v4.0.1

Improvements

• Adjusted some help messages

Bug Fixes

• Fixed bug where install.sh would fail to verify the checksum of the downloaded file
• Fixed bug where help would not show usage samples
• Fixed bug where --follow flag would be shown twice in help
• Fixed bug where completion subcommand would be shown twice in help

v4.0.0

Breaking Changes

• Instant Flag Removal: Made the --instant flag default and removed it, as there is no disadvantage on using it
• Quiet Flag Handling: Moved handling of the --quiet flag to the cli, as it makes no sense to have the library handle (to just print debug messages, but no results).
  The --quiet flag now discards all output that would be printed to stdout.

New Features

• CNAME Following: Added --follow flag to follow CNAMEs
• Schema Support: Added support for schema prefixes http:// and https:// in input
• Port Specification: Added support for port suffixes like :80, :443 or :8080 in input
• Path Support: Added support for path suffixes like /path in input
• Multi-Record TLS Scan: tlsScan now checks all A/AAAA records of the target, not just the first one

Improvements

• DNS System Integration: DNS client now uses system nameservers from resolv.conf on Unix systems with fallback to public DNS
• Cross-Platform DNS Support: Added support for macOS and Windows DNS configuration
• Nameserver Owner Detection: Fixed RDAP lookup for nameserver hostnames
• Subdomain Scan: Added filters to only show subdomains of the actual target domain when going through the certificate SAN list
• IPv6 Nameserver Support: Fixed IPv6 address formatting in DNS queries
• Library I/O Architecture: Configured the libraries to use io.Writer instead of fmt.Println, so the libraries are more versatile and can be used in other projects
  The cli still hands in os.Stdout and os.Stderr by default
• API Consistency: Adjusted scan-modules so they have a more consistent api
• Output Formatting: Adjusted formatting of result outputs, so they are more consistent and easier to read
• Debug Logging: Added more debug log statements

Bug Fixes

• Codebase Restructuring: Fixed several large and small bugs, restructured most of the codebase to make it more consistent and easier to maintain

Dependencies

• Package Updates: Updated dependencies

v3.0.9

• Fixed bug, where ip blacklisting error/warning would break formatting with its error message.
• Fixed bug, where cli-args were not picked up correctly, and the old --all was implicitely active at all times.
• Fixed bug, where results of http-protocol scan were not printed.
• Fixed bug, where the http-protocol scan would be wrong at all times for multiple reasons.

v3.0.8

• Fixed support for ipv4 and ipv6 as input
• Fixed bug, where subdomainResults contained ip addresses if they were in the certificate SAN list
• Updated dependencies

v3.0.7

• Fixed bug where subdomain scan would fail silently if crt.sh was not reachable.

v3.0.6

• Revert change from v3.0.5 as the bug did not exist and was a local issue

v3.0.5

• Fixed bug where version was not printed to output of webscan version

v3.0.4

• Updated readme
• Updated dependencies

v3.0.3

• Fixed bug, where tlsScan failed for urls with hostname and path, like abc.de/path.
• Fixed bug, where htmlContentScan couldn't read the response body correctly.

v3.0.2

• Adjusted module path to conform to go.mod spec, where the module path needs to contain the major version (aka .../webscan/v3 instead of just .../webscan)