Comments (5)
Inspect phase
- On Hold (not a blocker): Switch from using inspect.py to using pshtt.py.
- Done:
Deprecate use of inspect or pshtt and instead just refer to an https or dap data file from a recent scan.
a11y phase
- Done:
Make it so that the a11y scan doesn't require the inspect scan cache results. (issue) - Done:
Debug the ignore list and why it is and isn't working. (issue) - Address sites that fail clumsily (causing the scan to have to be restarted). (issue)
- In Progress: Address sites that fail gracefully (the scan continues and just no errors are detected).
processing stage
- In Progress: Ensure that domains.json and agencies.json factor in sites that have no errors in a11y.csv. (issue)
- In Progress: Ensure that all of the math is good. (issue)
- Make semantic changes. (issue)
from domain-scan.
To elaborate on 2) above, I currently use inspect.py to:
- Determine which domains are live.
- Determine which domains are redirecting.
Hypothesis: I could instead pull the results here or the DAP results file, since the latter also goes ahead and cuts the domain list down to just executive branch domains.
Resulting idea: change the a11y script to work with the formatting of the DAP results file so that I don't need to change the headers.
Update: I'm checking but ^^ might not be necessary.
Update2: It looks like it is. When I run the script to generate the 3 json files in step 6a of the actual workflow, I have to delete the branch column in order to generate a proper agencies.json. I am guessing that this is b/c the script is looking for Agency
in the 3rd column.
from domain-scan.
Still outstanding:
- include all of the domains that error out in the a11y.csv (only some were included).
- address the canonical domain link
from domain-scan.
Looks like moving from the inspect
scanner to pshtt
is also still outstanding. The change should be relatively minor.
from domain-scan.
@gbinal - Just to confirm, is this still outstanding? If so, do you want to keep it open?
from domain-scan.
Related Issues (20)
- Make Lambda packaging aware of third party dependencies, incorporate them in repackaging
- Move from an options dict to a "config" (or similar) dict
- Scanner dependency problem HOT 3
- public-suffic-list.txt deployed to the wrong local path HOT 2
- Packaged version of sslyze in lambda/envs/domain-scan.zip is out of date HOT 4
- Path.resolve() throws exception when results file doesn't exist HOT 4
- lambda: public-suffix-list.txt not found HOT 1
- Update to SSLyze 2.0.0, and detect TLS 1.3 0-RTT
- Confirm best way to search for USWDS elements
- Add cookie scanner
- Adopt some of the clean-up from dhs-ncats/gatherer HOT 1
- Use Node 8 runtime for Lambda
- PSL cache location not obeyed
- Unnecessary prepending of "www." on domains of form "www#." HOT 3
- Summarize USWDS scan in plain language
- Scanning hosts on a network that is not connected to the Internet HOT 1
- While trying to Scan a list of domains from a CSV, the 'HSTS Preloaded' column in pshtt.csv is giving incorrect results
- Upgrade sslyze to 3.x
- System UI HOT 1
- Can't get the code to run on the M1 chip
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from domain-scan.