RubyGems - arachni - Versions diffs - 1.2.1 → 1.3 - Mend

arachni 1.2.1 → 1.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (373) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +66 -0
data/Gemfile +1 -1
data/README.md +16 -5
data/components/checks/active/ldap_injection/errors.txt +1 -0
data/components/checks/active/source_code_disclosure.rb +1 -1
data/components/checks/active/unvalidated_redirect.rb +6 -6
data/components/checks/active/unvalidated_redirect_dom.rb +10 -7
data/components/checks/passive/grep/captcha.rb +14 -5
data/components/checks/passive/grep/form_upload.rb +7 -3
data/components/checks/passive/grep/hsts.rb +3 -3
data/components/checks/passive/grep/html_objects.rb +2 -3
data/components/checks/passive/grep/http_only_cookies.rb +2 -3
data/components/checks/passive/grep/insecure_cookies.rb +1 -1
data/components/checks/passive/grep/password_autocomplete.rb +2 -2
data/components/checks/passive/grep/unencrypted_password_forms.rb +7 -7
data/components/checks/passive/grep/x_frame_options.rb +2 -2
data/components/checks/passive/http_put.rb +2 -3
data/components/path_extractors/comments.rb +3 -3
data/components/path_extractors/scripts.rb +10 -1
data/components/plugins/defaults/autothrottle.rb +27 -18
data/components/plugins/defaults/meta/remedies/discovery.rb +30 -33
data/components/plugins/defaults/meta/remedies/timing_attacks.rb +7 -11
data/components/plugins/login_script.rb +9 -3
data/components/plugins/proxy.rb +4 -3
data/components/reporters/html.rb +11 -14
data/components/reporters/html/default/issue.erb +13 -38
data/components/reporters/html/default/issue/info.erb +1 -1
data/components/reporters/html/default/summary/issues/by_name.erb +3 -3
data/components/reporters/stdout.rb +62 -71
data/components/reporters/xml.rb +26 -40
data/components/reporters/xml/schema.xsd +43 -89
data/lib/arachni/browser.rb +52 -3
data/lib/arachni/browser/javascript.rb +3 -3
data/lib/arachni/browser/javascript/scripts/taint_tracer.js +46 -25
data/lib/arachni/browser_cluster.rb +61 -0
data/lib/arachni/browser_cluster/job.rb +21 -1
data/lib/arachni/browser_cluster/jobs/browser_provider.rb +3 -1
data/lib/arachni/browser_cluster/jobs/resource_exploration.rb +2 -1
data/lib/arachni/browser_cluster/jobs/resource_exploration/event_trigger.rb +2 -1
data/lib/arachni/browser_cluster/jobs/taint_trace.rb +3 -2
data/lib/arachni/browser_cluster/jobs/taint_trace/event_trigger.rb +1 -1
data/lib/arachni/browser_cluster/worker.rb +5 -0
data/lib/arachni/check/auditor.rb +22 -12
data/lib/arachni/data/framework.rb +13 -1
data/lib/arachni/data/issues.rb +9 -25
data/lib/arachni/element/base.rb +9 -3
data/lib/arachni/element/capabilities/analyzable.rb +2 -6
data/lib/arachni/element/capabilities/analyzable/differential.rb +24 -7
data/lib/arachni/element/capabilities/analyzable/{taint.rb → signature.rb} +23 -23
data/lib/arachni/element/capabilities/auditable.rb +0 -6
data/lib/arachni/element/capabilities/dom_only.rb +61 -0
data/lib/arachni/element/capabilities/with_dom.rb +3 -1
data/lib/arachni/element/cookie.rb +35 -5
data/lib/arachni/element/cookie/dom.rb +13 -4
data/lib/arachni/element/{capabilities/auditable/dom.rb → dom.rb} +20 -68
data/lib/arachni/element/dom/capabilities/auditable.rb +29 -0
data/lib/arachni/element/dom/capabilities/inputtable.rb +27 -0
data/lib/arachni/element/dom/capabilities/mutable.rb +21 -0
data/lib/arachni/element/dom/capabilities/submittable.rb +52 -0
data/lib/arachni/element/form.rb +12 -1
data/lib/arachni/element/form/capabilities/mutable.rb +2 -1
data/lib/arachni/element/form/capabilities/with_dom.rb +0 -1
data/lib/arachni/element/form/dom.rb +9 -3
data/lib/arachni/element/header.rb +14 -33
data/lib/arachni/element/header/capabilities/inputtable.rb +29 -0
data/lib/arachni/element/header/capabilities/mutable.rb +51 -0
data/lib/arachni/element/input/dom.rb +71 -0
data/lib/arachni/element/json.rb +2 -0
data/lib/arachni/element/link.rb +3 -0
data/lib/arachni/element/link/capabilities/with_dom.rb +0 -1
data/lib/arachni/element/link/dom.rb +16 -3
data/lib/arachni/element/link/dom/capabilities/submittable.rb +29 -0
data/lib/arachni/element/link_template.rb +3 -5
data/lib/arachni/element/link_template/capabilities/inputtable.rb +5 -0
data/lib/arachni/element/link_template/capabilities/with_dom.rb +0 -1
data/lib/arachni/element/link_template/dom.rb +16 -3
data/lib/arachni/element/link_template/dom/capabilities/submittable.rb +29 -0
data/lib/arachni/element/server.rb +3 -5
data/lib/arachni/element/ui_form.rb +106 -0
data/lib/arachni/element/ui_form/dom.rb +107 -0
data/lib/arachni/element/ui_input.rb +62 -0
data/lib/arachni/element/xml.rb +2 -1
data/lib/arachni/framework.rb +7 -5
data/lib/arachni/framework/parts/audit.rb +0 -1
data/lib/arachni/framework/parts/check.rb +1 -0
data/lib/arachni/framework/parts/data.rb +4 -0
data/lib/arachni/framework/parts/state.rb +0 -2
data/lib/arachni/http/client.rb +17 -6
data/lib/arachni/http/proxy_server.rb +52 -5
data/lib/arachni/http/request.rb +1 -1
data/lib/arachni/issue.rb +34 -179
data/lib/arachni/issue/severity.rb +2 -0
data/lib/arachni/option_groups/audit.rb +22 -2
data/lib/arachni/option_groups/browser_cluster.rb +15 -0
data/lib/arachni/page.rb +3 -2
data/lib/arachni/parser.rb +24 -5
data/lib/arachni/platform/manager.rb +1 -2
data/lib/arachni/rpc/server/framework.rb +3 -4
data/lib/arachni/rpc/server/framework/multi_instance.rb +2 -1
data/lib/arachni/session.rb +1 -1
data/lib/arachni/trainer.rb +4 -7
data/lib/arachni/watir/element.rb +12 -1
data/lib/version +1 -1
data/spec/arachni/browser/element_locator_spec.rb +43 -43
data/spec/arachni/browser/javascript/dom_monitor_spec.rb +44 -44
data/spec/arachni/browser/javascript/proxy/stub_spec.rb +17 -14
data/spec/arachni/browser/javascript/proxy_spec.rb +24 -24
data/spec/arachni/browser/javascript/taint_tracer/frame/called_function_spec.rb +11 -11
data/spec/arachni/browser/javascript/taint_tracer/frame_spec.rb +7 -7
data/spec/arachni/browser/javascript/taint_tracer/sink/data_flow_spec.rb +13 -13
data/spec/arachni/browser/javascript/taint_tracer/sink/execution_flow_spec.rb +7 -7
data/spec/arachni/browser/javascript/taint_tracer_spec.rb +568 -558
data/spec/arachni/browser/javascript_spec.rb +73 -63
data/spec/arachni/browser_cluster/job/result_spec.rb +3 -3
data/spec/arachni/browser_cluster/job_spec.rb +68 -48
data/spec/arachni/browser_cluster/jobs/resource_exploration/event_trigger/result_spec.rb +2 -2
data/spec/arachni/browser_cluster/jobs/resource_exploration/event_trigger_spec.rb +5 -4
data/spec/arachni/browser_cluster/jobs/resource_exploration/result_spec.rb +2 -2
data/spec/arachni/browser_cluster/jobs/resource_exploration_spec.rb +5 -5
data/spec/arachni/browser_cluster/worker_spec.rb +87 -70
data/spec/arachni/browser_cluster_spec.rb +64 -39
data/spec/arachni/browser_spec.rb +692 -527
data/spec/arachni/check/auditor_spec.rb +177 -147
data/spec/arachni/check/base_spec.rb +33 -33
