droopescan 1.25.0

A plugin-based scanner that aids security researchers in identifying issues with several CMSs, mainly Drupal & SilverStripe. https://github.com/droope/droopescan

1.25.0

• Bug fix.

1.24.0

• Drupal 7.36, SS 3.0.13.

• Fixed stats.

1.23.1

• Fix botched release. Add more “leetness”.

1.23.0

• Increase “leetness” in invocations without arguments and in stats.

• Improve documentation, github language detection.

• Reduce number of themes scanned by default.

• Improve SS module list.

• Add fancy autocompletion for common command-line arguments.

1.22.1

• Updated versions. New security advisories out for both Drupal & SS.

1.22.0

• Miscelaneous improvements.

1.21.0

• Add new SS version.

• Improved release process to allow the releasing from branches instead of only allowing releases from ‘development’.

1.20.0

• Update SS to version 3.1.10.

• Remove unnecessary files.

• Improve plugin lists.

1.19.1

• Improve documentation.

• Add SS Release Candidates.

1.19.0

• Added support for Drupal 8.x.

• Usability improvements.

• Add flag for not following redirects.

1.18.0

• Improved SS detection for new reported bug.

• Improve stats.

• Remove relative redirects or same-site redirects.

1.13.0

• Support for SS 3.9.

• Remove super annoying warning by urllib3.

• Usability improvements.

• Add integration tests which should pick up on most issues.

1.12.0

• Add PyPI support.

• Add support for virtualenv.

• Add “graceful” handling of SIGINT.

• Documentation improvements.

1.11.0

• Improved SS scanning (particularly plugin scanning) a great deal.

• Added ‘interesting module urls’ for SS.

• More documentation.

• Internal tidy-up.

1.10.0

• Added support for interesting module urls.

• Add more documentation.

1.9.0

• Update databases.

• Improve drupal detection.

• SilverStripe improvements.

• Massive internal rework.

1.9.0-rc1

• Add python 3 support.

• More documentation.

• General tidy up of the code.

• Database updates.

• Improved detection for SS modules.

• Fixed memory leak which was showing up after scanning more than 40.000 websites.

• Improved output.

• Added travis support.

• General bug fixes.

1.8.4.1

• Database update. Drupal 7.33 & SS 3.1.7-rc have been released.

1.8.4

• Add global per-site timeout.

• Add functionality for logging standard errors to a file.

1.8.4-rc

• Add better handling for websites with fake changelogs, but still utilize them to narrow down when reasonable.

• Deal with websites that always respond with 200 OK, even on not found pages. Add heuristic test to differentiate from real 200 OK responses.

• Misc fixes.

1.8.4-beta

• Improved accuracy for druppagedon as far as possible.

• Fixed aesthetic issues with JSON output.

• Fixed issues with redirects on non-cms websites.

1.8.3

• Added timeouts to prevent hanging on massive scans.

• Avoid unnecessarily discarding connections due to a low max http pool limit.

1.8.3-rc

• Improve error handling.

• Final release before stable.

1.8.3-beta

• Improve documentation.

1.8.2-beta

• Add new drupal version so that fully patched up versions of Drupal get detected properly.

1.8.1-beta

• Fix output issue.

1.8.0-alpha

• Added JSON output.

• Added multi-threaded multi site scanning.

• Improved output.

1.7.3

• Removed DNN.

• Fixed SS updating process.

• Fixed bug on display of loading bar.

• Tag release.

1.7.2-beta

• Released beta of version 1.x.

• Vastly improved version detection and database handling.