Updated detections, and work on new integrations

Some updated detections have gone live this week.

Also, a bigger update is on the way: the Shodan plugin is being updated, and Censys and Shadowserver integrations are currently in test. They might just go live in the next update round :-)

CAA in internetstandard checks

The internet standards check at internet.nl has added a CAA check a while ago. Although the data for CAA has been in ShadowTrackr for years, it was still lacking on the internet standards overview and report. That is fixed now.

The current update also introduced the option to make a proper PDF export of the $dns_dependency_report. While this sounds like a small step, it's actually quite a thing. The code behind this opens the door to exporting all sorts of fancy graphs to PDFs.

New detections, and false positive CVE removed

The current update has more and better software detections, focussing mostly on webframeworks and remote login services.

Recently all vulnerabilities detected on certificates where included in the main vulnerability index. Some of you have noticed that CVE-2013-0169 (LUCKY13) appeared on quite a few webserver/certificates. You can prevent this by removing all CBC ciphers, but the truth is that about all webservers have fixed this vulnerability years ago and almost all instances where CVE-2013-0169 is found are false positives.

CVE-2013-0169 is now marked as false positive and does not appear in the vulnerability index anymore. It does still show on the certificate page with the notice that the webserver presenting the certificate is possibly vulnerable.