Comments (3)
@egyptiankarim I'm closing this because I think it's made moot on the domain-scan side by the refactor in #155.
Try using the --meta
flag to capture local errors in scan output, and let me know if you're still seeing issues with this.
You may also want to try the Lambda pipeline, which definitely returns stack traces when errors are observed.
from domain-scan.
@egyptiankarim Want to email me a live example so I can test? ([email protected])
The reason I'm bringing it up here, is because pshtt will produce a report with these exception cases properly reflected (i.e., as failing), but domain-scan just ends up dropping them from the report all together, which can be confusing as anything when your target list of 12K domains only results in a results.csv of 11,999 rows (gah!).
Totally get this. What do you think should be in the 12,000th row (the row representing the failed run) for such a scan?
from domain-scan.
Want to email me a live example so I can test?
@konklone Will do. Email on its way.
What do you think should be in the 12,000th row (the row representing the failed run) for such a scan?
Well, just generally speaking, I think domain-scan ought to mimic whatever a regular run of the underlying scanner would give you. For the exception cases in question here, a regular pshtt scan eventually gives us a "Live" True
with a failure on "Valid HTTPS" and related attributes, which is a fair enough glimpse of the situation.
I think there's probably room for improvement on how we handle RequestExceptions (especially weird code 500 and redirect loop situations), and I'll puzzle over it, but for now I know that I get some result back running a regular pshtt scan, so whatever domain-scan gives me should approximate that rather than just dropping it.
Also, I'll emphasize again that I think the "fix" for all of this is in revisiting the logic in pshtt, and I'll be working a pull request there. I just wanted to post an issue on domain-scan so that people would be aware of the gap in reports produced by each.
from domain-scan.
Related Issues (20)
- Make Lambda packaging aware of third party dependencies, incorporate them in repackaging
- Move from an options dict to a "config" (or similar) dict
- Scanner dependency problem HOT 3
- public-suffic-list.txt deployed to the wrong local path HOT 2
- Packaged version of sslyze in lambda/envs/domain-scan.zip is out of date HOT 4
- Path.resolve() throws exception when results file doesn't exist HOT 4
- lambda: public-suffix-list.txt not found HOT 1
- Update to SSLyze 2.0.0, and detect TLS 1.3 0-RTT
- Confirm best way to search for USWDS elements
- Add cookie scanner
- Adopt some of the clean-up from dhs-ncats/gatherer HOT 1
- Use Node 8 runtime for Lambda
- PSL cache location not obeyed
- Unnecessary prepending of "www." on domains of form "www#." HOT 3
- Summarize USWDS scan in plain language
- Scanning hosts on a network that is not connected to the Internet HOT 1
- While trying to Scan a list of domains from a CSV, the 'HSTS Preloaded' column in pshtt.csv is giving incorrect results
- Upgrade sslyze to 3.x
- System UI HOT 1
- Can't get the code to run on the M1 chip
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from domain-scan.