Mirrors/gophish
2
0
Fork 0
mirror of https://github.com/gophish/gophish synced 2024-11-14 16:27:23 +00:00
Code Issues Projects Releases Packages Wiki Activity
806 commits 25 branches 17 tags 118 MiB
Commit graph

806 commits

This branch
This branch
All branches
Author SHA1 Message Date
Glenn Wilkinson
b1648f0759 Bumped version to 0.12.1 2022-09-14 11:30:00 +01:00
Glenn Wilkinson
06e95c1fb8 Minified campaigns.js #2482 2022-09-14 11:29:18 +01:00
Vivek Kekuda
53537a221a
Fix resource selection during campaign copy (#2482) 
Clear the selection of resource (template, page, profile) whenever the original
resource is deleted and there is only one currently available resource present
in the DB while copying a campaign. Without this fix, the only available
resource is shown as the original resource, instead of showing [Deleted].
 2022-09-14 12:26:29 +02:00
Glenn Wilkinson
2b85a2bda5 Updated release workflow to mitigate set-env vulnerability and fix Windows build 2022-09-14 11:06:03 +01:00
Glenn Wilkinson
a53665b1b6 Updated formatting and CI to be in line with more recent versions of go 2022-09-12 22:05:34 +01:00
Mark Cabanero
78e9a51168
Add Trusted Origins to CSRF Handler (#2301) 
Enables the user to add addresses that they expect incoming connections
to come from. Helpful in cases where TLS termination is handled by a
load balancer upstream, rather than the application itself.
 2022-09-06 16:20:19 +02:00
Glenn Wilkinson
3863ad31b9 Fixed issue with sorting by login date of users 2022-08-26 23:09:14 +02:00
Glenn Wilkinson
34f7457294
Update README.md 
Updated installation command
 2022-08-25 15:28:54 +02:00
Glenn Wilkinson
32c0502999 Minified missing sending_profile file (741201b) 2022-08-24 18:00:00 +02:00
Glenn Wilkinson
6b61426aab Bumped version to 0.12.0 2022-08-12 21:31:43 +02:00
Glenn Wilkinson
90cd444dcb Minified template.js resolving #2545 2022-08-09 15:24:29 +01:00
Glenn Wilkinson
5ef2d75e72 Fixed Account Locked bug, allowing user accounts to be locked 2022-06-11 11:25:56 +01:00
Glenn Wilkinson
6fb77bf3ce Fixed formatting from Custom Envelope PR #2334 2022-06-05 21:18:32 +01:00
Glenn Wilkinson
d0ff3829e5 Disallow deleting of admin user from the UI (#2487) 2022-06-01 17:01:55 +01:00
Glenn Wilkinson
0c255bbe92 Disallow changing of admin username from the UI (#2487) 2022-06-01 16:40:04 +01:00
Bálint József Jánvári
b7c69662ce
Embed or attach files based on their file extension (#1525) 
Embed or attach files based on their file extension:
 * Set 'Content-Disposition: inline' for images
 * Set 'Content-Disposition: attachment' for other files
 2022-06-01 17:14:22 +02:00
Jake Walker
704e6d56b3
Fix modal titles saying new when editing existing content (#2318) 2022-04-15 16:28:19 +02:00
ptitdoc
bb516ef7ab
986 custom envelope sender remerge (#2334) 
* Adds the ability to specify an envelope sender in templates (#986)

Authored-by: ChessSpider <ChessSpider@users.noreply.github.com>
Authored-by: Olivier MEDOC <o_medoc@yahoo.fr>
Authored-by: ptitdoc <ptitdoc@free.fr>
 2022-03-25 16:24:49 +01:00
dependabot[bot]
e0acb99734
Bump minimist from 1.2.0 to 1.2.5 (#2401) 
Bumps [minimist](https://github.com/substack/minimist) from 1.2.0 to 1.2.5.
- [Release notes](https://github.com/substack/minimist/releases)
- [Commits](https://github.com/substack/minimist/compare/1.2.0...1.2.5)

---
updated-dependencies:
- dependency-name: minimist
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-02-25 13:10:19 +01:00
dependabot[bot]
eb016a437c
Bump copy-props from 2.0.4 to 2.0.5 (#2399) 
Bumps [copy-props](https://github.com/gulpjs/copy-props) from 2.0.4 to 2.0.5.
- [Release notes](https://github.com/gulpjs/copy-props/releases)
- [Changelog](https://github.com/gulpjs/copy-props/blob/master/CHANGELOG.md)
- [Commits](https://github.com/gulpjs/copy-props/compare/2.0.4...2.0.5)

