RubyGems - arachni - Versions diffs - 1.2.1 → 1.3 - Mend

arachni 1.2.1 → 1.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (373) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +66 -0
data/Gemfile +1 -1
data/README.md +16 -5
data/components/checks/active/ldap_injection/errors.txt +1 -0
data/components/checks/active/source_code_disclosure.rb +1 -1
data/components/checks/active/unvalidated_redirect.rb +6 -6
data/components/checks/active/unvalidated_redirect_dom.rb +10 -7
data/components/checks/passive/grep/captcha.rb +14 -5
data/components/checks/passive/grep/form_upload.rb +7 -3
data/components/checks/passive/grep/hsts.rb +3 -3
data/components/checks/passive/grep/html_objects.rb +2 -3
data/components/checks/passive/grep/http_only_cookies.rb +2 -3
data/components/checks/passive/grep/insecure_cookies.rb +1 -1
data/components/checks/passive/grep/password_autocomplete.rb +2 -2
data/components/checks/passive/grep/unencrypted_password_forms.rb +7 -7
data/components/checks/passive/grep/x_frame_options.rb +2 -2
data/components/checks/passive/http_put.rb +2 -3
data/components/path_extractors/comments.rb +3 -3
data/components/path_extractors/scripts.rb +10 -1
data/components/plugins/defaults/autothrottle.rb +27 -18
data/components/plugins/defaults/meta/remedies/discovery.rb +30 -33
data/components/plugins/defaults/meta/remedies/timing_attacks.rb +7 -11
data/components/plugins/login_script.rb +9 -3
data/components/plugins/proxy.rb +4 -3
data/components/reporters/html.rb +11 -14
data/components/reporters/html/default/issue.erb +13 -38
data/components/reporters/html/default/issue/info.erb +1 -1
data/components/reporters/html/default/summary/issues/by_name.erb +3 -3
data/components/reporters/stdout.rb +62 -71
data/components/reporters/xml.rb +26 -40
data/components/reporters/xml/schema.xsd +43 -89
data/lib/arachni/browser.rb +52 -3
data/lib/arachni/browser/javascript.rb +3 -3
data/lib/arachni/browser/javascript/scripts/taint_tracer.js +46 -25
data/lib/arachni/browser_cluster.rb +61 -0
data/lib/arachni/browser_cluster/job.rb +21 -1
data/lib/arachni/browser_cluster/jobs/browser_provider.rb +3 -1
data/lib/arachni/browser_cluster/jobs/resource_exploration.rb +2 -1
data/lib/arachni/browser_cluster/jobs/resource_exploration/event_trigger.rb +2 -1
data/lib/arachni/browser_cluster/jobs/taint_trace.rb +3 -2
data/lib/arachni/browser_cluster/jobs/taint_trace/event_trigger.rb +1 -1
data/lib/arachni/browser_cluster/worker.rb +5 -0
data/lib/arachni/check/auditor.rb +22 -12
data/lib/arachni/data/framework.rb +13 -1
data/lib/arachni/data/issues.rb +9 -25
data/lib/arachni/element/base.rb +9 -3
data/lib/arachni/element/capabilities/analyzable.rb +2 -6
data/lib/arachni/element/capabilities/analyzable/differential.rb +24 -7
data/lib/arachni/element/capabilities/analyzable/{taint.rb → signature.rb} +23 -23
data/lib/arachni/element/capabilities/auditable.rb +0 -6
data/lib/arachni/element/capabilities/dom_only.rb +61 -0
data/lib/arachni/element/capabilities/with_dom.rb +3 -1
data/lib/arachni/element/cookie.rb +35 -5
data/lib/arachni/element/cookie/dom.rb +13 -4
data/lib/arachni/element/{capabilities/auditable/dom.rb → dom.rb} +20 -68
data/lib/arachni/element/dom/capabilities/auditable.rb +29 -0
data/lib/arachni/element/dom/capabilities/inputtable.rb +27 -0
data/lib/arachni/element/dom/capabilities/mutable.rb +21 -0
data/lib/arachni/element/dom/capabilities/submittable.rb +52 -0
data/lib/arachni/element/form.rb +12 -1
data/lib/arachni/element/form/capabilities/mutable.rb +2 -1
data/lib/arachni/element/form/capabilities/with_dom.rb +0 -1
data/lib/arachni/element/form/dom.rb +9 -3
data/lib/arachni/element/header.rb +14 -33
data/lib/arachni/element/header/capabilities/inputtable.rb +29 -0
data/lib/arachni/element/header/capabilities/mutable.rb +51 -0
data/lib/arachni/element/input/dom.rb +71 -0
data/lib/arachni/element/json.rb +2 -0
data/lib/arachni/element/link.rb +3 -0
data/lib/arachni/element/link/capabilities/with_dom.rb +0 -1
data/lib/arachni/element/link/dom.rb +16 -3
data/lib/arachni/element/link/dom/capabilities/submittable.rb +29 -0
data/lib/arachni/element/link_template.rb +3 -5
data/lib/arachni/element/link_template/capabilities/inputtable.rb +5 -0
data/lib/arachni/element/link_template/capabilities/with_dom.rb +0 -1
data/lib/arachni/element/link_template/dom.rb +16 -3
data/lib/arachni/element/link_template/dom/capabilities/submittable.rb +29 -0
data/lib/arachni/element/server.rb +3 -5
data/lib/arachni/element/ui_form.rb +106 -0
data/lib/arachni/element/ui_form/dom.rb +107 -0
data/lib/arachni/element/ui_input.rb +62 -0
data/lib/arachni/element/xml.rb +2 -1
data/lib/arachni/framework.rb +7 -5
data/lib/arachni/framework/parts/audit.rb +0 -1
data/lib/arachni/framework/parts/check.rb +1 -0
data/lib/arachni/framework/parts/data.rb +4 -0
data/lib/arachni/framework/parts/state.rb +0 -2
data/lib/arachni/http/client.rb +17 -6
data/lib/arachni/http/proxy_server.rb +52 -5
data/lib/arachni/http/request.rb +1 -1
data/lib/arachni/issue.rb +34 -179
data/lib/arachni/issue/severity.rb +2 -0
data/lib/arachni/option_groups/audit.rb +22 -2
data/lib/arachni/option_groups/browser_cluster.rb +15 -0
data/lib/arachni/page.rb +3 -2
data/lib/arachni/parser.rb +24 -5
data/lib/arachni/platform/manager.rb +1 -2
data/lib/arachni/rpc/server/framework.rb +3 -4