data/spec/arachni/check/manager_spec.rb +15 -15
data/spec/arachni/component/base_spec.rb +8 -8
data/spec/arachni/component/manager_spec.rb +100 -99
data/spec/arachni/component/options/address_spec.rb +3 -3
data/spec/arachni/component/options/base_spec.rb +7 -7
data/spec/arachni/component/options/bool_spec.rb +9 -9
data/spec/arachni/component/options/float_spec.rb +6 -6
data/spec/arachni/component/options/int_spec.rb +5 -5
data/spec/arachni/component/options/multiple_choice_spec.rb +12 -12
data/spec/arachni/component/options/object_spec.rb +2 -2
data/spec/arachni/component/options/path_spec.rb +3 -3
data/spec/arachni/component/options/port_spec.rb +5 -5
data/spec/arachni/component/options/string_spec.rb +3 -3
data/spec/arachni/component/options/url_spec.rb +4 -4
data/spec/arachni/component/utilities_spec.rb +2 -2
data/spec/arachni/data/framework/rpc_spec.rb +10 -9
data/spec/arachni/data/framework_spec.rb +65 -46
data/spec/arachni/data/issues_spec.rb +39 -77
data/spec/arachni/data/plugins_spec.rb +11 -11
data/spec/arachni/data/session_spec.rb +6 -6
data/spec/arachni/data_spec.rb +8 -8
data/spec/arachni/element/body_spec.rb +10 -10
data/spec/arachni/element/capabilities/analyzable/differential_spec.rb +39 -21
data/spec/arachni/element/capabilities/analyzable/{taint_spec.rb → signature_spec.rb} +63 -63
data/spec/arachni/element/capabilities/analyzable/timeout_spec.rb +51 -51
data/spec/arachni/element/capabilities/with_scope/scope_spec.rb +5 -5
data/spec/arachni/element/cookie/dom_spec.rb +37 -18
data/spec/arachni/element/cookie_spec.rb +206 -139
data/spec/arachni/element/form/dom_spec.rb +36 -19
data/spec/arachni/element/form_spec.rb +210 -187
data/spec/arachni/element/generic_dom_spec.rb +14 -14
data/spec/arachni/element/header_spec.rb +35 -17
data/spec/arachni/element/json_spec.rb +53 -31
data/spec/arachni/element/link/dom_spec.rb +46 -28
data/spec/arachni/element/link_spec.rb +58 -40
data/spec/arachni/element/link_template/dom_spec.rb +47 -29
data/spec/arachni/element/link_template_spec.rb +79 -61
data/spec/arachni/element/path_spec.rb +1 -1
data/spec/arachni/element/server_spec.rb +33 -32
data/spec/arachni/element/ui_form/ui_form_dom_spec.rb +164 -0
data/spec/arachni/element/ui_form_spec.rb +242 -0
data/spec/arachni/element/ui_input/dom_spec.rb +157 -0
data/spec/arachni/element/ui_input_spec.rb +136 -0
data/spec/arachni/element/xml_spec.rb +42 -24
data/spec/arachni/element_filter_spec.rb +49 -48
data/spec/arachni/error_spec.rb +3 -3
data/spec/arachni/framework/parts/audit_spec.rb +64 -63
data/spec/arachni/framework/parts/browser_spec.rb +16 -16
data/spec/arachni/framework/parts/check_spec.rb +3 -3
data/spec/arachni/framework/parts/data_spec.rb +48 -48
data/spec/arachni/framework/parts/platform_spec.rb +3 -3
data/spec/arachni/framework/parts/plugin_spec.rb +7 -6
data/spec/arachni/framework/parts/report_spec.rb +7 -7
data/spec/arachni/framework/parts/scope_spec.rb +16 -16
data/spec/arachni/framework/parts/state_spec.rb +68 -69
data/spec/arachni/framework_spec.rb +39 -31
data/spec/arachni/http/client/dynamic_404_handlers_spec.rb +32 -32
data/spec/arachni/http/client_spec.rb +219 -208
data/spec/arachni/http/cookie_jar_spec.rb +72 -72
data/spec/arachni/http/headers_spec.rb +14 -14
data/spec/arachni/http/proxy_server_spec.rb +43 -42
data/spec/arachni/http/request_spec.rb +105 -103
data/spec/arachni/http/response/scope_spec.rb +24 -24
data/spec/arachni/http/response_spec.rb +50 -49
data/spec/arachni/issue/severity_spec.rb +10 -9
data/spec/arachni/issue_spec.rb +71 -369
data/spec/arachni/option_groups/audit_spec.rb +114 -114
data/spec/arachni/option_groups/browser_cluster_spec.rb +20 -3
data/spec/arachni/option_groups/datastore_spec.rb +6 -6
data/spec/arachni/option_groups/dispatcher_spec.rb +19 -19
data/spec/arachni/option_groups/http_spec.rb +11 -11
data/spec/arachni/option_groups/input_spec.rb +31 -27
data/spec/arachni/option_groups/output_spec.rb +2 -2
data/spec/arachni/option_groups/paths_spec.rb +17 -17
data/spec/arachni/option_groups/rpc_spec.rb +2 -2
data/spec/arachni/option_groups/scope_spec.rb +40 -40
data/spec/arachni/option_groups/session_spec.rb +6 -5
data/spec/arachni/option_groups/snapshot_spec.rb +4 -4
data/spec/arachni/options_spec.rb +46 -45
data/spec/arachni/page/dom/transition_spec.rb +74 -72
data/spec/arachni/page/dom_spec.rb +35 -35
data/spec/arachni/page/scope_spec.rb +15 -15
data/spec/arachni/page_spec.rb +217 -217
data/spec/arachni/parser_spec.rb +106 -104
data/spec/arachni/platform/fingerprinter_spec.rb +17 -14
data/spec/arachni/platform/list_spec.rb +33 -33
data/spec/arachni/platform/manager_spec.rb +67 -64
data/spec/arachni/plugin/base_spec.rb +10 -10
data/spec/arachni/plugin/manager_spec.rb +38 -37
data/spec/arachni/report_spec.rb +43 -40
data/spec/arachni/reporter/base_spec.rb +15 -15
data/spec/arachni/reporter/manager_spec.rb +4 -4
data/spec/arachni/reporter/options_spec.rb +6 -6
data/spec/arachni/rpc/client/base_spec.rb +6 -6
data/spec/arachni/rpc/client/dispatcher_spec.rb +2 -2
data/spec/arachni/rpc/client/instance_spec.rb +6 -6
data/spec/arachni/rpc/server/active_options_spec.rb +11 -8
data/spec/arachni/rpc/server/base_spec.rb +5 -5
data/spec/arachni/rpc/server/checks/manager_spec.rb +8 -8
data/spec/arachni/rpc/server/dispatcher/node_spec.rb +37 -37
data/spec/arachni/rpc/server/dispatcher/service_spec.rb +15 -14
data/spec/arachni/rpc/server/dispatcher_spec.rb +36 -35
data/spec/arachni/rpc/server/framework/distributor_spec.rb +36 -36
data/spec/arachni/rpc/server/framework_multi_spec.rb +340 -336
data/spec/arachni/rpc/server/framework_spec.rb +90 -85
data/spec/arachni/rpc/server/instance_spec.rb +126 -107
data/spec/arachni/rpc/server/output_spec.rb +1 -1
data/spec/arachni/rpc/server/plugin/manager_spec.rb +6 -6
data/spec/arachni/ruby/array_spec.rb +42 -42
data/spec/arachni/ruby/hash_spec.rb +20 -18
data/spec/arachni/ruby/io_spec.rb +2 -2
data/spec/arachni/ruby/object_spec.rb +1 -1
data/spec/arachni/ruby/set_spec.rb +3 -3
data/spec/arachni/ruby/string_spec.rb +30 -30
data/spec/arachni/ruby/webrick_spec.rb +2 -2
data/spec/arachni/scope_spec.rb +1 -1
data/spec/arachni/session_spec.rb +67 -64
data/spec/arachni/snapshot_spec.rb +15 -15
data/spec/arachni/state/audit_spec.rb +11 -11
data/spec/arachni/state/element_filter_spec.rb +6 -6
data/spec/arachni/state/framework/rpc_spec.rb +12 -12
data/spec/arachni/state/framework_spec.rb +125 -121
data/spec/arachni/state/http_spec.rb +7 -7
data/spec/arachni/state/options_spec.rb +7 -7
data/spec/arachni/state/plugins_spec.rb +8 -8
data/spec/arachni/state_spec.rb +10 -10
data/spec/arachni/support/buffer/autoflush_spec.rb +16 -16
data/spec/arachni/support/buffer/base_spec.rb +39 -39
data/spec/arachni/support/cache/least_cost_replacement_spec.rb +18 -18
data/spec/arachni/support/cache/least_recently_pushed_spec.rb +24 -24
data/spec/arachni/support/cache/least_recently_used_spec.rb +20 -20
