profile
viewpoint
If you are wondering where the data of this site comes from, please visit https://api.github.com/users/santosomar/events. GitMemory does not store any data, but only uses NGINX to cache data for a period of time. The idea behind GitMemory is simply to give users a better reading experience.
Omar Santos santosomar United States https://omarsantos.io Cybersecurity nerd with a passion on advanced attacks, vulnerability management, threat intelligence, and security research.

santosomar/awesome-threat-intelligence 21

A curated list of Awesome Threat Intelligence resources

santosomar/awesome 6

:sunglasses: Curated list of awesome lists

santosomar/art-of-hacking 5

This repository includes supplemental information covered in the Pearson video course titled "The Art of Hacking and Exploitation".

santosomar/awesome-docker 5

:whale: A curated list of Docker resources and projects

santosomar/awesome-security 5

A collection of awesome software, libraries, documents, books, resources and cools stuffs about security.

santosomar/awesome-web-security 5

🐶 A curated list of Web Security materials and resources.

santosomar/awesome-incident-response 4

A curated list of tools for incident response

santosomar/awesome-malware-analysis 4

A curated list of awesome malware analysis tools and resources

santosomar/awesome-python 4

A curated list of awesome Python frameworks, libraries, software and resources

chris-mccoy/internet-locks 2

Internet Enabled Locks

startedasyncapi/event-gateway

started time in 6 hours

startedmoov-io/iso8583

started time in 19 hours

fork devildog13/offensive-docker

Offensive Docker is an image with the more used offensive tools to create an environment easily and quickly to launch assessment to the targets.

https://hub.docker.com/r/aaaguirrep/offensive-docker

fork in a day

startedsantosomar/offensive-docker

started time in a day

fork devildog13/awesome-docker

:whale: A curated list of Docker resources and projects

https://awesome-docker.netlify.com/

fork in a day

startedsantosomar/awesome-docker

started time in a day

Pull request review commentoasis-tcs/csaf

Profiles

 Example which fails the test:  Informatiove tests provide insights in common mistakes and bad practices. They MAY fail at a valid CSAF document. It is up to the issuing party to decide whether this was an intended behavior and can be ignore or should be treated. These tests may include information about recommended usage. A program MUST handle a test failure as a information. -# 5 Distributing CSAF documents+# 5 Profiles++CSAF documents do not have many required fields as they can be used for different purposes. To ensure a common understanding which fields are required in a use case and therefore a certain document category each subsection defines a profile. It also provides insights into the purpose of the profile. Each profile extends the generic profile **Generic CSAF** making additional fields from the standard mandatory. Any other optional field from the standard can also be added to a CSAF document which conforms with a profile without breaking conformance with the profile. One and only exempt is when the profile requires not to have a certain set of fields.++## 5.1 Profile 1: Generic CSAF++This profile defines the default required fields for any CSAF document. Therefore, it is a "catch all" for CSAF documents that do not satisfies any other profile. Furthermore, it is the foundation all other profiles are build on.

Thanks for catching that.

tschmidtb51

comment created time in a day

created repositorycloudsecurityalliance/organization-security-policy

organization-security-policy

created time in a day

Pull request review commentoasis-tcs/csaf

Profiles

 Example which fails the test:  Informatiove tests provide insights in common mistakes and bad practices. They MAY fail at a valid CSAF document. It is up to the issuing party to decide whether this was an intended behavior and can be ignore or should be treated. These tests may include information about recommended usage. A program MUST handle a test failure as a information. -# 5 Distributing CSAF documents+# 5 Profiles++CSAF documents do not have many required fields as they can be used for different purposes. To ensure a common understanding which fields are required in a use case and therefore a certain document category each subsection defines a profile. It also provides insights into the purpose of the profile. Each profile extends the generic profile **Generic CSAF** making additional fields from the standard mandatory. Any other optional field from the standard can also be added to a CSAF document which conforms with a profile without breaking conformance with the profile. One and only exempt is when the profile requires not to have a certain set of fields.++## 5.1 Profile 1: Generic CSAF++This profile defines the default required fields for any CSAF document. Therefore, it is a "catch all" for CSAF documents that do not satisfies any other profile. Furthermore, it is the foundation all other profiles are build on.
This profile defines the default required fields for any CSAF document. Therefore, it is a "catch all" for CSAF documents that do not satisfy any other profile. Furthermore, it is the foundation all other profiles are build on.
tschmidtb51

