Commit Graph

19 Commits

Author SHA1 Message Date
Meitar M
61e37c9fd4
Amazon.com says HTTP 503 often, so allow that but do not whitelist. 2020-01-26 22:11:32 -05:00
Meitar M
efdd69b355
Whitelist creativecommons.org (due to dups), derbycon.com (due to TLS). 2020-01-26 21:51:02 -05:00
Meitar M
53bd2a5815
Remove numerous whitelisted URLs since they now redirect safely. 2020-01-26 21:34:44 -05:00
Meitar M
ac53f7ffe9
Whitelist Amazon and PacketStormSecurity, which dislike awesome_bot. 2020-01-26 21:28:29 -05:00
Meitar M
9b8cf746bd
Use Travis's Ubuntu Bionic (18.04 LTS) build for an updated Ruby. 2020-01-26 21:20:11 -05:00
Meitar M
06597c28dd
Add nostarch.com to whitelist as they, too, now use a Cloudflare WAF. 2019-08-07 16:14:32 -04:00
Meitar M
f9629a3c95
Add www.parrotsec.org to the whitelist as they use CloudFlare.
The `www.parrotsec.org` Web server has moved behind CloudFlare, which
returns an HTTP 503 error for the `awesome_bot` Web crawler, causing a
build failure. The domain is live and still works, but the CloudFlare
WAF does not permit the crawler to verify this.
2019-08-05 00:23:01 -04:00
Meitar M
1265b15c53
This commit proposes a massive reorganization of the list categories.
In this commit, the primary change is alphabetizing both the table of
contents as well as the line items for each category. This is done in
order to make it easier for readers to locate their desired information
with their naked eyes. The list is long, and as such should at least
have a consistent scheme for ordering the items within it.
Alphabetization also side-steps the issue of favoritism since the sort
order is lexicographical.

Additionally, this commit changes several headings to more clearly
describe its contents. For example, most of the subheadings under the
"Online Resources" category have been renamed to "Online [Topic]
Resources", where "[Topic]" was the old heading. Similarly, I split the
Docker Container section into two, one for distros and for tools, since
the previous section muddled those two distinct categories of containers
together. (The main list does not do this, so that was anomalous.)

Another major change is the removal of the top-level "Tools" section.
This section had clearly become a catch-all and also prevented us from
being able to use sub-headings to more intelligently categorize the
individual tools without running afoul of the Awesome List guidelines
that restrict us to one level of subheading per category. This continues
the work that was begun in  of moving, e.g., the "Network Tools"
section to its own top-level heading.

Further, I have removed several tools that are strictly either forensics
or malware analysis utilities, such as cuckoo sandbox. I feel that this
more accurately aligns this list with its stated purpose: Penetration
Testing. While related, listing forensics of malware analysis tools that
cannot also be used for vulnerability discovery or exploit development
seems like an invitation to suffer from scope creep. Instead of listing
those tools directly, I have therefore added "See also" lines with links
to more appropriate places (often other Awesome lists) for their topic.

Finally, several links were upgraded from their listed HTTP to HTTPS
versions, after I confirmed that those Web servers did indeed respond to
TLS requests. I also removed `www.defcon.org` from the `awesome_bot`'s
white list, since that link works just fine for me as well.
2019-03-28 15:47:23 -04:00
ZJ
0bc9cf2954
awesome-lint: added defcon to excluded link-check domains 2019-03-27 14:33:49 -04:00
Meitar M
c1b2d06543
Re-add ZoomEye.org to whitelist (403'ing again), remove 404'd ExploitPack link. 2019-03-19 00:09:40 -04:00
Meitar M
8f0d4c7ba5
Fix Awesome-Bot build errors: ComputerSecurityStudent.com is gone.
This commit also adds GhostProject.fr to the whitelist, as they use
CloudFlare's JavaScript DDoS detection and return an HTTP 503 error.

This commit also removes `zoomeye.org` from the whitelist,
because they seem to be returning HTTP 200 OK responses reliably now.
2019-02-19 22:32:55 -05:00
Meitar M
3297075b7e
Fix Travis CI build errors, largely due to stale links.
This commit fixes numerous CI build issues related to stale or broken
links. These include:

* Removal of Zoom username enumeration tool, covered by WPScan anyway.
* Removal of old Google dork database that is unmaintained/has vanished.
* Removal of `OSVDB.org` zone, which no longer resolves via DNS.
* Fix link to NoSQLmap tool (domain expired, use GitHub.com link now).
* Update link to Social Engineering in IT book from legacy URL.
* Update link to OWASP's AppSecUSA conference; now uses second-level domain.

Further, this commit simplifies the `.travis.yml` file in order to use a
plainer (more standard) certificates bundle. Two URLs have been added to
the whitelist: `www.shodan.io`, which returns a 403 Forbidden error when
accessed by Awesome Bot, and `www.mhprofessional.com`, which generates
an SSLv3 certificate validation error.

Prior to this commit, a custom SSL certificate bundle was generated and
then placed in the `/tmp` directory for use, but this is no longer
required as the latest `ca-certificates` bundle shipped with Ubuntu
contains the root certificates needed for the domains that once required
this custom bundle to be used.
2018-11-01 14:48:34 -04:00
Nick Raienko
d924f889f4 Various updates 2017-12-11 08:28:19 +02:00
techgaun
5ff68d4970
add various tools suggested on and fix link for sobelow
closes 
2017-11-19 22:31:45 -06:00
techgaun
1dfe24e297
ignore creativecommons 2017-08-17 21:54:30 -05:00
techgaun
d4fa4f0a72
default to trusty 2017-07-15 23:53:27 -05:00
techgaun
e7824ca693
update travis steps to handle dfn subca 2017-07-15 18:26:16 -05:00
Meitar M
3c811415bc Style guide compliance pass focused on Vulnerability Databases section. ()
* Add CVE List to Vulnerability Databases section, since it was missing.

* Style guide compliance pass focused on Vulnerability Databases section.

* Whitelist the Inj3ct0r URLs.

The `0day.today` website sits behind an extremely aggressive Cloudflare
anti-bot checker, which causes `awesome-bot` to trigger an HTTP 503
response. This fails the build but is actually normal behavior.

Similarly, the Onion service is inaccessible except over Tor and our
Travis CI configuration does not (yet?) support checking Onion service
links. (Although, perhaps it should be updated to do so in a future PR.)
2017-07-08 13:52:24 -05:00
Nick Raienko
c56f7fffc5 Add awesome bot links check 2016-09-22 22:36:35 +03:00