data/spec/arachni/support/cache/preference_spec.rb +4 -4
data/spec/arachni/support/cache/random_replacement_spec.rb +8 -8
data/spec/arachni/support/crypto/rsa_aes_cbc_spec.rb +1 -1
data/spec/arachni/support/database/hash_spec.rb +44 -43
data/spec/arachni/support/database/queue_spec.rb +27 -27
data/spec/arachni/support/lookup/hash_set_spec.rb +8 -8
data/spec/arachni/support/lookup/moolb_spec.rb +3 -3
data/spec/arachni/support/mixins/observable_spec.rb +6 -6
data/spec/arachni/support/signature_spec.rb +19 -19
data/spec/arachni/trainer_spec.rb +39 -39
data/spec/arachni/typhoeus/hydra_spec.rb +2 -2
data/spec/arachni/uri/scope_spec.rb +66 -66
data/spec/arachni/uri_spec.rb +107 -105
data/spec/arachni/utilities_spec.rb +40 -40
data/spec/components/checks/active/csrf_spec.rb +8 -8
data/spec/components/checks/active/no_sql_injection_spec.rb +1 -1
data/spec/components/checks/active/sql_injection_spec.rb +16 -16
data/spec/components/checks/active/trainer_spec.rb +4 -4
data/spec/components/checks/active/unvalidated_redirect_dom_spec.rb +4 -2
data/spec/components/checks/active/xpath_injection_spec.rb +1 -1
data/spec/components/checks/active/xss_dom_script_context_spec.rb +51 -21
data/spec/components/checks/active/xss_dom_spec.rb +46 -24
data/spec/components/checks/passive/allowed_methods_spec.rb +1 -1
data/spec/components/checks/passive/grep/cookie_set_for_parent_domain_spec.rb +1 -1
data/spec/components/checks/passive/grep/hsts_spec.rb +2 -2
data/spec/components/checks/passive/grep/http_only_cookies_spec.rb +1 -1
data/spec/components/checks/passive/grep/insecure_cookies_spec.rb +1 -1
data/spec/components/checks/passive/grep/insecure_cors_policy_spec.rb +2 -2
data/spec/components/checks/passive/grep/password_autocomplete_spec.rb +1 -1
data/spec/components/checks/passive/grep/private_ip_spec.rb +3 -3
data/spec/components/checks/passive/grep/unencrypted_password_forms_spec.rb +1 -1
data/spec/components/checks/passive/grep/x_frame_options_spec.rb +2 -2
data/spec/components/checks/passive/interesting_responses_spec.rb +2 -2
data/spec/components/checks/passive/webdav_spec.rb +1 -1
data/spec/components/checks/passive/xst_spec.rb +1 -1
data/spec/components/fingerprinters/servers/apache_spec.rb +2 -2
data/spec/components/path_extractors/comments_spec.rb +5 -1
data/spec/components/path_extractors/scripts_spec.rb +5 -2
data/spec/components/plugins/autologin_spec.rb +22 -22
data/spec/components/plugins/autothrottle_spec.rb +6 -5
data/spec/components/plugins/content_types_spec.rb +4 -4
data/spec/components/plugins/cookie_collector_spec.rb +5 -5
data/spec/components/plugins/exec_spec.rb +12 -12
data/spec/components/plugins/form_dicattack_spec.rb +3 -3
data/spec/components/plugins/headers_collector_spec.rb +8 -8
data/spec/components/plugins/healthmap_spec.rb +3 -3
data/spec/components/plugins/http_dicattack_spec.rb +3 -3
data/spec/components/plugins/login_script_spec.rb +79 -22
data/spec/components/plugins/meta/remedies/discovery_spec.rb +3 -2
data/spec/components/plugins/meta/remedies/timing_attacks_spec.rb +3 -3
data/spec/components/plugins/meta/uniformity_spec.rb +2 -2
data/spec/components/plugins/restrict_to_dom_state_spec.rb +1 -1
data/spec/components/plugins/script_spec.rb +1 -1
data/spec/components/plugins/uncommon_headers_spec.rb +2 -2
data/spec/components/plugins/vector_collector_spec.rb +2 -2
data/spec/components/plugins/vector_feed_spec.rb +40 -40
data/spec/components/plugins/waf_detector_spec.rb +6 -6
data/spec/components/reporters/json_spec.rb +4 -4
data/spec/components/reporters/marshal_spec.rb +2 -2
data/spec/components/reporters/yaml_spec.rb +3 -2
data/spec/external/wavsep/active/sqli_spec.rb +1 -3
data/spec/spec_helper.rb +4 -0
data/spec/support/factories/element/ui_form.rb +14 -0
data/spec/support/factories/element/ui_input.rb +13 -0
data/spec/support/factories/issue.rb +0 -13
data/spec/support/fixtures/report.afr +0 -0
data/spec/support/fixtures/{taint_check/taint.rb → signature_check/signature.rb} +2 -2
data/spec/support/helpers/browser_cluster/jobs/taint_tracer.rb +11 -11
data/spec/support/helpers/framework.rb +1 -1
data/spec/support/helpers/pages.rb +2 -2
data/spec/support/servers/arachni/browser.rb +139 -0
data/spec/support/servers/arachni/browser/javascript/taint_tracer.rb +40 -0
data/spec/support/servers/arachni/element/capabilities/analyzable/{taint.rb → signature.rb} +0 -0
data/spec/support/servers/arachni/element/input/input_dom.rb +102 -0
data/spec/support/servers/arachni/element/ui_form/ui_form_dom.rb +238 -0
data/spec/support/servers/checks/active/trainer_check.rb +7 -7
data/spec/support/servers/checks/active/unvalidated_redirect_dom.rb +22 -6
data/spec/support/servers/checks/active/xss_dom.rb +50 -0
data/spec/support/servers/checks/active/xss_dom_script_context.rb +53 -0
data/spec/support/shared/browser/javascript/taint_tracer/sink/base.rb +6 -6
data/spec/support/shared/check.rb +10 -12
data/spec/support/shared/component/options/base.rb +24 -24
data/spec/support/shared/element/base.rb +25 -25
data/spec/support/shared/element/capabilities/auditable.rb +116 -140
data/spec/support/shared/element/capabilities/dom_only.rb +65 -0
data/spec/support/shared/element/capabilities/inputtable.rb +71 -86
data/spec/support/shared/element/capabilities/mutable.rb +122 -111
data/spec/support/shared/element/capabilities/refreshable.rb +10 -10
data/spec/support/shared/element/capabilities/{submitable.rb → submittable.rb} +26 -26
data/spec/support/shared/element/capabilities/with_auditor.rb +10 -10
data/spec/support/shared/element/capabilities/with_dom.rb +8 -8
data/spec/support/shared/element/capabilities/with_node.rb +4 -6
data/spec/support/shared/element/capabilities/with_scope.rb +2 -2
data/spec/support/shared/element/capabilities/with_source.rb +6 -8
data/spec/support/shared/element/dom.rb +144 -0
data/spec/support/shared/element/dom/auditable.rb +42 -0
data/spec/support/shared/element/dom/inputtable.rb +5 -0
data/spec/support/shared/element/dom/mutable.rb +3 -0
data/spec/support/shared/element/dom/submittable.rb +119 -0
data/spec/support/shared/external/wavsep.rb +3 -3
data/spec/support/shared/fingerprinter.rb +2 -2
data/spec/support/shared/framework.rb +1 -1
data/spec/support/shared/http/message.rb +9 -9
data/spec/support/shared/option_group.rb +17 -17
data/spec/support/shared/path_extractor.rb +1 -1
data/spec/support/shared/plugin.rb +2 -2
data/spec/support/shared/support/cache.rb +57 -57
data/spec/support/shared/support/lookup.rb +25 -25
data/ui/cli/framework.rb +22 -11
data/ui/cli/framework/option_parser.rb +15 -0
data/ui/cli/option_parser.rb +8 -1
data/ui/cli/output.rb +2 -1
metadata +54 -20
data/components/checks/active/xss_dom_inputs.rb +0 -236
data/spec/components/checks/active/xss_dom_inputs_spec.rb +0 -30
data/spec/support/servers/checks/active/xss_dom_inputs.rb +0 -59
data/spec/support/shared/element/capabilities/auditable/dom.rb +0 -322

data/spec/arachni/page/scope_spec.rb CHANGED

