Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

SECENG-1343 - Update 2024Q2 #8

Merged
merged 48 commits into from
Apr 29, 2024
Merged

SECENG-1343 - Update 2024Q2 #8

Changes from 1 commit
Commits
Show all changes
48 commits
Select commit Hold shift + click to select a range
60a59b1
Refactor manual aws_alias_cloudfront and add integration tests
christophetd Dec 11, 2023
0c9f98f
Fix detection for Route53 CNAME record to CloudFront
christophetd Dec 11, 2023
dcb97c1
Update detection logic for CloudFront subdomain takeover manual scann…
christophetd Dec 11, 2023
df358ff
Bump actions/setup-python from 4 to 5
dependabot[bot] Dec 11, 2023
2bb0e1d
Add unittest for s3 bucket URL check
christophetd Dec 11, 2023
df0f8f1
Add support for S3 bucket website URLs
christophetd Dec 11, 2023
1497604
Update manual_scans/aws/README.md
christophetd Dec 12, 2023
c1a8222
Support checking for S3 existence through S3 bucket URL
christophetd Dec 12, 2023
27fbaf3
Update utils/utils_aws_manual.py
christophetd Dec 12, 2023
ee783af
Merge pull request #246 from domain-protect/fix-cloudfront-alias-to-s3
christophetd Dec 12, 2023
2e972f7
Merge pull request #247 from domain-protect/dependabot/github_actions…
paulschwarzenberger Dec 13, 2023
c1ae86b
Bump github/codeql-action from 2 to 3
dependabot[bot] Dec 18, 2023
4d8db33
Merge pull request #249 from domain-protect/dependabot/github_actions…
paulschwarzenberger Dec 18, 2023
846bcfd
put new cloudfront functions into utils for reuse by lambdas
paulschwarzenberger Dec 18, 2023
c3a85d6
formatting
paulschwarzenberger Dec 18, 2023
cf66682
Merge pull request #250 from domain-protect/cloudfront-s3-terraform
paulschwarzenberger Dec 18, 2023
0f519d8
update Lambdas with new CloudFront S3 detection
paulschwarzenberger Dec 18, 2023
bc719a9
update Lambdas with new CloudFront S3 detection
paulschwarzenberger Dec 18, 2023
e07597d
add regex to requirements.txt files
paulschwarzenberger Dec 18, 2023
ab7101d
install regex package
paulschwarzenberger Dec 18, 2023
5924d63
updated modules
paulschwarzenberger Dec 19, 2023
4b75e18
updated modules
paulschwarzenberger Dec 19, 2023
1a8b73c
cname cloudfront detecting OK
paulschwarzenberger Dec 20, 2023
186f698
detect fixed cloudfront S3 vulnerability
paulschwarzenberger Dec 20, 2023
8bd534e
prevent incorrectly reporting as fixed
paulschwarzenberger Dec 20, 2023
30ee64d
updates to ensure successful S3 takeover
paulschwarzenberger Dec 20, 2023
c68e8af
unit tests for new function
paulschwarzenberger Dec 20, 2023
37151ff
reorder imports
paulschwarzenberger Dec 20, 2023
d8be102
reduce code duplication
paulschwarzenberger Dec 21, 2023
8c8cde4
Merge pull request #251 from domain-protect/lambda-cloudfront-s3
paulschwarzenberger Dec 21, 2023
1799f55
Bump pre-commit/action from 3.0.0 to 3.0.1
dependabot[bot] Feb 12, 2024
143b9c1
Merge pull request #252 from domain-protect/dependabot/github_actions…
paulschwarzenberger Feb 13, 2024
ac52446
fix typos
jxdv Feb 18, 2024
836af8c
Merge pull request #253 from jxdv/typos
paulschwarzenberger Feb 18, 2024
f1a7d3f
Upgrade Black
paulschwarzenberger Mar 25, 2024
33ec37e
Upgrade Prospector
paulschwarzenberger Mar 25, 2024
6a99d01
Reorder imports
paulschwarzenberger Mar 25, 2024
6ea5ae0
Merge pull request #255 from domain-protect/upgrade-black
paulschwarzenberger Mar 25, 2024
c20398d
Upgrade dnspython to 2.6.1
paulschwarzenberger Apr 14, 2024
b227858
Merge pull request #263 from domain-protect/upgrade-dnspython
paulschwarzenberger Apr 14, 2024
2c6ee98
Release 0.4.6
paulschwarzenberger Apr 14, 2024
3eb424a
Merge pull request #264 from domain-protect/v0-4-6
paulschwarzenberger Apr 14, 2024
6b427d3
skips an alias in distributions if there is no Items key in it
derrickkliseVEVO Apr 17, 2024
37d5c56
Merge pull request #266 from domain-protect/account-for-no-items-in-d…
paulschwarzenberger Apr 17, 2024
5d91754
release 0.4.7
paulschwarzenberger Apr 17, 2024
4cafdff
Merge pull request #267 from domain-protect/v0.4.7
paulschwarzenberger Apr 17, 2024
5f17b8c
Merge branch 'domain-protect:main' into update_2024q2
arevelo-bc Apr 29, 2024
6e20d0b
Delete .whitesource
arevelo-bc Apr 29, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
Upgrade Black
  • Loading branch information
@paulschwarzenberger
paulschwarzenberger committed Mar 25, 2024
commit f1a7d3fa14167e652458462ecd7052c30db392e4
2 changes: 1 addition & 1 deletion .pre-commit-config.yaml
View file
Original file line number Diff line number Diff line change
@@ -34,7 +34,7 @@ repos:
args: [--py3-plus]
exclude: .\.tf | ^\.github/
- repo: https://github.com/psf/black
rev: 22.12.0
rev: 24.3.0
hooks:
- id: black
args: [--line-length=120]
2 changes: 1 addition & 1 deletion requirements-dev.txt
View file
Original file line number Diff line number Diff line change
@@ -3,7 +3,7 @@ cloudflare==2.8.15
dnspython==2.1.0
requests==2.31.0
regex==2023.10.3
black==22.10.0
black==24.3.0
prospector==1.8.4
pytest==7.1.2
pytest-cov==3.0.0