data/lib/arachni/rpc/server/framework/multi_instance.rb +2 -1
data/lib/arachni/session.rb +1 -1
data/lib/arachni/trainer.rb +4 -7
data/lib/arachni/watir/element.rb +12 -1
data/lib/version +1 -1
data/spec/arachni/browser/element_locator_spec.rb +43 -43
data/spec/arachni/browser/javascript/dom_monitor_spec.rb +44 -44
data/spec/arachni/browser/javascript/proxy/stub_spec.rb +17 -14
data/spec/arachni/browser/javascript/proxy_spec.rb +24 -24
data/spec/arachni/browser/javascript/taint_tracer/frame/called_function_spec.rb +11 -11
data/spec/arachni/browser/javascript/taint_tracer/frame_spec.rb +7 -7
data/spec/arachni/browser/javascript/taint_tracer/sink/data_flow_spec.rb +13 -13
data/spec/arachni/browser/javascript/taint_tracer/sink/execution_flow_spec.rb +7 -7
data/spec/arachni/browser/javascript/taint_tracer_spec.rb +568 -558
data/spec/arachni/browser/javascript_spec.rb +73 -63
data/spec/arachni/browser_cluster/job/result_spec.rb +3 -3
data/spec/arachni/browser_cluster/job_spec.rb +68 -48
data/spec/arachni/browser_cluster/jobs/resource_exploration/event_trigger/result_spec.rb +2 -2
data/spec/arachni/browser_cluster/jobs/resource_exploration/event_trigger_spec.rb +5 -4
data/spec/arachni/browser_cluster/jobs/resource_exploration/result_spec.rb +2 -2
data/spec/arachni/browser_cluster/jobs/resource_exploration_spec.rb +5 -5
data/spec/arachni/browser_cluster/worker_spec.rb +87 -70
data/spec/arachni/browser_cluster_spec.rb +64 -39
data/spec/arachni/browser_spec.rb +692 -527
data/spec/arachni/check/auditor_spec.rb +177 -147
data/spec/arachni/check/base_spec.rb +33 -33
data/spec/arachni/check/manager_spec.rb +15 -15
data/spec/arachni/component/base_spec.rb +8 -8
data/spec/arachni/component/manager_spec.rb +100 -99
data/spec/arachni/component/options/address_spec.rb +3 -3
data/spec/arachni/component/options/base_spec.rb +7 -7
data/spec/arachni/component/options/bool_spec.rb +9 -9
data/spec/arachni/component/options/float_spec.rb +6 -6
data/spec/arachni/component/options/int_spec.rb +5 -5
data/spec/arachni/component/options/multiple_choice_spec.rb +12 -12
data/spec/arachni/component/options/object_spec.rb +2 -2
data/spec/arachni/component/options/path_spec.rb +3 -3
data/spec/arachni/component/options/port_spec.rb +5 -5
data/spec/arachni/component/options/string_spec.rb +3 -3
data/spec/arachni/component/options/url_spec.rb +4 -4
data/spec/arachni/component/utilities_spec.rb +2 -2
data/spec/arachni/data/framework/rpc_spec.rb +10 -9
data/spec/arachni/data/framework_spec.rb +65 -46
data/spec/arachni/data/issues_spec.rb +39 -77
data/spec/arachni/data/plugins_spec.rb +11 -11
data/spec/arachni/data/session_spec.rb +6 -6
data/spec/arachni/data_spec.rb +8 -8
data/spec/arachni/element/body_spec.rb +10 -10
data/spec/arachni/element/capabilities/analyzable/differential_spec.rb +39 -21
data/spec/arachni/element/capabilities/analyzable/{taint_spec.rb → signature_spec.rb} +63 -63
data/spec/arachni/element/capabilities/analyzable/timeout_spec.rb +51 -51
data/spec/arachni/element/capabilities/with_scope/scope_spec.rb +5 -5
data/spec/arachni/element/cookie/dom_spec.rb +37 -18
data/spec/arachni/element/cookie_spec.rb +206 -139
data/spec/arachni/element/form/dom_spec.rb +36 -19
data/spec/arachni/element/form_spec.rb +210 -187
data/spec/arachni/element/generic_dom_spec.rb +14 -14
data/spec/arachni/element/header_spec.rb +35 -17
data/spec/arachni/element/json_spec.rb +53 -31
data/spec/arachni/element/link/dom_spec.rb +46 -28
data/spec/arachni/element/link_spec.rb +58 -40
data/spec/arachni/element/link_template/dom_spec.rb +47 -29
data/spec/arachni/element/link_template_spec.rb +79 -61
data/spec/arachni/element/path_spec.rb +1 -1
data/spec/arachni/element/server_spec.rb +33 -32
data/spec/arachni/element/ui_form/ui_form_dom_spec.rb +164 -0
data/spec/arachni/element/ui_form_spec.rb +242 -0
data/spec/arachni/element/ui_input/dom_spec.rb +157 -0
data/spec/arachni/element/ui_input_spec.rb +136 -0
data/spec/arachni/element/xml_spec.rb +42 -24
data/spec/arachni/element_filter_spec.rb +49 -48
data/spec/arachni/error_spec.rb +3 -3
data/spec/arachni/framework/parts/audit_spec.rb +64 -63
data/spec/arachni/framework/parts/browser_spec.rb +16 -16
data/spec/arachni/framework/parts/check_spec.rb +3 -3
data/spec/arachni/framework/parts/data_spec.rb +48 -48
data/spec/arachni/framework/parts/platform_spec.rb +3 -3
data/spec/arachni/framework/parts/plugin_spec.rb +7 -6
data/spec/arachni/framework/parts/report_spec.rb +7 -7
data/spec/arachni/framework/parts/scope_spec.rb +16 -16
data/spec/arachni/framework/parts/state_spec.rb +68 -69
data/spec/arachni/framework_spec.rb +39 -31
data/spec/arachni/http/client/dynamic_404_handlers_spec.rb +32 -32
data/spec/arachni/http/client_spec.rb +219 -208
data/spec/arachni/http/cookie_jar_spec.rb +72 -72
data/spec/arachni/http/headers_spec.rb +14 -14
data/spec/arachni/http/proxy_server_spec.rb +43 -42
data/spec/arachni/http/request_spec.rb +105 -103
data/spec/arachni/http/response/scope_spec.rb +24 -24
data/spec/arachni/http/response_spec.rb +50 -49
data/spec/arachni/issue/severity_spec.rb +10 -9
data/spec/arachni/issue_spec.rb +71 -369
data/spec/arachni/option_groups/audit_spec.rb +114 -114
data/spec/arachni/option_groups/browser_cluster_spec.rb +20 -3
data/spec/arachni/option_groups/datastore_spec.rb +6 -6
data/spec/arachni/option_groups/dispatcher_spec.rb +19 -19