@@ -12,22 +12,22 @@ describe Arachni::Page::Scope do
     describe '#out?' do
         it 'returns false' do
-            subject.out?.should be_false
+            expect(subject.out?).to be_falsey
         end
         context "when #{Arachni::HTTP::Response::Scope}#out?" do
             context true do
                 it 'returns true' do
                     # We can't stub #out? because we also override it.
-                    Arachni::HTTP::Response::Scope.any_instance.stub(:exclude?) { true }
-                    subject.out?.should be_true
+                    allow_any_instance_of(Arachni::HTTP::Response::Scope).to receive(:exclude?) { true }
+                    expect(subject.out?).to be_truthy
                 end
             end
             context false do
                 it 'returns false' do
-                    Arachni::HTTP::Response::Scope.any_instance.stub(:exclude?) { false }
-                    subject.out?.should be_false
+                    allow_any_instance_of(Arachni::HTTP::Response::Scope).to receive(:exclude?) { false }
+                    expect(subject.out?).to be_falsey
                 end
             end
         end
@@ -35,15 +35,15 @@ describe Arachni::Page::Scope do
         context 'when #dom_depth_limit_reached?' do
             context true do
                 it 'returns true' do
-                    subject.stub(:dom_depth_limit_reached?) { true }
-                    subject.out?.should be_true
+                    allow(subject).to receive(:dom_depth_limit_reached?) { true }
+                    expect(subject.out?).to be_truthy
                 end
             end
             context false do
                 it 'returns false' do
-                    subject.stub(:dom_depth_limit_reached?) { false }
-                    subject.out?.should be_false
+                    allow(subject).to receive(:dom_depth_limit_reached?) { false }
+                    expect(subject.out?).to be_falsey
                 end
             end
         end
@@ -54,24 +54,24 @@ describe Arachni::Page::Scope do
             context 'been exceeded' do
                 it 'returns true' do
                     scope.dom_depth_limit = 2
-                    page.dom.stub(:depth) { 3 }
+                    allow(page.dom).to receive(:depth) { 3 }
-                    subject.dom_depth_limit_reached?.should be_true
+                    expect(subject.dom_depth_limit_reached?).to be_truthy
                 end
             end
             context 'not been exceeded' do
                 it 'returns false' do
                     scope.dom_depth_limit = 2
-                    page.dom.stub(:depth) { 1 }
-                    subject.dom_depth_limit_reached?.should be_false
+                    allow(page.dom).to receive(:depth) { 1 }
+                    expect(subject.dom_depth_limit_reached?).to be_falsey
                 end
             end
             context 'not been set' do
                 it 'returns false' do
-                    page.dom.stub(:depth) { 3 }
-                    subject.dom_depth_limit_reached?.should be_false
+                    allow(page.dom).to receive(:depth) { 3 }
+                    expect(subject.dom_depth_limit_reached?).to be_falsey
                 end
             end
         end

data/spec/arachni/page_spec.rb CHANGED

@@ -48,36 +48,36 @@ describe Arachni::Page do
     it "supports #{Arachni::RPC::Serializer}" do
         page_with_nonces.forms = page_with_nonces.forms
-        page_with_nonces.should == Arachni::RPC::Serializer.deep_clone( page_with_nonces )
+        expect(page_with_nonces).to eq(Arachni::RPC::Serializer.deep_clone( page_with_nonces ))
     end
     describe '#to_rpc_data' do
         subject { rpc_subject }
         it "includes 'metadata'" do
-            data['metadata'].should == subject.metadata
+            expect(data['metadata']).to eq(subject.metadata)
         end
         %w(response dom).each do |attribute|
             it "includes '#{attribute}'" do
-                data[attribute].should == subject.send( attribute ).to_rpc_data
+                expect(data[attribute]).to eq(subject.send( attribute ).to_rpc_data)
             end
         end
         it "includes 'forms'" do
-            data['forms'].should == subject.forms.map(&:to_rpc_data)
+            expect(data['forms']).to eq(subject.forms.map(&:to_rpc_data))
         end
         it "includes 'do_not_audit_elements'" do
-            data['do_not_audit_elements'].should be_true
+            expect(data['do_not_audit_elements']).to be_truthy
         end
         it "includes 'element_audit_whitelist'" do
-            data['element_audit_whitelist'].should == subject.element_audit_whitelist.to_a
+            expect(data['element_audit_whitelist']).to eq(subject.element_audit_whitelist.to_a)
         end
         it "does not include 'cookie_jar'" do
-            data.should_not include 'cookie_jar'
+            expect(data).not_to include 'cookie_jar'
         end
     end
@@ -88,50 +88,50 @@ describe Arachni::Page do
         %w(response dom metadata forms).each do |attribute|
             it "restores '#{attribute}'" do
-                restored.send( attribute ).should == subject.send( attribute )
+                expect(restored.send( attribute )).to eq(subject.send( attribute ))
             end
         end
         it "restores #{described_class::DOM}#page" do
-            restored.dom.page.should == subject
+            expect(restored.dom.page).to eq(subject)
         end
         it "restores 'do_not_audit_elements'" do
-            restored.instance_variable_get(:@do_not_audit_elements).should be_true
+            expect(restored.instance_variable_get(:@do_not_audit_elements)).to be_truthy
         end
         it "restores 'element_audit_whitelist'" do
-            restored.element_audit_whitelist.should == subject.element_audit_whitelist
+            expect(restored.element_audit_whitelist).to eq(subject.element_audit_whitelist)
         end
         it 'restores Arachni::Element::Form#node of #forms' do
             form = subject.forms.last
-            form.node.should be_kind_of Nokogiri::XML::Element
-            form.node.should be_true
+            expect(form.node).to be_kind_of Nokogiri::XML::Element
+            expect(form.node).to be_truthy
-            restored.forms.last.node.to_s.should == form.node.to_s
+            expect(restored.forms.last.node.to_s).to eq(form.node.to_s)
         end
         it 'restores Arachni::Element::Link#node of #links' do
             link = subject.links.last
-            link.node.should be_kind_of Nokogiri::XML::Element
-            link.node.should be_true
+            expect(link.node).to be_kind_of Nokogiri::XML::Element
+            expect(link.node).to be_truthy
-            restored.links.last.node.to_s.should == link.node.to_s
+            expect(restored.links.last.node.to_s).to eq(link.node.to_s)
         end
         context Arachni::Page::DOM do
             [:url, :skip_states, :transitions, :data_flow_sinks, :execution_flow_sinks].each do |m|
                 it "restores ##{m}" do
                     # Make sure we're not comparing nils.
-                    subject.dom.send( m ).should be_true
+                    expect(subject.dom.send( m )).to be_truthy
                     # Make sure we're not comparing empty stuff.
                     if (enumerable = restored.dom.send( m )).is_a? Enumerable
-                        enumerable.should be_any
+                        expect(enumerable).to be_any
                     end
-                    restored.dom.send( m ).should == subject.dom.send( m )
+                    expect(restored.dom.send( m )).to eq(subject.dom.send( m ))
                 end
             end
         end
@@ -145,18 +145,18 @@ describe Arachni::Page do
                     page   = described_class.new( response: response )
                     parser = Arachni::Parser.new( response )
-                    page.url.should == parser.url
-                    page.method.should == parser.response.request.method
-                    page.response.should == parser.response
-                    page.body.should == parser.response.body
-                    page.query_vars.should == parser.link_vars
-                    page.paths.should == parser.paths
-                    page.links.should == parser.links
-                    page.forms.should == parser.forms
-                    page.cookies.should == parser.cookies_to_be_audited
-                    page.headers.should == parser.headers
-                    page.cookie_jar.should == parser.cookie_jar
-                    page.text?.should == parser.text?
