Skip to content

Tags: michelin/ChopChop

Tags

v1.0.0

Toggle v1.0.0's commit message 
News informations (#53)

* News informations

Informations about SPIP, GLPI and PACS NGI GXD5

* Update chopchop.yml

News informations added :

AudioCodes SIP Gateway
Xerox Printer
Lexmark Printer
Aklia Lisis

v0.03

Toggle v0.03's commit message

Verified

This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode 
We added a new attribute `uris` which allows a list of URI. (#49)

`uri` and `uris` can't be specified at the same time.

One example configuration file is as follow:

```yaml
  - uris: ["/db.sql", "/db.sql.gz", "/db.sqlite", "/db.sqlite.gz", "/db.sqlite3", "/db.sqlite3.gz", "/data.sql", "/data.sql.gz", "/users.sql", "/users.sql.gz", "/dump.sql", "/dump.sql.gz", "/mysqldump.sql", "/mysqldump.sql.gz", "/backup.sql", "/backup.sql.gz", "/db.backup", "/db.backup.gz", "/database.sql", "/database.sql.gz", "/db-data.sql", "/db-data.sql.gz", "/db_test.sql", "/db_test.sql.gz", "/db-test.sql", "/db-test.sql.gz"]
    checks:
      - name: Database file
        status_code: 200
        remediation: Delete this file
        description: Verifies a database dump is accessible.
        severity: "High"
```

And we tried it using:

```bash
./gochopchop scan -u http://127.0.0.1:3000 --timeout 1 --csv --csv-file boo.csv -c policy.yml
```

Closes #2

v0.0.2

Toggle v0.0.2's commit message

Verified

This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode 
Read from an ioutil.ReadAll without losing HTTP response content (#46)

v0.0.1

Toggle v0.0.1's commit message

Verified

This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode 
Added Github Actions workflow to build ChopChop (#11)