evait-security / envizon Goto Github PK

also move, copy, etc. hosts spinner in button (not only blank)

Description

Add trim funktion in the input field of the global search.

add an option to create screenshots from web applications / websites and embedd them into the single host view (quick preview).

suggestions:
https://github.com/maxwell/screencap
https://github.com/vitalie/webshot

Scanning large networks with nmap is not recommend. We will add an individual masscan interface soon. Hold on!

If someone changed the group content a notification or indicator has to send to all connected clients. Best case a rerender button is placed on the target group to notify the user that the group has to be rerendered before making any changes. (Lock mode)

Description

It looks like the scans are starting one at a time and the setting for paralell scans will be ignored in the backend.

Steps to Reproduce

• increase paralell scans to 3 in the setting tab.
• start a large scan eg. -sV -p- on a target
• start a small scan eg. -p 80 on the same target
• check the runnig scans in the frondend (only the first start)
• verify the running processes with top in the docker container (only the first is running)
• kill the large scan in terminal or wait until it becomes finished
• verify the start / end date of the finished scans (smal scan started at the moment wenn the lage scan is finished / canceled)

Add error msg to single host view if host does not exists.

Add the option to save / reuse complex queries in the group query interface.

To get a nice choice of icons including some brands for our groups we use fontawesome. The current icon picker is not the best choice and the fontawesome version is strongly outdated.

We searching for alternatives...

In the settings page you are be able to add & modify preconfigured scans. To get the power of the community to envizon itself we want your feedback so we can add your most favourite nmap scans.

New scan suggestions should be provided with the following information:
scan name: short description of the scan
nmap syntax: the exact syntax for nmap without output parameters
long description (optional): here you can explain your ideas and considerations for your scan

Each suggestion will be tested and maybe implemented directly in envizon with the information you provided.

If you start a scan e.g. with 500 targets, envizon should give you a capability to split the scan in smaller subscans.

After 10 secs visiting the scans page it will be refreshed by an ajax function and break the download scan functionality.

envizon hang on if you try to connect without https on the app port. after a while envizon reaches the socket limit and the application timed out.

Fix: add redirect

All groups are always fully rendered in the group view (including datatables) initially and on each change (move, copy, etc.). Performance suffers dramatically with a high amount of groups (> ~100).
Each group should be rendered individually once selected in the sidebar and should be removed (not only made invisible) from the html when clicking on the "close"-button. All visible groups should be re-rendered if any change (move, copy, etc.) happens. In order to implement this enhancement, the partial render group stuff has to be changed/rewritten. Furthermore a js-component needs to be written in order to select and re-render each visible group.

tl;dr

The performance with a high number of groups will improve in the future. We are on it!

The quick settings will get another section to add the possibility for changing or adding new preconfigured scans that can be selected in the drop down menu in the scan interface.

This will be a tough challenge...

maybe add list/view of /24 ranges (network view)

Description

Thought about adding labels/fields for found exploits, based on nmap CVEs, through the API of circl.lu.
Not all CPE are checked over the circl.lu API, but only when a specific version is specified (for example: cpe:/a:microsoft:iis:7.5 and not cpe:/o:microsoft:windows).

Hello former colleagues,
we are using envizon when pentesting, too, and my fellow colleagues are loving the tool.
But we discovered, that when working with a giant range of ip-adresses and ordering them asc. or desc, the counting of envizon seems a bit odd. For example:

192.168.0.1
192.168.0.110
192.168.0.12
192.168.0.2

Would it be possible, that envizon will count in the usual manner and consider each triple as one big number, not as three separate numbers? Thanks in advance.

Add an option to download the finished scans from envizon as xml file in order import the scans in other tools.

Prerequisites (This part should not be included in any issue)

• I have read the readme file & wiki
• I am running the latest version (git pull && docker-compose build)
• I have searched through the existing issues to ensure my issue is not already covered
• I do not report any visual issues relating to responsive design if my screen is not able to display more than 720p (1280×720)
• I do not report any visual issues relating to usage in old / unsupported browsers
• I use docker-compose build, the prebuilt images from the official repositories, or installed envizon without any problems on my own

Issues violating these prerequisites will be closed without further explanation. Furthermore, you will be haunted by your own shameful behavior for the rest of your life.