+                    expect(page.url).to eq(parser.url)
+                    expect(page.method).to eq(parser.response.request.method)
+                    expect(page.response).to eq(parser.response)
+                    expect(page.body).to eq(parser.response.body)
+                    expect(page.query_vars).to eq(parser.link_vars)
+                    expect(page.paths).to eq(parser.paths)
+                    expect(page.links).to eq(parser.links)
+                    expect(page.forms).to eq(parser.forms)
+                    expect(page.cookies).to eq(parser.cookies_to_be_audited)
+                    expect(page.headers).to eq(parser.headers)
+                    expect(page.cookie_jar).to eq(parser.cookie_jar)
+                    expect(page.text?).to eq(parser.text?)
                 end
             end
@@ -165,18 +165,18 @@ describe Arachni::Page do
                     parser = Arachni::Parser.new( response )
                     page   = described_class.new( parser: parser )
-                    page.url.should == parser.url
-                    page.method.should == parser.response.request.method
-                    page.response.should == parser.response
-                    page.body.should == parser.response.body
-                    page.query_vars.should == parser.link_vars
-                    page.paths.should == parser.paths
-                    page.links.should == parser.links
-                    page.forms.should == parser.forms
-                    page.cookies.should == parser.cookies_to_be_audited
-                    page.headers.should == parser.headers
-                    page.cookie_jar.should == parser.cookie_jar
-                    page.text?.should == parser.text?
+                    expect(page.url).to eq(parser.url)
+                    expect(page.method).to eq(parser.response.request.method)
+                    expect(page.response).to eq(parser.response)
+                    expect(page.body).to eq(parser.response.body)
+                    expect(page.query_vars).to eq(parser.link_vars)
+                    expect(page.paths).to eq(parser.paths)
+                    expect(page.links).to eq(parser.links)
+                    expect(page.forms).to eq(parser.forms)
+                    expect(page.cookies).to eq(parser.cookies_to_be_audited)
+                    expect(page.headers).to eq(parser.headers)
+                    expect(page.cookie_jar).to eq(parser.cookie_jar)
+                    expect(page.text?).to eq(parser.text?)
                 end
             end
@@ -192,8 +192,8 @@ describe Arachni::Page do
                         }
                     ).dom
-                    dom.url.should == 'http://test/#/stuff'
-                    dom.transitions.should == [ page: :load ]
+                    expect(dom.url).to eq('http://test/#/stuff')
+                    expect(dom.transitions).to eq([ page: :load ])
                 end
             end
         end
@@ -214,16 +214,16 @@ describe Arachni::Page do
     describe '#element_audit_whitelist' do
         describe 'by default' do
             it 'returns an empty Set' do
-                subject.element_audit_whitelist.should be_empty
-                subject.element_audit_whitelist.should be_kind_of Set
+                expect(subject.element_audit_whitelist).to be_empty
+                expect(subject.element_audit_whitelist).to be_kind_of Set
             end
         end
     end
     describe '#performer' do
         it "returns the #{Arachni::HTTP::Request}#performer" do
-            page.request.stub(:performer){ :stuff }
-            subject.performer.should == :stuff
+            allow(page.request).to receive(:performer){ :stuff }
+            expect(subject.performer).to eq(:stuff)
         end
     end
@@ -232,14 +232,14 @@ describe Arachni::Page do
             context Arachni::Element::Capabilities::Auditable do
                 it 'updates the #element_audit_whitelist' do
                     subject.update_element_audit_whitelist subject.elements.first
-                    subject.element_audit_whitelist.should include subject.elements.first.coverage_hash
+                    expect(subject.element_audit_whitelist).to include subject.elements.first.coverage_hash
                 end
             end
             context Integer do
                 it 'updates the #element_audit_whitelist' do
                     subject.update_element_audit_whitelist subject.elements.first.coverage_hash
-                    subject.element_audit_whitelist.should include subject.elements.first.coverage_hash
+                    expect(subject.element_audit_whitelist).to include subject.elements.first.coverage_hash
                 end
             end
@@ -247,16 +247,16 @@ describe Arachni::Page do
                 context Arachni::Element::Capabilities::Auditable do
                     it 'updates the #element_audit_whitelist' do
                         subject.update_element_audit_whitelist [subject.elements[0],subject.elements[1]]
-                        subject.element_audit_whitelist.should include subject.elements[0].coverage_hash
-                        subject.element_audit_whitelist.should include subject.elements[1].coverage_hash
+                        expect(subject.element_audit_whitelist).to include subject.elements[0].coverage_hash
+                        expect(subject.element_audit_whitelist).to include subject.elements[1].coverage_hash
                     end
                 end
                 context Integer do
                     it 'updates the #element_audit_whitelist' do
                         subject.update_element_audit_whitelist [subject.elements[0].coverage_hash, subject.elements[1].coverage_hash]
-                        subject.element_audit_whitelist.should include subject.elements[0].coverage_hash
-                        subject.element_audit_whitelist.should include subject.elements[1].coverage_hash
+                        expect(subject.element_audit_whitelist).to include subject.elements[0].coverage_hash
+                        expect(subject.element_audit_whitelist).to include subject.elements[1].coverage_hash
                     end
                 end
             end
@@ -266,19 +266,19 @@ describe Arachni::Page do
     describe '#do_not_audit_elements' do
         it 'forces #audit_element? to always return false' do
             subject.do_not_audit_elements
-            subject.element_audit_whitelist.should be_empty
-            subject.audit_element?( subject.elements.first ).should be_false
+            expect(subject.element_audit_whitelist).to be_empty
+            expect(subject.audit_element?( subject.elements.first )).to be_falsey
             subject.update_element_audit_whitelist subject.elements.first
-            subject.audit_element?( subject.elements.first ).should be_false
+            expect(subject.audit_element?( subject.elements.first )).to be_falsey
         end
     end
     describe '#audit_element?' do
         context 'when there is no #element_audit_whitelist' do
             it 'returns true' do
-                subject.element_audit_whitelist.should be_empty
-                subject.audit_element?( subject.elements.first ).should be_true
+                expect(subject.element_audit_whitelist).to be_empty
+                expect(subject.audit_element?( subject.elements.first )).to be_truthy
             end
         end
@@ -288,14 +288,14 @@ describe Arachni::Page do
                     context Integer do
                         it 'returns true' do
                             subject.update_element_audit_whitelist subject.elements.first
-                            subject.audit_element?( subject.elements.first.coverage_hash ).should be_true
+                            expect(subject.audit_element?( subject.elements.first.coverage_hash )).to be_truthy
                         end
                     end
                     context Arachni::Element::Capabilities::Auditable do
                         it 'returns true' do
                             subject.update_element_audit_whitelist subject.elements.first
-                            subject.audit_element?( subject.elements.first ).should be_true
+                            expect(subject.audit_element?( subject.elements.first )).to be_truthy
                         end
                     end
                 end
@@ -305,14 +305,14 @@ describe Arachni::Page do
                     context Integer do
                         it 'returns false' do
                             subject.update_element_audit_whitelist subject.elements.first
-                            subject.audit_element?( subject.elements.last.coverage_hash ).should be_false
+                            expect(subject.audit_element?( subject.elements.last.coverage_hash )).to be_falsey
                         end
                     end
                     context Arachni::Element::Capabilities::Auditable do
                         it 'returns false' do
                             subject.update_element_audit_whitelist subject.elements.first
-                            subject.audit_element?( subject.elements.last ).should be_false
+                            expect(subject.audit_element?( subject.elements.last )).to be_falsey
                         end
                     end
                 end
@@ -322,27 +322,27 @@ describe Arachni::Page do
     describe '#response' do
         it 'returns the HTTP response for that page' do
-            page.response.should == response
+            expect(page.response).to eq(response)
         end
     end
     describe '#request' do
         it 'returns the HTTP request for that page' do
-            page.request.should == response.request
+            expect(page.request).to eq(response.request)
         end
     end
     describe '#body=' do
         it 'sets the #body' do
             subject.body = 'stuff'
-            subject.body.should == 'stuff'
+            expect(subject.body).to eq('stuff')
         end
         it 'sets the applicable #parser body' do
             subject.body = 'stuff'
-            subject.parser.body.should == 'stuff'