data/spec/arachni/option_groups/http_spec.rb +11 -11
data/spec/arachni/option_groups/input_spec.rb +31 -27
data/spec/arachni/option_groups/output_spec.rb +2 -2
data/spec/arachni/option_groups/paths_spec.rb +17 -17
data/spec/arachni/option_groups/rpc_spec.rb +2 -2
data/spec/arachni/option_groups/scope_spec.rb +40 -40
data/spec/arachni/option_groups/session_spec.rb +6 -5
data/spec/arachni/option_groups/snapshot_spec.rb +4 -4
data/spec/arachni/options_spec.rb +46 -45
data/spec/arachni/page/dom/transition_spec.rb +74 -72
data/spec/arachni/page/dom_spec.rb +35 -35
data/spec/arachni/page/scope_spec.rb +15 -15
data/spec/arachni/page_spec.rb +217 -217
data/spec/arachni/parser_spec.rb +106 -104
data/spec/arachni/platform/fingerprinter_spec.rb +17 -14
data/spec/arachni/platform/list_spec.rb +33 -33
data/spec/arachni/platform/manager_spec.rb +67 -64
data/spec/arachni/plugin/base_spec.rb +10 -10
data/spec/arachni/plugin/manager_spec.rb +38 -37
data/spec/arachni/report_spec.rb +43 -40
data/spec/arachni/reporter/base_spec.rb +15 -15
data/spec/arachni/reporter/manager_spec.rb +4 -4
data/spec/arachni/reporter/options_spec.rb +6 -6
data/spec/arachni/rpc/client/base_spec.rb +6 -6
data/spec/arachni/rpc/client/dispatcher_spec.rb +2 -2
data/spec/arachni/rpc/client/instance_spec.rb +6 -6
data/spec/arachni/rpc/server/active_options_spec.rb +11 -8
data/spec/arachni/rpc/server/base_spec.rb +5 -5
data/spec/arachni/rpc/server/checks/manager_spec.rb +8 -8
data/spec/arachni/rpc/server/dispatcher/node_spec.rb +37 -37
data/spec/arachni/rpc/server/dispatcher/service_spec.rb +15 -14
data/spec/arachni/rpc/server/dispatcher_spec.rb +36 -35
data/spec/arachni/rpc/server/framework/distributor_spec.rb +36 -36
data/spec/arachni/rpc/server/framework_multi_spec.rb +340 -336
data/spec/arachni/rpc/server/framework_spec.rb +90 -85
data/spec/arachni/rpc/server/instance_spec.rb +126 -107
data/spec/arachni/rpc/server/output_spec.rb +1 -1
data/spec/arachni/rpc/server/plugin/manager_spec.rb +6 -6
data/spec/arachni/ruby/array_spec.rb +42 -42
data/spec/arachni/ruby/hash_spec.rb +20 -18
data/spec/arachni/ruby/io_spec.rb +2 -2
data/spec/arachni/ruby/object_spec.rb +1 -1
data/spec/arachni/ruby/set_spec.rb +3 -3
data/spec/arachni/ruby/string_spec.rb +30 -30
data/spec/arachni/ruby/webrick_spec.rb +2 -2
data/spec/arachni/scope_spec.rb +1 -1
data/spec/arachni/session_spec.rb +67 -64
data/spec/arachni/snapshot_spec.rb +15 -15
data/spec/arachni/state/audit_spec.rb +11 -11
data/spec/arachni/state/element_filter_spec.rb +6 -6
data/spec/arachni/state/framework/rpc_spec.rb +12 -12
data/spec/arachni/state/framework_spec.rb +125 -121
data/spec/arachni/state/http_spec.rb +7 -7
data/spec/arachni/state/options_spec.rb +7 -7
data/spec/arachni/state/plugins_spec.rb +8 -8
data/spec/arachni/state_spec.rb +10 -10
data/spec/arachni/support/buffer/autoflush_spec.rb +16 -16
data/spec/arachni/support/buffer/base_spec.rb +39 -39
data/spec/arachni/support/cache/least_cost_replacement_spec.rb +18 -18
data/spec/arachni/support/cache/least_recently_pushed_spec.rb +24 -24
data/spec/arachni/support/cache/least_recently_used_spec.rb +20 -20
data/spec/arachni/support/cache/preference_spec.rb +4 -4
data/spec/arachni/support/cache/random_replacement_spec.rb +8 -8
data/spec/arachni/support/crypto/rsa_aes_cbc_spec.rb +1 -1
data/spec/arachni/support/database/hash_spec.rb +44 -43
data/spec/arachni/support/database/queue_spec.rb +27 -27
data/spec/arachni/support/lookup/hash_set_spec.rb +8 -8
data/spec/arachni/support/lookup/moolb_spec.rb +3 -3
data/spec/arachni/support/mixins/observable_spec.rb +6 -6
data/spec/arachni/support/signature_spec.rb +19 -19
data/spec/arachni/trainer_spec.rb +39 -39
data/spec/arachni/typhoeus/hydra_spec.rb +2 -2
data/spec/arachni/uri/scope_spec.rb +66 -66
data/spec/arachni/uri_spec.rb +107 -105
data/spec/arachni/utilities_spec.rb +40 -40
data/spec/components/checks/active/csrf_spec.rb +8 -8
data/spec/components/checks/active/no_sql_injection_spec.rb +1 -1
data/spec/components/checks/active/sql_injection_spec.rb +16 -16
data/spec/components/checks/active/trainer_spec.rb +4 -4
data/spec/components/checks/active/unvalidated_redirect_dom_spec.rb +4 -2
data/spec/components/checks/active/xpath_injection_spec.rb +1 -1
data/spec/components/checks/active/xss_dom_script_context_spec.rb +51 -21
data/spec/components/checks/active/xss_dom_spec.rb +46 -24
data/spec/components/checks/passive/allowed_methods_spec.rb +1 -1
data/spec/components/checks/passive/grep/cookie_set_for_parent_domain_spec.rb +1 -1
data/spec/components/checks/passive/grep/hsts_spec.rb +2 -2
data/spec/components/checks/passive/grep/http_only_cookies_spec.rb +1 -1
data/spec/components/checks/passive/grep/insecure_cookies_spec.rb +1 -1
data/spec/components/checks/passive/grep/insecure_cors_policy_spec.rb +2 -2
data/spec/components/checks/passive/grep/password_autocomplete_spec.rb +1 -1
data/spec/components/checks/passive/grep/private_ip_spec.rb +3 -3
data/spec/components/checks/passive/grep/unencrypted_password_forms_spec.rb +1 -1
data/spec/components/checks/passive/grep/x_frame_options_spec.rb +2 -2
data/spec/components/checks/passive/interesting_responses_spec.rb +2 -2
data/spec/components/checks/passive/webdav_spec.rb +1 -1
data/spec/components/checks/passive/xst_spec.rb +1 -1
data/spec/components/fingerprinters/servers/apache_spec.rb +2 -2
