Mick Grove
|
1619737e2c
|
improved access map viewer
|
2026-04-30 18:11:10 -07:00 |
|
Mick Grove
|
997480ffc7
|
Added first-class **Postman** scanning target: new kingfisher scan postman subcommand (and equivalent --postman-* flags) fetches workspaces, collections, and environments via the Postman API and scans them for hard-coded credentials in request auth blocks, pre-request/test scripts, saved example responses, and — notably — secret-typed environment variables, which the API returns in plaintext despite the UI mask. Selectors: --workspace, --collection, --environment, --all, with optional --include-mocks-monitors and --api-url for self-hosted endpoints. Authenticates via KF_POSTMAN_TOKEN (or POSTMAN_API_KEY) sent as X-Api-Key; honors X-RateLimit-RetryAfter on 429s. Findings link back to https://go.postman.co/... URLs in reports.
|
2026-04-29 08:12:08 -07:00 |
|
Mick Grove
|
c50b3ba292
|
performance improvements and rule improvements
|
2026-04-19 16:33:13 -07:00 |
|
Mick Grove
|
c89e527053
|
bug fix
|
2026-04-16 06:44:12 -07:00 |
|
Mick Grove
|
13bad3f172
|
added more access-maps
|
2026-04-01 13:39:24 -07:00 |
|
Mick Grove
|
19fe52a9bf
|
added more access-maps
|
2026-04-01 10:20:52 -07:00 |
|
Mick Grove
|
e54b87a322
|
added Teams support
|
2026-03-13 22:53:05 -07:00 |
|
Mick Grove
|
02538a6ac4
|
added more access-maps
|
2026-02-19 20:51:12 -08:00 |
|
Mick Grove
|
05002fe4d6
|
added more access-maps
|
2026-02-19 20:39:07 -08:00 |
|
Mick Grove
|
a9c5d8524f
|
added more access-maps
|
2026-02-19 18:19:20 -08:00 |
|
Mick Grove
|
3b1085baa6
|
added buildkit and harness to access-map
|
2026-02-17 22:58:29 -08:00 |
|
Mick Grove
|
816d5c40ba
|
wip 1.83
|
2026-02-13 16:41:28 -08:00 |
|