---
updated-dependencies:
- dependency-name: copy-props
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-02-17 15:03:51 +01:00
Kirill
67e304f372
Fix open redirect vulnerability on the login page (#2262) 2022-02-16 17:26:51 +01:00
dependabot[bot]
e215132bdf
Bump ajv from 6.10.0 to 6.12.6 (#2395) 
Bumps [ajv](https://github.com/ajv-validator/ajv) from 6.10.0 to 6.12.6.
- [Release notes](https://github.com/ajv-validator/ajv/releases)
- [Commits](https://github.com/ajv-validator/ajv/compare/v6.10.0...v6.12.6)

---
updated-dependencies:
- dependency-name: ajv
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-02-16 16:46:30 +01:00
Glenn Wilkinson
741201b7f0 Added JS for Fix sending profile form (#2389) 2022-02-16 15:30:38 +00:00
Mark Steward
1f95efcb7b
Fix sending profile form (#2389) 
Credentials no longer suggested in the Search box in 'Sending Profiles'
 2022-02-07 17:12:55 +01:00
Glenn Wilkinson
a6627dfc6b
Added support for templating attachments (#1936) 
The following attachment types support template variables: docx, docm, pptx, xlsx, xlsm, txt, html, ics.
 2022-02-02 15:41:27 +01:00
Bilal Retiat
0646f14c99
Updated the Ansible Playbook (#2138) 
* Update Ansible role
* lint Ansible role
* Update Ansible Playbook README
* use python3 packages instead python2
 2021-12-23 19:13:43 +01:00
Glenn Wilkinson
ceab0509eb
Merge pull request #2296 from gophish/dependabot/npm_and_yarn/tar-4.4.19 
Bump tar from 4.4.8 to 4.4.19
 2021-12-18 09:49:34 +01:00
Glenn Wilkinson
202ecd3397
Merge pull request #2277 from gophish/dependabot/npm_and_yarn/path-parse-1.0.7 
Bump path-parse from 1.0.6 to 1.0.7
 2021-12-18 09:49:20 +01:00
Glenn Wilkinson
4b106b3fe2
Merge pull request #2211 from gophish/dependabot/npm_and_yarn/browserslist-4.16.6 
Bump browserslist from 4.6.1 to 4.16.6
 2021-12-18 09:49:11 +01:00
Glenn Wilkinson
1d18ea7e01
Merge pull request #2196 from gophish/dependabot/npm_and_yarn/hosted-git-info-2.8.9 
Bump hosted-git-info from 2.7.1 to 2.8.9
 2021-12-18 09:48:50 +01:00
Glenn Wilkinson
b3f0bad5ce
Merge pull request #2195 from gophish/dependabot/npm_and_yarn/lodash-4.17.21 
Bump lodash from 4.17.19 to 4.17.21
 2021-12-18 09:48:41 +01:00
Glenn Wilkinson
12ecfd84cc
Merge pull request #2182 from gophish/dependabot/npm_and_yarn/ssri-6.0.2 
Bump ssri from 6.0.1 to 6.0.2
 2021-12-18 09:48:33 +01:00
Glenn Wilkinson
4814620cdc
Merge pull request #2157 from gophish/dependabot/npm_and_yarn/y18n-3.2.2 
Bump y18n from 3.2.1 to 3.2.2
 2021-12-18 09:48:00 +01:00
dependabot[bot]
003d143641
Bump tar from 4.4.8 to 4.4.19 
Bumps [tar](https://github.com/npm/node-tar) from 4.4.8 to 4.4.19.
- [Release notes](https://github.com/npm/node-tar/releases)
- [Changelog](https://github.com/npm/node-tar/blob/main/CHANGELOG.md)
- [Commits](https://github.com/npm/node-tar/compare/v4.4.8...v4.4.19)

---
updated-dependencies:
- dependency-name: tar
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-09-01 04:00:10 +00:00
dependabot[bot]
f89c85f558
Bump path-parse from 1.0.6 to 1.0.7 
Bumps [path-parse](https://github.com/jbgutierrez/path-parse) from 1.0.6 to 1.0.7.
- [Release notes](https://github.com/jbgutierrez/path-parse/releases)
- [Commits](https://github.com/jbgutierrez/path-parse/commits/v1.0.7)

