Releases: root4loot/rescope
Releases · root4loot/rescope
v2.4
v2.3
v2.2
Added
- New flag
--resolveConflicts
(Resolve all exclude conflicts (Say 'Y' to all) - New flag
--avoid3P
(Avoid all third party resources (Say 'Y' to all)) - Parse private HackerOne scopes by setting
X-Auth-Token
inH1_TOKEN
environment variable
Fixed
- Fixed package that was conflicting with errors interface introduced in golang 1.13. This led to unexpected panics when using the
-u|--url
flags to obtain scopes from bugbounty programs. - Parsing from Bugcrowd should now work with new site layout
- Fixed out of bounds error when removing third party resources from scope
- #8 Fixed segfault when parsing scopes from intigriti due to layout change. Ref a26631c
- Fixed bug that caused misaligned lists when HackerOne was included to multi-scopes.
- rescope will no longer throw exceptions when program names are upper-cased.
- Fixed segfault when parsing scopes from openbugbounty.org caused by changes to program URL structure.
- Fixed multi-scope conflict entanglement.
- #9 Fixed bug that caused segfault when infile contained single IP's (3423ba0).
- #10 Fixed issue that led rescope to crash when https:// were missing in
-u|--url
for hackerone programs.
Improved
- Migrated vendoring to Go Modules
- HackerOne scopes will now include IP/CIDR in addition to URLs.
- The
-b|--burp
flag is no longer needed as results are outputted as Burp-compatible JSON - by default. - The
-o|--outfile
is no longer required as results are saved to a default filename in the working dir.
v2.1
Added
- Some unit test functions
Fixed
- #6 Identifiers with upper-case should no longer be omitted.
- bugbounty.jp with missing scheme will no longer cause segfault.
- Scopes having avoided or conflicted targets on the last line should no longer cause out-of-bounds in removing them.
- Rare occurence where identifiers ending in
.*
extension, that also has multiple wildcards in domain did not parse correctly.
Improved
- rescope should now target domain assets only, when parsed from hackerone.com
v2.0
Added
- Support for bugbounty.jp
- Support for federacy.com
- New flag
--raw
that outputs naked (in-scope) definitions to file. Useful in working with other tools and programs. - Support for resolving identifiers that conflict (overlap) with wilcarded excludes. Such conflict renders affected "in-scope" targets ineffective as excludes are prioritized in Burp/ZAP. This occurs when scopes are not properly defined, which if fairly common to see in BaaS programs.
- Support for avoiding certain third party resources, such as github.com, itunes.apple.com, play.google.com, etc, which is generally not something you want to scan/spider. Services are defined in configs/avoid.txt. Met condition will prompt user as to whether affected targets should be ignored.
Fixed
- Missing scopename prompt when parsing to ZAP without
--name
specified - Targets like
www.*.example.com
and*.*.example.com
should now parse correctly. - Single IP's should now identify correctly.
- Bug that resulted in IP-ranges from being identified.
Improved
- List handling to free up some unnecessary looping and improve extensibility.
v1.1
Fixed
- #5 Targets separated by comma should now be grabbed correctly.
- #4 Intigriti programs should no longer parse with duplicate exclude definitions
- #3 Bug that caused fatal exit upon providing full intigriti program URL
- #2 Bug that caused duplicate scope definitions after parsing more than one program from one of the same affected services; hackerone, intigriti, yeswehack.
- Improper regex matching leading to strings having numbers and slashes to be matched as CIDR
- Wildcarded subdomains not parsing to Burp correctly
Added
- Support for matching targets with s3 schema
v1.0 pre
Added
- New feature that makes it possible to parse scopes directly from public bugbounty programs.
- New flag (-u | --url) related to the above.
- Option to specify includes (aside from excludes) with the optional !INCLUDE tag.
- New flag (--itag) related to the above.
- Gopkg files for dep management.
Fixed
- Minor bug that caused certain number formats in string to match as valid targets.
- Bug that prevented targets with ports from being set in Zap context.
- Bug that prevented targets with leading wildcard and no immediate dot from being fully matched.
Changed
- Replaced the previous vendor package 'github.com/fatih/color' with 'github.com/gookit/color' for adding colors support as the former project was no longer maintained.
- General commenting and code impovements.
- Changed --extag to -etag and removed the short version.
v0.3
Improvements
- Cleaner project structure. Packages now live in
internal/
rather than project root.
Added
-
File
configs/services
which lists a bunch of service names and ports. With this, rescope is able to identify ports for targets that has schemes but no port specified. For now this is used when parsing to Burp. Example:ftps://example.com
=>port: 990
https://example.com:21
=>port: 443,21
-
Port 80,443 to Burp scope when identifier has no scheme and no port. This'll prevent people from touching ports that're otherwise (not clearly defined) out of bounds. Example:
example.com
=>port: 80,443
v0.2
Changed
- How Burp/ZAP is specified from the cli. Now using flags instead.
- How identified targets are printed. rescope will now include a leading +/- for each target to better indicate which are includes and excludes. Perhaps that'll make things clearer for those who are color blind.
- rescope will now handle !EXCLUDE tag having leading/preceding text on the same line.
Fixed
- A filepath issue that resulted in panic upon parsing to ZAP from executable that resided outside of package directory.
- An issue that resulted in IP ranges/CIDR from being parsed correctly.
- Burp parsing inaccuracy for certain targets having both http(s) and ports. Rescope will now include protocol ports (80|443) and host port when parsing to Burp.
- Minor issue that prevented --version from being displayed.
Added
- CHANGELOG.md