Claudio Criscione
Claudio Criscione
Goblins are currently pretty dumb when it comes to symlinks, and we need a good strategy to handle that. In particular I'm thinking about the "fake" chroot that using the...
Since minions wants to be used over a network, SSL authentication (and encryption, of course) is very much required.
There is little point in not doing this since day zero, so we might as well migrate to LogRus while we're at it. https://github.com/sirupsen/logrus I've looked briefly at other structured...
Elastic comes with quite a few security-related settings which seem easy enough to check for https://www.elastic.co/guide/en/elasticsearch/reference/current/security-settings.html
Extracting installed npms should be relatively simple, and then they can be checked for vulnerabilities. package.json is the obvious starting point, npm list -g --depth=0 is the canonical way to...
Jenkins pipelines seem to be a good first use case for an actually useful Goblin. It could be used to scan a Docker image for example
An endless classic, PHP has all sort of potential configuration woes Allow remote opens, globals (though this has luckily gone away) and an array of other things - we can...
There are a number of things that can be checked for at the password level. Complexity, for sure, but also whether there is a password, what's the hashing, presence of...
In modern ubuntu systems it's fairly common to have multiple os-release files in snaps. These can be selected by goblins, so either we need to lock down the regexp or...
Sending binaries to virus total seems like a reasonable thing to do. The public API is documented here: https://www.virustotal.com/es/documentation/public-api/ The first scan is bound to take a long while as...