KevinHock
commented
5 years ago For 1: I'd agree having an --only-problematic flag in which it only outputted problematic results would be great.
For 2: To clarify, do you mean the use of the hard-coded DNS_WATCH_RESOLVER used when NS results don't have glue records? I'd be happy to add more and make it so that it chooses one at random. (/ Maybe add an --only-dns-watch-resolver flag for those that wanted to preserve the original behavior.)
An additional thing I'd like to add to this public repo, but have been too busy with another project recently to add, are functions that another package can call, that return all problematic results. This makes it so that you can have your e.g. parse domains out of your Terraform repo package call TrustTrees and alert on results :)
Passing AWS credentials to TrustTrees and a bucket/prefix to upload the pngs to an S3 bucket would also be a good feature, in case you made e.g. Jira tickets with the alerts, and wanted to link an S3 signed URL or something, to make the graph easily viewable outside of the box TrustTrees is running on.
oldesec
Hi.
This tool is very interesting.
I am very happy that this store is being maintained.
I have a small opinion.
1.first time
As far as I know, the current option does not have an option that only shows the problem. So, the user have to execute all the results and check them out. This reduces efficiency. For priority, I wish I had the option to view the problematic files.
second time
It is now seen as using a local resolvers.txt However, it would be good to support multiple resolvers if you check for a large amount of domains. Because many requests can be blacklisted.
What do you think?
Thanks.