aboutsummaryrefslogtreecommitdiff
path: root/tests/result
Commit message (Collapse)AuthorAge
* Added new check for detecting suspicious (too long) namesLuca Deri2020-08-21
|
* Added the ability do identigy as DGA those host/domain names with too many ↵Luca Deri2020-08-21
| | | | | | | consucutive repeated characters such as ckaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa used fr netbios reflection attacks https://www.akamai.com/uk/en/multimedia/documents/state-of-the-internet/ddos-reflection-netbios-name-server-rpc-portmap-sentinel-udp-threat-advisory.pdf
* MySQL8 updateLuca Deri2020-08-21
|
* Added (manipulated) MySQL 8 test pcap.Toni Uhlig2020-08-20
| | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* Merge pull request #974 from IvanNardi/esni4Luca Deri2020-08-13
|\ | | | | Suspicious ESNI usage: add a comment and a pcap example
| * Suspicious ESNI usage: add a comment and a pcap exampleNardi Ivan2020-08-06
| | | | | | | | See: 79b89d286605635f15edfe3c21297aaa3b5f3acf
* | Fixes invalid detection on traffic on non standard portsLuca Deri2020-08-12
|/
* Added new traffic category for connectivity check detectionLuca Deri2020-08-04
|
* Fixed partial TLS dissectionLuca Deri2020-07-30
|
* Changed due to bin size extensionLuca Deri2020-07-30
|
* TLS dissection improvementsLuca Deri2020-07-28
|
* Added NDPI_SMB_INSECURE_VERSION for detecting insecure SMB versions (e.g. v1)Luca Deri2020-07-27
|
* SSH code cleanupLuca Deri2020-07-25
|
* User agent detection improvementsLuca Deri2020-07-21
|
* Fixed race condition in ndpi_ssl_version2str() caused by static qualifier in ↵Toni Uhlig2020-07-11
| | | | | | | | | the version string buffer. * added also GREASE supported tls versions as specified in https://tools.ietf.org/html/draft-davidben-tls-grease-01#page-4 Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* Updated test results due to bin changesLuca Deri2020-07-09
|
* Improved HTTP line parsing if request splitted into multiple packets.Toni Uhlig2020-07-05
| | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* Fixed heap overflow in tls esni extraction triggered by manipulated packets.Toni Uhlig2020-06-29
| | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* Update test resultsNardi Ivan2020-06-28
|
* DNP3: add missing initializationNardi Ivan2020-06-28
|
* TLS: extract JA3 signatures in some corner casesNardi Ivan2020-06-28
| | | | | In some (rare) cases, Client Hello message contains lots of cipher suits.
* Fixed off-by-one error in h323.Toni Uhlig2020-06-27
| | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* Added malformed packet risk supportLuca Deri2020-06-26
|
* Fixed missing length check in fbzero.Toni Uhlig2020-06-23
| | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* Fixes #906Luca Deri2020-06-22
| | | | Packet bins are not printed wehn empty
* Added ndpi_bin_XXX APILuca Deri2020-06-22
| | | | Added packet lenght distribution bins
* Fixed use after free caused by dangling pointerToni Uhlig2020-06-21
| | | | | | * This fix also improved RCE Injection detection Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* Merge pull request #920 from lnslbrty/fix/tls-rdn-crashLuca Deri2020-06-19
|\ | | | | Fixed stack overflow caused by missing length check
| * Fixed stack overflow caused by missing length checkToni Uhlig2020-06-18
| | | | | | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* | Added GoogleDNS DoH on Android 10Luca Deri2020-06-19
| |
* | DGA detection improvementsLuca Deri2020-06-18
| |
* | Added checks for DGA detectionLuca Deri2020-06-17
| |
* | Implemented proprietary AnyDesk protocolToni Uhlig2020-06-17
|/ | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* Added DGA risk for names that look like a DGALuca Deri2020-06-11
|
* Added check in TLS 1.2+ for reporting a risk when TLS is not used to carry HTTPSLuca Deri2020-06-08
|
* Removed some obsolete protocols (battlefield, oscar, pcanywhere, tvants)Luca Deri2020-06-06
|
* Added check to avoid producing alerts for known protocol on unknown port ↵Luca Deri2020-05-30
| | | | when using TLS
* Refreshed test pcapLuca Deri2020-05-28
|
* Added support for Encrypted TLS SNI dissectionLuca Deri2020-05-28
| | | | https://datatracker.ietf.org/doc/draft-ietf-tls-sni-encryption/
* Result updateLuca Deri2020-05-27
|
* Added pcap with encrypted SNILuca Deri2020-05-27
| | | | | - https://blog.cloudflare.com/encrypted-sni/ - https://www.inmotionhosting.com/support/website/security/dns-over-https-encrypted-sni-in-firefox/
* Added stub for checking HTTP headerLuca Deri2020-05-21
| | | | Updated Teams result
* Added fix to avoid potential heap buffer overflow in H.323 dissectorLuca Deri2020-05-19
| | | | Modified HTTP report information to make it closer to the HTTP field names
* Added check for invalid HTTP URLsLuca Deri2020-05-16
|
* Added NDPI_HTTP_SUSPICIOUS_USER_AGENT ndpi_riskLuca Deri2020-05-15
|
* Added NDPI_TLS_CERTIFICATE_EXPIRED, NDPI_TLS_CERTIFICATE_MISMATCH, to ndpi_riskLuca Deri2020-05-15
|
* Improvements on GotoMeetingLuca Deri2020-05-15
| | | | Added pcap for testing malware
* Added TLS weak cipher and obsolete protocol version detectionLuca Deri2020-05-10
|
* Added detection of self-signed TLS certificatesLuca Deri2020-05-10
|
* Added the ability to detect when a known protocol is using a non-standard portLuca Deri2020-05-10
| | | | Added check to spot executables exchanged via HTTP
Powered by cgit, Themed by Ted Yin.