+            expect(subject.parser.body).to eq('stuff')
         end
         it 'calls #clear_cache' do
-            subject.should receive(:clear_cache)
+            expect(subject).to receive(:clear_cache)
             subject.body = 'stuff'
         end
         it 'resets the #has_script? flag' do
@@ -351,24 +351,24 @@ describe Arachni::Page do
                 headers: { 'content-type' => 'text/html' }
             )
-            page.has_script?.should be_false
+            expect(page.has_script?).to be_falsey
             page.body = '<script></script>'
-            page.has_script?.should be_true
+            expect(page.has_script?).to be_truthy
         end
     end
     describe '#parser' do
         it 'is lazy-loaded' do
-            subject.cache[:parser].should be_nil
-            subject.parser.should be_kind_of Arachni::Parser
-            subject.cache[:parser].should == subject.parser
+            expect(subject.cache[:parser]).to be_nil
+            expect(subject.parser).to be_kind_of Arachni::Parser
+            expect(subject.cache[:parser]).to eq(subject.parser)
         end
         it 'is cached' do
             s = subject.dup
             s.parser
-            Arachni::Parser.should_not receive(:new)
+            expect(Arachni::Parser).not_to receive(:new)
             s.parser
         end
@@ -377,11 +377,11 @@ describe Arachni::Page do
                 response: response.tap { |r| r.body = 'blah'},
                 body:     'stuff'
             )
-            page.body.should == 'stuff'
-            page.parser.body.should == page.body
+            expect(page.body).to eq('stuff')
+            expect(page.parser.body).to eq(page.body)
             page.body = 'stuff2'
-            page.parser.body.should == page.body
+            expect(page.parser.body).to eq(page.body)
         end
     end
@@ -391,18 +391,18 @@ describe Arachni::Page do
         describe "##{element}" do
             it 'sets the correct #page association' do
-                subject.send(element).each { |e| e.page.should == subject }
+                subject.send(element).each { |e| expect(e.page).to eq(subject) }
             end
             it 'is lazy-loaded' do
-                subject.cache[element].should be_nil
-                subject.send(element).should be_any
-                subject.cache[element].should == subject.send(element)
+                expect(subject.cache[element]).to be_nil
+                expect(subject.send(element)).to be_any
+                expect(subject.cache[element]).to eq(subject.send(element))
             end
             it 'delegates to Parser' do
                 s = subject.dup
-                s.parser.should receive(parser_method).and_return([])
+                expect(s.parser).to receive(parser_method).and_return([])
                 s.send(element)
             end
@@ -410,12 +410,12 @@ describe Arachni::Page do
                 s = subject.dup
                 s.send(element)
-                s.parser.should_not receive(parser_method)
+                expect(s.parser).not_to receive(parser_method)
                 s.send(element)
             end
             it 'is frozen' do
-                subject.send(element).should be_frozen
+                expect(subject.send(element)).to be_frozen
             end
         end
@@ -425,33 +425,33 @@ describe Arachni::Page do
             let(:list) { [element_klass.new( url: subject.url, inputs: { test: 1 } )] }
             it "sets the page ##{element}" do
-                subject.send(element).should be_any
+                expect(subject.send(element)).to be_any
                 subject.send("#{element}=", [])
-                subject.send(element).should be_empty
+                expect(subject.send(element)).to be_empty
                 subject.send("#{element}=", list)
-                subject.send(element).should == list
+                expect(subject.send(element)).to eq(list)
             end
             it 'caches it' do
-                subject.cache[element].should be_nil
+                expect(subject.cache[element]).to be_nil
                 subject.send("#{element}=", list)
-                subject.cache[element].should == list
+                expect(subject.cache[element]).to eq(list)
             end
             it "sets the #page association on the #{element_klass} elements" do
                 subject.send( "#{element}=", list )
-                subject.send(element).first.page.should == subject
+                expect(subject.send(element).first.page).to eq(subject)
             end
             it 'freezes the list' do
-                subject.send(element).should be_frozen
+                expect(subject.send(element)).to be_frozen
             end
         end
     end
     describe '#platforms' do
         it 'returns platforms for the given page' do
-            page.platforms.should be_kind_of Arachni::Platform::Manager
+            expect(page.platforms).to be_kind_of Arachni::Platform::Manager
         end
     end
@@ -459,39 +459,39 @@ describe Arachni::Page do
         context 'when the page has' do
             context '<script>' do
                 it 'returns true' do
-                    create_page(
+                    expect(create_page(
                         body:    '<Script>var i = '';</script>',
                         headers: { 'content-type' => 'text/html' }
-                    ).has_script?.should be_true
+                    ).has_script?).to be_truthy
                 end
             end
             context 'elements with event attributes' do
                 it 'returns true' do
-                    create_page(
+                    expect(create_page(
                         body:    '<a onMouseOver="doStuff();">Stuff</a>',
                         headers: { 'content-type' => 'text/html' }
-                    ).has_script?.should be_true
+                    ).has_script?).to be_truthy
                 end
             end
             context 'anchors with javacript: in href' do
                 it 'returns true' do
-                    create_page(
+                    expect(create_page(
                         body:    '<a href="JavaScript:doStuff();">Stuff</a>',
                         headers: { 'content-type' => 'text/html' }
-                    ).has_script?.should be_true
+                    ).has_script?).to be_truthy
                 end
             end
             context 'forms with javacript: in action' do
                 it 'returns true' do
-                    create_page(
+                    expect(create_page(
                         body:    '<form action="javascript:doStuff();"></form>',
                         headers: { 'content-type' => 'text/html' }
-                    ).has_script?.should be_true
+                    ).has_script?).to be_truthy
                 end
             end
             context 'no client-side code' do
                 it 'returns false' do
-                    create_page( body: 'stuff' ).has_script?.should be_false
+                    expect(create_page( body: 'stuff' ).has_script?).to be_falsey
                 end
             end
         end
@@ -500,19 +500,19 @@ describe Arachni::Page do
     describe '#has_elements?' do
         context 'when the page has any of the given elements' do
             it 'returns true' do
-                create_page(
+                expect(create_page(
                     body:    '<fOrM></form>',
                     headers: { 'content-type' => 'text/html' }
-                ).has_elements?( 'form', 'script' ).should be_true
+                ).has_elements?( 'form', 'script' )).to be_truthy
             end
         end
         context 'when the page has none of the given elements' do
             it 'returns false' do
-                create_page(
+                expect(create_page(
                     body:    '<fOrM></form>',
                     headers: { 'content-type' => 'text/html' }
-                ).has_elements?( 'a', 'script' ).should be_false
+                ).has_elements?( 'a', 'script' )).to be_falsey
             end
         end
     end
@@ -520,13 +520,13 @@ describe Arachni::Page do
     describe '#text?' do
         context 'when the HTTP response is text/html' do
             it 'returns true' do
-                Arachni::Parser.new( Factory[:html_response] ).page.text?.should be_true
+                expect(Arachni::Parser.new( Factory[:html_response] ).page.text?).to be_truthy
             end
         end
         context 'when the response is not text based' do
             it 'returns false' do
-                Arachni::Parser.new( Factory[:binary_response] ).page.text?.should be_false
+                expect(Arachni::Parser.new( Factory[:binary_response] ).page.text?).to be_falsey
             end
         end
     end
@@ -542,19 +542,19 @@ describe Arachni::Page do
                 c = p.dup
                 c.links |= [Arachni::Element::Link.new( url: 'http://test.com', inputs: { 'test' => 'stuff2' } )]
-                c.should_not == p
+                expect(c).not_to eq(p)
                 c = p.dup
                 c.forms |= [Arachni::Element::Form.new( url: 'http://test.com', inputs: { 'test' => 'stuff2' } )]
-                c.should_not == p
+                expect(c).not_to eq(p)
                 c = p.dup
                 c.cookies |= [Arachni::Element::Cookie.new( url: 'http://test.com', inputs: { 'test' => 'stuff2' } )]
-                c.should_not == p
+                expect(c).not_to eq(p)
                 c = p.dup
                 c.dom.push_transition described_class::DOM::Transition.new( "<a href='#' id='stuff'>", :onhover )
-                c.should_not == p
+                expect(c).not_to eq(p)
             end
         end
         context 'when the pages are identical' do
@@ -565,7 +565,7 @@ describe Arachni::Page do
                 p.cookies |= [Arachni::Element::Cookie.new( url: 'http://test.com', inputs: { 'test' => 'stuff' } )]
                 c = p.dup
-                c.should == p
+                expect(c).to eq(p)
                 p.links |= [Arachni::Element::Link.new( url: 'http://test.com', inputs: { 'test' => 'stuff2' } )]
