CERT-Polska/Artemis

Issues

• Factor out common parts of crtsh and gau into a core module

  #533 opened 9 days ago by kazet
  0

• Identify subdomains using subfinder

  #829 opened 9 days ago by kazet
  0

• Debug why the crtsh.py test is flaky

  #913 opened 9 days ago by kshitijk4poor
  1

• Improve the UX for new developers

  #1057 opened 14 days ago by kazet
  0

• If a domain doesn't exist, don't scan it

  #1094 opened 14 days ago by kazet
  0

• update .gitignore

  #1074 opened 23 days ago by kshitijk4poor
  0

• make nuclei silent

  #1073 opened 23 days ago by kshitijk4poor
  0

• add autoupdating of Dockerfile (e.g. using dependabot)

  #1070 opened 24 days ago by kazet
  0

• Improve the UX of the export process for new users

  #1055 opened a month ago by kazet
  0

• Fix artemis/modules/data/nuclei_templates_custom/error-based-sql-injection.yaml

  #899 opened 3 months ago by kazet
  1

• Detect wildcards during reporting

  #1036 opened a month ago by kazet
  0

• Discuss reporting warnings, not only errors, for mail_dns_scaner

  #1030 opened a month ago by kazet
  0

• Unable to export reports

  #962 opened 2 months ago by cloudgitaware
  2

• Postgres migration fails

  #914 opened 3 months ago by BonusPlay
  3

• Discuss whether translations (e.g. for Nuclei messages) could be at least partly automated

  #872 opened 3 months ago by kazet
  2

• Detect that a site got hacked (having a list of known payloads that are put on hacked websites)

  #551 opened 9 months ago by kazet
  4

• Debug why the wordpress_bruter test is flaky

  #848 opened 4 months ago by kazet
  1

• Error while trying to go to the add target page (/add route) after adding a new module.

  #883 opened 3 months ago by RasenRhino
  4

• Should we report old versions of Javascript libraries? How frequently are they exploitable?

  #800 opened 4 months ago by kazet
  3

• Check outgoing links: whether they work (no 404), whether the destination uses SSL, whether no bad reputation sites are linked

  #307 opened a year ago by kazet
  4

• Research integrating nikto (perhaps into Artemis-modules-extra for license reasons) - what benefits would it bring?

  #606 opened 8 months ago by kazet
  1

• When testing a site check whether s3 buckets and Firebase app for a given name exist

  #305 opened 4 months ago by kazet
  1

• Extract config into YAML

  #433 opened 8 months ago by bulkowy
  0

• Detect CORS/cross-domain policy that allows interaction from other sites

  #300 opened 4 months ago by kazet
  3

• Don't run all Nuclei templates, but only the ones related to the webapp we are testing

  #552 opened 9 months ago by kazet
  0

• Detect PDFs with bad censorship attempts (e.g. black squares that can be removed to obtain the "hidden" information)

  #327 opened a year ago by kazet
  1

• ERROR [karton-logger internal] load build context

  #753 opened 5 months ago by kanlukasz
  1

• Consider change default port from 5000 to 8080

  #747 opened 5 months ago by es1o
  1

• Decide what security-related HTTP headers are recommended, detect them

  #550 opened 6 months ago by kazet
  0

• Installation fails on `git apply nuclei-rate-limiting.patch`: `error: corrupt patch at line 7`

  #699 opened 6 months ago by Yaevh
  6

• Test for HTTP Request Smuggling

  #303 opened a year ago by kazet
  4

• Detect use of third-party resources that aren't loaded over HTTPS

  #299 opened 7 months ago by kazet
  0

• Add a generic tool that is able to bruteforce login forms, regardless of what type of login form it is

  #249 opened a year ago by kazet
  3

• Report that the domain will soon expire

  #495 opened 8 months ago by kazet
  1

• Blacklist out of scope hosts

  #428 opened 8 months ago by infosecconsultant
  2

• 在build的时候出现的问题

  #470 opened 8 months ago by lianggutian
  4

• FR: Traceback task path from its origin

  #448 opened a year ago by blackthorne
  0

• Config grows too large and needs namespaces

  #371 opened a year ago by BonusPlay
  0

• Network issues.

  #429 opened a year ago by infosecconsultant
  1

• Set custom Authorization Header

  #406 opened a year ago by StasyaPion
  1

• Add support for IP ranges

  #265 opened a year ago by BonusPlay
  0

• Problems with Artemis startup

  #264 opened a year ago by BonusPlay
  1

• Check for known-bad SSH hostkeys

  #379 opened a year ago by fullspectrumdev
  0

• Automatically report Wordpress misconfigurations: exposed user listings/exposed API/exposed admin login/possible registration

  #329 opened a year ago by kazet
  0

• Getting: WARNING: MongoDB 5.0+ requires a CPU with AVX support, and your current system does not appear to have that! container

  #363 opened a year ago by visionarchitect
  1

• Report publicly avaliable MySQL/Postgres/Elasticsearch/FTP/phpmyadmin as low-severity "info" vuln, maybe don't send -email if this is the only report

  #330 opened a year ago by kazet
  0

• Add information about swarm deployment

  #314 opened a year ago by BonusPlay
  3

• Check metadata of images and documents: geolocation, old editor versions, logins, paths

  #308 opened a year ago by kazet
  0

• Idea: change Artemis so that instead of brute-forcing all paths or Nuclei templates on a single host, it tests all hosts for each path/Nuclei template, thus decreasing load

  #304 opened a year ago by kazet
  0

• Rename SPFScanResult.spf_dmarc_scan_result.spf.error_not_found flag

  #280 opened a year ago by szymsid
  0