Skip to content

Releases: pablosnt/rekono

1.4.2

16 Feb 18:01
@pablosnt pablosnt
1.4.2
481345f
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
1.4.2

Fixed

  • Prevent overriding of user data with default data after execute migrate command (#149)
Assets 2
Loading

1.4.1

15 Feb 19:13
@pablosnt pablosnt
1.4.1
338a60b
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
1.4.1

Fixed

  • Upgrade node-ipc to version 9.2.6 to fix incompatibilities with Node 19 (#138)
  • Upgrade psycopg2 to version 2.9.5 to fix incompatibilities with Python 3.11 (#142)

Security

  • Upgrade Django to version 3.2.18 (#143)
Assets 2
Loading

1.4.0

11 Jan 17:41
@pablosnt pablosnt
1.4.0
8c82834
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
1.4.0

Added

  • Support for authenticated scans using different authentication types (#95)
  • Replace TargetTechnology and TargetVulnerability entities by InputTechnology and InputVulnerability entities (#97)
  • New popup for the management of target details: target ports, authentication, input technologies and vulnerabilities (#97)
  • Support for Nuclei tool (#100)
  • Support for Spring4Shell Scan tool (#102)
  • Support for Gobuster tool (#106)
  • New default wordlists (#109)
  • Save default wordlists size after database migration (#109)
  • Save the reason of skipped executions in output_plain field (#121)

Changed

  • Remove TargetEndpoint entity because they are useless for all tools (#92)
  • Optimize API handlers to reduce duplicated code (#96)
  • Remove password wordlists because they are useless for all tools (#101)
  • Replace cisagov/log4j-scanner tool by fullhunt/log4j-scan (#103)
  • Move stage parameter from Tool entity to Configuration to allow configurations of the same tool to belong to different stages (#108)
  • Improve favourities filters on web interface (#110)
  • Upgrade requests to version 2.28.1 (#114)

Fixed

  • Deploy Telegram bot automatically after configuring the Telegram token (#93)
  • Allow the creation of tasks without specific wordlist from the Telegram bot (#98)
  • Only apply input parameters for tool executions (#99)
  • Filter host inputs by distinct address type to prevent errors in tool configurations (#107)
  • Fix icon size and resolution to improve user experience on web interface (#111)
  • Configure CMSeeK to don't ask user about anything (#115)
  • Fix usage of specific environment variables for tool executions (#119)

Security

  • Validate target addresses to prevent scannings of the internal Rekono infrastructure (#94)
  • Upgrade setuptools to version 65.6.3 (#105)
Assets 2
Loading

1.3.0

19 Nov 21:54
@pablosnt pablosnt
1.3.0
0c39ccd
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
1.3.0

Added

  • Popup to manage the target ports details (#87)
  • Improve user experience while the findings are obtained via API Rest (#88)

Security

  • Upgrade node Docker image version to 19.0.1-alpine (#85)
  • Upgrade djangorestframework-simplejwt version to 5.2.2 (#84)
Assets 2
Loading

1.2.0

01 Nov 12:21
@pablosnt pablosnt
1.2.0
8f3a88a
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
1.2.0

Added

  • Settings page to configure Defect-Dojo, Telegram and security properties (#71)

Fixed

  • Docker environment deployment using privileged users (#71)
  • Optimize the frontend build in Docker environment (#72)

Security

  • Use sessionStorage to store access and refresh tokens in the frontend (#74)
  • Upgrade node Docker image version to 18.9.1-alpine (#72)
Assets 2
Loading

1.1.0

16 Oct 18:15
@pablosnt pablosnt
1.1.0
1540225
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
1.1.0

Added

  • Create multiple targets at the same time (#49)
  • Execute tasks against multiple targets at the same time (#55)
  • Show executions duration in task page (#54)

Fixed

  • Show Defect-Dojo fields only when it is configured (#53)

Changed

  • Upgrade axios version to 0.27.2 (#62)
  • Upgrade vue-router version to 3.6.5 (#61)
  • Upgrade core-js version to 3.25.2 (#60)
  • Upgrade vue version to 2.7.10 (#59)
  • Upgrade sass version to 1.55.0 (#58)

Security

  • Upgrade Django version to 3.2.16 (#50)
Assets 2
Loading

1.0.1

20 Sep 17:31
@pablosnt pablosnt
1.0.1
832acc3
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
1.0.1

Fixed

  • Retry requests to Defect-Dojo API after unexpected errors (#39)
  • Retry requests to NVD NIST API to avoid blocks by the API rate limit and after unexpected errors (#39)
  • Save unique exploits based on its reference instead of edb_id (#30)
  • Prevent unexpected errors parsing malformed Sslscan reports (#27)

Changed

  • Optimize calculation of executions from previous findings to make process executions faster (#27)
  • Allow parentheses in text values like names and descriptions (#29)

Security

  • Upgrade nginx Docker image version to 1.22-alpine (#25)
  • Upgrade node Docker image version to 18.6.0-alpine (#25)
  • Upgrade python-libnmap version to 0.7.3 (#31)
Assets 2
Loading

1.0.0

19 Aug 19:05
@pablosnt pablosnt
1.0.0
20e35ee
Compare
Choose a tag to compare
1.0.0

Added

  • Execution of hacking tools
  • Execution of pentesting processes combining different hacking tools automatically
  • Execution of scheduled tasks
  • Search of projects and processes by tags
  • Like features for tools, processes and wordlists
  • Defect-Dojo integration to import findings from Rekono
  • User notifications by email and Telegram
  • Management of Projects, Targets, Wordlist and Users
  • Execution of tools and processes from Telegram Bot
  • Initial web UI
Assets 2
Loading