comment created time in a day

fork tschmidtb51/html-webpack-plugin

Simplifies creation of HTML files to serve your webpack bundles

fork in 2 days

startedsix-ddc/plow

started time in 2 days

created repositorycloudsecurityalliance/uvi-tools

uvi-tools

created time in 2 days

created repositorycloudsecurityalliance/security-process-data-beta

security-process-data-beta

created time in 2 days

created repositorycloudsecurityalliance/security-processing-beta

Scripts and tools for security processing beta

created time in 2 days

startedsantosomar/who_and_what_to_follow

started time in 3 days

startedDreamacro/clash

started time in 4 days

created repositorytimb-machine-mirrors/nsidis

created time in 4 days

Pull request review commentoasis-tcs/csaf

Add soft limits as appendix C

 Zach | Turk | Microsoft  | Revision | Date | Editor | Changes Made | | :--- | :--- | :--- | :--- |-| csaf-v2.0-wd20210521 | 2021-05-21 | Stefan Hagen | Editor revision for TC review |+| csaf-v2.0-wd20210521 | 2021-05-21 | Stefan Hagen and Thomas Schmidt| Editor revision for TC review |++# Appendix C. Guidance on the Size of CSAF Documents++The TC carefully considered all known aspects to provide size limits for CSAF documents for this version of the specification. It was decided that hard limits should not be enforced. However, since there is the need for guidance to ensure interoperability in the eosystem, the TC provides a set of soft limits. A CSAF document which exceeds those, can still be valid but it might not be processable for some parties.++All _CSAF consumers_ should be able to process CSAF documents which comply with the limits below. All _CSAF producers_ should not produce CSAF documents which exceed those limits.++> If you come across a case where these limits are exceeded, please provide feedback to the TC.++## File size++A CSAF document in the specified JSON format encoded in UTF-8 should be not lager than 15 MB.++>At least one database technology in wide use for storing CSAF documents rejects insert attempts when the transformed BSON size exceeds 16 megabytes. The BSON format optimizes for accessibility and not size. So, small integres and small strings may incur more overhead in the BSOn format than in JSON. In addition, the BSON format adds lebgth information for the entries inside the document which adds to the size when storing CSAF document content in a BSON format.++## Array length++An array should not have more than:++* 10 000 items for+  * `/document/acknowledgments`+  * `/document/acknowledgments[]/names`+  * `/document/acknowledgments[]/urls`+  * `/document/tracking/aliases`+  * `/product_tree/branches[]/product/product_identification_helper/hashes`+  * `/product_tree/branches[]/product/product_identification_helper/hashes[]/file_hashes`+  * `/product_tree/branches[]/product/product_identification_helper/x_generic_uris`+  * `/product_tree/branches[](/branches[])*/product/product_identification_helper/hashes`+  * `/product_tree/branches[](/branches[])*/product/product_identification_helper/hashes[]/file_hashes`+  * `/product_tree/branches[]/branches[]/product/product_identification_helper/x_generic_uris`+  * `/product_tree/full_product_names[]/product_identification_helper/hashes`+  * `/product_tree/full_product_names[]/product_identification_helper/hashes[]/file_hashes`+  * `/product_tree/full_product_names[]/product_identification_helper/x_generic_uris`+  * `/product_tree/relationships[]/full_product_name/product_identification_helper/hashes`+  * `/product_tree/relationships[]/full_product_name/product_identification_helper/hashes[]/file_hashes`+  * `/product_tree/relationships[]/full_product_name/product_identification_helper/x_generic_uris`+  * `/vulnerabilities[]/acknowledgments`+  * `/vulnerabilities[]/acknowledgments[]/names`+  * `/vulnerabilities[]/acknowledgments[]/urls`+  * `/vulnerabilities[]/id/system_name`+  * `/vulnerabilities[]/id/text`+  * `/vulnerabilities[]/remediations[]/entitlements`++* 40 000 items for+  * `/document/notes`+  * `/document/references`+  * `/vulnerabilities[]/involvements`+  * `/vulnerabilities[]/notes`+  * `/vulnerabilities[]/references`++* 100 000 for+  * `/document/tracking/revision_history`+  * `/product_tree/branches`+  * `/product_tree(/branches[])*/branches`+  * `/product_tree/branches[]/product/product_identification_helper/serial_numbers`+  * `/product_tree/branches[](/branches[])*/product/product_identification_helper/serial_numbers`+  * `/product_tree/full_product_names`+  * `/product_tree/full_product_names[]/product_identification_helper/serial_numbers`+  * `/product_tree/product_groups[]/product_ids`+  * `/product_tree/relationships[]/full_product_name/product_identification_helper/serial_numbers`+  * `/vulnerabilities`++* 10 000 000 for+  * `/product_tree/relationships`+  * `/product_tree/product_groups`+  * `/vulnerabilities[]/remediations[]/group_ids`++* 100 000 000 for+  * `/vulnerabilities[]/product_status/first_affected`+  * `/vulnerabilities[]/product_status/first_fixed`+  * `/vulnerabilities[]/product_status/fixed`+  * `/vulnerabilities[]/product_status/known_affected`+  * `/vulnerabilities[]/product_status/known_not_affected`+  * `/vulnerabilities[]/product_status/last_affected`+  * `/vulnerabilities[]/product_status/recommended`+  * `/vulnerabilities[]/product_status/under_investigation`+  * `/vulnerabilities[]/remediations`+  * `/vulnerabilities[]/remediations[]/product_ids`+  * `/vulnerabilities[]/scores`+  * `/vulnerabilities[]/scores[]/products`+  * `/vulnerabilities[]/threats`+  * `/vulnerabilities[]/threats[]/group_ids`+  * `/vulnerabilities[]/threats[]/product_ids`++## String length++A string should not have a length greater than:++* 1000 for+  * `/document/acknowledgments[]/names[]`+  * `/document/acknowledgments[]/organization`+  * `/document/aggregate_severity/text`+  * `/document/category`+  * `/document/lang`+  * `/document/notes[]/audience`+  * `/document/notes[]/title`+  * `/document/publisher/name`+  * `/document/publisher/vendor_id`+  * `/document/source_lang`+  * `/document/title`+  * `/document/tracking/aliases[]`+  * `/document/tracking/generator/engine`+  * `/document/tracking/id`+  * `/document/tracking/revision_history[]/number`+  * `/document/tracking/version`+  * `/product_tree/branches[]/name`+  * `/product_tree/branches[]/product/name`+  * `/product_tree/branches[]/product/product_id`+  * `/product_tree/branches[]/product/product_identification_helper/hashes[]/file_hashes[]/algorithm`+  * `/product_tree/branches[]/product/product_identification_helper/hashes[]/file_hashes[]/value`+  * `/product_tree/branches[]/product/product_identification_helper/hashes[]/filename`+  * `/product_tree/branches[]/product/product_identification_helper/serial_numbers[]`+  * `/product_tree/branches[](/branches[])*/name`+  * `/product_tree/branches[](/branches[])*/product/name`+  * `/product_tree/branches[](/branches[])*/product/product_id`+  * `/product_tree/branches[](/branches[])*/product/product_identification_helper/hashes[]/file_hashes[]/algorithm`+  * `/product_tree/branches[](/branches[])*/product/product_identification_helper/hashes[]/file_hashes[]/value`+  * `/product_tree/branches[](/branches[])*/product/product_identification_helper/hashes[]/filename`+  * `/product_tree/branches[](/branches[])*/product/product_identification_helper/serial_numbers[]`+  * `/product_tree/full_product_names[]/name`+  * `/product_tree/full_product_names[]/product_id`+  * `/product_tree/full_product_names[]/product_identification_helper/hashes[]/file_hashes[]/algorithm`+  * `/product_tree/full_product_names[]/product_identification_helper/hashes[]/file_hashes[]/value`+  * `/product_tree/full_product_names[]/product_identification_helper/hashes[]/filename`+  * `/product_tree/full_product_names[]/product_identification_helper/serial_numbers[]`+  * `/product_tree/product_groups[]/group_id`+  * `/product_tree/product_groups[]/product_ids[]`+  * `/product_tree/relationships[]/full_product_name/name`+  * `/product_tree/relationships[]/full_product_name/product_id`+  * `/product_tree/relationships[]/full_product_name/product_identification_helper/hashes[]/file_hashes[]/algorithm`+  * `/product_tree/relationships[]/full_product_name/product_identification_helper/hashes[]/file_hashes[]/value`+  * `/product_tree/relationships[]/full_product_name/product_identification_helper/hashes[]/filename`+  * `/product_tree/relationships[]/full_product_name/product_identification_helper/serial_numbers[]`+  * `/product_tree/relationships[]/product_reference`+  * `/product_tree/relationships[]/relates_to_product_reference`+  * `/vulnerabilities[]/acknowledgments[]/names[]`+  * `/vulnerabilities[]/acknowledgments[]/organization`+  * `/vulnerabilities[]/cve`+  * `/vulnerabilities[]/cwe/id`+  * `/vulnerabilities[]/cwe/name`+  * `/vulnerabilities[]/notes[]/audience`+  * `/vulnerabilities[]/notes[]/title`+  * `/vulnerabilities[]/product_status/first_affected[]`+  * `/vulnerabilities[]/product_status/first_fixed[]`+  * `/vulnerabilities[]/product_status/fixed[]`+  * `/vulnerabilities[]/product_status/known_affected[]`+  * `/vulnerabilities[]/product_status/known_not_affected[]`+  * `/vulnerabilities[]/product_status/last_affected[]`+  * `/vulnerabilities[]/product_status/recommended[]`+  * `/vulnerabilities[]/product_status/under_investigation[]`+  * `/vulnerabilities[]/remediations[]/group_ids[]`+  * `/vulnerabilities[]/remediations[]/product_ids[]`+  * `/vulnerabilities[]/scores[]/cvss_v2/vectorString`+  * `/vulnerabilities[]/scores[]/cvss_v3/vectorString`+  * `/vulnerabilities[]/scores[]/products[]`+  * `/vulnerabilities[]/threats[]/group_ids[]`+  * `/vulnerabilities[]/threats[]/product_ids[]`+  * `/vulnerabilities[]/title`++* 10 000 for+  * `/document/acknowledgments[]/summary`+  * `/document/distribution/text`+  * `/document/publisher/contact_details`+  * `/document/publisher/issuing_authority`+  * `/document/references[]/summary`+  * `/document/tracking/revision_history[]/summary`+  * `/product_tree/branches[]/product/product_identification_helper/cpe`+  * `/product_tree/branches[]/product/product_identification_helper/purl`+  * `/product_tree/branches[](/branches[])*/product/product_identification_helper/cpe`+  * `/product_tree/branches[](/branches[])*/product/product_identification_helper/purl`+  * `/product_tree/full_product_names[]/product_identification_helper/cpe`+  * `/product_tree/full_product_names[]/product_identification_helper/purl`+  * `/product_tree/product_groups[]/summary`+  * `/product_tree/relationships[]/full_product_name/product_identification_helper/cpe`+  * `/product_tree/relationships[]/full_product_name/product_identification_helper/purl`+  * `/vulnerabilities[]/acknowledgments[]/summary`+  * `/vulnerabilities[]/involvements[]/summary`+  * `/vulnerabilities[]/references[]/summary`+  * `/vulnerabilities[]/remediations[]/entitlements[]`++* 30 000 for+  * `/document/notes[]/text`+  * `/vulnerabilities[]/notes[]/text`++* 250 000 for+  * `/vulnerabilities[]/remediations[]/details`+  * `/vulnerabilities[]/remediations[]/restart_required/details`+  * `/vulnerabilities[]/threats[]/details`++## URI length++A string with format `uri` should not have a length greater than 20000. This applies to:++* `/document/acknowledgments[]/urls[]`+* `/document/aggregate_severity/namespace`+* `/document/distribution/tlp/url`+* `/document/references[]/url`+* `/product_tree/branches[]/product/product_identification_helper/x_generic_uris[]/namespace`+* `/product_tree/branches[]/product/product_identification_helper/x_generic_uris[]/uri`+* `/product_tree/branches[](/branches[])*/product/product_identification_helper/x_generic_uris[]/namespace`+* `/product_tree/branches[](/branches[])*/product/product_identification_helper/x_generic_uris[]/uri`+* `/product_tree/full_product_names[]/product_identification_helper/x_generic_uris[]/namespace`+* `/product_tree/full_product_names[]/product_identification_helper/x_generic_uris[]/uri`+* `/product_tree/relationships[]/full_product_name/product_identification_helper/x_generic_uris[]/namespace`+* `/product_tree/relationships[]/full_product_name/product_identification_helper/x_generic_uris[]/uri`+* `/vulnerabilities[]/acknowledgments[]/urls[]`+* `/vulnerabilities[]/references[]/url`+* `/vulnerabilities[]/remediations[]/url`++## Enum++A string which is an enum has a fixed maximum length given by its longest value.++> Later versions of CSAF migth add, modify or delete possible value. Therefore, this sizes should not be implemented as fixed limits.