                 p.forms |= [Arachni::Element::Form.new( url: 'http://test.com', inputs: { 'test' => 'stuff2' } )]
@@ -577,7 +577,7 @@ describe Arachni::Page do
                 c.cookies |= [Arachni::Element::Cookie.new( url: 'http://test.com', inputs: { 'test' => 'stuff2' } )]
                 c.dom.push_transition described_class::DOM::Transition.new( "<a href='#' id='stuff'>", :onhover )
-                c.should == p
+                expect(c).to eq(p)
             end
         end
     end
@@ -592,15 +592,15 @@ describe Arachni::Page do
                 c = p.dup
                 c.links |= [Arachni::Element::Link.new( url: 'http://test.com', inputs: { 'test' => 'stuff2' } )]
-                c.should_not eql p
+                expect(c).not_to eql p
                 c = p.dup
                 c.forms |= [Arachni::Element::Form.new( url: 'http://test.com', inputs: { 'test' => 'stuff2' } )]
-                c.should_not eql p
+                expect(c).not_to eql p
                 c = p.dup
                 c.cookies |= [Arachni::Element::Cookie.new( url: 'http://test.com', inputs: { 'test' => 'stuff2' } )]
-                c.should_not eql p
+                expect(c).not_to eql p
             end
         end
         context 'when the pages are identical' do
@@ -611,7 +611,7 @@ describe Arachni::Page do
                 p.cookies |= [Arachni::Element::Cookie.new( url: 'http://test.com', inputs: { 'test' => 'stuff' } )]
                 c = p.dup
-                c.should eql p
+                expect(c).to eql p
                 c = p.dup
                 p.links |= [Arachni::Element::Link.new( url: 'http://test.com', inputs: { 'test' => 'stuff2' } )]
@@ -621,7 +621,7 @@ describe Arachni::Page do
                 c.links |= [Arachni::Element::Link.new( url: 'http://test.com', inputs: { 'test' => 'stuff2' } )]
                 c.forms |= [Arachni::Element::Form.new( url: 'http://test.com', inputs: { 'test' => 'stuff2' } )]
                 c.cookies |= [Arachni::Element::Cookie.new( url: 'http://test.com', inputs: { 'test' => 'stuff2' } )]
-                c.should eql p
+                expect(c).to eql p
             end
         end
     end
@@ -630,21 +630,21 @@ describe Arachni::Page do
         context 'when the page has a title' do
             it 'returns the page title' do
                 title = 'Stuff here'
-                create_page( body: "<title>#{title}</title>" ).title.should == title
-                create_page( body: '<title></title>' ).title.should == ''
+                expect(create_page( body: "<title>#{title}</title>" ).title).to eq(title)
+                expect(create_page( body: '<title></title>' ).title).to eq('')
             end
         end
         context 'when the page does not have a title' do
             it 'returns nil' do
-                create_page.title.should be_nil
-                create_page( body: '' ).title.should be_nil
+                expect(create_page.title).to be_nil
+                expect(create_page( body: '' ).title).to be_nil
             end
         end
     end
     describe '#elements' do
         it 'returns all page elements' do
-            page.elements.should == (page.links | page.forms | page.cookies | page.headers)
+            expect(page.elements).to eq(page.links | page.forms | page.cookies | page.headers)
         end
     end
@@ -654,30 +654,30 @@ describe Arachni::Page do
             elements = page.elements
             element = elements.pop
-            element.scope.stub(:in?) { false }
+            allow(element.scope).to receive(:in?) { false }
-            page.elements_within_scope.should == (elements - [element])
+            expect(page.elements_within_scope).to eq(elements - [element])
         end
     end
     describe '#clear_cache' do
         it 'returns self' do
-            subject.clear_cache.should == subject
+            expect(subject.clear_cache).to eq(subject)
         end
         it 'clears the #cache' do
             cachable = [:query_vars, :links, :forms, :cookies, :headers, :paths,
                         :document, :parser]
-            subject.cache.keys.should be_empty
+            expect(subject.cache.keys).to be_empty
             cachable.each do |attribute|
                 subject.send attribute
             end
-            subject.cache.keys.sort.should == cachable.sort
+            expect(subject.cache.keys.sort).to eq(cachable.sort)
             subject.clear_cache
-            subject.cache.keys.should be_empty
+            expect(subject.cache.keys).to be_empty
         end
         [:links, :forms, :cookies, :headers].each do |type|
@@ -685,21 +685,21 @@ describe Arachni::Page do
                 it 'does not empty their cache' do
                     subject.send("#{type}=", subject.send(type))
                     subject.clear_cache
-                    subject.cache.keys.should == [type]
-                    subject.cache[type].should == subject.send(type)
+                    expect(subject.cache.keys).to eq([type])
+                    expect(subject.cache[type]).to eq(subject.send(type))
                 end
             end
         end
         context 'when #forms have nonces' do
             it 'preserves them' do
-                page_with_nonces.forms.map { |f| f.nonce_name }.sort.
-                    should == %w(nonce nonce2).sort
+                expect(page_with_nonces.forms.map { |f| f.nonce_name }.sort).
+                    to eq(%w(nonce nonce2).sort)
                 page_with_nonces.clear_cache
-                page_with_nonces.forms.map { |f| f.nonce_name }.sort.
-                    should == %w(nonce nonce2).sort
+                expect(page_with_nonces.forms.map { |f| f.nonce_name }.sort).
+                    to eq(%w(nonce nonce2).sort)
             end
         end
     end
@@ -708,38 +708,38 @@ describe Arachni::Page do
         it 'clears the #cache' do
             s = subject.dup
             s.prepare_for_report
-            s.cache.should be_empty
+            expect(s.cache).to be_empty
         end
         it 'removes #dom#digest' do
             subject.dom.digest = 'stuff'
             subject.prepare_for_report
-            subject.dom.digest.should be_nil
+            expect(subject.dom.digest).to be_nil
         end
         it 'removes #dom#skip_states' do
-            subject.dom.skip_states.should be_true
+            expect(subject.dom.skip_states).to be_truthy
             subject.prepare_for_report
-            subject.dom.digest.should be_nil
+            expect(subject.dom.digest).to be_nil
         end
         it 'returns self' do
-            subject.prepare_for_report.should == subject
+            expect(subject.prepare_for_report).to eq(subject)
         end
         context 'if the body is not #text?' do
             let(:page) { Factory[:binary_response].to_page }
             it 'clears it' do
-                page.body.should_not be_empty
+                expect(page.body).not_to be_empty
                 page.prepare_for_report
-                page.body.should be_empty
+                expect(page.body).to be_empty
             end
             it 'clears the #response#body' do
-                page.response.body.should_not be_empty
+                expect(page.response.body).not_to be_empty
                 page.prepare_for_report
-                page.response.body.should be_empty
+                expect(page.response.body).to be_empty
             end
         end
     end
@@ -754,8 +754,8 @@ describe Arachni::Page do
             subject.update_metadata
-            subject.metadata['form']['nonce_name'][form.coverage_hash].should == form.inputs.keys.first
-            subject.metadata['form']['skip_dom'][form.coverage_hash].should == true
+            expect(subject.metadata['form']['nonce_name'][form.coverage_hash]).to eq(form.inputs.keys.first)
+            expect(subject.metadata['form']['skip_dom'][form.coverage_hash]).to eq(true)
         end
     end
@@ -776,8 +776,8 @@ describe Arachni::Page do
             subject.reload_metadata
-            form.nonce_name.should == form.inputs.keys.first
-            form.skip_dom.should == true
+            expect(form.nonce_name).to eq(form.inputs.keys.first)
+            expect(form.skip_dom).to eq(true)
         end
     end
@@ -796,7 +796,7 @@ describe Arachni::Page do
             subject.import_metadata( dpage )
-            subject.metadata.should == dpage.metadata
+            expect(subject.metadata).to eq(dpage.metadata)
         end
         context 'when a type is given' do
@@ -814,24 +814,24 @@ describe Arachni::Page do
                 subject.import_metadata( dpage, :skip_dom )
-                subject.metadata['form']['nonce_name'].should be_nil
-                subject.metadata['form']['skip_dom'][form.coverage_hash].should == true
+                expect(subject.metadata['form']['nonce_name']).to be_nil
+                expect(subject.metadata['form']['skip_dom'][form.coverage_hash]).to eq(true)
             end
         end
     end
     describe '#to_h' do
         it 'converts the page to a hash' do
-            subject.to_h.should be_kind_of Hash
+            expect(subject.to_h).to be_kind_of Hash
             subject.to_h.each do |k, v|
-                v.should == subject.send(k)
+                expect(v).to eq(subject.send(k))
             end
         end
         [:document, :do_not_audit_elements, :has_custom_elements, :parser].each do |k|
             it "does not include ':#{k}'" do
-                subject.to_h.should_not include k
+                expect(subject.to_h).not_to include k
             end
         end
     end
@@ -840,7 +840,7 @@ describe Arachni::Page do
         describe "##{method}" do
             it 'returns a copy of the page' do
                 dupped = subject.send(method)
-                dupped.should == subject
+                expect(dupped).to eq(subject)
             end
             [:response, :metadata, :body, :links, :forms, :cookies, :headers, :cookie_jar, :paths].each do |m|
@@ -848,49 +848,49 @@ describe Arachni::Page do
                     dupped = subject.send(method)