data/spec/components/path_extractors/comments_spec.rb +5 -1
data/spec/components/path_extractors/scripts_spec.rb +5 -2
data/spec/components/plugins/autologin_spec.rb +22 -22
data/spec/components/plugins/autothrottle_spec.rb +6 -5
data/spec/components/plugins/content_types_spec.rb +4 -4
data/spec/components/plugins/cookie_collector_spec.rb +5 -5
data/spec/components/plugins/exec_spec.rb +12 -12
data/spec/components/plugins/form_dicattack_spec.rb +3 -3
data/spec/components/plugins/headers_collector_spec.rb +8 -8
data/spec/components/plugins/healthmap_spec.rb +3 -3
data/spec/components/plugins/http_dicattack_spec.rb +3 -3
data/spec/components/plugins/login_script_spec.rb +79 -22
data/spec/components/plugins/meta/remedies/discovery_spec.rb +3 -2
data/spec/components/plugins/meta/remedies/timing_attacks_spec.rb +3 -3
data/spec/components/plugins/meta/uniformity_spec.rb +2 -2
data/spec/components/plugins/restrict_to_dom_state_spec.rb +1 -1
data/spec/components/plugins/script_spec.rb +1 -1
data/spec/components/plugins/uncommon_headers_spec.rb +2 -2
data/spec/components/plugins/vector_collector_spec.rb +2 -2
data/spec/components/plugins/vector_feed_spec.rb +40 -40
data/spec/components/plugins/waf_detector_spec.rb +6 -6
data/spec/components/reporters/json_spec.rb +4 -4
data/spec/components/reporters/marshal_spec.rb +2 -2
data/spec/components/reporters/yaml_spec.rb +3 -2
data/spec/external/wavsep/active/sqli_spec.rb +1 -3
data/spec/spec_helper.rb +4 -0
data/spec/support/factories/element/ui_form.rb +14 -0
data/spec/support/factories/element/ui_input.rb +13 -0
data/spec/support/factories/issue.rb +0 -13
data/spec/support/fixtures/report.afr +0 -0
data/spec/support/fixtures/{taint_check/taint.rb → signature_check/signature.rb} +2 -2
data/spec/support/helpers/browser_cluster/jobs/taint_tracer.rb +11 -11
data/spec/support/helpers/framework.rb +1 -1
data/spec/support/helpers/pages.rb +2 -2
data/spec/support/servers/arachni/browser.rb +139 -0
data/spec/support/servers/arachni/browser/javascript/taint_tracer.rb +40 -0
data/spec/support/servers/arachni/element/capabilities/analyzable/{taint.rb → signature.rb} +0 -0
data/spec/support/servers/arachni/element/input/input_dom.rb +102 -0
data/spec/support/servers/arachni/element/ui_form/ui_form_dom.rb +238 -0
data/spec/support/servers/checks/active/trainer_check.rb +7 -7
data/spec/support/servers/checks/active/unvalidated_redirect_dom.rb +22 -6
data/spec/support/servers/checks/active/xss_dom.rb +50 -0
data/spec/support/servers/checks/active/xss_dom_script_context.rb +53 -0
data/spec/support/shared/browser/javascript/taint_tracer/sink/base.rb +6 -6
data/spec/support/shared/check.rb +10 -12
data/spec/support/shared/component/options/base.rb +24 -24
data/spec/support/shared/element/base.rb +25 -25
data/spec/support/shared/element/capabilities/auditable.rb +116 -140
data/spec/support/shared/element/capabilities/dom_only.rb +65 -0
data/spec/support/shared/element/capabilities/inputtable.rb +71 -86
data/spec/support/shared/element/capabilities/mutable.rb +122 -111
data/spec/support/shared/element/capabilities/refreshable.rb +10 -10
data/spec/support/shared/element/capabilities/{submitable.rb → submittable.rb} +26 -26
data/spec/support/shared/element/capabilities/with_auditor.rb +10 -10
data/spec/support/shared/element/capabilities/with_dom.rb +8 -8
data/spec/support/shared/element/capabilities/with_node.rb +4 -6
data/spec/support/shared/element/capabilities/with_scope.rb +2 -2
data/spec/support/shared/element/capabilities/with_source.rb +6 -8
data/spec/support/shared/element/dom.rb +144 -0
data/spec/support/shared/element/dom/auditable.rb +42 -0
data/spec/support/shared/element/dom/inputtable.rb +5 -0
data/spec/support/shared/element/dom/mutable.rb +3 -0
data/spec/support/shared/element/dom/submittable.rb +119 -0
data/spec/support/shared/external/wavsep.rb +3 -3
data/spec/support/shared/fingerprinter.rb +2 -2
data/spec/support/shared/framework.rb +1 -1
data/spec/support/shared/http/message.rb +9 -9
data/spec/support/shared/option_group.rb +17 -17
data/spec/support/shared/path_extractor.rb +1 -1
data/spec/support/shared/plugin.rb +2 -2
data/spec/support/shared/support/cache.rb +57 -57
data/spec/support/shared/support/lookup.rb +25 -25
data/ui/cli/framework.rb +22 -11
data/ui/cli/framework/option_parser.rb +15 -0
data/ui/cli/option_parser.rb +8 -1
data/ui/cli/output.rb +2 -1
metadata +54 -20
data/components/checks/active/xss_dom_inputs.rb +0 -236
data/spec/components/checks/active/xss_dom_inputs_spec.rb +0 -30
data/spec/support/servers/checks/active/xss_dom_inputs.rb +0 -59
data/spec/support/shared/element/capabilities/auditable/dom.rb +0 -322

data/spec/arachni/framework/parts/scope_spec.rb CHANGED

@@ -12,11 +12,11 @@ describe Arachni::Framework::Parts::Scope do
                         f.options.audit.elements :links
                         f.options.scope.page_limit = 10
-                        f.page_limit_reached?.should be_false
+                        expect(f.page_limit_reached?).to be_falsey
                         f.run
-                        f.page_limit_reached?.should be_true
+                        expect(f.page_limit_reached?).to be_truthy
-                        f.sitemap.size.should == 10
+                        expect(f.sitemap.size).to eq(10)
