Mick Grove
|
394d05dd4d
|
preparing for v1.99.0
|
2026-05-04 23:10:16 -07:00 |
|
Mick Grove
|
1619737e2c
|
improved access map viewer
|
2026-04-30 18:11:10 -07:00 |
|
Mick Grove
|
997480ffc7
|
Added first-class **Postman** scanning target: new kingfisher scan postman subcommand (and equivalent --postman-* flags) fetches workspaces, collections, and environments via the Postman API and scans them for hard-coded credentials in request auth blocks, pre-request/test scripts, saved example responses, and — notably — secret-typed environment variables, which the API returns in plaintext despite the UI mask. Selectors: --workspace, --collection, --environment, --all, with optional --include-mocks-monitors and --api-url for self-hosted endpoints. Authenticates via KF_POSTMAN_TOKEN (or POSTMAN_API_KEY) sent as X-Api-Key; honors X-RateLimit-RetryAfter on 429s. Findings link back to https://go.postman.co/... URLs in reports.
|
2026-04-29 08:12:08 -07:00 |
|
Mick Grove
|
7ee1fd5163
|
performance improvements and rule improvements
|
2026-04-22 23:39:19 -07:00 |
|
Mick Grove
|
c50b3ba292
|
performance improvements and rule improvements
|
2026-04-19 16:33:13 -07:00 |
|
Mick Grove
|
c89e527053
|
bug fix
|
2026-04-16 06:44:12 -07:00 |
|
Mick Grove
|
365422a819
|
fixed performance regression
|
2026-04-09 22:21:02 -07:00 |
|
Mick Grove
|
d5dbc92474
|
fixed failing windows test setup
|
2026-04-05 10:38:20 -07:00 |
|