mindedsecurity / behave

Behave! A monitoring browser extension for pages acting as "bad boi"
GNU General Public License v3.0
331 stars 22 forks source link

Extension triggers on local domains #4

Closed Benno1308 closed 4 years ago

Benno1308 commented 4 years ago

Hey there, apps like pgAdmin hosted locally trigger the portscanning and rebind monitoring (Tested in firefox, dont know about chrome).

Portscan log: Portscan log

DNS Rebind log: DNS Rebind log

I don't know if this expected behaviour, but either disabling the monitoring for localhost or allowing the user to manage a whitelist would prob. mitigate this problem.

wisec commented 4 years ago

Hi @Benno1308 , Thanks for reporting this, I think it's related to #3 which I should already have a fix I plan to release in the next couple of days.

Whitelisting is actually in the TODO list and I'll hopefully implement it soon.

wisec commented 4 years ago

It should be fixed. Wait for the next release on WebStore Thanks!

wisec commented 4 years ago

@Benno1308 feel free to reopen if the issue occurs again.