./security/snallygaster, Tool to scan for secret files on HTTP servers

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 0.0.12, Package name: snallygaster-0.0.12, Maintainer: leot

snallygaster is a tool that looks for files accessible on web servers that
shouldn't be public and can pose a security risk.

Typical examples include publicly accessible git repositories, backup files
potentially containing passwords or database dumps. In addition it contains a
few checks for other security vulnerabilities.


Required to run:
[net/py-dns] [devel/py-setuptools] [www/py-beautifulsoup4] [www/py-urllib3] [lang/python37]

Required to build:
[pkgtools/cwrappers]

Master sites:

Filesize: 24.643 KB

Version history: (Expand)


CVS history: (Expand)


   2022-07-23 17:19:38 by Leonardo Taccari | Files touched by this commit (2)
Log message:
snallygaster: Update to 0.0.12

Changes:
0.0.12
------
Adds one more exception that the HTML parser could raise.

0.0.11
------
Add desktop.ini tests.
Add symfony debugging on 404 pages.
Support php-cs-fixer v3 cache file format.
Add apache server-info check.

0.0.10
------
New test for thumbs.db (Windows metadata).
New test for Wordpress duplicator installer files and directory listings.
   2022-06-30 13:19:02 by Nia Alarie | Files touched by this commit (524)
Log message:
*: Revbump packages that use Python at runtime without a PKGNAME prefix
   2022-01-04 21:55:40 by Thomas Klausner | Files touched by this commit (1595)
Log message:
*: bump PKGREVISION for egg.mk users

They now have a tool dependency on py-setuptools instead of a DEPENDS
   2021-10-26 13:18:07 by Nia Alarie | Files touched by this commit (605)
Log message:
security: Replace RMD160 checksums with BLAKE2s checksums

All checksums have been double-checked against existing RMD160 and
SHA512 hashes

Unfetchable distfiles (fetched conditionally?):
./security/cyrus-sasl/distinfo \ 
cyrus-sasl-dedad73e5e7a75d01a5f3d5a6702ab8ccd2ff40d.patch.v2
   2021-10-07 16:54:50 by Nia Alarie | Files touched by this commit (606)
Log message:
security: Remove SHA1 hashes for distfiles
   2020-12-04 21:45:51 by Nia Alarie | Files touched by this commit (456)
Log message:
Revbump packages with a runtime Python dep but no version prefix.

For the Python 3.8 default switch.
   2020-10-09 17:23:58 by Leonardo Taccari | Files touched by this commit (2)
Log message:
snallygaster: Update to 0.0.9

Changes:
0.0.9
-----
 - Add .orig extension to backupfiles test.
 - Add new tests for wordpress debug.log files and url-encoded HTTP header.
 - Minor bugfixes.
   2020-07-13 18:14:56 by Leonardo Taccari | Files touched by this commit (2)
Log message:
snallygaster: Update to 0.0.8

Changes:
0.0.8
-----
 - add vb_test.php check
 - add phpinfo test

0.0.7
-----
 - add a test for openelasticsearch
 - add check for django debugging on error pages
 - print more information about invalid hostnames
 - add laravel telescope test