Merge pull request #92 from BlessedRebuS/feat/update-suspicious-pattern

feat: update Helm chart version to 1.0.7 and refine suspicious patterns

helm/Chart.yaml

@@ -2,8 +2,8 @@ apiVersion: v2
 name: krawl-chart
 description: A Helm chart for Krawl honeypot server
 type: application
-version: 1.0.6
-appVersion: 1.0.6
+version: 1.0.7
+appVersion: 1.0.7
 keywords:
   - honeypot
   - security

helm/values.yaml

@@ -579,23 +579,10 @@ wordlists:
     command_injection: "(cmd=|exec=|command=|execute=|system=|ping=|host=|&&|\\|\\||;|\\$\\{|\\$\\(|`|\\bid\\b|\\bwhoami\\b|\\buname\\b|\\bcat\\b|\\bls\\b|\\bpwd\\b|\\becho\\b|\\bwget\\b|\\bcurl\\b|\\bnc\\b|\\bnetcat\\b|\\bbash\\b|\\bsh\\b|\\bps\\b|\\bkill\\b|\\bchmod\\b|\\bchown\\b|\\bcp\\b|\\bmv\\b|\\brm\\b|/bin/bash|/bin/sh|cmd\\.exe|/bin/|/usr/bin/|/sbin/)"
     common_probes: "(/admin|/backup|/config|/database|/private|/uploads|/wp-admin|/login|/phpMyAdmin|/phpmyadmin|/users|/search|/contact|/info|/input|/feedback|/server|/api/v1/|/api/v2/|/api/search|/api/sql|/api/database|\\.env|/credentials\\.txt|/passwords\\.txt|\\.git|/backup\\.sql|/db_backup\\.sql)"
   suspicious_patterns:
-    - bot
-    - crawler
-    - spider
-    - scraper
-    - curl
-    - wget
-    - python-requests
-    - scanner
-    - nikto
     - sqlmap
-    - nmap
-    - masscan
     - nessus
-    - acunetix
     - burp
     - zap
-    - w3af
     - metasploit
     - nuclei
     - gobuster

wordlists.json

@@ -481,23 +481,10 @@
     "gunicorn/20.1.0"
   ],
   "suspicious_patterns": [
-    "bot",
-    "crawler",
-    "spider",
-    "scraper",
-    "curl",
-    "wget",
-    "python-requests",
-    "scanner",
-    "nikto",
     "sqlmap",
-    "nmap",
-    "masscan",
     "nessus",
-    "acunetix",
     "burp",
     "zap",
-    "w3af",
     "metasploit",
     "nuclei",
     "gobuster",