apunkt/nyx
1
0
Fork 0
mirror of https://github.com/elicpeter/nyx.git synced 2026-06-12 19:55:14 +02:00
Code Issues Projects Releases Packages Wiki Activity
168 commits 4 branches 10 tags 333 MiB
Commit graph

57 commits

Author SHA1 Message Date
pitboss
6ca9bddedb [pitboss] phase 18: Track E.2 — macOS sandbox-exec backend 2026-05-15 10:22:10 -05:00
pitboss
dbad78fafa [pitboss] phase 17: Track E.1 — Linux process backend hardening 2026-05-15 09:44:20 -05:00
pitboss
76087f931a [pitboss] phase 16: Track B — Rust + C + C++ harness emitter shapes 2026-05-15 08:35:40 -05:00
pitboss
a9b61a9126 [pitboss] phase 15: Track B — Go + PHP + Ruby harness emitter shapes 2026-05-14 17:45:42 -05:00
pitboss
919bc4e7e2 [pitboss] sweep after phase 14: 5 deferred items resolved 2026-05-14 17:10:20 -05:00
pitboss
bd1bd0ce84 [pitboss] phase 14: Track B — Java harness emitter shapes 2026-05-14 16:54:56 -05:00
pitboss
34a5879459 [pitboss] phase 13: Track B — JavaScript + TypeScript harness emitter shapes 2026-05-14 16:12:11 -05:00
pitboss
96eb37500c [pitboss] phase 12: Track B — Python harness emitter shapes 2026-05-14 15:30:12 -05:00
pitboss
523bd0c53a [pitboss] phase 11: Track D.4 + D.5 — Deterministic secrets + NetworkPolicy 2026-05-14 14:39:29 -05:00
pitboss
50f0729d01 [pitboss] phase 10: Track D.3 — Stub services for sinks that cross a boundary 2026-05-14 14:18:09 -05:00
pitboss
2f01894353 [pitboss] phase 09: Track D.1 + D.2 — Project dependency capture + workdir staging 2026-05-14 13:40:47 -05:00
pitboss
93eb98edda [pitboss] phase 08: Track C.4 + C.5 — SinkCrash oracle + per-probe witness capture 2026-05-14 13:10:22 -05:00
pitboss
4eccbd48b4 [pitboss] phase 07: Track C.3 — Differential confirmation enforcement 2026-05-14 12:37:14 -05:00
pitboss
cce07d6c96 [pitboss] phase 06: Track C.1 — SinkProbe channel + structured oracle observation 2026-05-14 05:35:28 -05:00
pitboss
cdbc7f2d21 [pitboss] phase 05: Track C.2 + Track I.1 quick unlocks — OOB listener wired + golden-verdict fixture runner 2026-05-14 05:01:50 -05:00
pitboss
937eb479e6 [pitboss] sweep after phase 04: 1 deferred items resolved 2026-05-14 04:38:53 -05:00
pitboss
780dc9099c [pitboss] phase 04: Track A.4 — Callgraph-aware spec entry-point resolution 2026-05-14 04:20:26 -05:00
pitboss
3b660ba1d3 [pitboss] sweep after phase 03: 3 deferred items resolved 2026-05-14 03:45:51 -05:00
elipeter
8211d4fd47 refactor(dynamic): enhance path resolution, telemetry, and file handling for better compatibility and clarity 2026-05-14 02:37:01 -05:00
elipeter
8abb023dd0 fix(db): fast-fail Indexer::init on non-SQLite files via magic-header preflight 2026-05-13 17:22:50 -04:00
pitboss
946cb6a9bc [pitboss] sweep after phase 01: 3 deferred items resolved 2026-05-13 14:58:49 -04:00
pitboss
31d9ef725a [pitboss] phase 01: Track A.1 — Spec derivation strategy enum + flow-steps-optional fallback 2026-05-13 13:03:44 -04:00
elipeter
5909fa8c5d introduce ground-truth converters for OWASP and SARD datasets 2026-05-12 16:16:26 -04:00
pitboss
e9649ea099 [pitboss] sweep after phase 09: 4 deferred items resolved 2026-05-12 14:48:40 -04:00
pitboss
996bff5983 [pitboss] phase 09: M7 — Default-on flip + real-corpus calibration 2026-05-12 14:33:40 -04:00
pitboss
118cafa535 [pitboss] phase 08: M6.5 — Patch-validation / fix-validation CI mode 2026-05-12 14:14:13 -04:00
pitboss
25e8b0eb0e [pitboss] sweep after phase 07: 6 deferred items resolved 2026-05-12 13:47:11 -04:00
pitboss
bfdfcb9d1a [pitboss] phase 07: M6 — Evidence consumers: formatters, ranking, UI 2026-05-12 13:26:52 -04:00
pitboss
86613f5279 [pitboss] sweep after phase 05: 1 deferred items resolved 2026-05-12 03:41:22 -04:00
pitboss
6d147d334e [pitboss] sweep after phase 05: 2 deferred items resolved 2026-05-12 03:18:19 -04:00
elipeter
09553f5b4c Add native binary Docker backend for Rust/Go and enhance sandboxing 2026-05-12 02:56:51 -04:00
pitboss
345b44d3cc [pitboss] phase 05: M5 — JS/TS, Go, Java, PHP harness emitters 2026-05-12 02:20:55 -04:00
pitboss
84638e7d57 [pitboss] sweep after phase 04: 3 deferred items resolved 2026-05-12 01:20:51 -04:00
pitboss
3ffe480660 [pitboss] phase 04: M4 — Rust harness (second-language validation) 2026-05-12 00:57:45 -04:00
pitboss
e875aa1208 [pitboss] sweep after phase 03: 7 deferred items resolved 2026-05-12 00:20:00 -04:00
pitboss
a8b9dcd72b [pitboss] phase 03: M3 — Docker backend + sandbox-escape regression suite 2026-05-12 00:05:11 -04:00
pitboss
3a4f1b177b [pitboss] sweep after phase 02: 3 deferred items resolved 2026-05-11 23:24:37 -04:00
pitboss
0bf39047b9 [pitboss] phase 02: M2 — Python end-to-end excellence with all hardening baked in 2026-05-11 22:56:43 -04:00
pitboss
894f587b60 [pitboss] sweep after phase 01: 5 deferred items resolved 2026-05-11 21:38:09 -04:00
pitboss
a10aba5d1f [pitboss] phase 01: M1 — Spec extraction + --verify plumbing (no sandbox) 2026-05-11 21:19:03 -04:00
Eli Peter
55247b7fcd
Critical bug fixes and recall improvements (#68) 2026-05-11 12:42:39 -04:00
Eli Peter
7d0e7320e2
new capacity bits (#67) 2026-05-07 01:29:31 -04:00
Eli Peter
fb698d2c27
Performance and precision pass (#64) 2026-05-04 19:58:04 -04:00
Eli Peter
c7c5e0f3a1
Precision pass on auth and resource analysis (#63) 2026-05-03 13:51:46 -04:00
elipeter
ebe4a15a72 feat: Enhance resource leak detection by recognizing inner-call release patterns and err-companion guards 2026-05-02 21:47:03 -04:00
elipeter
48bc43e1a6 feat: Add SSA summaries support for validated parameter propagation and enhance loop body error handling 2026-05-02 21:02:47 -04:00
elipeter
92aaa36ed6 chore: Update version placeholders and changelog for release 0.6.0 2026-05-02 18:06:50 -04:00
Eli Peter
40995e45e7
Authorization analysis logic improvements (#61) 2026-05-02 16:44:49 -04:00
Eli Peter
3c89bddbf2
Improved path traversal detection and enhanced sink classification logic 2026-05-02 03:36:14 -04:00
Eli Peter
58f1794a4e
Added Cap::DATA_EXFIL and taint fp and fn fixes on real repos (#59) 
* feat: Enhance data exfiltration detection with source sensitivity gating for cookies and headers

