aikido-zen 1.0.2-aarch64-linux

data/tasklib/wrk.rb

@@ -0,0 +1,88 @@
+require "open3"
+require "time"
+
+NUMBER_OF_THREADS = ENV.fetch("BENCHMARK_NUMBER_OF_THREADS") { 12 }.to_s
+CONNECTIONS = ENV.fetch("BENCHMARK_WRK_CONNECTIONS") { 400 }
+
+def generate_wrk_command_for_url(url)
+  # Define the command with wrk included
+  "wrk --threads #{NUMBER_OF_THREADS} --connections #{CONNECTIONS} --duration 15s --timeout 5s --latency #{url}"
+end
+
+def cold_start(url)
+  10.times do
+    _, err, status = Open3.capture3("curl #{url}")
+
+    if status != 0
+      puts err
+      exit(-1)
+    end
+  end
+end
+
+def extract_requests_and_latency_tuple(out, err, status)
+  if status == 0
+    # Extracting requests/sec
+    requests_sec_match = out.match(/Requests\/sec:\s+([\d.]+)/)
+    requests_sec = requests_sec_match[1].to_f if requests_sec_match
+
+    # Extracting latency
+    latency_match = out.match(/Latency\s+([\d.]+)(ms|s)/)
+    latency = latency_match[1].to_f if latency_match
+    latency_unit = latency_match[2] if latency_match
+
+    if latency_unit == "s"
+      latency *= 1000
+    end
+
+    {requests_sec: requests_sec, latency: latency}
+  else
+    puts "Error occurred running benchmark command:"
+    puts err.strip
+    exit(1)
+  end
+end
+
+def run_benchmark(route_no_zen:, route_zen:, description:, throughput_decrease_limit_perc:, latency_increase_limit_ms:)
+  # Cold start
+  cold_start(route_no_zen)
+  cold_start(route_zen)
+
+  out, err, status = Open3.capture3(generate_wrk_command_for_url(route_zen))
+  puts <<~MSG
+    WRK OUTPUT
+    ================
+    FIREWALL ENABLED:
+        #{out}
+    ----------------
+  MSG
+  result_zen_enabled = extract_requests_and_latency_tuple(out, err, status)
+
+  out, err, status = Open3.capture3(generate_wrk_command_for_url(route_no_zen))
+  puts <<~MSG
+    FIREWALL DISABLED:
+        #{out}
+    ================
+  MSG
+  result_zen_disabled = extract_requests_and_latency_tuple(out, err, status)
+
+  # Check if the command was successful
+  if result_zen_enabled && result_zen_disabled
+    # Print the output, which should be the Requests/sec value
+    puts "[ZEN ENABLED ] Requests/sec: #{result_zen_enabled[:requests_sec]} | Latency in ms: #{result_zen_enabled[:latency]}"
+    puts "[ZEN DISABLED] Requests/sec: #{result_zen_disabled[:requests_sec]} | Latency in ms: #{result_zen_disabled[:latency]}"
+
+    latency_increase_ms = (result_zen_enabled[:latency] - result_zen_disabled[:latency]).round(2)
+    puts "-> Delta in ms: #{latency_increase_ms}ms after running load test on #{description}"
+
+    throughput_decrease_perc = ((result_zen_disabled[:requests_sec] - result_zen_enabled[:requests_sec]) / result_zen_disabled[:requests_sec] * 100).round
+    puts "-> #{throughput_decrease_perc}% decrease in throughput after running load test on #{description}\n"
+
+    if latency_increase_ms >= latency_increase_limit_ms
+      exit(1)
+    end
+    if throughput_decrease_perc >= throughput_decrease_limit_perc
+      exit(1)
+    end
+  end
+end

