Skip to content

Releases: secdec/attack-surface-detector-cli

v1.3.8

16 Mar 12:29
Compare
Choose a tag to compare

This release updates the ASTAM HAM endpoint detection dependency to 1.3.8.

Compared to the previous v1.3.5 release, this includes an update to Spring MVC parsing (1.3.6) and a fix for empty file paths when parsing Struts projects on UNIX-based hosts (1.3.8).

This release also fixes a bug where the -help flag always required that a source code path be specified. Now the -help flag can be used on its own.

1.3.5

01 Nov 21:38
Compare
Choose a tag to compare

1.3.4

25 Oct 20:51
Compare
Choose a tag to compare

This release updates the ASTAM HAM endpoint detection dependency to 1.3.4 and adds relevancy comparison checks to the validation process for generated endpoints.

1.3.3

11 Oct 12:56
Compare
Choose a tag to compare

1.3.2

28 Sep 16:10
Compare
Choose a tag to compare

This release updates the ASTAM HAM endpoint detection dependency to 1.3.2 and fixes a bug where the -simple flag would have no effect.

1.3.1

25 Sep 17:31
Compare
Choose a tag to compare

This release corrects an error in the -help output for some commands and includes some changes to prevent source code information leaks in JSON output.

The -json flag now outputs endpoints without embedding source code information by default. Combining the -json flag with -include-source includes source code information with the generated JSON. This consists of: function start line number, source code file path (relative to project root.)

1.3.0

25 Sep 15:47
Compare
Choose a tag to compare

This release updates the ASTAM HAM endpoint detection dependency to 1.3.0, includes a -help flag, and changes the -json and -simple-json flags to -full-json and -json, respectively.

Plugins consuming JSON output from this tool should only accept simple-format JSON (-simple-json in previous versions, -json in the current version.) Full-format JSON can expose information regarding the source code structure of the web application.

1.2.18

21 Sep 17:15
Compare
Choose a tag to compare

This release updates the ASTAM HAM endpoint detection dependency to 1.2.18.

1.2.17

21 Sep 17:13
Compare
Choose a tag to compare

This release updates the ASTAM HAM endpoint detection dependency to 1.2.17.

1.2.16

20 Jul 15:07
Compare
Choose a tag to compare

First release of the attack-surface-detector-cli tool as a separate package.

See README and Wiki for info and usage.