justinbastress
justinbastress
There should be some way for users to determine if a given e.g. cipher suite or signature algorithm is actually supported by zcrypto (without waiting for a server to try...
Currently the signature and hashes used in the Client Hello message are read from `tlsConfig.SignatureAndHashes` if present, but its type is `[]signatureAndHash` -- so the type is not exported, nor...
Writing scanners for protocols that sit on top of HTTP can lead to some serious code duplication. Identify code that can be moved to a library that can be shared...
Would be useful for display purposes if nothing else (e.g. we may want to display the MySQL connection flags, but showing 29 lines of individual flags gives it undue weight)
Currently, if the scanner gets a connection on port 5432 and reads an 'N' followed by a disconnect / hang, that can be interpreted as a detection. That may need...
Most failures will occur with any service -- but, since we run the tests for each service before validating the output of any of them, you will have to wait...
Currently if a domain is passed in, it can be looked up again for each scan. Would it make more sense to look it up once at the start, pass...
Log messages must only contain exceptional / actionable messages, not information about an individual scan failing because the host didn't act as expected.
zflags provides a Usage interface to get example usage for command-line options (https://github.com/ajholland/zflags/blob/master/command.go#L61); if the Flags provide provide a `Usage() string` method, this will be picked up automatically.