arachni 0.2.2.1

data/reports/xml.rb

@@ -0,0 +1,231 @@
+=begin
+                  Arachni
+  Copyright (c) 2010-2011 Tasos "Zapotek" Laskos <tasos.laskos@gmail.com>
+
+  This is free software; you can copy and distribute and modify
+  this program under the term of the GPL v2.0 License
+  (See LICENSE file for details)
+
+=end
+
+require 'base64'
+
+module Arachni
+
+require Arachni::Options.instance.dir['reports'] + '/xml/buffer.rb'
+
+module Reports
+
+#
+# Creates an XML report of the audit.
+#
+# @author: Tasos "Zapotek" Laskos
+#                                      <tasos.laskos@gmail.com>
+#                                      <zapotek@segfault.gr>
+# @version: 0.2
+#
+class XML < Arachni::Report::Base
+
+    include Arachni::Reports::Buffer
+
+    #
+    # @param [AuditStore]  audit_store
+    # @param [Hash]        options    options passed to the report
+    #
+    def initialize( audit_store, options )
+        @audit_store = audit_store
+        @outfile     = options['outfile']
+
+        # XML buffer
+        @__buffer = "<?xml version=\"1.0\" encoding=\"UTF-8\" ?>\n"
+    end
+
+    def run( )
+
+        print_line( )
+        print_status( 'Creating XML report...' )
+
+        start_tag( 'arachni_report' )
+
+        simple_tag( 'title', 'Web Application Security Report - Arachni Framework' )
+        simple_tag( 'generated_on', Time.now.to_s )
+        simple_tag( 'report_false_positives', REPORT_FP )
+
+        start_tag( 'system' )
+        simple_tag( 'version', @audit_store.version )
+        simple_tag( 'revision', @audit_store.revision )
+        simple_tag( 'start_datetime', @audit_store.start_datetime )
+        simple_tag( 'finish_datetime', @audit_store.finish_datetime )
+        simple_tag( 'delta_time', @audit_store.delta_time )
+
+        simple_tag( 'url', @audit_store.options['url'] )
+        simple_tag( 'user_agent', @audit_store.options['user_agent'] )
+
+        start_tag( 'audited_elements' )
+        simple_tag( 'element', 'links' ) if @audit_store.options['audit_links']
+        simple_tag( 'element', 'forms' ) if @audit_store.options['audit_forms']
+        simple_tag( 'element', 'cookies' ) if @audit_store.options['audit_cookies']
+        simple_tag( 'element', 'headers' ) if @audit_store.options['audit_headers']
+        end_tag( 'audited_elements' )
+
+        start_tag( 'modules')
+        @audit_store.options['mods'].each { |mod| add_mod( mod ) }
+        end_tag( 'modules' )
+
+        start_tag( 'filters' )
+        if @audit_store.options['exclude']
+            start_tag( "exclude" )
+            @audit_store.options['exclude'].each {
+                |ex|
+                simple_tag( 'regexp', ex )
+            }
+            end_tag( "exclude" )
+        end
+
+
+        if @audit_store.options['include']
+            start_tag( "include" )
+            @audit_store.options['include'].each {
+                |inc|
+                simple_tag( 'regexp', inc )
+            }
+            end_tag( "include" )
+        end
+
+
+        if @audit_store.options['redundant']
+            start_tag( "redundant" )
+            @audit_store.options['redundant'].each {
+                |red|
+                simple_tag( 'filter', red['regexp'] + ':' + red['count'].to_s )
+            }
+            end_tag( "redundant" )
+        end
+        end_tag( 'filters' )
+
+
+        start_tag( 'cookies' )
+        if( @audit_store.options['cookies'] )
+            @audit_store.options['cookies'].each {
+                |name, value|
+                add_cookie( name, value )
+            }
+        end
+        end_tag( 'cookies' )
+
+
