Browse code

Add possibility to scan for thirdparty components that are disabled by default

Hanno Böck authored on25/11/2019 08:46:35
Showing1 changed files
... ...
@@ -106,6 +106,8 @@ parser.add_option("-f", "--fancy", action="store_const", dest="OUTPUT",
106 106
                   const="fancy", help="Show more fancy output")
107 107
 parser.add_option("-x", "--xml", action="store_const", dest="OUTPUT",
108 108
                   const="xml", help="Output results as XML")
109
+parser.add_option("-3", "--thirdparty", action="store_true", dest="THIRDPARTY",
110
+                  help="Scan for third-party components like jquery")
109 111
 opts, args = parser.parse_args()
110 112
 
111 113
 # Parse vulnerability database
... ...
@@ -121,6 +123,9 @@ vdb = []
121 123
 for sect in config.sections():
122 124
     item = {}
123 125
 
126
+    if config.getboolean(sect, 'thirdparty', fallback=False) and not opts.THIRDPARTY:
127
+        continue
128
+
124 129
     # base options
125 130
     item['name'] = sect
126 131
     item['safe'] = config.get(sect, 'safe')