-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathTODO
41 lines (24 loc) · 1.01 KB
/
TODO
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
- add sanity check that an a http service is cerrectly forbidden or correctly redirected
ex: a protected page must either redirect to a login page or return a 401 / 403
- mprove format of github check
- check that snapshots are correctly working
- track CVE like: curl 'https://services.nvd.nist.gov/rest/json/cves/2.0?keywordSearch=bitwarden' > cve
curl 'https://services.nvd.nist.gov/rest/json/cves/2.0?virtualMatchString=cpe:2.3:a:traefik:traefik:2.0' > json
curl 'https://services.nvd.nist.gov/rest/json/cves/2.0?virtualMatchString=cpe:2.3:a:bitwarden:bitwarden' > json
check nvd.nist vs cvedetails
--
check debian & apt list --upgradable -a
apt list --upgradable
--
check no package in pending install
dpkg --audit
--
# checksum from dpkg, man dpkg section verify-format
# dpkg --verify | grep -v -E '/usr/share/man|/usr/share/locale'
??5?????? c /etc/nftables.conf
??5?????? c /etc/iproute2/rt_tables
--
check hardware vuln not satisfied:
dmesg | grep -i Vulnerable
# check ipv6
curl -6 https://ifconfig.me