                     end
                 end
             end
@@ -28,11 +28,11 @@ describe Arachni::Framework::Parts::Scope do
                         f.options.audit.elements :links
                         f.options.scope.page_limit = 100
-                        f.checks.load :taint
+                        f.checks.load :signature
-                        f.page_limit_reached?.should be_false
+                        expect(f.page_limit_reached?).to be_falsey
                         f.run
-                        f.page_limit_reached?.should be_false
+                        expect(f.page_limit_reached?).to be_falsey
                     end
                 end
             end
@@ -43,11 +43,11 @@ describe Arachni::Framework::Parts::Scope do
                         f.options.url = web_server_url_for :framework
                         f.options.audit.elements :links
-                        f.checks.load :taint
+                        f.checks.load :signature
-                        f.page_limit_reached?.should be_false
+                        expect(f.page_limit_reached?).to be_falsey
                         f.run
-                        f.page_limit_reached?.should be_false
+                        expect(f.page_limit_reached?).to be_falsey
                     end
                 end
             end
@@ -57,18 +57,18 @@ describe Arachni::Framework::Parts::Scope do
     describe '#accepts_more_pages?' do
         context 'when #page_limit_reached? and #crawl?' do
             it 'return true' do
-                subject.stub(:page_limit_reached?) { false }
-                subject.stub(:crawl?) { true }
+                allow(subject).to receive(:page_limit_reached?) { false }
+                allow(subject).to receive(:crawl?) { true }
-                subject.accepts_more_pages?.should be_true
+                expect(subject.accepts_more_pages?).to be_truthy
             end
         end
         context 'when #page_limit_reached?' do
             context true do
                 it 'returns false' do
-                    subject.stub(:page_limit_reached?) { true }
-                    subject.accepts_more_pages?.should be_false
+                    allow(subject).to receive(:page_limit_reached?) { true }
+                    expect(subject.accepts_more_pages?).to be_falsey
                 end
             end
         end
@@ -76,8 +76,8 @@ describe Arachni::Framework::Parts::Scope do
         context 'when #crawl?' do
             context false do
                 it 'returns false' do
-                    subject.stub(:crawl?) { false }
-                    subject.accepts_more_pages?.should be_false
+                    allow(subject).to receive(:crawl?) { false }
+                    expect(subject.accepts_more_pages?).to be_falsey
                 end
             end
         end

data/spec/arachni/framework/parts/state_spec.rb CHANGED

@@ -5,41 +5,41 @@ describe Arachni::Framework::Parts::State do
     describe '#scanning?' do
         it "delegates to #{Arachni::State::Framework}#scanning?" do
-            subject.state.stub(:scanning?) { :stuff }
-            subject.scanning?.should == :stuff
+            allow(subject.state).to receive(:scanning?) { :stuff }
+            expect(subject.scanning?).to eq(:stuff)
         end
     end
     describe '#done?' do
         it "delegates to #{Arachni::State::Framework}#done?" do
-            subject.state.stub(:done?) { :stuff }
-            subject.done?.should == :stuff
+            allow(subject.state).to receive(:done?) { :stuff }
+            expect(subject.done?).to eq(:stuff)
         end
     end
     describe '#paused?' do
         it "delegates to #{Arachni::State::Framework}#paused?" do
-            subject.state.stub(:paused?) { :stuff }
-            subject.paused?.should == :stuff
+            allow(subject.state).to receive(:paused?) { :stuff }
+            expect(subject.paused?).to eq(:stuff)
         end
     end
     describe '#state' do
         it "returns #{Arachni::State::Framework}" do
-            subject.state.should be_kind_of Arachni::State::Framework
+            expect(subject.state).to be_kind_of Arachni::State::Framework
         end
     end
     describe '#abort' do
         it 'aborts the system' do
-            @options.paths.checks  = fixtures_path + '/taint_check/'
+            @options.paths.checks  = fixtures_path + '/signature_check/'
             Arachni::Framework.new do |f|
                 f.options.url = web_server_url_for :framework_multi
                 f.options.audit.elements :links
                 f.plugins.load :wait
-                f.checks.load :taint
+                f.checks.load :signature
                 t = Thread.new do
                     f.run
@@ -50,7 +50,7 @@ describe Arachni::Framework::Parts::State do
                 f.abort
                 t.join
-                Arachni::Data.issues.size.should < 500
+                expect(Arachni::Data.issues.size).to be < 500
             end
         end
@@ -58,7 +58,7 @@ describe Arachni::Framework::Parts::State do
             Arachni::Framework.new do |f|
                 f.options.url = web_server_url_for :framework_multi
                 f.options.audit.elements :links
-                f.checks.load :taint
+                f.checks.load :signature