@mprpic: Is it now clearer?

tschmidtb51

comment created time in 5 days

Pull request review commentoasis-tcs/csaf

Add soft limits as appendix C

 Examples:     cisco-sa-20190513-secureboot ``` +This value is also used to define the filename for the CSAF document. The following rules MUST be applied to determine the filename for the CSAF document:

We should track that as a separate issue. Therefore: See #277.

tschmidtb51

comment created time in 5 days

issue openedoasis-tcs/csaf

Find a better place to specify the filename rules

@tolim commented in #256:

We specify the filename of our CSAF document in a quite hidden section under Document Property - Tracking - ID. I would not have expected that as a reader. Can we find some other, more adequate place for this specification so that it can also be found in the TOC?

created time in 5 days

Pull request review commentoasis-tcs/csaf

Add soft limits as appendix C

 Zach | Turk | Microsoft  | Revision | Date | Editor | Changes Made | | :--- | :--- | :--- | :--- |-| csaf-v2.0-wd20210521 | 2021-05-21 | Stefan Hagen | Editor revision for TC review |+| csaf-v2.0-wd20210521 | 2021-05-21 | Stefan Hagen and Thomas Schmidt| Editor revision for TC review |++# Appendix C. Guidance on the Size of CSAF Documents++The TC carefully considered all known aspects to provide size limits for CSAF documents for this version of the specification. It was decided that hard limits should not be enforced. However, since there is the need for guidance to ensure interoperability in the eosystem, the TC provides a set of soft limits. A CSAF document which exceeds those, can still be valid but it might not be processable for some parties.++All _CSAF consumers_ should be able to process CSAF documents which comply with the limits below. All _CSAF producers_ should not produce CSAF documents which exceed those limits.++> If you come across a case where these limits are exceeded, please provide feedback to the TC.++## File size++A CSAF document in the specified JSON format encoded in UTF-8 should be not lager than 15 MB.

We changed that to "be smaller".

tschmidtb51

comment created time in 5 days

issue commentoasis-tcs/csaf

As a consumer I want every CSAF document to be a security advisory.

Do we need more profiles? In the examples, we had also:

  • Security Notice
  • Vulnerability Report

If so, what are the characteristics of those profiles?

sthagen

comment created time in 5 days

issue commentoasis-tcs/csaf

As a consumer I want every CSAF document to be a security advisory.

I added the PR #276 to address this problem. If we decide to use the suggestion, which I recommend, we need to add the business logic tests in #195 - one each per profile.

sthagen

comment created time in 5 days

pull request commentoasis-tcs/csaf

Profiles

@allan-ntia: The VEX profile suggestion is available. Please see: https://github.com/tschmidtb51/csaf/blob/profiles/csaf_2.0/prose/csaf-v2-editor-draft.md#55-profile-5-vex

tschmidtb51

comment created time in 5 days

startedharvester/harvester

started time in 5 days

startedmegaease/easegress

started time in 5 days

issue commentcddmp/enum4linux-ng

Could not parse result of smbclient command

I'm sorry, but I no longer have access to the device, this happened during a limited time assessment.

JensTimmerman

comment created time in 5 days

PR opened oasis-tcs/csaf

Profiles csaf 2.0 enhancement
  • addresses parts of oasis-tcs/csaf#193
  • introduces profiles as suggested in #193 to generate a common understanding which fields are required in which use case
+24 -20

0 comment

1 changed file

pr created time in 5 days

created repositorycloudsecurityalliance/security-url-list

security-url-list

created time in 6 days

issue commentcddmp/enum4linux-ng

Could not parse result of smbclient command

Will close this for now since it is fixed. I still would be interested, what kind of SMB implementation the printer is using. Let me know, if you can help me with that. :)

JensTimmerman

comment created time in 7 days