Metadata-Version: 1.1
Name: droopescan
Version: 1.11.0
Summary: A plugin-based scanner that aids security researchers in identifying issues with several CMSs, mainly Drupal & Silverstripe.
Home-page: http://github.com/droope/droopescan/
Author: Pedro Worcel
Author-email: pedro.worcel@security-assessment.com
License: GPL
Description: 1.11.0
        ======
        
        * Improved SS scanning (particularly plugin scanning) a great deal.
        * Added 'interesting module urls' for SS.
        * More documentation.
        * Internal tidy-up.
        
        1.10.0
        ======
        
        * Added support for interesting module urls.
        * Add more documentation.
        
        1.9.0
        =====
        
        * Update databases.
        * Improve drupal detection.
        * SilverStripe improvements.
        * Massive internal rework.
        
        1.9.0-rc1
        =========
        
        * Add python 3 support.
        * More documentation.
        * General tidy up of the code.
        * Database updates.
        * Improved detection for SS modules.
        * Fixed memory leak which was showing up after scanning more than 40.000
          websites.
        * Improved output.
        * Added travis support.
        * General bug fixes.
        
        1.8.4.1
        =======
        
        * Database update. Drupal 7.33 & SS 3.1.7-rc have been released.
        
        1.8.4
        =====
        
        * Add global per-site timeout.
        * Add functionality for logging standard errors to a file.
        
        1.8.4-rc
        ========
        
        * Add better handling for websites with fake changelogs, but still utilize them to narrow down when reasonable.
        * Deal with websites that always respond with 200 OK, even on not found pages. Add heuristic test to differentiate from real 200 OK responses.
        * Misc fixes.
        
        1.8.4-beta
        ==========
        
        * Improved accuracy for druppagedon as far as possible.
        * Fixed aesthetic issues with JSON output.
        * Fixed issues with redirects on non-cms websites.
        
        1.8.3
        =====
        
        * Added timeouts to prevent hanging on massive scans.
        * Avoid unnecessarily discarding connections due to a low max http pool limit.
        
        1.8.3-rc
        ========
        
        * Improve error handling.
        * Final release before stable.
        
        1.8.3-beta
        ==========
        
        * Improve documentation.
        
        1.8.2-beta
        ==========
        
        * Add new drupal version so that fully patched up versions of Drupal get
          detected properly.
        
        1.8.1-beta
        ==========
        
        * Fix output issue.
        
        1.8.0-alpha
        ===========
        
        * Added JSON output.
        * Added multi-threaded multi site scanning.
        * Improved output.
        
        1.7.3
        =====
        
        * Removed DNN.
        * Fixed SS updating process.
        * Fixed bug on display of loading bar.
        * Tag release.
        
        1.7.2-beta
        ==========
        
        * Released beta of version 1.x.
        * Vastly improved version detection and database handling.
        
        0.7.1
        =====
        
        * Added administrative interfaces to interesting urls.
        * Misc improvements for all plugins.
        * Added a progress bar.
        * Added warnings on excessive load on the server.
        
        0.7.0
        =====
        
        * Added new version information to the database information.
        * Improved version detection.
        * Automated gathering of versions for SS.
        
        0.6.5
        =====
        
        * Updated database file.
        * Handled non-cms urls in a more verbose way.
        * Automated drupal version gathering.
        * Added support for multiple, undistinguishable versions.
        * Made dependency optional for standard run.
        
        0.6.4
        =====
        
        * Improve version handling.
        * Improve release.
        * Auto version.
        
        0.6.3
        =====
        
        * Added release functionality.
        * Changed user agent.
        * Got rid of global plugin session state which could have caused issues in the
        future.
        
        0.6.2
        =====
        
        * Fix exception on non-git.
        
        0.6.1
        =====
        
        * Added stats so users can quickly get an overview of how up to date the plugin
        database is.
        * Added functionality for the finding of interesting URLs.
        * Reduced the number of default threads.
        
        0.6.0
        ====
        
        * Documented support for upstream proxies, and authentication in general.
        * Disabled certificate validation so as to allow intercepting and modification
        of requests by proxies.
        * Internal improvements.
        
        0.5.1
        =====
        
        * Made plugins more versatile.
        * Add DNN + SilverStripe version detection.
        
        0.5.0
        =====
        
        * Add version fingerprinting to drupal.
        * Improved argument handling.
        * Internal improvements which users don't care about.
        * Add version fingerprinting infrastructure.
        
        0.4.1
        =====
        
        * Fixed 404 fingerprinting for SilverStripe.
        * Improved output & colours.
        * Made HEAD the default HTTP verb.
        * Added an option to choose the HTTP verb.
        * Improved threading.
        
        0.4
        ===
        
        Improved visuals.
        
        0.3.3
        =====
        
        Changed default enumeration to scan for all the things.
        
        0.3.2
        =====
        
        Added a changelog.
        
        0.3.1
        =====
        
        First stable release:
        
        * Scans Drupal, SilverStripe; contains wordlists for scanning themes as well as
        droopescan configuration for it.
        * Multi-threaded.
        
Platform: UNKNOWN
Classifier: Development Status :: 5 - Production/Stable
Classifier: License :: OSI Approved :: GNU General Public License (GPL)
Classifier: Operating System :: Unix
Classifier: Programming Language :: Python :: 2.7
Classifier: Programming Language :: Python :: 3
