Features:
- feat(dns): add DNS DDoS and diversity check
- feat(http): detect third-party iframes, detect old files via
last-modifiedheader - feat(dns): add DNS zone transfer, direct
mDNScheck - feat(dns): verify DNS recursion (Open Resolver) ; refactor(portscan): always scan port
udp 53 - feat(http): add
Missing Cache-Controlcheck - feat(http): detect third-party resources loaded without user consent
Improvements:
- refactor(!): export WordPress checks, tracking cookies, email addrs enum to netutils for shared usage
- refactor(http): limit concurrency of non-invasive checks due to high regex usage
- refactor(bruteforce): skip
MySQL/MariaDBbruteforce withpassedstatus if hacktor is not allowed to connect to avoid false negative implications for correct passwords upon manual test - refactor(http): apps updates
- ci: add test coverage for non Docker-dependent tests, based on
developmentbranch - perf(http): greatly improve performance of malware, hardcodedcredentials, misconfig detection by skipping full-body regex unless pre-match occurs; parallelize wprestapi, brokenlinkhijacking
Issues Fixed:
- fix(http): detect unauthenticated
phpMyAdmindashboard and skip all HTTP injections to avoid accidental database deletion - fix(portscan): override faulty nmap
Sambahardcoded version and remove CPE - fix(http): determine unique forms with same mechanism as unique URIs using shortest available URI; do not count cached http errors/timeouts towards bruteforce login error count
- fix(smb, telnet): run some checks before bruteforce and skip entirely if e.g. no auth is required to avoid false negative
connection refusedafter bruteforce; suppress smb bruteforce check if guest access available