It would be nice if lynis would gather (and report in the portal/reports) information about user-accounts:

• Expired or soon to expire passwords (passwd -e)
• Locked accounts (passwd -S )
• Expired accounts (chage -E / chage -l )

The rule would raise info alerts for each script it found along with the integrety hash, as per
https://developer.mozilla.org/en-US/docs/Web/Security/Subresource_Integrity

This could just work on URLs that are in scope - it would just be useful when you're trying to create a CSP for a specific site.

I believe these directives were dismissed at some point due to no browser support, however there's increasing support for stale-while-revalidate.

stale-if-error on the other hand [isn't](https://caniuse.com/#feat

There are several issues open that suggest that it is unclear how Bandit is meant to be executed. In fact, there are no usage instructions at all in the Bandit docs.

Describe the solution you'd like

There should be simple, crisp, usage instructions in the Bandit docs, e.g.

Install Bandit:

pip install bandit

Run Bandit o

Environment

Cobra version: 2.0.0-alpha.5
Python version: 2.7.10
Operating system: Darwin-15.5.0-x86_64-i386-64bit
Command line: cobra.py -t tests/vulnerabilities/ -r CVI-167001.xml

Traceback

Traceback (most recent call last):
  File "/Users/Viarus/Documents/cobra/cobra/__init__.py", line 82, in main
    cli.start(args.target, args.format, args.output, args.special_rules, a_sid)
 

Calling all pentesters and/or people like myself who find infosec pretty neat!

Do you have any cool Shodan.io queries that you've come across — cool, funny, interesting, scary, facepalm-inducing, or otherwise? Some examples of IOT gems we've already found are electronic billboards with banks advertising free donuts, gas station pumps around the country, X-ray machines, 3D p

now that we're getting a few more contributers, standardize on ubuntu / osx as the dev os, and include more instructions here: https://github.com/intrigueio/intrigue-core/wiki/Setting-up-a-Test-Environment-on-Ubuntu-Linux

The following things should be fixed:

• Inserts that trigger an upsert should be logged as an update
• An update should log the identifier/value the old value (or none) and the new value, eg: column: old => new
• Avoid duplicate code for scoped/unscoped that only differ in color codes

Also, consider:

• Reuse the one-line representation in select as a base for detailed