* Update Dockerfile
multi-stage Dockerfile
* Update ci_cd.yml
modifications to support Dockerfile entrypoint changes
* Update Dockerfile
added --no-deps --no-cache-dir
* Update Dockerfile
added OCI Label and remove the whl file after installation following the CodeRabbit review
* Update Dockerfile
moved OCI label as copy-pasted in the wrong place
* Update Dockerfile
as per suggestion
Co-authored-by: Arkadii Yakovets <2201626+arkid15r@users.noreply.github.com>
Signed-off-by: Sam Stepanyan <sam.stepanyan@owasp.org>
---------
Signed-off-by: Sam Stepanyan <sam.stepanyan@owasp.org>
Co-authored-by: Arkadii Yakovets <2201626+arkid15r@users.noreply.github.com>
* earlier selecting the select all profiles selects the all scan methods instead of profiles, fixed that now select all profiles works perfectly
* was taking all_profiles also its name, fixed that by adding condition
* unicode encoding of special characters to avoid breaking the HTML graph
* rerun checks
* ruff
---------
Co-authored-by: Sam Stepanyan <sam.stepanyan@owasp.org>
* adding new features to the web UI
* minor bug fix
* ruff fixes
* removing debugging statement
* code-rabbit suggested changes
---------
Co-authored-by: Sam Stepanyan <sam.stepanyan@owasp.org>
* Create paloalto_globalprotect_cve_2025_0133.yaml
new module for CVE-2025-0133
* Updated docs/Modules.md
updated docs
* Update nettacker/modules/vuln/paloalto_globalprotect_cve_2025_0133.yaml
CodeRabbit YAML formatting suggestion - we have this issue pretty much with all YAML files, so a separate tidy-up PR will be needed in the future
Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
Signed-off-by: Sam Stepanyan <sam.stepanyan@owasp.org>
---------
Signed-off-by: Sam Stepanyan <sam.stepanyan@owasp.org>
Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
* feature: exclude certain ports from being scanned
* ruff fixes
* handling exception for vulnerablility modules
* not relying on try and except
* updated documentation, changed flag
* test case for module file
* update test
* mocking the database calls, that's probably the issue
* removed breaking test for now
* coderabbit suggested change, minor code refactoring
* ruff fixes
---------
Signed-off-by: Achintya Jai <153343775+pUrGe12@users.noreply.github.com>
* [feature] add custom headers for http requests via CLI. Removes sensitive info before logging in the database
* better help message
* input validation - coderabbit changes
* ruff fixes
* allow for header chaining with multiple -H flags and for complex headers involving comma separated values
* test case for http.py that include using headers. Added pytest-asyncio for the same
* ruff fixes
* formatting changes suggested by coderabbit
* docs update
* correct usage and en.yaml file
* Update dependencies in poetry.lock and pyproject.toml for new packages
* feat: add SMB brute force module
* feat: add unit tests for SMB brute force module
* ran make pre-commit
---------
Co-authored-by: Sam Stepanyan <sam.stepanyan@owasp.org>
* Config-scan
* Update config_wordlist.txt
Adding possible configuration file names
* Update config_wordlist.txt
Updating the wordlist to remove spaces in the urls
---------
Co-authored-by: Sam Stepanyan <sam.stepanyan@owasp.org>
* fixing mysql connections using pymysql
* fixing threading issues
* fixed postgres conns
* fix ruff
* reverting to original config
* sslmode as a user configurable parameter
* adding default loop policy for asyncio
* added custom wordlist functionality
* lint fix
* bug fixes
* added break after first detection to exit for loop
* removed custom read from brute scans because its already implemented there
* updated according to suggested changes
* cleared old code
* fixed lint
* made requested changes
* made suggested changes
* lint fix
* changed user_wordlist to read_from_file
Sam Stepanyan
Davda James
Achintya Jai
dependabot[bot]
Son Sulung Suryahatta Asnan
Arkadii Yakovets
Packet Phantom
Manav Acharya
dyp4r
Soumyaditya Batabyal