Commit Graph

211 Commits

Author SHA1 Message Date
Joe Testa
1e060a94c0 Updated built-in server and client policies for Amazon Linux 2023. 2024-10-01 18:15:02 -04:00
Joe Testa
7ab6d20454 Updated built-in client policy for Ubuntu 22.04. 2024-10-01 17:32:49 -04:00
Joe Testa
1f1a51d591 Updated Ubuntu 22.04 built-in policy. 2024-10-01 17:06:03 -04:00
Joe Testa
77a63de133 Updated Rocky Linux 9 built-in policy. 2024-10-01 16:21:23 -04:00
Joe Testa
cffa126277 Updated Debian 12 built-in policy. (#283) 2024-10-01 15:01:44 -04:00
Joe Testa
dc615cef7f Fixed DH rate testing on Windows. (#261) 2024-09-28 18:39:55 -04:00
Joe Testa
93b30b4258 Removed version-based CVE information. (#240) 2024-09-26 13:15:58 -04:00
Joe Testa
67e11f82b3 Updated --targets description. 2024-09-25 17:12:16 -04:00
Joe Testa
2cd96f1785 Ensure ECDSA and DSS fingerprints are only output in verbose mode. Clean up Docker tests from merge of #286. 2024-09-25 17:05:17 -04:00
Joe Testa
e11492b7a3 Updated shields. 2024-09-25 16:07:01 -04:00
Joe Testa
02bc48c574 Bumped supported Python range. 2024-09-25 14:18:41 -04:00
Joe Testa
24d7d46c42 Updated PyPI downloads shield. 2024-09-25 10:05:35 -04:00
Joe Testa
e97bbd9782 Added Python 3.13 support. 2024-09-24 18:20:07 -04:00
Joe Testa
6d57c7c0f7 The -p/--port option will now set the default port for multi-host scans (specified with -T/--targets). (#294) 2024-09-24 16:42:53 -04:00
Joe Testa
ea3258151e Fixed invalid JSON output when a socket error occurs while performing a client audit. (#295) 2024-09-24 15:48:14 -04:00
Joe Testa
f9032c8277 Added built-in policy for OpenSSH 9.9. 2024-09-24 15:05:05 -04:00
Joe Testa
d7398baad7 Added two new key exchanges: mlkem768x25519-sha256, sntrup761x25519-sha512. 2024-09-19 17:40:49 -04:00
Joe Testa
2a7cb13895 Added grasshopper-ctr128 cipher. 2024-09-18 17:59:45 -04:00
Joe Testa
06ebdbd0fe Updated README. 2024-08-26 16:46:34 -04:00
Joe Testa
9049c8476a Updated README. 2024-07-06 21:01:19 -04:00
Joe Testa
92db5f0138 Updated docker tests and README due to merge of PR #281. 2024-07-05 10:53:00 -04:00
Joe Testa
ea117b203b Updated README. 2024-07-05 10:16:06 -04:00
Joe Testa
e42961fa9a Added built-in policy for OpenSSH 9.8. 2024-07-02 21:31:36 -04:00
Joe Testa
dcbc43acdf Fixed crash when running with '-P' and '-T' options simultaneously. (#273) 2024-07-02 20:56:11 -04:00
Joe Testa
87e22ae26b Added IPv6 support for DHEat and connection rate tests. (#269) 2024-06-29 19:05:20 -04:00
Joe Testa
46ec4e3edc Added built-in policies for Ubuntu 24.04 LTS server and client. 2024-04-29 19:11:47 -04:00
Joe Testa
c5d90106e8 Updated docker run command. 2024-04-22 17:54:37 -04:00
Joe Testa
68cf05d0ff Set version to 3.2.0 for release. 2024-04-22 16:32:57 -04:00
Joe Testa
8124c8e443 Added aes128-ocb@libassh.org cipher. 2024-04-18 21:09:02 -04:00
Joe Testa
8190fe59d0 Added implementation for DHEat denial-of-service attack (CVE-2002-20001). (#211, #217) 2024-04-18 13:58:13 -04:00
Joe Testa
9fae870260 Added allow_larger_keys flag to custom policies to control whether targets can have larger keys, and added Docker tests to complete work started in PR #242. 2024-03-19 14:45:19 -04:00
Joe Testa
3c31934ac7 Added tests and other cleanups resulting from merging PR #252. 2024-03-18 17:48:50 -04:00
Joe Testa
ab41ca1023 Re-organized README. 2024-03-15 16:28:10 -04:00
Joe Testa
b70fb0bc4c Added built-in policies for Amazon Linux 2023, Debian 12, and Rocky Linux 9. 2024-03-15 16:24:36 -04:00
Joe Testa
15078aaea9 Built-in policies now include a change log. 2024-03-14 17:58:16 -04:00
Joe Testa
064b55e0c2 Added 1 new key exchange algorithm: gss-nistp384-sha384-* 2024-03-14 16:01:48 -04:00
Joe Testa
a4f508374a Updated README. 2024-03-12 21:13:10 -04:00
Joe Testa
3313046714 Added built-in policy for OpenSSH 9.7. 2024-03-12 20:23:55 -04:00
Joe Testa
699739d42a Gracefully handle rare exceptions (i.e.: crashes) while performing GEX tests. 2024-02-17 13:44:06 -05:00
Joe Testa
a958fd1fec Snap builds are now architecture-independent. (#232) 2024-02-17 12:54:28 -05:00
Joe Testa
c33f419224 Updated '-m', '--manual' description in README. 2024-02-16 23:16:07 -05:00
Joe Testa
20fbb706b0 The built-in man page (, ) is now available on Docker, PyPI, and Snap builds, in addition to the Windows build. (#231) 2024-02-16 22:40:53 -05:00
Joe Testa
73b669b49d Fixed parsing of ecdsa-sha2-nistp* CA signatures on host keys. Additionally, they are now flagged as potentially back-doored, just as standard host keys are. (#239) 2024-02-16 21:58:51 -05:00
Joe Testa
f326d58068 Disable color when the NO_COLOR environment variable is set. (#234) 2024-01-28 18:17:49 -05:00
Joe Testa
fe65b5df8a Added missing dev tag to Change Log: v3.2.0 -> v3.2.0-dev 2023-12-21 15:34:38 -05:00
Joe Testa
44393c56b3 Expanded filter of CBC ciphers to flag for the Terrapin vulnerability. 2023-12-21 15:30:43 -05:00
Joe Testa
dd91c2a41a Bumped version to 3.1.0 in preparation for stable release. Updated Change Log in README. 2023-12-20 13:12:13 -05:00
Joe Testa
75dbc03a77 Added 'additional_notes' field to JSON output. 2023-12-19 18:03:07 -05:00
Joe Testa
c9412cbb88 Added built-in policies for OpenSSH 9.5 and 9.6. 2023-12-19 17:42:43 -05:00
Joe Testa
c259a83782 Added note that when a target is properly configured against the Terrapin vulnerability that unpatched peers may still create vulnerable connections. Updated Ubuntu Server & Client 20.04 & 22.04 policies to include new key exchange markers related to Terrapin counter-measures. 2023-12-19 14:03:28 -05:00