+        end_tag( 'system' )
+
+
+        start_tag( 'issues' )
+        @audit_store.issues.each {
+            |issue|
+
+            start_tag( 'issue' )
+            simple_tag( 'name', issue.name )
+
+            simple_tag( 'url', issue.url )
+            simple_tag( 'element', issue.elem )
+            simple_tag( 'method', issue.method ) if issue.method
+            add_tags( issue.tags ) if issue.tags.is_a?( Array )
+            simple_tag( 'variable', issue.var ) if issue.var
+            simple_tag( 'description', issue.description )
+            simple_tag( 'manual_verification', issue.verification.to_s )
+
+
+            start_tag( 'references' )
+            issue.references.each{
+                |name, url|
+                add_reference( name, url )
+            }
+            end_tag( 'references' )
+
+
+            add_variations( issue )
+
+            end_tag( 'issue' )
+        }
+
+        end_tag( 'issues' )
+
+        start_tag( 'plugins' )
+
+        # get XML formatted plugin data and append them to the XML buffer
+        format_plugin_results( @audit_store.plugins ).values.compact.each { |xml| append( xml ) }
+
+        end_tag( 'plugins' )
+
+        end_tag( 'arachni_report' )
+
+        xml_write( )
+        print_status( 'Saved in \'' + @outfile + '\'.' )
+    end
+
+    def xml_write( )
+        file = File.new( @outfile, 'w' )
+        file.write( @__buffer )
+        file.close
+    end
+
+
+    def self.info
+        {
+            :name           => 'XML report',
+            :description    => %q{Exports a report as an XML file.},
+            :author         => 'Tasos "Zapotek" Laskos <tasos.laskos@gmail.com>',
+            :version        => '0.2',
+            :options        => [
+                Arachni::OptString.new( 'outfile', [ false, 'Where to save the report.',
+                    Time.now.to_s + '.xml' ] ),
+            ]
+        }
+    end
+
+    def add_variations( issue )
+        start_tag( 'variations' )
+        issue.variations.each_with_index {
+            |var|
+            start_tag( 'variation' )
+
+            simple_tag( 'url', var['url'] )
+            simple_tag( 'id', URI.encode( var['id'] ) ) if var['id']
+            simple_tag( 'injected', URI.encode( var['injected'] ) ) if var['injected']
+            simple_tag( 'regexp', var['regexp'].to_s ) if var['regexp']
+            simple_tag( 'regexp_match', var['regexp_match'] ) if var['regexp_match']
+
+            start_tag( 'headers' )
+
+            if var['headers']['request'].is_a?( Hash )
+                add_headers( 'request', var['headers']['request'] )
+            end
+
+            response = {}
+            if var['headers']['response'].is_a?( Hash )
+                response = var['headers']['response']
+            else
+                var['headers']['response'].split( "\n" ).each {
+                    |line|
+                    field, value = line.split( ':', 2 )
+                    next if !value
+                    response[field] = value
+                }
+            end
+
+            if response.is_a?( Hash )
+                add_headers( 'response', response )
+            end
+
+            end_tag( 'headers' )
+
+            if var['response'] && !var['response'].empty?
+                simple_tag( 'html', Base64.encode64( var['response'] ) )
+            end
+
+            end_tag( 'variation' )
+        }
+        end_tag( 'variations' )
+    end
+
+end
+end
+end

data/reports/xml/buffer.rb

@@ -0,0 +1,98 @@
+=begin
+                  Arachni
+  Copyright (c) 2010-2011 Tasos "Zapotek" Laskos <tasos.laskos@gmail.com>
+
