Skip to content

October release - Spooky capture at a distance
Compare
Choose a tag to compare
@Rafiot Rafiot released this 29 Oct 13:19
· 934 commits to main since this release
v1.16.0
This tag was signed with the committer’s verified signature.
Rafiot Raphaël Vinot
GPG key ID: 32E4E1C133B3792F
Learn about vigilant mode.
07bf264

Breaking change

This release requires poetry v1.2.0 or more recent. Run the following command to upgrade it: poetry self update

New Features

  • Move to Lacus/LacusCore, many changes to make lookyloo's code compatible with it
    • Lacus and PyLacus: use this mode to trigger the capture from an other machine than the one you run Lookyloo from
    • LacusCore: (the default) keep triggering the captures from the same machine as the one lookyloo is running on

With lacus, the captures are more reliable and using Lacus as a web service allows to monitor them better. If you want to use the webservice, you'll need to:

  1. Install Lacus
    • make sure it is running by loading http://127.0.0.1:7100 on the machine you have it running on (7100 is the default port, you can of course change it)
  2. Edit the config file config/generic.json (key remote_lacus):
    • set enable to true
    • set url to the url your loolyloo instance can use to connect to lacus: http://<ip>:<port>
  3. Restart lookyloo & try it

Changes

  • Make hashlookup visible to everyone
  • Improve logging
  • Maintenance: use poetry 1.2, bump deps (Python and JS), bump Github actions
  • Improve caching with Lacus
  • Retry failing captures when it might be a temporary issue (typically domain resolution)

Fixes

  • Avoid triggering a capture (and failing) when the URL and documents are missing
  • Issue with urlscan when the capture had no referer
  • Better handling of exceptions in VT module
  • Better handling of devices offered by Playwright and their user-agents
Assets 2
Loading