RubyGems - arachni - Versions diffs - 1.2.1 → 1.3 - Mend

arachni 1.2.1 → 1.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (373) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +66 -0
data/Gemfile +1 -1
data/README.md +16 -5
data/components/checks/active/ldap_injection/errors.txt +1 -0
data/components/checks/active/source_code_disclosure.rb +1 -1
data/components/checks/active/unvalidated_redirect.rb +6 -6
data/components/checks/active/unvalidated_redirect_dom.rb +10 -7
data/components/checks/passive/grep/captcha.rb +14 -5
data/components/checks/passive/grep/form_upload.rb +7 -3
data/components/checks/passive/grep/hsts.rb +3 -3
data/components/checks/passive/grep/html_objects.rb +2 -3
data/components/checks/passive/grep/http_only_cookies.rb +2 -3
data/components/checks/passive/grep/insecure_cookies.rb +1 -1
data/components/checks/passive/grep/password_autocomplete.rb +2 -2
data/components/checks/passive/grep/unencrypted_password_forms.rb +7 -7
data/components/checks/passive/grep/x_frame_options.rb +2 -2
data/components/checks/passive/http_put.rb +2 -3
data/components/path_extractors/comments.rb +3 -3
data/components/path_extractors/scripts.rb +10 -1
data/components/plugins/defaults/autothrottle.rb +27 -18
data/components/plugins/defaults/meta/remedies/discovery.rb +30 -33
data/components/plugins/defaults/meta/remedies/timing_attacks.rb +7 -11
data/components/plugins/login_script.rb +9 -3
data/components/plugins/proxy.rb +4 -3
data/components/reporters/html.rb +11 -14
data/components/reporters/html/default/issue.erb +13 -38
data/components/reporters/html/default/issue/info.erb +1 -1
data/components/reporters/html/default/summary/issues/by_name.erb +3 -3
data/components/reporters/stdout.rb +62 -71
data/components/reporters/xml.rb +26 -40
data/components/reporters/xml/schema.xsd +43 -89
data/lib/arachni/browser.rb +52 -3
data/lib/arachni/browser/javascript.rb +3 -3
data/lib/arachni/browser/javascript/scripts/taint_tracer.js +46 -25
data/lib/arachni/browser_cluster.rb +61 -0
data/lib/arachni/browser_cluster/job.rb +21 -1
data/lib/arachni/browser_cluster/jobs/browser_provider.rb +3 -1
data/lib/arachni/browser_cluster/jobs/resource_exploration.rb +2 -1
data/lib/arachni/browser_cluster/jobs/resource_exploration/event_trigger.rb +2 -1
data/lib/arachni/browser_cluster/jobs/taint_trace.rb +3 -2
data/lib/arachni/browser_cluster/jobs/taint_trace/event_trigger.rb +1 -1
data/lib/arachni/browser_cluster/worker.rb +5 -0
data/lib/arachni/check/auditor.rb +22 -12
data/lib/arachni/data/framework.rb +13 -1
data/lib/arachni/data/issues.rb +9 -25
data/lib/arachni/element/base.rb +9 -3
data/lib/arachni/element/capabilities/analyzable.rb +2 -6
data/lib/arachni/element/capabilities/analyzable/differential.rb +24 -7
data/lib/arachni/element/capabilities/analyzable/{taint.rb → signature.rb} +23 -23
data/lib/arachni/element/capabilities/auditable.rb +0 -6
data/lib/arachni/element/capabilities/dom_only.rb +61 -0
data/lib/arachni/element/capabilities/with_dom.rb +3 -1
data/lib/arachni/element/cookie.rb +35 -5
data/lib/arachni/element/cookie/dom.rb +13 -4
data/lib/arachni/element/{capabilities/auditable/dom.rb → dom.rb} +20 -68
data/lib/arachni/element/dom/capabilities/auditable.rb +29 -0
data/lib/arachni/element/dom/capabilities/inputtable.rb +27 -0
data/lib/arachni/element/dom/capabilities/mutable.rb +21 -0
data/lib/arachni/element/dom/capabilities/submittable.rb +52 -0
data/lib/arachni/element/form.rb +12 -1
data/lib/arachni/element/form/capabilities/mutable.rb +2 -1
data/lib/arachni/element/form/capabilities/with_dom.rb +0 -1
data/lib/arachni/element/form/dom.rb +9 -3
data/lib/arachni/element/header.rb +14 -33
data/lib/arachni/element/header/capabilities/inputtable.rb +29 -0
data/lib/arachni/element/header/capabilities/mutable.rb +51 -0
data/lib/arachni/element/input/dom.rb +71 -0
data/lib/arachni/element/json.rb +2 -0