+  This is free software; you can copy and distribute and modify
+  this program under the term of the GPL v2.0 License
+  (See LICENSE file for details)
+
+=end
+
+require 'base64'
+
+module Arachni
+module Reports
+
+    module Buffer
+
+        require 'cgi'
+
+        def append( str )
+            __add( str, true )
+        end
+
+        def simple_tag( tag, text, no_escape = false )
+            start_tag( tag )
+            __add( text, no_escape )
+            end_tag( tag )
+        end
+
+        def start_tag( tag )
+            __buffer( "\n<#{tag}>" )
+        end
+
+        def end_tag( tag )
+            __buffer( "</#{tag}>\n" )
+        end
+
+        def add_cookie( name, value )
+            __buffer( "<cookie name=\"#{name}\" value=\"#{value}\" />" )
+        end
+
+        def add_credentials( username, password )
+            __buffer( "<credentials username=\"#{username}\" password=\"#{password}\" />" )
+        end
+
+        def add_reference( name, url )
+            __buffer( "<reference name=\"#{name}\" url=\"#{url}\" />" )
+        end
+
+        def add_param( name, value )
+            __buffer( "<param name=\"#{name}\" value=\"#{value}\" />" )
+        end
+
+        def add_mod( name )
+            __buffer( "<module name=\"#{name}\" />" )
+        end
+
+        def add_headers( type, headers )
+
+            start_tag( type )
+            headers.each_pair {
+                |name, value|
+                __buffer( "<field name=\"#{name}\" value=\"#{CGI.escapeHTML( value.strip )}\" />" )
+            }
+            end_tag( type )
+        end
+
+        def add_tags( tags )
+
+            start_tag( 'tags' )
+            tags.each {
+                |name|
+                __buffer( "<tag name=\"#{name}\" />" )
+            }
+            end_tag( 'tags' )
+        end
+
+
+        def buffer
+            return @__buffer
+        end
+
+        def __buffer( str = '' )
+            @__buffer ||= ''
+            @__buffer += str
+        end
+
+        def __add( text, no_escape = false )
+            if !no_escape
+                __buffer( CGI.escapeHTML( text ) )
+            else
+                __buffer( text )
+            end
+        end
+
+    end
+end
+end

metadata

@@ -0,0 +1,516 @@
+--- !ruby/object:Gem::Specification 
+name: arachni
+version: !ruby/object:Gem::Version 
+  prerelease: false
+  segments: 
+  - 0
+  - 2
+  - 2
+  - 1
+  version: 0.2.2.1
+platform: ruby
+authors: 
+- Tasos Laskos
+autorequire: 
+bindir: bin
+cert_chain: []
+
+date: 2011-02-13 00:00:00 +00:00
+default_executable: 
+dependencies: 
+- !ruby/object:Gem::Dependency 
+  name: arachni-typhoeus
+  prerelease: false
+  requirement: &id001 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ~>
+      - !ruby/object:Gem::Version 
+        segments: 
+        - 0
+        - 2
+        - 0
+        - 1
+        version: 0.2.0.1
+  type: :runtime
+  version_requirements: *id001
+- !ruby/object:Gem::Dependency 
+  name: nokogiri
+  prerelease: false
+  requirement: &id002 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ~>
+      - !ruby/object:Gem::Version 
+        segments: 
+        - 1
+        - 4
+        - 4
+        version: 1.4.4
+  type: :runtime
+  version_requirements: *id002
+- !ruby/object:Gem::Dependency 
+  name: awesome_print
+  prerelease: false
+  requirement: &id003 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ~>
+      - !ruby/object:Gem::Version 
+        segments: 
+        - 0
+        - 3
+        - 1
+        version: 0.3.1
+  type: :runtime
+  version_requirements: *id003
+- !ruby/object:Gem::Dependency 
+  name: robots