Description

I want to change app port
3000 is under grafana.
What should i do?
Please describe the problem or idea with as much detail as possible.

Steps to Reproduce

Provide any information to reproduce the issue.

Description

Unknown MySQL server host 'mysql' (-2) error when trying to add an issue as issue template to remote database.

Instance deployed via Running from local git checkout.

Since version 3.0 the notification progress toasts are not rendered through the websocket connection. Maybe the docker container needs to be reconsidered.

We have to add more security relevant labels.

MS08-067 - should be no problem.

We are open to get more suggestions from the community.

If clients were modified from global search, all participating groups should locked on all viewers screen.

Description

the results of an sV scan are overwritten when a simple scan is performed afterwards

Steps to Reproduce

• scan an open port with -sV becomes:
  80 | http | Apache httpd
• default scan of the same port becomes:
  80 | http | Unknown Product

Idea to fix

• only overwrite alrady exists ports if the new scan used the sV parameter

Description

Running from local git checkout steps are not correct or envizon_local docker image is bugged.

https://0bin.net/paste/OOsvz6EW#rxj9slgkdPfhMz+9uCYUpf-DhKJ3an3VJd0P4ghxd8L

The idea is that the key .ssl/localhost.key is missing.

It means the entrypoint script is not working as intended.

And effectively at the beginning I can see:

envizon_local      | No certificates provided and none in .ssl/, generating some for you                                                                                                                                                     
envizon_local      | Generating a RSA private key                                                                                                                                                                                            
envizon_local      | ...+++++
envizon_local      | .............................+++++
envizon_local      | writing new private key to '.ssl/localhost.key'
envizon_local      | req: Can't open ".ssl/localhost.key" for writing, No such file or directory

If it can't ouput in an non-existing file, maybe a quick touch can solve that?

Steps to Reproduce

Follow Running from local git checkout .

link issues to clients directly in reports view. ajax/jquery live search for client ip or hostname in modal should be finde

if you click select all button in group view, only a maximum of 10 will be selected. Furthermore blur function is missing.

direct (ajax) live search in custom targets?

No description needed.

settings and groups

add a button to move a client from all groups directly to an automaticly created group named "archive"

Hello again,

while working with envizon, it happend to me that I accidentlly archived an entry. But I wasnt able to restore it back to a normal entry, after being archived.
The version, as far as I can say, is 4.0 (its written right under "Settings").
I hope, you can reproduce and fix this issue.

Best regards,
Chris

Starting image scans directly from the group interface with selected clients.

For a decent network graph, open source js libary cytoscape can be used.

https://github.com/cytoscape/cytoscape.js

Description

If nmap returns scriptoutput which are empty do not store them to the database

Steps to Reproduce

run nmap -sC over an ip with open ports and check the script outputs in envizion

nothing to say

Description

The Funktion "Add new Group" do not close the modal, if "move" is selected. maybe the issue only triggers in virtuell Groups(custom Search).

in backgroud the funktion seems to work (if you reload the page all seams fine)

Steps to Reproduce

• search something and Click "Add to Group View"
• select some Targets and click "add new group with selected clients"
• prefill all inputfields, select "move" and submit the modal

Hello again,

while using envizon, we found, that it would be an huge improvement, if it would be possible, to add notes to each entry in a seperate field. Even better, but also more complicated, would be a search feature for these notes.

Yours sincerly,
Chris

issues should have unique text partials that are referenced to an issue and the label (Description, Recommendation, etc.)

Add function to init a scan directly from group view with selected targets.
Maybe via post method /scans and prefilled target fields.

render a issue with a global variable (setting) "presentation mode=true" will display the screenshots only in mosaik view

Implement a code style font for the nmap plugin output in the groups interface.