aheh/sherlock
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
2,743 Commits 10 Branches 3 Tags
80922a93fa306c01f899d0cdb5ec70e3dd01f2ec
Commit Graph

26 Commits

Author SHA1 Message Date
Paul Pfeister 7379ba7b19 Merge branch 'remove-tor' 2025-10-04 20:52:40 -04:00
Paul Pfeister 4246a7b16f chore: make default --no-txt 
Workflows where a txt file is still required should use --txt
 2025-10-04 20:32:16 -04:00
Paul Pfeister 52cd5fdfc1 feat: gracefully skip sites with invalid errorType 2025-10-04 20:22:34 -04:00
Paul Pfeister 947f1ad2b6 Merge pull request #2574 from dollaransh17/fix/http-request-timeouts 
Security Fix: Add timeout parameters to HTTP requests
 2025-10-04 18:42:13 -04:00
Paul Pfeister 0794e02b52 feat: support multiple errorTypes 2025-10-04 16:53:30 -04:00
dollaransh17 0e7219b191 Security Fix: Add timeout parameters to HTTP requests 
This fix addresses a critical security vulnerability where HTTP requests
could hang indefinitely, potentially causing denial of service.

Changes:
- Added 10-second timeout to version check API call
- Added 10-second timeout to GitHub pull request API call
- Added 30-second timeout to data file downloads (larger timeout for data)
- Added 10-second timeout to exclusions list download

Impact:
- Prevents infinite hangs that could freeze the application
- Improves user experience with predictable response times
- Fixes security issue flagged by Bandit static analysis (B113)
- Makes the application more robust in poor network conditions

The timeouts are conservative enough to work with slow connections
while preventing indefinite blocking that could be exploited.
 2025-10-03 13:41:43 +05:30
Paul Pfeister 8882310450 feat: honor automatic exclusions list 2025-09-15 21:56:54 -04:00
Paul Pfeister ca094d8264 test: prepare false positive detection base 2025-09-14 00:39:35 -04:00
Paul Pfeister b1fb7ac2ff chore: add PR note to --json help 2025-02-03 03:02:22 -05:00
Paul Pfeister 2c303a2869 fix: WAF hit list 2024-11-13 16:53:59 -05:00
Paul Pfeister 839eab1384 chore: add cloudfront waf hit 2024-11-11 22:25:47 -05:00
Paul Pfeister 046c2957f3 chore: expand WAF hit list 2024-11-11 20:05:20 -05:00
Paul Pfeister 6f3b89c98a Merge branch 'master' into master 2024-11-11 19:45:32 -05:00
Paul Pfeister 785346c12d Merge pull request #2277 from sherlock-project/2275-PEP-561 
Comply with PEP 561
 2024-11-11 17:19:19 -05:00
Paul Pfeister a998ec309c fix: missing Optional typing import 2024-11-11 17:16:31 -05:00
ByteXenon 270fbf6473 Overload --json to accept pull request data and remove --pull-request parameter 2024-11-06 00:26:14 -07:00
ByteXenon e84c5fce37 Add --pull-request [-pr] parameter 2024-11-04 02:22:05 -07:00
rsb-23 192e2c333e Fixed false positives #2273 
- Updated user-agent in header and removed duplicate
-
 2024-09-03 21:04:10 +05:30
Paul Pfeister 4660afb7d8 Fix implicit optional (PEP 484) 
Co-authored-by: GuardianWang <31812793+GuardianWang@users.noreply.github.com>
 2024-08-30 01:21:08 -04:00
Paul Pfeister 0d0335bca0 Comply with PEP 561 2024-08-27 22:32:48 -04:00
ntexe 2cc854bd6b You can now disable creation of a txt file 2024-08-21 14:01:22 +03:00
Paul Pfeister 930ed2ac7c Merge branch '2130-torrequest' into release/0.15.0-rc2 2024-07-08 04:56:21 -04:00
Paul Pfeister 18367353df Merge branch 'bump-version' into release/0.15.0-rc2 2024-07-08 04:45:14 -04:00
Paul Pfeister e1c4db4dab Merge branch '2205-target-debug' into release/0.15.0-rc2 2024-07-08 04:37:55 -04:00
Paul Pfeister 2680cc85fb Merge branch '2204-alert-if-script' into release/0.15.0-rc2 2024-07-08 04:37:42 -04:00
Paul Pfeister ca781a3c3b Rename importable module 2024-06-24 16:40:03 -04:00