+  prerelease: false
+  requirement: &id004 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ~>
+      - !ruby/object:Gem::Version 
+        segments: 
+        - 0
+        - 10
+        - 0
+        version: 0.10.0
+  type: :runtime
+  version_requirements: *id004
+- !ruby/object:Gem::Dependency 
+  name: sys-proctable
+  prerelease: false
+  requirement: &id005 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ~>
+      - !ruby/object:Gem::Version 
+        segments: 
+        - 0
+        - 8
+        - 1
+        version: 0.8.1
+  type: :runtime
+  version_requirements: *id005
+- !ruby/object:Gem::Dependency 
+  name: terminal-table
+  prerelease: false
+  requirement: &id006 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ~>
+      - !ruby/object:Gem::Version 
+        segments: 
+        - 1
+        - 4
+        - 2
+        version: 1.4.2
+  type: :runtime
+  version_requirements: *id006
+- !ruby/object:Gem::Dependency 
+  name: sinatra
+  prerelease: false
+  requirement: &id007 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        segments: 
+        - 0
+        - 9
+        - 2
+        version: 0.9.2
+  type: :runtime
+  version_requirements: *id007
+- !ruby/object:Gem::Dependency 
+  name: datamapper
+  prerelease: false
+  requirement: &id008 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        segments: 
+        - 1
+        - 0
+        - 2
+        version: 1.0.2
+  type: :runtime
+  version_requirements: *id008
+- !ruby/object:Gem::Dependency 
+  name: rack_csrf
+  prerelease: false
+  requirement: &id009 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        segments: 
+        - 2
+        - 1
+        - 0
+        version: 2.1.0
+  type: :runtime
+  version_requirements: *id009
+- !ruby/object:Gem::Dependency 
+  name: rack-flash
+  prerelease: false
+  requirement: &id010 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        segments: 
+        - 0
+        - 1
+        - 1
+        version: 0.1.1
+  type: :runtime
+  version_requirements: *id010
+- !ruby/object:Gem::Dependency 
+  name: json
+  prerelease: false
+  requirement: &id011 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ~>
+      - !ruby/object:Gem::Version 
+        segments: 
+        - 1
+        - 4
+        - 6
+        version: 1.4.6
+  type: :runtime
+  version_requirements: *id011
+- !ruby/object:Gem::Dependency 
+  name: dm-sqlite-adapter
+  prerelease: false
+  requirement: &id012 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ~>
+      - !ruby/object:Gem::Version 
+        segments: 
+        - 1
+        - 0
+        - 2
+        version: 1.0.2
+  type: :runtime
+  version_requirements: *id012
+description: "        Arachni is a feature-full, modular, high-performance Ruby framework aimed towards\n        helping penetration testers and administrators evaluate the security of web applications.\n\n        Arachni is smart, it trains itself by learning from the HTTP responses it receives during the audit process.\n        Unlike other scanners, Arachni takes into account the dynamic nature of web applications and can detect changes caused while travelling\n        through the paths of a web application's cyclomatic complexity.\n        This way attack/input vectors that would otherwise be undetectable by non-humans are seamlessly handled by Arachni.\n\n        Finally, Arachni yields great performance due to its asynchronous HTTP model (courtesy of Typhoeus).\n        Thus, you'll only be limited by the responsiveness of the server under audit and your available bandwidth.\n\n        Note: Despite the fact that Arachni is mostly targeted towards web application security,\n        it can easily be used for general purpose scraping, data-mining, etc with the addition of custom modules.\n"