                 t = Thread.new do
                     f.run
@@ -66,24 +66,24 @@ describe Arachni::Framework::Parts::State do
                 sleep 0.1 while f.status != :scanning
                 f.abort
-                f.status.should == :aborted
+                expect(f.status).to eq(:aborted)
                 t.join
-                f.status.should == :aborted
+                expect(f.status).to eq(:aborted)
             end
         end
     end
     describe '#suspend' do
         it 'suspends the system' do
-            @options.paths.checks  = fixtures_path + '/taint_check/'
+            @options.paths.checks  = fixtures_path + '/signature_check/'
             Arachni::Framework.new do |f|
                 f.options.url = web_server_url_for :framework_multi
                 f.options.audit.elements :links
                 f.plugins.load :wait
-                f.checks.load :taint
+                f.checks.load :signature
                 t = Thread.new do
                     f.run
@@ -94,17 +94,17 @@ describe Arachni::Framework::Parts::State do
                 @snapshot = f.suspend
                 t.join
-                Arachni::Data.issues.size.should < 500
+                expect(Arachni::Data.issues.size).to be < 500
             end
-            Arachni::Snapshot.load( @snapshot ).should be_true
+            expect(Arachni::Snapshot.load( @snapshot )).to be_truthy
         end
         it 'sets #status to :suspended' do
             Arachni::Framework.new do |f|
                 f.options.url = web_server_url_for :framework_multi
                 f.options.audit.elements :links
-                f.checks.load :taint
+                f.checks.load :signature
                 t = Thread.new do
                     f.run
@@ -112,10 +112,10 @@ describe Arachni::Framework::Parts::State do
                 sleep 0.1 while f.status != :scanning
                 @snapshot = f.suspend
-                f.status.should == :suspended
+                expect(f.status).to eq(:suspended)
                 t.join
-                f.status.should == :suspended
+                expect(f.status).to eq(:suspended)
             end
         end
@@ -128,7 +128,7 @@ describe Arachni::Framework::Parts::State do
                 f.options.url = web_server_url_for :framework_multi
                 f.options.audit.elements :links
-                f.checks.load  :taint
+                f.checks.load :signature
                 f.plugins.load :suspendable
                 t = Thread.new do
@@ -140,7 +140,7 @@ describe Arachni::Framework::Parts::State do
                 f.suspend
                 t.join
-                Arachni::State.plugins.runtime[:suspendable][:data].should == 1
+                expect(Arachni::State.plugins.runtime[:suspendable][:data]).to eq(1)
             end
         end
@@ -149,7 +149,7 @@ describe Arachni::Framework::Parts::State do
         context "when #{Arachni::OptionGroups::Snapshot}#save_path" do
             context 'is a directory' do
                 it 'stores the snapshot under it' do
-                    @options.paths.checks       = fixtures_path + '/taint_check/'
+                    @options.paths.checks       = fixtures_path + '/signature_check/'
                     @options.snapshot.save_path = Dir.tmpdir
                     Arachni::Framework.new do |f|
@@ -157,7 +157,7 @@ describe Arachni::Framework::Parts::State do
                         f.options.audit.elements :links
                         f.plugins.load :wait
-                        f.checks.load :taint
+                        f.checks.load :signature
                         t = Thread.new do
                             f.run
@@ -168,17 +168,17 @@ describe Arachni::Framework::Parts::State do
                         @snapshot = f.suspend
                         t.join
-                        Arachni::Data.issues.size.should < 500
+                        expect(Arachni::Data.issues.size).to be < 500
                     end
-                    File.dirname( @snapshot ).should == Dir.tmpdir
-                    Arachni::Snapshot.load( @snapshot ).should be_true
+                    expect(File.dirname( @snapshot )).to eq(Dir.tmpdir)
+                    expect(Arachni::Snapshot.load( @snapshot )).to be_truthy
                 end
             end
             context 'is a file path' do
                 it 'stores the snapshot there' do
-                    @options.paths.checks       = fixtures_path + '/taint_check/'
+                    @options.paths.checks       = fixtures_path + '/signature_check/'
                     @options.snapshot.save_path = "#{Dir.tmpdir}/snapshot"
                     Arachni::Framework.new do |f|
@@ -186,7 +186,7 @@ describe Arachni::Framework::Parts::State do
                         f.options.audit.elements :links
                         f.plugins.load :wait
-                        f.checks.load :taint
+                        f.checks.load :signature
                         t = Thread.new do
                             f.run
@@ -197,11 +197,11 @@ describe Arachni::Framework::Parts::State do
                         @snapshot = f.suspend
                         t.join
-                        Arachni::Data.issues.size.should < 500
+                        expect(Arachni::Data.issues.size).to be < 500
