Seccubus v2.28 - The Docker edition

21 February 2017

We just released a new Seccubus version, you can download it here

For my work at Schuberg Philis we wanted to run Seccubus in Docker containers. This and inspiration from Karl Newell caused me to add a Dockerfile (and some other files) to Seccubus so that Seccubus can now be run in a docker container.

In addition I fixed a couple of bugs and changed the ssllabs scanner so it now uses the v3 API endpoint.

Enhancements

  • #361 - arkenoi created a netsparker2ivil tool that allows you to manually import Netsparker scans
  • #331 - Now using SSLLabs API v3
  • #386 - New SSL labs API output featues incorporporated
  • #389 - API endpoint URL has moved to a single function so it can be patched if deployed in a three tier architecture
  • #392 - Alternative handling of the updateFIndings.pl API
  • #397 - Allow seccubus to authenticate via an http request header
  • #399 - Create a Docker container for Seccubus

Bug Fixes

  • #364 - auto_gen column was missing from asset_host table
  • #358 - Could not get findings when an asset was used for the query
  • #360 - Not able to export report in PDF format - This breaks the scan
  • #336 - Non-critical RPM errors on CentOS 5
  • #376 - Removed 50 host limit in filters as it was counterproductive
  • #374 - Fixed Nikto path detection code
  • #377 - Hostname filter wasn’t working correctly, typed Hostname iso HostName
  • #385 - SSLlabs failed because cypher preference order was split out per protocol by SSLlabs now.
  • #394 - SSLlabs scanner failed if all enpoints fail and –gradeonly was used