+email: tasos.laskos@gmail.com
+executables: 
+- arachni
+- arachni_xmlrpcd_monitor
+- arachni_xmlrpcd
+- arachni_xmlrpc
+- arachni_web
+extensions: []
+
+extra_rdoc_files: 
+- README.md
+- ACKNOWLEDGMENTS.md
+- LICENSE.md
+- AUTHORS.md
+- CHANGELOG.md
+- CONTRIBUTORS.md
+- EXPLOITATION.md
+- HACKING.md
+files: 
+- README.md
+- ACKNOWLEDGMENTS.md
+- Rakefile
+- getoptslong.rb
+- LICENSE.md
+- AUTHORS.md
+- CHANGELOG.md
+- CONTRIBUTORS.md
+- EXPLOITATION.md
+- HACKING.md
+- lib/module.rb
+- lib/module/trainer.rb
+- lib/module/output.rb
+- lib/module/utilities.rb
+- lib/module/auditor.rb
+- lib/module/key_filler.rb
+- lib/module/element_db.rb
+- lib/module/base.rb
+- lib/module/manager.rb
+- lib/parser.rb
+- lib/component_options.rb
+- lib/anemone/storage.rb
+- lib/anemone/page.rb
+- lib/anemone/cookie_store.rb
+- lib/anemone/page_store.rb
+- lib/anemone/tentacle.rb
+- lib/anemone/storage/pstore.rb
+- lib/anemone/storage/mongodb.rb
+- lib/anemone/storage/redis.rb
+- lib/anemone/storage/exceptions.rb
+- lib/anemone/storage/base.rb
+- lib/anemone/storage/tokyo_cabinet.rb
+- lib/anemone/http.rb
+- lib/anemone/core.rb
+- lib/anemone/exceptions.rb
+- lib/report.rb
+- lib/options.rb
+- lib/issue.rb
+- lib/component_manager.rb
+- lib/plugin/base.rb
+- lib/plugin/manager.rb
+- lib/arachni.rb
+- lib/framework.rb
+- lib/http.rb
+- lib/spider.rb
+- lib/audit_store.rb
+- lib/rpc/xml/server/module/manager.rb
+- lib/rpc/xml/server/output.rb
+- lib/rpc/xml/server/options.rb
+- lib/rpc/xml/server/plugin/manager.rb
+- lib/rpc/xml/server/framework.rb
+- lib/rpc/xml/server/dispatcher.rb
+- lib/rpc/xml/server/instance.rb
+- lib/rpc/xml/server/base.rb
+- lib/rpc/xml/client/dispatcher.rb
+- lib/rpc/xml/client/instance.rb
+- lib/rpc/xml/client/base.rb
+- lib/ruby/xmlrpc/server.rb
+- lib/ruby/string.rb
+- lib/ruby/object.rb
+- lib/anemone.rb
+- lib/exceptions.rb
+- lib/ui/xmlrpc/xmlrpc.rb
+- lib/ui/xmlrpc/dispatcher_monitor.rb
+- lib/ui/cli/output.rb
+- lib/ui/cli/cli.rb
+- lib/ui/web/server/public/sidebar-top.jpg
+- lib/ui/web/server/public/style.css
+- lib/ui/web/server/public/bodybg.png
+- lib/ui/web/server/public/nav-selected-right.jpg
+- lib/ui/web/server/public/logo.png
+- lib/ui/web/server/public/favicon.ico
+- lib/ui/web/server/public/nav-right.jpg
+- lib/ui/web/server/public/css/smoothness/jquery-ui-1.8.9.custom.css
+- lib/ui/web/server/public/css/smoothness/images/ui-bg_flat_0_aaaaaa_40x100.png
+- lib/ui/web/server/public/css/smoothness/images/ui-bg_highlight-soft_75_cccccc_1x100.png
+- lib/ui/web/server/public/css/smoothness/images/ui-icons_2e83ff_256x240.png
+- lib/ui/web/server/public/css/smoothness/images/ui-bg_glass_95_fef1ec_1x400.png
+- lib/ui/web/server/public/css/smoothness/images/ui-bg_flat_75_ffffff_40x100.png
+- lib/ui/web/server/public/css/smoothness/images/ui-bg_glass_75_dadada_1x400.png
+- lib/ui/web/server/public/css/smoothness/images/ui-bg_glass_55_fbf9ee_1x400.png
+- lib/ui/web/server/public/css/smoothness/images/ui-icons_888888_256x240.png
+- lib/ui/web/server/public/css/smoothness/images/ui-icons_222222_256x240.png
+- lib/ui/web/server/public/css/smoothness/images/ui-bg_glass_65_ffffff_1x400.png
+- lib/ui/web/server/public/css/smoothness/images/pbar-ani.gif
+- lib/ui/web/server/public/css/smoothness/images/ui-icons_cd0a0a_256x240.png
+- lib/ui/web/server/public/css/smoothness/images/ui-icons_454545_256x240.png
+- lib/ui/web/server/public/css/smoothness/images/ui-bg_glass_75_e6e6e6_1x400.png
+- lib/ui/web/server/public/nav-left.jpg