data/lib/arachni/element/link.rb +3 -0
data/lib/arachni/element/link/capabilities/with_dom.rb +0 -1
data/lib/arachni/element/link/dom.rb +16 -3
data/lib/arachni/element/link/dom/capabilities/submittable.rb +29 -0
data/lib/arachni/element/link_template.rb +3 -5
data/lib/arachni/element/link_template/capabilities/inputtable.rb +5 -0
data/lib/arachni/element/link_template/capabilities/with_dom.rb +0 -1
data/lib/arachni/element/link_template/dom.rb +16 -3
data/lib/arachni/element/link_template/dom/capabilities/submittable.rb +29 -0
data/lib/arachni/element/server.rb +3 -5
data/lib/arachni/element/ui_form.rb +106 -0
data/lib/arachni/element/ui_form/dom.rb +107 -0
data/lib/arachni/element/ui_input.rb +62 -0
data/lib/arachni/element/xml.rb +2 -1
data/lib/arachni/framework.rb +7 -5
data/lib/arachni/framework/parts/audit.rb +0 -1
data/lib/arachni/framework/parts/check.rb +1 -0
data/lib/arachni/framework/parts/data.rb +4 -0
data/lib/arachni/framework/parts/state.rb +0 -2
data/lib/arachni/http/client.rb +17 -6
data/lib/arachni/http/proxy_server.rb +52 -5
data/lib/arachni/http/request.rb +1 -1
data/lib/arachni/issue.rb +34 -179
data/lib/arachni/issue/severity.rb +2 -0
data/lib/arachni/option_groups/audit.rb +22 -2
data/lib/arachni/option_groups/browser_cluster.rb +15 -0
data/lib/arachni/page.rb +3 -2
data/lib/arachni/parser.rb +24 -5
data/lib/arachni/platform/manager.rb +1 -2
data/lib/arachni/rpc/server/framework.rb +3 -4
data/lib/arachni/rpc/server/framework/multi_instance.rb +2 -1
data/lib/arachni/session.rb +1 -1
data/lib/arachni/trainer.rb +4 -7
data/lib/arachni/watir/element.rb +12 -1
data/lib/version +1 -1
data/spec/arachni/browser/element_locator_spec.rb +43 -43
data/spec/arachni/browser/javascript/dom_monitor_spec.rb +44 -44
data/spec/arachni/browser/javascript/proxy/stub_spec.rb +17 -14
data/spec/arachni/browser/javascript/proxy_spec.rb +24 -24
data/spec/arachni/browser/javascript/taint_tracer/frame/called_function_spec.rb +11 -11
data/spec/arachni/browser/javascript/taint_tracer/frame_spec.rb +7 -7
data/spec/arachni/browser/javascript/taint_tracer/sink/data_flow_spec.rb +13 -13
data/spec/arachni/browser/javascript/taint_tracer/sink/execution_flow_spec.rb +7 -7
data/spec/arachni/browser/javascript/taint_tracer_spec.rb +568 -558
data/spec/arachni/browser/javascript_spec.rb +73 -63
data/spec/arachni/browser_cluster/job/result_spec.rb +3 -3
data/spec/arachni/browser_cluster/job_spec.rb +68 -48
data/spec/arachni/browser_cluster/jobs/resource_exploration/event_trigger/result_spec.rb +2 -2
data/spec/arachni/browser_cluster/jobs/resource_exploration/event_trigger_spec.rb +5 -4
data/spec/arachni/browser_cluster/jobs/resource_exploration/result_spec.rb +2 -2
data/spec/arachni/browser_cluster/jobs/resource_exploration_spec.rb +5 -5
data/spec/arachni/browser_cluster/worker_spec.rb +87 -70
data/spec/arachni/browser_cluster_spec.rb +64 -39
data/spec/arachni/browser_spec.rb +692 -527
data/spec/arachni/check/auditor_spec.rb +177 -147
data/spec/arachni/check/base_spec.rb +33 -33
data/spec/arachni/check/manager_spec.rb +15 -15
data/spec/arachni/component/base_spec.rb +8 -8
data/spec/arachni/component/manager_spec.rb +100 -99
data/spec/arachni/component/options/address_spec.rb +3 -3
data/spec/arachni/component/options/base_spec.rb +7 -7
data/spec/arachni/component/options/bool_spec.rb +9 -9
data/spec/arachni/component/options/float_spec.rb +6 -6
data/spec/arachni/component/options/int_spec.rb +5 -5
data/spec/arachni/component/options/multiple_choice_spec.rb +12 -12
data/spec/arachni/component/options/object_spec.rb +2 -2
data/spec/arachni/component/options/path_spec.rb +3 -3
data/spec/arachni/component/options/port_spec.rb +5 -5
data/spec/arachni/component/options/string_spec.rb +3 -3
data/spec/arachni/component/options/url_spec.rb +4 -4
data/spec/arachni/component/utilities_spec.rb +2 -2
data/spec/arachni/data/framework/rpc_spec.rb +10 -9