                     # Make sure we're not comparing nils.
-                    subject.send( m ).should be_true
+                    expect(subject.send( m )).to be_truthy
                     # Make sure we're not comparing empty stuff.
                     if (enumerable = dupped.send( m )).is_a? Enumerable
-                        enumerable.should be_any
+                        expect(enumerable).to be_any
                     end
-                    dupped.send( m ).should == subject.send( m )
+                    expect(dupped.send( m )).to eq(subject.send( m ))
                 end
             end
             it 'preserves #element_audit_whitelist' do
                 subject.update_element_audit_whitelist subject.elements.first
                 dupped = subject.send(method)
-                dupped.element_audit_whitelist.should include subject.elements.first.coverage_hash
+                expect(dupped.element_audit_whitelist).to include subject.elements.first.coverage_hash
             end
             it 'preserves Arachni::Element::Form#node of #forms' do
                 form = subject.forms.last
-                form.node.should be_kind_of Nokogiri::XML::Element
-                form.node.should be_true
+                expect(form.node).to be_kind_of Nokogiri::XML::Element
+                expect(form.node).to be_truthy
-                subject.send(method).forms.last.node.to_s.should == form.node.to_s
+                expect(subject.send(method).forms.last.node.to_s).to eq(form.node.to_s)
             end
             it 'preserves Arachni::Element::Link#node of #links' do
                 link = subject.links.last
-                link.node.should be_kind_of Nokogiri::XML::Element
-                link.node.should be_true
+                expect(link.node).to be_kind_of Nokogiri::XML::Element
+                expect(link.node).to be_truthy
-                subject.send(method).links.last.node.to_s.should == link.node.to_s
+                expect(subject.send(method).links.last.node.to_s).to eq(link.node.to_s)
             end
             it 'preserves #page associations for #elements' do
                 dup = subject.send(method)
-                dup.elements.should be_any
-                dup.elements.each { |e| e.page.should == subject }
+                expect(dup.elements).to be_any
+                dup.elements.each { |e| expect(e.page).to eq(subject) }
             end
             context 'when #forms have nonces' do
                 it 'preserves them' do
-                    page_with_nonces.forms.map { |f| f.nonce_name }.sort.should == %w(nonce nonce2).sort
-                    page_with_nonces.send(method).forms.map { |f| f.nonce_name }.sort.should == %w(nonce nonce2).sort
+                    expect(page_with_nonces.forms.map { |f| f.nonce_name }.sort).to eq(%w(nonce nonce2).sort)
+                    expect(page_with_nonces.send(method).forms.map { |f| f.nonce_name }.sort).to eq(%w(nonce nonce2).sort)
                 end
             end
@@ -900,14 +900,14 @@ describe Arachni::Page do
                         dupped = subject.send(method)
                         # Make sure we're not comparing nils.
-                        subject.dom.send( m ).should be_true
+                        expect(subject.dom.send( m )).to be_truthy
                         # Make sure we're not comparing empty stuff.
                         if (enumerable = dupped.dom.send( m )).is_a? Enumerable
-                            enumerable.should be_any
+                            expect(enumerable).to be_any
                         end
-                        dupped.dom.send( m ).should == subject.dom.send( m )
+                        expect(dupped.dom.send( m )).to eq(subject.dom.send( m ))
                     end
                 end
             end
@@ -917,13 +917,13 @@ describe Arachni::Page do
     describe '.from_url' do
         it 'returns a page from the given url' do
-            described_class.from_url( url + 'with_nonce' ).should be_kind_of described_class
+            expect(described_class.from_url( url + 'with_nonce' )).to be_kind_of described_class
         end
         context 'when #forms have nonces' do
             it 'preserves them' do
-                described_class.from_url( url + 'with_nonce' ).forms.
-                    map { |f| f.nonce_name }.sort.should == %w(nonce nonce2).sort
+                expect(described_class.from_url( url + 'with_nonce' ).forms.
+                    map { |f| f.nonce_name }.sort).to eq(%w(nonce nonce2).sort)
             end
         end
     end
@@ -958,25 +958,25 @@ describe Arachni::Page do
             }
             page = Arachni::Page.from_data( data )
-            page.code.should == data[:response][:code]
-            page.url.should == data[:url]
-            page.body.should == data[:body]
-            page.paths.should == data[:paths]
+            expect(page.code).to eq(data[:response][:code])
+            expect(page.url).to eq(data[:url])
+            expect(page.body).to eq(data[:body])
+            expect(page.paths).to eq(data[:paths])
-            page.links.should == data[:links]
-            page.forms.should == data[:forms]
-            page.cookies.should == data[:cookies]
-            page.headers.should == data[:headers]
+            expect(page.links).to eq(data[:links])
+            expect(page.forms).to eq(data[:forms])
+            expect(page.cookies).to eq(data[:cookies])
+            expect(page.headers).to eq(data[:headers])
-            page.cookie_jar.should == data[:cookie_jar]
+            expect(page.cookie_jar).to eq(data[:cookie_jar])
-            page.response.code.should == data[:response][:code]
-            page.response.url.should == data[:url]
-            page.response.body.should == data[:body]
-            page.response.request.url.should == data[:url]
+            expect(page.response.code).to eq(data[:response][:code])
+            expect(page.response.url).to eq(data[:url])
+            expect(page.response.body).to eq(data[:body])
+            expect(page.response.request.url).to eq(data[:url])
-            page.dom.url.should == data[:dom][:url]
-            page.dom.transitions.should == data[:dom][:transitions]
+            expect(page.dom.url).to eq(data[:dom][:url])
+            expect(page.dom.transitions).to eq(data[:dom][:transitions])
         end
         context 'when no HTTP data is given' do
@@ -987,21 +987,21 @@ describe Arachni::Page do
                 }
                 page = Arachni::Page.from_data( data )
-                page.url.should == data[:url]
-                page.body.should == data[:body]
-                page.code.should == 200
+                expect(page.url).to eq(data[:url])
+                expect(page.body).to eq(data[:body])
+                expect(page.code).to eq(200)
-                page.links.should == []
-                page.forms.should == []
-                page.cookies.should == []
-                page.headers.should == []
+                expect(page.links).to eq([])
+                expect(page.forms).to eq([])
+                expect(page.cookies).to eq([])
+                expect(page.headers).to eq([])
-                page.cookie_jar.should == []
+                expect(page.cookie_jar).to eq([])
-                page.response.code.should == 200
-                page.response.url.should == data[:url]
-                page.response.body.should == data[:body]
-                page.response.request.url.should == data[:url]
+                expect(page.response.code).to eq(200)
+                expect(page.response.url).to eq(data[:url])
+                expect(page.response.body).to eq(data[:body])
+                expect(page.response.request.url).to eq(data[:url])
             end
         end
     end
@@ -1009,21 +1009,21 @@ describe Arachni::Page do
     describe '.from_response' do
         it 'creates a page from an HTTP response' do
             page = Arachni::Page.from_response( response )
-            page.class.should == Arachni::Page
+            expect(page.class).to eq(Arachni::Page)
             parser = Arachni::Parser.new( response )
-            page.url.should == parser.url
-            page.method.should == parser.response.request.method
-            page.response.should == parser.response
-            page.body.should == parser.response.body
-            page.query_vars.should == parser.link_vars
-            page.paths.should == parser.paths
-            page.links.should == parser.links
-            page.forms.should == parser.forms
-            page.cookies.should == parser.cookies_to_be_audited
-            page.headers.should == parser.headers
-            page.cookie_jar.should == parser.cookie_jar
-            page.text?.should == parser.text?
+            expect(page.url).to eq(parser.url)
+            expect(page.method).to eq(parser.response.request.method)
+            expect(page.response).to eq(parser.response)
+            expect(page.body).to eq(parser.response.body)
+            expect(page.query_vars).to eq(parser.link_vars)
+            expect(page.paths).to eq(parser.paths)
+            expect(page.links).to eq(parser.links)
+            expect(page.forms).to eq(parser.forms)
+            expect(page.cookies).to eq(parser.cookies_to_be_audited)
+            expect(page.headers).to eq(parser.headers)
+            expect(page.cookie_jar).to eq(parser.cookie_jar)
+            expect(page.text?).to eq(parser.text?)
         end
     end