                     end
-                    @snapshot.should == "#{Dir.tmpdir}/snapshot"
-                    Arachni::Snapshot.load( @snapshot ).should be_true
+                    expect(@snapshot).to eq("#{Dir.tmpdir}/snapshot")
+                    expect(Arachni::Snapshot.load( @snapshot )).to be_truthy
                 end
             end
         end
@@ -209,7 +209,7 @@ describe Arachni::Framework::Parts::State do
     describe '#restore' do
         it 'restores a suspended scan' do
-            @options.paths.checks  = fixtures_path + '/taint_check/'
+            @options.paths.checks  = fixtures_path + '/signature_check/'
             logged_issues = 0
             Arachni::Framework.new do |f|
@@ -217,7 +217,7 @@ describe Arachni::Framework::Parts::State do
                 f.options.audit.elements :links
                 f.plugins.load :wait
-                f.checks.load :taint
+                f.checks.load :signature
                 Arachni::Data.issues.on_new do
                     logged_issues += 1
@@ -232,11 +232,11 @@ describe Arachni::Framework::Parts::State do
                 @snapshot = f.suspend
                 t.join
-                logged_issues.should < 500
+                expect(logged_issues).to be < 500
             end
             reset_options
-            @options.paths.checks  = fixtures_path + '/taint_check/'
+            @options.paths.checks  = fixtures_path + '/signature_check/'
             Arachni::Framework.new do |f|
                 f.restore @snapshot
@@ -246,10 +246,9 @@ describe Arachni::Framework::Parts::State do
                 end
                 f.run
-                # logged_issues.should == 500
-                Arachni::Data.issues.size.should == 500
+                expect(Arachni::Data.issues.size).to eq(500)
-                f.report.plugins[:wait][:results].should == { 'stuff' => true }
+                expect(f.report.plugins[:wait][:results]).to eq({ 'stuff' => true })
             end
         end
@@ -262,7 +261,7 @@ describe Arachni::Framework::Parts::State do
                 f.options.datastore.my_custom_option = 'my custom value'
                 options_hash = f.options.update( f.options.to_rpc_data ).to_h.deep_clone
-                f.checks.load :taint
+                f.checks.load :signature
                 t = Thread.new { f.run }
@@ -273,8 +272,8 @@ describe Arachni::Framework::Parts::State do
             end
             Arachni::Framework.restore( @snapshot ) do |f|
-                f.options.to_h.should == options_hash.merge( checks: ['taint'] )
-                f.browser_cluster_job_skip_states.should be_any
+                expect(f.options.to_h).to eq(options_hash.merge( checks: ['signature'] ))
+                expect(f.browser_cluster_job_skip_states).to be_any
             end
         end
@@ -283,7 +282,7 @@ describe Arachni::Framework::Parts::State do
                 f.options.url = @url + '/with_ajax'
                 f.options.audit.elements :links, :forms, :cookies
-                f.checks.load :taint
+                f.checks.load :signature
                 t = Thread.new { f.run }
@@ -294,14 +293,14 @@ describe Arachni::Framework::Parts::State do
             end
             Arachni::Framework.restore( @snapshot ) do |f|
-                f.browser_cluster_job_skip_states.should be_any
+                expect(f.browser_cluster_job_skip_states).to be_any
             end
         end
         it 'restores loaded checks' do
             Arachni::Framework.new do |f|
                 f.options.url = @url
-                f.checks.load :taint
+                f.checks.load :signature
                 t = Thread.new { f.run }
                 sleep 0.1 while f.status != :scanning
@@ -312,7 +311,7 @@ describe Arachni::Framework::Parts::State do
             end
             Arachni::Framework.restore( @snapshot ) do |f|
-                f.checks.loaded.should == ['taint']
+                expect(f.checks.loaded).to eq(['signature'])
             end
         end
@@ -329,7 +328,7 @@ describe Arachni::Framework::Parts::State do
             end
             Arachni::Framework.restore( @snapshot ) do |f|
-                f.plugins.loaded.should == ['wait']
+                expect(f.plugins.loaded).to eq(['wait'])
             end
         end
@@ -342,7 +341,7 @@ describe Arachni::Framework::Parts::State do
                 f.options.url = web_server_url_for :framework_multi
                 f.options.audit.elements :links
-                f.checks.load  :taint
+                f.checks.load :signature
                 f.plugins.load :suspendable
                 t = Thread.new do
@@ -354,7 +353,7 @@ describe Arachni::Framework::Parts::State do
                 @snapshot = f.suspend
                 t.join
-                Arachni::State.plugins.runtime[:suspendable][:data].should == 1
+                expect(Arachni::State.plugins.runtime[:suspendable][:data]).to eq(1)
             end
             Arachni::Framework.restore( @snapshot ) do |f|
@@ -364,7 +363,7 @@ describe Arachni::Framework::Parts::State do
                 sleep 0.1 while f.status != :scanning
-                f.plugins.jobs[:suspendable][:instance].counter.should == 2
+                expect(f.plugins.jobs[:suspendable][:instance].counter).to eq(2)
