766 Commits (master)

Author SHA1 Message Date
  dependabot[bot] db63ee978d
Bump yargs-parser from 5.0.0 to 5.0.1 (#2151) 1 month ago
  dependabot[bot] 96d1a55558
Bump elliptic from 6.5.3 to 6.5.4 (#2140) 1 month ago
  Glenn Wilkinson 54d9eb28ff
Merge pull request #2105 from gophish/fix-cors-headers 2 months ago
  Shubhendra Singh Chauhan 15303e32cf
Fix code quality issues (#2118) 2 months ago
  Jordan Wright 166ff8a050 Add PUT and DELETE methods for CORS handling. Fixes #2098 3 months ago
  ssssdl e6533e9993
Update Dockerfile (#2095) 3 months ago
  dependabot[bot] 9f5368aa13
Bump ini from 1.3.5 to 1.3.7 (#2067) 5 months ago
  Glenn Wilkinson ced5261678
Added functionality to lock accounts (+bug fix) (#2060) 5 months ago
  Jordan Wright 8b8e88b077 Adjusting how we handle IP address parsing to more gracefully handle X-Forwarded-For headers. Ref #1999 6 months ago
  Jordan Wright 120e232cfe Removing accidental dependencies to revert to 3c490dbadb 7 months ago
  Jordan Wright 23154126de Made error handling in the case of a client IP without a port more graceful, so that the ratelimiter doesn't return an error if X-Forwarded-For or X-Real-IP is set. 7 months ago
  Jordan Wright af3122f93b Adds support for X-Forwarded-For and X-Real-IP headers so that the correct IP address shows up in the logs. 7 months ago
  Jordan Wright 3c490dbadb Updated JS from #1976 7 months ago
  Glenn Wilkinson b53cff0c98
Added functionality to display last user login (#1967) 7 months ago
  Jordan Wright c1d3c7cd75 Modified frontend reporting logic to be more flexible with campaigns that include a path in their URL. 7 months ago
  Glenn Wilkinson 0b2ab68f8d
Modified regex to detect Microsoft ATP URLs (#1976) 7 months ago
  Jordan Wright 22c7b9be14 Bumped version to 0.11.0 8 months ago
  Jordan Wright b01bd6cbc0 Updated github.com/jordan-wright/email dependency 8 months ago
  Jordan Wright 6df62e85fd Added a simple Content-Security-Policy to mitigate clickjacking attempts. 8 months ago
  Jordan Wright e3352f481e
Implement SSRF Mitigations (#1940) 8 months ago
  Jordan Wright 27d13a0584 Gofmt'ing so that tests pass 8 months ago
  Jordan Wright 735880c398 Creating minified JS file from chnages in #1909 9 months ago
  Glenn Wilkinson 0558da90fe
Added support to allow invalid IMAP certificates (#1909) 9 months ago
  Jordan Wright 90fed5a575 Added escaping for error message in sending profile hostname 9 months ago
  dependabot[bot] 81aa65ba62
Bump elliptic from 6.4.1 to 6.5.3 (#1919) 9 months ago
  Andrew da18b9db94
Update credentials in Readme. (#1914) 9 months ago
  Jordan Wright b684fb4ebd Fixing issue where campaigns aren't showing up in the archived tab if they have been marked as completed. 9 months ago
  Jordan Wright 65f06c138f
Create SECURITY.md 9 months ago
  Jordan Wright 19ef924d89 Properly escaping server output when a request is made to ping a malicious webhook URL. 9 months ago
  Jordan Wright b25f5ac5e4 Updated PapaParse config to prevent CSV injection. 9 months ago
  Jordan Wright 4e9b94b641 Fixed validation when setting IMAP hostname 9 months ago
  Jordan Wright cf7d058f1d Fixed config test to match new default logger 9 months ago
  Jordan Wright 1c5ad85de1 Added handling for default logger if one is not specified. Fixes #1899 9 months ago
  dependabot[bot] f2042de3bc
Bump lodash from 4.17.15 to 4.17.19 (#1898) 9 months ago
  Stuart Small afa00e2a9c
Add ability to provide initial API key on service standup (#1883) 10 months ago
  Jordan Wright bf76f86ea4 Adds environment variable to set the initial admin password 10 months ago
  Jordan Wright bb7de8df3e
Initial Implementation of a Password Policy (#1867) 10 months ago
  Jordan Wright 0f6439de5a gofmt'ing the IMAP changes 10 months ago
  Jordan Wright 61bbb22f7c Updating the modules used for IMAP and email support 10 months ago
  Glenn Wilkinson 6f95da00ba
IMAP update; new library and attachment support (#1791) 10 months ago
  Jordan Wright 8ebdb43469 Documentation and code cleanup for webhooks 11 months ago
  Jordan Wright ec8b17238e General code cleanup as part of an effort to integrate staticcheck into our CI pipeline. 11 months ago
  Jordan Wright 0961e22126 Removed unneeded print statement 11 months ago
  Jordan Wright 782f80fa12 Bumped version to 0.10.1 11 months ago
  Jordan Wright b57210f6e7 Rebuilt JS files from #1812 11 months ago
  Jordan Wright 520b0b8d87 Initial commit of automatic releases via GitHub Actions. 11 months ago
  Jordan Wright ba38bfdbdd Bumped version to 0.10.0 11 months ago
  Jordan Wright b29544c208 Rebuilding JS files from #1838 11 months ago
  Prasoon Dwivedi 353639e168
Use GroupsSummary to create and copy campaign (#1838) 11 months ago
  Jordan Wright 726e3c96ac Rebuilding JS files from #1830 1 year ago