+- lib/ui/web/server/public/sidebar-bottom.jpg
+- lib/ui/web/server/public/nav-selected-left.jpg
+- lib/ui/web/server/public/js/jquery-1.4.4.min.js
+- lib/ui/web/server/public/js/jquery-ui-1.8.9.custom.min.js
+- lib/ui/web/server/public/spider.png
+- lib/ui/web/server/public/banner.png
+- lib/ui/web/server/public/bodybg-small.png
+- lib/ui/web/server/public/reports/placeholder
+- lib/ui/web/server/public/icons/status.png
+- lib/ui/web/server/public/icons/info.png
+- lib/ui/web/server/public/icons/error.png
+- lib/ui/web/server/public/icons/ok.png
+- lib/ui/web/server/public/sidebar-h4.jpg
+- lib/ui/web/server/public/footer.jpg
+- lib/ui/web/server/tmp/placeholder
+- lib/ui/web/server/db/placeholder
+- lib/ui/web/server/views/dispatcher_error.erb
+- lib/ui/web/server/views/instance.erb
+- lib/ui/web/server/views/log.erb
+- lib/ui/web/server/views/dispatcher.erb
+- lib/ui/web/server/views/flash.erb
+- lib/ui/web/server/views/report_formats.erb
+- lib/ui/web/server/views/modules.erb
+- lib/ui/web/server/views/plugins.erb
+- lib/ui/web/server/views/layout.erb
+- lib/ui/web/server/views/output_results.erb
+- lib/ui/web/server/views/options.erb
+- lib/ui/web/server/views/error.erb
+- lib/ui/web/server/views/home.erb
+- lib/ui/web/server/views/welcome.erb
+- lib/ui/web/server/views/reports.erb
+- lib/ui/web/server/views/settings.erb
+- lib/ui/web/report_manager.rb
+- lib/ui/web/server.rb
+- lib/ui/web/log.rb
+- lib/ui/web/output_stream.rb
+- lib/parser/auditable.rb
+- lib/parser/parser.rb
+- lib/parser/page.rb
+- lib/parser/elements.rb
+- lib/report/base.rb
+- lib/report/manager.rb
+- lib/plugin.rb
+- lib/typhoeus/response.rb
+- lib/typhoeus/request.rb
+- lib/ruby.rb
+- conf/webui.yaml
+- conf/README.webui.yaml.txt
+- metamodules/timeout_notice.rb
+- metamodules/autothrottle.rb
+- metamodules/uniformity.rb
+- external/metasploit/modules/exploits/unix/webapp/arachni_php_include.rb
+- external/metasploit/modules/exploits/unix/webapp/arachni_path_traversal.rb
+- external/metasploit/modules/exploits/unix/webapp/arachni_exec.rb
+- external/metasploit/modules/exploits/unix/webapp/arachni_php_eval.rb
+- external/metasploit/modules/exploits/unix/webapp/arachni_sqlmap.rb
+- external/metasploit/LICENSE
+- external/metasploit/plugins/arachni.rb
+- logs/placeholder
+- modules/recon/backup_files/extensions.txt
+- modules/recon/interesting_responses.rb
+- modules/recon/common_files.rb
+- modules/recon/xst.rb
+- modules/recon/http_put.rb
+- modules/recon/webdav.rb
+- modules/recon/directory_listing.rb
+- modules/recon/backdoors/filenames.txt
+- modules/recon/allowed_methods.rb
+- modules/recon/common_directories/directories.txt
+- modules/recon/htaccess_limit.rb
+- modules/recon/grep/ssn.rb
+- modules/recon/grep/private_ip.rb
+- modules/recon/grep/emails.rb
+- modules/recon/grep/credit_card.rb
+- modules/recon/grep/cvs_svn_users.rb
+- modules/recon/grep/captcha.rb
+- modules/recon/grep/html_objects.rb
+- modules/recon/unencrypted_password_forms.rb
+- modules/recon/backdoors.rb
+- modules/recon/backup_files.rb
+- modules/recon/common_files/filenames.txt
+- modules/recon/common_directories.rb
+- modules/audit/trainer.rb
+- modules/audit/code_injection_timing/payloads.txt
+- modules/audit/os_cmd_injection.rb
+- modules/audit/sqli_blind_timing/payloads.txt
+- modules/audit/sqli.rb
+- modules/audit/xss_script_tag.rb
+- modules/audit/sqli_blind_rdiff.rb
+- modules/audit/path_traversal.rb
+- modules/audit/xss_event.rb
+- modules/audit/xss_uri.rb
+- modules/audit/os_cmd_injection/payloads.txt
+- modules/audit/sqli_blind_timing.rb
+- modules/audit/code_injection.rb
+- modules/audit/rfi.rb
