Skip to content

Nosey Parker v0.21.0

Latest
Compare
Choose a tag to compare
@bradlarsen bradlarsen released this 20 Nov 19:07
· 21 commits to main since this release

Docker Images

A prebuilt multiplatform Docker image for this release is available for x86_64 and ARM64 architectures:

docker pull ghcr.io/praetorian-inc/noseyparker:v0.21.0

Additionally, a prebuilt Alpine-based image is also available for x86_64 and ARM64 architectures:

docker pull ghcr.io/praetorian-inc/noseyparker-alpine:v0.21.0

Changes

  • Directories that appear to be Nosey Parker datastore directories are now skipped from scanning (#224).

  • The /proc, /sys, and /dev paths (special filesystems on Linux) are now ignored by default (#225). This suppresses many innocuous errors that would previously be seen when scanning the root filesystem of a Linux system.

  • Lockfiles from a few languages (e.g., Cargo.lock, Pipfile.lock, go.sum) are now ignored by default.

  • Rules have been modified:

    • Age Recipient (X25519 public key) and ThingsBoard Access Token now have additional category metadata.
    • Credentials in ODBC Connection String detects more occurrences (#227).
    • Jenkins Token or Crumb has been refined to improve detection (#232).
  • When using the --copy-blobs option, the default output format is now parquet (when the parquet feature is enabled, which it is unless you build with --no-default-features) (#229).

Additions

  • New rules have been added:

    • Credentials in MongoDB Connection String (#232)
    • Credentials in PostgreSQL Connection URI (#227)
    • Django Secret Key (#227)
    • Jenkins Setup Admin Password
    • Jina Search Foundation API Key
    • JSON Web Token Secret (#232)
    • HTTP Basic Authentication
    • HTTP Bearer Token
    • PHPMailer Credentials (#227)
  • The rules check command now has an optional --pedantic mode that verifies some additional non-material properties.

  • The scan command now has a new --copy-blobs-format=FORMAT option that controls the format used when the --copy-blobs option is used (#229). A new parquet format is available and is the default when the parquet feature is enabled (which it is unless you build with --no-default-features).