Mario Vilas

icon indicating a website link http://breakingcode.wordpress.com/ icon indicating an email [email protected]

icon location Barcelona, Spain icon location Just another infosec guy

Results 112 issues of Mario Vilas

Data type for SSL certificates

1 comment

They can be extracted from SSLScan and Nmap results. Also we can autodiscover domain names from them. This would also enable us to pin SSL vulnerabilities to the certificates themselves...

feature
core

More wordlists

From sha0: https://bitbucket.org/sha0coder/dirscan/src/c74f04b3d1575d70749ead19d8a9c77fb1e24441/wordlists/?at=master

enhancement
core

Migration to a NoSQL database

22 comment

We are currently using a SQLite database with a wrapper to simulate an object-oriented graph database on top of it. We would greatly benefit from using a NoSQL database instead.

feature
core

Idea: assign log levels to individual warnings

That way some warnings may only be shown in more verbose levels if they are of little relevance, or in less verbose levels if they are very important.

question
core

Add support for SSL in the proxy settings

Currently we only support plain text proxies, we should support SSL enabled proxies as well.

feature
core

Integration with Scythe

https://github.com/ChrisJohnRiley/Scythe

enhancement
plugins

Detect plugin death

1 comment

If a plugin dies without sending its ACK message, the Orchestrator might get stuck waiting forever. Other audits would continue normally, but this audit would sit there doing nothing, because...

bug
core

Wapiti integration plugin

http://wapiti.sourceforge.net/

feature
plugins

Middler integration plugin

See: https://code.google.com/p/middler/

feature

Masscan integration plugin

See: https://github.com/robertdavidgraham/masscan

enhancement
plugins