Malin/krawl.es
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
120 Commits 1 Branch 0 Tags
6ffe2ac2e47cc7d9fefe4a2744e49576c4693195
Commit Graph

13 Commits

Author SHA1 Message Date
Lorenzo Venerandi
4450d3a4e3 Linted code iwht black tool 2026-01-23 22:00:21 +01:00
leonardobambini
4e4c370b72 added site depth limit mechanism (#48) 
* added site depth limit mechanism

* modified max pages limit and ban duration seconds

---------

Co-authored-by: Leonardo Bambini <lbambini@Leonardos-MacBook-Air.local>
Co-authored-by: BlessedRebuS <patrick.difa@gmail.com>
 2026-01-23 21:33:32 +01:00
carnivuth
9d9a718aec feat:removed manual timezone management, delegate timezone configuration to execution environment 
removed code that manages timezone setup from config file, krawl now
obeys to the environment configuration
 2026-01-17 18:06:09 +01:00
Phillip Tarrant
7bd9d5055c fixing merge issues with main 2026-01-03 14:40:31 -06:00
Patrick Di Fazio
5f8bb73546 added random SQL errors, random server errors, XSS baits 2026-01-03 17:14:58 +01:00
Patrick Di Fazio
828f04261f Added POST log and dashboard for used credentials 2025-12-30 00:59:15 +01:00
Phillip Tarrant
a4baedffd9 updated dashboard to pull data from db. This closes issue #10 2025-12-28 13:56:23 -06:00
Phillip Tarrant
6487cb493d Merge branch 'dev' into feat/sqlite3-storage 2025-12-28 11:08:10 -06:00
Phillip Tarrant
f1c142c53d feat: add SQLite persistent storage for request logging 
- Add SQLAlchemy-based database layer for persistent storage
  - Create models for access_logs, credential_attempts, attack_detections, ip_stats
  - Include fields for future GeoIP and reputation enrichment
  - Implement sanitization utilities to protect against malicious payloads
  - Fix XSS vulnerability in dashboard template (HTML escape all user data)
  - Add DATABASE_PATH and DATABASE_RETENTION_DAYS config options
  - Dual storage: in-memory for dashboard performance + SQLite for persistence

  New files:
  - src/models.py - SQLAlchemy ORM models
  - src/database.py - DatabaseManager singleton
  - src/sanitizer.py - Input sanitization and HTML escaping
  - requirements.txt - SQLAlchemy dependency

  Security protections:
  - Parameterized queries via SQLAlchemy ORM
  - Field length limits to prevent storage exhaustion
  - Null byte and control character stripping
  - HTML escaping on dashboard output
 2025-12-28 10:43:32 -06:00
Patrick Di Fazio
6556e17f91 Added timezone env variable handling 2025-12-28 17:07:18 +01:00
Patrick Di Fazio
61ba574e92 Added POST log and dashboard for used credentials 2025-12-27 19:17:27 +01:00
Phillip Tarrant
72f7293995 added attack classification, added attack types to stats and dashboard, also added a tiny curl script to simulate attacks for testing purposes 2025-12-24 10:25:00 -06:00
BlessedRebuS
076b2de584 First commit 2025-12-14 19:08:01 +01:00