metadata

@@ -0,0 +1,214 @@
+--- !ruby/object:Gem::Specification
+name: aikido-zen
+version: !ruby/object:Gem::Version
+  version: 1.0.2
+platform: aarch64-linux
+authors:
+- Aikido Security
+autorequire:
+bindir: exe
+cert_chain: []
+date: 2025-12-05 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: concurrent-ruby
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.0'
+  force_ruby_platform: false
+- !ruby/object:Gem::Dependency
+  name: rack
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  force_ruby_platform: false
+- !ruby/object:Gem::Dependency
+  name: ffi
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  force_ruby_platform: false
+description: Zen by Aikido is an embedded Web Application Firewall that autonomously
+  protects Ruby apps against common and critical attacks.
+email:
+- dev-admin@aikido.dev
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".aikido"
+- ".ruby-version"
+- ".simplecov"
+- ".standard.yml"
+- LICENSE
+- README.md
+- Rakefile
+- benchmarks/README.md
+- benchmarks/rails7.1_benchmark.js
+- benchmarks/rails7.1_sql_injection.js
+- docs/banner.svg
+- docs/config.md
+- docs/proxy.md
+- docs/rails.md
+- docs/troubleshooting.md
+- lib/aikido-zen.rb
+- lib/aikido/zen.rb
+- lib/aikido/zen/actor.rb
+- lib/aikido/zen/agent.rb
+- lib/aikido/zen/agent/heartbeats_manager.rb
+- lib/aikido/zen/api_client.rb
+- lib/aikido/zen/attack.rb
+- lib/aikido/zen/attack_wave.rb
+- lib/aikido/zen/attack_wave/helpers.rb
+- lib/aikido/zen/background_worker.rb
+- lib/aikido/zen/cache.rb
+- lib/aikido/zen/capped_collections.rb
+- lib/aikido/zen/collector.rb
+- lib/aikido/zen/collector/event.rb
+- lib/aikido/zen/collector/hosts.rb
+- lib/aikido/zen/collector/routes.rb
+- lib/aikido/zen/collector/sink_stats.rb
+- lib/aikido/zen/collector/stats.rb
+- lib/aikido/zen/collector/users.rb
+- lib/aikido/zen/config.rb
+- lib/aikido/zen/context.rb
+- lib/aikido/zen/context/rack_request.rb
+- lib/aikido/zen/context/rails_request.rb
+- lib/aikido/zen/detached_agent.rb
+- lib/aikido/zen/detached_agent/agent.rb
+- lib/aikido/zen/detached_agent/front_object.rb
+- lib/aikido/zen/detached_agent/server.rb
+- lib/aikido/zen/errors.rb
+- lib/aikido/zen/event.rb
+- lib/aikido/zen/helpers.rb
+- lib/aikido/zen/internals.rb
+- lib/aikido/zen/libzen-v0.1.48-aarch64-linux.so
+- lib/aikido/zen/middleware/allowed_address_checker.rb
+- lib/aikido/zen/middleware/attack_wave_protector.rb
+- lib/aikido/zen/middleware/context_setter.rb
+- lib/aikido/zen/middleware/fork_detector.rb
+- lib/aikido/zen/middleware/middleware.rb
+- lib/aikido/zen/middleware/rack_throttler.rb
+- lib/aikido/zen/middleware/request_tracker.rb
+- lib/aikido/zen/outbound_connection.rb
+- lib/aikido/zen/outbound_connection_monitor.rb
+- lib/aikido/zen/package.rb
+- lib/aikido/zen/payload.rb
+- lib/aikido/zen/rails_engine.rb
+- lib/aikido/zen/rate_limiter.rb
+- lib/aikido/zen/rate_limiter/breaker.rb
+- lib/aikido/zen/rate_limiter/bucket.rb
+- lib/aikido/zen/rate_limiter/result.rb
+- lib/aikido/zen/request.rb
+- lib/aikido/zen/request/heuristic_router.rb
+- lib/aikido/zen/request/rails_router.rb
+- lib/aikido/zen/request/schema.rb
+- lib/aikido/zen/request/schema/auth_discovery.rb
+- lib/aikido/zen/request/schema/auth_schemas.rb
+- lib/aikido/zen/request/schema/builder.rb
+- lib/aikido/zen/request/schema/definition.rb
+- lib/aikido/zen/request/schema/empty_schema.rb
+- lib/aikido/zen/route.rb
+- lib/aikido/zen/runtime_settings.rb
+- lib/aikido/zen/runtime_settings/endpoints.rb
+- lib/aikido/zen/runtime_settings/ip_set.rb
+- lib/aikido/zen/runtime_settings/protection_settings.rb
+- lib/aikido/zen/runtime_settings/rate_limit_settings.rb
+- lib/aikido/zen/scan.rb
+- lib/aikido/zen/scanners.rb
+- lib/aikido/zen/scanners/path_traversal/helpers.rb
+- lib/aikido/zen/scanners/path_traversal_scanner.rb
+- lib/aikido/zen/scanners/shell_injection/helpers.rb
+- lib/aikido/zen/scanners/shell_injection_scanner.rb
+- lib/aikido/zen/scanners/sql_injection_scanner.rb
+- lib/aikido/zen/scanners/ssrf/dns_lookups.rb
+- lib/aikido/zen/scanners/ssrf/private_ip_checker.rb
+- lib/aikido/zen/scanners/ssrf_scanner.rb
+- lib/aikido/zen/scanners/stored_ssrf_scanner.rb
+- lib/aikido/zen/sink.rb
+- lib/aikido/zen/sinks.rb
+- lib/aikido/zen/sinks/action_controller.rb
+- lib/aikido/zen/sinks/async_http.rb
+- lib/aikido/zen/sinks/curb.rb
+- lib/aikido/zen/sinks/em_http.rb
+- lib/aikido/zen/sinks/excon.rb
+- lib/aikido/zen/sinks/file.rb
+- lib/aikido/zen/sinks/http.rb
+- lib/aikido/zen/sinks/httpclient.rb
+- lib/aikido/zen/sinks/httpx.rb
+- lib/aikido/zen/sinks/kernel.rb
+- lib/aikido/zen/sinks/mysql2.rb
+- lib/aikido/zen/sinks/net_http.rb
+- lib/aikido/zen/sinks/patron.rb
+- lib/aikido/zen/sinks/pg.rb
+- lib/aikido/zen/sinks/resolv.rb
+- lib/aikido/zen/sinks/socket.rb
+- lib/aikido/zen/sinks/sqlite3.rb
+- lib/aikido/zen/sinks/trilogy.rb
+- lib/aikido/zen/sinks/typhoeus.rb
+- lib/aikido/zen/sinks_dsl.rb
+- lib/aikido/zen/synchronizable.rb
+- lib/aikido/zen/system_info.rb
+- lib/aikido/zen/version.rb
+- lib/aikido/zen/worker.rb
+- placeholder/.gitignore
+- placeholder/README.md
+- placeholder/Rakefile
+- placeholder/lib/placeholder.rb.template
+- placeholder/placeholder.gemspec.template
+- tasklib/bench.rake
+- tasklib/libzen.rake
+- tasklib/wrk.rb
+homepage: https://aikido.dev/zen
+licenses:
+- AGPL-3.0-or-later
+metadata:
+  homepage_uri: https://aikido.dev/zen
+  source_code_uri: https://github.com/aikidosec/firewall-ruby
+post_install_message:
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '2.7'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubygems_version: 3.5.22
+signing_key:
+specification_version: 4
+summary: Embedded Web Application Firewall.
+test_files: []