* feat: Implement cross-file data exfiltration detection with parameter-specific gate filters

* feat: Add calibration tests and refine DATA_EXFIL severity scoring logic

* feat: Introduce per-detector configuration for data exfiltration suppression

* feat: Enhance DATA_EXFIL findings with destination field tracking in diagnostics and SARIF output

* feat: Add tainted body and URL handling for data exfiltration detection

* feat: Add integration tests and fixtures for DATA_EXFIL and SSRF detection in Go

* feat: Add Java integration tests and fixtures for DATA_EXFIL detection across multiple HTTP clients

* feat: Add synthetic externals handling for closure-captured variables in SSA

* feat: Implement closure-based suppression for resource leak findings

* feat: Add regression guards for shell-injection and taint propagation in for-of destructure patterns

* feat: Implement constructor cap narrowing for data exfiltration detection in HTTP request builders

* feat: Add gated sinks for data exfiltration detection in C and C++ using curl_easy_setopt

* feat: Implement DATA_EXFIL cap parity for backwards analysis and add integration tests

* feat: Add data exfiltration sinks for various languages and enhance documentation

* refactor: Simplify formatting and improve readability in various files

* refactor: Improve readability by simplifying conditional statements and adding clippy linting

* docs: Update CHANGELOG and comments for data exfiltration features and configuration

* docs: Clarify configuration instructions for data exfiltration trusted destinations

* docs: Enhance comments for evidence routing logic in data exfiltration
 2026-05-01 10:59:52 -04:00