Sam Stepanyan df1a12c9d0
Update docs Installation.md for 0.4.0 
Updated docs to have the correct installation method using 'pip3 install nettacker' command

Signed-off-by: Sam Stepanyan <sam.stepanyan@owasp.org>
 2024-09-27 04:01:16 +01:00
Sam Stepanyan 12170a372a
Merge pull request #922 from OWASP/securestep9-ivanti_vtm_version_scan-docs-patch-1 
add ivanti_vtm_version_scan to docs
 2024-09-27 03:31:21 +01:00
Sam Stepanyan 20f5f3cd3a
Merge branch 'master' into securestep9-ivanti_vtm_version_scan-docs-patch-1 2024-09-27 01:24:51 +01:00
Sam Stepanyan d4d0016498
add ivanti_vtm_version_scan to docs 
Updated  Modules documentation to include  the new ivanti_vtm_version_scan module

Signed-off-by: Sam Stepanyan <sam.stepanyan@owasp.org>
 2024-09-27 01:14:37 +01:00
Sam Stepanyan 7c2479a00e
Merge pull request #918 from OWASP/ivanti_vtm_ldate 
new module: ivanti_vtm_version_scan
 2024-09-27 01:13:19 +01:00
Sam Stepanyan 506b3b4371
Merge branch 'master' into ivanti_vtm_ldate 2024-09-27 00:51:36 +01:00
Sam Stepanyan 42bd36d5a1
Merge pull request #916 from OWASP/ssd 
adding "-d" as a shortcut for "--skip-service-discovery" + docs
 2024-09-27 00:41:54 +01:00
Arkadii Yakovets 95f6d4f59f
Merge branch 'master' into ivanti_vtm_ldate 2024-09-26 16:35:20 -07:00
dependabot[bot] 4a2aba05e0
Bump ruff from 0.6.7 to 0.6.8 (#920) 
Bumps [ruff](https://github.com/astral-sh/ruff) from 0.6.7 to 0.6.8.
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](https://github.com/astral-sh/ruff/compare/0.6.7...0.6.8)

---
updated-dependencies:
- dependency-name: ruff
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-09-26 16:34:46 -07:00
Arkadii Yakovets 453fefff1c
Add CODEOWNERS (#919) 2024-09-26 14:49:48 -07:00
Sam Stepanyan d01b1aa511
Merge pull request #917 from arkid15r/ark/update-ci-cd 
Update CI/CD: trigger PyPI job on tag push
 2024-09-26 21:17:01 +01:00
Sam Stepanyan 0a0e2d6fc1 new module: ivanti_vtm_version_scan 2024-09-26 21:05:52 +01:00
Arkadii Yakovets d79426ece7
Update CI/CD: trigger PyPI job on tag push 2024-09-26 13:00:44 -07:00
Sam Stepanyan efa2c4df94 reformat 2024-09-26 08:09:38 +01:00
Sam Stepanyan 14933497e9 adding "-d" as a shortcut for "--skip-service-discovery" with relevant Usage documentation update 2024-09-26 07:59:20 +01:00