Releases 1.4.0
Added
Support for authenticated scans using different authentication types (#95 )
Replace TargetTechnology and TargetVulnerability entities by InputTechnology and InputVulnerability entities (#97 )
New popup for the management of target details: target ports, authentication, input technologies and vulnerabilities (#97 )
Support for Nuclei tool (#100 )
Support for Spring4Shell Scan tool (#102 )
Support for Gobuster tool (#106 )
New default wordlists (#109 )
Save default wordlists size after database migration (#109 )
Save the reason of skipped executions in output_plain field (#121 )
Changed
Remove TargetEndpoint entity because they are useless for all tools (#92 )
Optimize API handlers to reduce duplicated code (#96 )
Remove password wordlists because they are useless for all tools (#101 )
Replace cisagov/log4j-scanner tool by fullhunt/log4j-scan (#103 )
Move stage parameter from Tool entity to Configuration to allow configurations of the same tool to belong to different stages (#108 )
Improve favourities filters on web interface (#110 )
Upgrade requests to version 2.28.1 (#114 )
Fixed
Deploy Telegram bot automatically after configuring the Telegram token (#93 )
Allow the creation of tasks without specific wordlist from the Telegram bot (#98 )
Only apply input parameters for tool executions (#99 )
Filter host inputs by distinct address type to prevent errors in tool configurations (#107 )
Fix icon size and resolution to improve user experience on web interface (#111 )
Configure CMSeeK to don't ask user about anything (#115 )
Fix usage of specific environment variables for tool executions (#119 )
Security
Validate target addresses to prevent scannings of the internal Rekono infrastructure (#94 )
Upgrade setuptools to version 65.6.3 (#105 )
You can’t perform that action at this time.