                 f.abort
                 t.join
@@ -377,7 +376,7 @@ describe Arachni::Framework::Parts::State do
             Arachni::Framework.new do |f|
                 f.options.url = @url + '/elem_combo'
                 f.options.audit.elements :links, :forms, :cookies
-                f.checks.load :taint
+                f.checks.load :signature
                 t = Thread.new do
                     f.run
@@ -387,7 +386,7 @@ describe Arachni::Framework::Parts::State do
                 sleep 10
-                f.running?.should be_true
+                expect(f.running?).to be_truthy
                 t.kill
             end
         end
@@ -396,17 +395,17 @@ describe Arachni::Framework::Parts::State do
             Arachni::Framework.new do |f|
                 f.options.url = @url + '/elem_combo'
                 f.options.audit.elements :links, :forms, :cookies
-                f.checks.load :taint
+                f.checks.load :signature
                 t = Thread.new do
                     f.run
                 end
-                f.pause.should be_kind_of Integer
+                expect(f.pause).to be_kind_of Integer
                 sleep 10
-                f.running?.should be_true
+                expect(f.running?).to be_truthy
                 t.kill
             end
         end
@@ -415,7 +414,7 @@ describe Arachni::Framework::Parts::State do
             Arachni::Framework.new do |f|
                 f.options.url = @url + '/elem_combo'
                 f.options.audit.elements :links, :forms, :cookies
-                f.checks.load :taint
+                f.checks.load :signature
                 t = Thread.new do
                     f.run
@@ -423,7 +422,7 @@ describe Arachni::Framework::Parts::State do
                 sleep 0.1 while f.status != :scanning
                 f.pause
-                f.status.should == :paused
+                expect(f.status).to eq(:paused)
                 t.kill
             end
@@ -435,7 +434,7 @@ describe Arachni::Framework::Parts::State do
             Arachni::Framework.new do |f|
                 f.options.url = @url + '/elem_combo'
                 f.options.audit.elements :links, :forms, :cookies
-                f.checks.load :taint
+                f.checks.load :signature
                 t = Thread.new do
                     f.run
@@ -445,7 +444,7 @@ describe Arachni::Framework::Parts::State do
                 sleep 10
-                f.running?.should be_true
+                expect(f.running?).to be_truthy
                 f.resume id
                 t.join
             end
@@ -455,14 +454,14 @@ describe Arachni::Framework::Parts::State do
             Arachni::Framework.new do |f|
                 f.options.url = @url + '/elem_combo'
                 f.options.audit.elements :links, :forms, :cookies
-                f.checks.load :taint
+                f.checks.load :signature
                 t = Thread.new do
                     f.run
                 end
                 id = f.pause
-                f.status.should == :paused
+                expect(f.status).to eq(:paused)
                 f.resume id
                 Timeout.timeout( 5 ) do
@@ -478,7 +477,7 @@ describe Arachni::Framework::Parts::State do
             Arachni::Framework.new do |f|
                 f.options.url = @url + '/elem_combo'
-                f.browser_cluster.should receive(:shutdown)
+                expect(f.browser_cluster).to receive(:shutdown)
                 f.clean_up
             end
         end
@@ -490,7 +489,7 @@ describe Arachni::Framework::Parts::State do
                 f.plugins.run
                 f.clean_up
-                f.plugins.jobs.should be_empty
+                expect(f.plugins.jobs).to be_empty
             end
         end
@@ -499,7 +498,7 @@ describe Arachni::Framework::Parts::State do
                 f.options.url = @url + '/elem_combo'
                 f.clean_up
-                f.status.should == :cleanup
+                expect(f.status).to eq(:cleanup)
             end
         end
@@ -508,9 +507,9 @@ describe Arachni::Framework::Parts::State do
                 f.options.url = @url + '/elem_combo'
                 f.push_to_page_queue Arachni::Page.from_url( f.options.url )
-                f.data.page_queue.should_not be_empty
+                expect(f.data.page_queue).not_to be_empty
                 f.clean_up
-                f.data.page_queue.should be_empty
+                expect(f.data.page_queue).to be_empty
             end
         end
@@ -519,9 +518,9 @@ describe Arachni::Framework::Parts::State do
                 f.options.url = @url + '/elem_combo'
                 f.push_to_url_queue f.options.url
-                f.data.url_queue.should_not be_empty
+                expect(f.data.url_queue).not_to be_empty
                 f.clean_up
-                f.data.url_queue.should be_empty
+                expect(f.data.url_queue).to be_empty
             end
         end
@@ -529,7 +528,7 @@ describe Arachni::Framework::Parts::State do
             Arachni::Framework.new do |f|
                 f.options.url = @url + '/elem_combo'
                 f.clean_up
-                f.should_not be_running
+                expect(f).not_to be_running
             end
         end
     end