+- modules/audit/xpath/errors.txt
+- modules/audit/xss_tag.rb
+- modules/audit/response_splitting.rb
+- modules/audit/csrf.rb
+- modules/audit/os_cmd_injection_timing.rb
+- modules/audit/ldapi.rb
+- modules/audit/ldapi/errors.txt
+- modules/audit/code_injection_timing.rb
+- modules/audit/os_cmd_injection_timing/payloads.txt
+- modules/audit/sqli/regexp_ids.txt
+- modules/audit/xss_path.rb
+- modules/audit/xpath.rb
+- modules/audit/unvalidated_redirect.rb
+- modules/audit/xss.rb
+- path_extractors/scripts.rb
+- path_extractors/links.rb
+- path_extractors/frames.rb
+- path_extractors/generic.rb
+- path_extractors/anchors.rb
+- path_extractors/meta_refresh.rb
+- path_extractors/forms.rb
+- path_extractors/sitemap.rb
+- plugins/proxy/server.rb
+- plugins/metamodules.rb
+- plugins/healthmap.rb
+- plugins/cookie_collector.rb
+- plugins/http_dicattack.rb
+- plugins/content_types.rb
+- plugins/waf_detector.rb
+- plugins/form_dicattack.rb
+- plugins/autologin.rb
+- plugins/proxy.rb
+- profiles/comprehensive.afp
+- profiles/full.afp
+- reports/html.rb
+- reports/plugin_formatters/stdout/metamodules.rb
+- reports/plugin_formatters/stdout/healthmap.rb
+- reports/plugin_formatters/stdout/cookie_collector.rb
+- reports/plugin_formatters/stdout/http_dicattack.rb
+- reports/plugin_formatters/stdout/content_types.rb
+- reports/plugin_formatters/stdout/waf_detector.rb
+- reports/plugin_formatters/stdout/form_dicattack.rb
+- reports/plugin_formatters/stdout/metaformatters/timeout_notice.rb
+- reports/plugin_formatters/stdout/metaformatters/uniformity.rb
+- reports/plugin_formatters/xml/metamodules.rb
+- reports/plugin_formatters/xml/healthmap.rb
+- reports/plugin_formatters/xml/cookie_collector.rb
+- reports/plugin_formatters/xml/http_dicattack.rb
+- reports/plugin_formatters/xml/content_types.rb
+- reports/plugin_formatters/xml/waf_detector.rb
+- reports/plugin_formatters/xml/form_dicattack.rb
+- reports/plugin_formatters/xml/metaformatters/timeout_notice.rb
+- reports/plugin_formatters/xml/metaformatters/uniformity.rb
+- reports/plugin_formatters/html/metamodules.rb
+- reports/plugin_formatters/html/healthmap.rb
+- reports/plugin_formatters/html/cookie_collector.rb
+- reports/plugin_formatters/html/http_dicattack.rb
+- reports/plugin_formatters/html/content_types.rb
+- reports/plugin_formatters/html/waf_detector.rb
+- reports/plugin_formatters/html/form_dicattack.rb
+- reports/plugin_formatters/html/metaformatters/timeout_notice.rb
+- reports/plugin_formatters/html/metaformatters/uniformity.rb
+- reports/metareport/arachni_metareport.rb
+- reports/txt.rb
+- reports/xml/buffer.rb
+- reports/metareport.rb
+- reports/stdout.rb
+- reports/html/default.erb
+- reports/xml.rb
+- reports/afr.rb
+- reports/ap.rb
+- bin/arachni
+- bin/arachni_xmlrpcd_monitor
+- bin/arachni_xmlrpcd
+- bin/arachni_xmlrpc
+- bin/arachni_web
+has_rdoc: true
+homepage: https://github.com/Zapotek/arachni
+licenses: []
+
+post_install_message: 
+rdoc_options: 
+- --charset=UTF-8
+require_paths: 
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  none: false
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      segments: 
+      - 0
+      version: "0"
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  none: false
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      segments: 
+      - 0
+      version: "0"
+requirements: []
+
+rubyforge_project: 
+rubygems_version: 1.3.7
+signing_key: 
+specification_version: 3
+summary: Arachni is a feature-full, modular, high-performance Ruby framework aimed towards helping penetration testers and administrators evaluate the security of web applications.
+test_files: []
+