---
updated-dependencies:
- dependency-name: path-parse
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-08-10 23:42:11 +00:00
dependabot[bot]
5aa3a858cb
Bump browserslist from 4.6.1 to 4.16.6 
Bumps [browserslist](https://github.com/browserslist/browserslist) from 4.6.1 to 4.16.6.
- [Release notes](https://github.com/browserslist/browserslist/releases)
- [Changelog](https://github.com/browserslist/browserslist/blob/main/CHANGELOG.md)
- [Commits](https://github.com/browserslist/browserslist/compare/4.6.1...4.16.6)

Signed-off-by: dependabot[bot] <support@github.com>
 2021-05-25 07:33:27 +00:00
dependabot[bot]
82fd6adf68
Bump hosted-git-info from 2.7.1 to 2.8.9 
Bumps [hosted-git-info](https://github.com/npm/hosted-git-info) from 2.7.1 to 2.8.9.
- [Release notes](https://github.com/npm/hosted-git-info/releases)
- [Changelog](https://github.com/npm/hosted-git-info/blob/v2.8.9/CHANGELOG.md)
- [Commits](https://github.com/npm/hosted-git-info/compare/v2.7.1...v2.8.9)

Signed-off-by: dependabot[bot] <support@github.com>
 2021-05-10 07:08:01 +00:00
dependabot[bot]
5fc6ba6bef
Bump lodash from 4.17.19 to 4.17.21 
Bumps [lodash](https://github.com/lodash/lodash) from 4.17.19 to 4.17.21.
- [Release notes](https://github.com/lodash/lodash/releases)
- [Commits](https://github.com/lodash/lodash/compare/4.17.19...4.17.21)

Signed-off-by: dependabot[bot] <support@github.com>
 2021-05-08 15:03:26 +00:00
dependabot[bot]
a5b3b134ba
Bump ssri from 6.0.1 to 6.0.2 
Bumps [ssri](https://github.com/npm/ssri) from 6.0.1 to 6.0.2.
- [Release notes](https://github.com/npm/ssri/releases)
- [Changelog](https://github.com/npm/ssri/blob/v6.0.2/CHANGELOG.md)
- [Commits](https://github.com/npm/ssri/compare/v6.0.1...v6.0.2)

Signed-off-by: dependabot[bot] <support@github.com>
 2021-04-29 18:52:25 +00:00
dependabot[bot]
f722065018
Bump y18n from 3.2.1 to 3.2.2 
Bumps [y18n](https://github.com/yargs/y18n) from 3.2.1 to 3.2.2.
- [Release notes](https://github.com/yargs/y18n/releases)
- [Changelog](https://github.com/yargs/y18n/blob/master/CHANGELOG.md)
- [Commits](https://github.com/yargs/y18n/commits)

Signed-off-by: dependabot[bot] <support@github.com>
 2021-03-30 15:39:51 +00:00
dependabot[bot]
db63ee978d
Bump yargs-parser from 5.0.0 to 5.0.1 (#2151) 2021-03-28 15:40:31 -05:00
dependabot[bot]
96d1a55558
Bump elliptic from 6.5.3 to 6.5.4 (#2140) 2021-03-28 15:38:41 -05:00
Glenn Wilkinson
54d9eb28ff
Merge pull request #2105 from gophish/fix-cors-headers 
Add PUT and DELETE methods for CORS handling.
 2021-03-06 17:40:42 +00:00
Shubhendra Singh Chauhan
15303e32cf
Fix code quality issues (#2118) 2021-02-24 17:34:38 -06:00
Jordan Wright
166ff8a050 Add PUT and DELETE methods for CORS handling. Fixes #2098 2021-01-24 14:01:40 -06:00
ssssdl
e6533e9993
Update Dockerfile (#2095) 
Updates the Go version used by the Dockerfile
 2021-01-24 13:44:10 -06:00
dependabot[bot]
9f5368aa13
Bump ini from 1.3.5 to 1.3.7 (#2067) 
Bumps [ini](https://github.com/isaacs/ini) from 1.3.5 to 1.3.7.
- [Release notes](https://github.com/isaacs/ini/releases)
- [Commits](https://github.com/isaacs/ini/compare/v1.3.5...v1.3.7)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2020-12-11 07:24:28 -06:00
Glenn Wilkinson
ced5261678
Added functionality to lock accounts (+bug fix) (#2060) 
* Added functionality to lock accounts

* Fixed typo and added test case for locked account
 2020-12-07 08:56:05 -06:00
Jordan Wright
8b8e88b077 Adjusting how we handle IP address parsing to more gracefully handle X-Forwarded-For headers. Ref #1999 2020-10-14 20:35:32 -05:00
Jordan Wright
120e232cfe Removing accidental dependencies to revert to 3c490dbadb 2020-10-11 17:49:37 -05:00