8000 Expanded SSLyze CascadingRules for HTTPS by luckolen · Pull Request #356 · secureCodeBox/secureCodeBox · GitHub
[go: up one dir, main page]
Skip to content

Expanded SSLyze CascadingRules for HTTPS #356

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
rfelber merged 2 commits into from
Apr 10, 2021
Merged

Expanded SSLyze CascadingRules for HTTPS #356

rfelber merged 2 commits into from
Apr 10, 2021

Conversation

@luckolen
Copy link
Contributor
@luckolen luckolen commented Apr 8, 2021

Description

Expanded the current cascading rules used by sslyze for https services. The old rules had the potential to not work if nmap reported a different service.

The services https-alt and ssl/http and port 8443 has been added.

Checklist

  • Test your changes as thoroughly as possible before you commit them. Preferably, automate your test by unit/integration tests.
  • Make sure npm test runs for the whole project.
  • Make codeclimate checks happy

@luckolen-secura
Expanded sslyze https cascading rules
9f4797b 
Added port 8443
Added service https-alt
Added service ssl/http
rfelber
rfelber reviewed Apr 8, 2021
View reviewed changes
Copy link
Member
@rfelber rfelber left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Great 🎉 thx a lot for your PR!

8000
@rfelber rfelber added the enhancement New feature or request label Apr 8, 2021
@rfelber rfelber added this to the v2.6.0 milestone Apr 8, 2021
@rfelber rfelber changed the title Expanded sslyze https cascading rules Expanded SSLyze CascadingRules for HTTPS Apr 8, 2021
@rfelber rfelber enabled auto-merge April 8, 2021 16:37
@rfelber rfelber disabled auto-merge April 8, 2021 23:47
@rfelber rfelber merged commit 05f9405 into secureCodeBox:main Apr 10, 2021
@rfelber rfelber added scanner Implement or update a security scanner and removed enhancement New feature or request labels Apr 10, 2021
@luckolen luckolen deleted the Improve-sslyze-rules-https branch April 22, 2021 14:17
secureCodeBoxBot added a commit that referenced this pull request Nov 18, 2021
@secureCodeBoxBot
Upgrading kubeaudit from v0.14.2 to v0.15.0
d040210 
Signed-off-by: secureCodeBoxBot <securecodebox@iteratec.com>
## Release changes :
## Summary
 
 CODE_OF_CONDUCT.md CONTRIBUTING.md CONTRIBUTORS.md DCO LICENSE LICENSES Makefile README.md SECURITY.md UPGRADING.md Vagrantfile auto-discovery bin common.mk demo-targets docs hook-sdk hooks hooks.mk lurker operator package-lock.json package-lock.json.license package.json package.json.license parser-sdk scanners scanners.mk sdk.mk tests Adds support for `Job` resources - thank you @superbrothers for this contribution!
 CODE_OF_CONDUCT.md CONTRIBUTING.md CONTRIBUTORS.md DCO LICENSE LICENSES Makefile README.md SECURITY.md UPGRADING.md Vagrantfile auto-discovery bin common.mk demo-targets docs hook-sdk hooks hooks.mk lurker operator package-lock.json package-lock.json.license package.json package.json.license parser-sdk scanners scanners.mk sdk.mk tests Adds option to disable colour output when using `pretty` formatting (package only)
 CODE_OF_CONDUCT.md CONTRIBUTING.md CONTRIBUTORS.md DCO LICENSE LICENSES Makefile README.md SECURITY.md UPGRADING.md Vagrantfile auto-discovery bin common.mk demo-targets docs hook-sdk hooks hooks.mk lurker operator package-lock.json package-lock.json.license package.json package.json.license parser-sdk scanners scanners.mk sdk.mk tests Enabled Dependabot and updates dependencies
 
 ## Changelog
 
 b68cabd Update version to 0.15.0 (#372)
 7f54326 Bump github.com/jetstack/cert-manager from 1.6.0 to 1.6.1 (#371)
 9cdecb3 Bump k8s.io/apiextensions-apiserver from 0.22.2 to 0.22.3 (#368)
 6cc7a75 Add support for kind Job (#370)
 0ef3005 Bump github.com/jetstack/cert-manager from 1.5.4 to 1.6.0 (#365)
 e5c797a Bump k8s.io/apimachinery from 0.22.2 to 0.22.3 (#369)
 d597928 Bump k8s.io/apiextensions-apiserver from 0.21.3 to 0.22.2 (#362)
 79cce8c Remove wip probot (#364)
 700c39f Bump github.com/jetstack/cert-manager from 1.4.1 to 1.5.4 (#363)
 fe44171 Fix dependabot (#358)
 374a428 Support parsing for server specs (#356)
 50c618b Add Support for Services (#353)
 7b57f85 Update dependencies and add dependabot (#354)
 2d8282c Make k8s and override packages public (#351)
 47c31d5 Add option to disable printing results in color (#350)
 ca64457 Remove deprecated mountds auditor (#349)
 863e367 Remove example dependency on internal packages (#348)
 
 
 ## Docker images
 
 - `docker pull shopify/kubeaudit:latest`
 - `docker pull shopify/kubeaudit:0.15.0`
 - `docker pull shopify/kubeaudit:v0.15`
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@rfelber rfelber rfelber approved these changes

Assignees

No one assigned

Labels

scanner Implement or update a security scanner

Projects

None yet

Milestone

v2.6.0

Development

Successfully merging this pull request may close these issues.

3 participants

@luckolen @rfelber @luckolen-secura
0