-
Notifications
You must be signed in to change notification settings - Fork 561
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Address #1622, add securitytxt module #1628
Address #1622, add securitytxt module #1628
Conversation
Codecov ReportAttention: Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## dev #1628 +/- ##
=====================================
- Coverage 93% 93% -0%
=====================================
Files 341 343 +2
Lines 26040 26108 +68
=====================================
+ Hits 24012 24039 +27
- Misses 2028 2069 +41 ☔ View full report in Codecov by Sentry. |
@colin-stubbs this is some interesting stuff! I'm going to apologize in advance for not getting to it right away, being busy with the 2.0 release. But I should have time next week to give it a full review. |
@colin-stubbs solid module. Made one small tweak, should be almost ready to merge. One question about the |
Definitely to filter incoming DNS_NAME's Basically I noted that in_scope_only is default False in the default BaseModule class, and I think the default behaviour for this module and the others I'm working on should be to have safe defaults to avoid having them recurse too far out beyond the original target(s) unless instructed to do otherwise. My understanding of BaseModule and in_scope_only == True, and my testing, suggested this is the behaviour I'd want most of the time. e.g. if target was blacklanternsecurity.notreal we definitely probe that, plus sub.blacklanternsecurity.notreal, but we definitely don't want to probe thirdparty.notreal even if a DNS_NAME for that gets emitted, unless thirdparty.notreal is somehow determined to be in scope due to scan configuration. |
Got it. I'm realizing this is a blind spot in our documentation so I'll try and explain how it works here, and you can tell me if it makes sense lol. By default a module will only accept events with scope distance <= Usually the only time you want to set For this module, it might make sense to leave those at their defaults. This would keep it in-scope-only by default, but let the user dial up the search distance if they wanted to. |
I made a small PR to your PR 😂 If it looks okay, feel free to merge it and it will update this one. |
Securitytxt - use builtin search distance
Addresses issue #1622
Adds new securitytxt module.
Full test suite runs without error.