data/spec/arachni/data/framework_spec.rb +65 -46
data/spec/arachni/data/issues_spec.rb +39 -77
data/spec/arachni/data/plugins_spec.rb +11 -11
data/spec/arachni/data/session_spec.rb +6 -6
data/spec/arachni/data_spec.rb +8 -8
data/spec/arachni/element/body_spec.rb +10 -10
data/spec/arachni/element/capabilities/analyzable/differential_spec.rb +39 -21
data/spec/arachni/element/capabilities/analyzable/{taint_spec.rb → signature_spec.rb} +63 -63
data/spec/arachni/element/capabilities/analyzable/timeout_spec.rb +51 -51
data/spec/arachni/element/capabilities/with_scope/scope_spec.rb +5 -5
data/spec/arachni/element/cookie/dom_spec.rb +37 -18
data/spec/arachni/element/cookie_spec.rb +206 -139
data/spec/arachni/element/form/dom_spec.rb +36 -19
data/spec/arachni/element/form_spec.rb +210 -187
data/spec/arachni/element/generic_dom_spec.rb +14 -14
data/spec/arachni/element/header_spec.rb +35 -17
data/spec/arachni/element/json_spec.rb +53 -31
data/spec/arachni/element/link/dom_spec.rb +46 -28
data/spec/arachni/element/link_spec.rb +58 -40
data/spec/arachni/element/link_template/dom_spec.rb +47 -29
data/spec/arachni/element/link_template_spec.rb +79 -61
data/spec/arachni/element/path_spec.rb +1 -1
data/spec/arachni/element/server_spec.rb +33 -32
data/spec/arachni/element/ui_form/ui_form_dom_spec.rb +164 -0
data/spec/arachni/element/ui_form_spec.rb +242 -0
data/spec/arachni/element/ui_input/dom_spec.rb +157 -0
data/spec/arachni/element/ui_input_spec.rb +136 -0
data/spec/arachni/element/xml_spec.rb +42 -24
data/spec/arachni/element_filter_spec.rb +49 -48
data/spec/arachni/error_spec.rb +3 -3
data/spec/arachni/framework/parts/audit_spec.rb +64 -63
data/spec/arachni/framework/parts/browser_spec.rb +16 -16
data/spec/arachni/framework/parts/check_spec.rb +3 -3
data/spec/arachni/framework/parts/data_spec.rb +48 -48
data/spec/arachni/framework/parts/platform_spec.rb +3 -3
data/spec/arachni/framework/parts/plugin_spec.rb +7 -6
data/spec/arachni/framework/parts/report_spec.rb +7 -7
data/spec/arachni/framework/parts/scope_spec.rb +16 -16
data/spec/arachni/framework/parts/state_spec.rb +68 -69
data/spec/arachni/framework_spec.rb +39 -31
data/spec/arachni/http/client/dynamic_404_handlers_spec.rb +32 -32
data/spec/arachni/http/client_spec.rb +219 -208
data/spec/arachni/http/cookie_jar_spec.rb +72 -72
data/spec/arachni/http/headers_spec.rb +14 -14
data/spec/arachni/http/proxy_server_spec.rb +43 -42
data/spec/arachni/http/request_spec.rb +105 -103
data/spec/arachni/http/response/scope_spec.rb +24 -24
data/spec/arachni/http/response_spec.rb +50 -49
data/spec/arachni/issue/severity_spec.rb +10 -9
data/spec/arachni/issue_spec.rb +71 -369
data/spec/arachni/option_groups/audit_spec.rb +114 -114
data/spec/arachni/option_groups/browser_cluster_spec.rb +20 -3
data/spec/arachni/option_groups/datastore_spec.rb +6 -6
data/spec/arachni/option_groups/dispatcher_spec.rb +19 -19
data/spec/arachni/option_groups/http_spec.rb +11 -11
data/spec/arachni/option_groups/input_spec.rb +31 -27
data/spec/arachni/option_groups/output_spec.rb +2 -2
data/spec/arachni/option_groups/paths_spec.rb +17 -17
data/spec/arachni/option_groups/rpc_spec.rb +2 -2
data/spec/arachni/option_groups/scope_spec.rb +40 -40
data/spec/arachni/option_groups/session_spec.rb +6 -5
data/spec/arachni/option_groups/snapshot_spec.rb +4 -4
data/spec/arachni/options_spec.rb +46 -45
data/spec/arachni/page/dom/transition_spec.rb +74 -72
data/spec/arachni/page/dom_spec.rb +35 -35
data/spec/arachni/page/scope_spec.rb +15 -15
data/spec/arachni/page_spec.rb +217 -217
data/spec/arachni/parser_spec.rb +106 -104
data/spec/arachni/platform/fingerprinter_spec.rb +17 -14
data/spec/arachni/platform/list_spec.rb +33 -33
data/spec/arachni/platform/manager_spec.rb +67 -64
data/spec/arachni/plugin/base_spec.rb +10 -10
data/spec/arachni/plugin/manager_spec.rb +38 -37
data/spec/arachni/report_spec.rb +43 -40
data/spec/arachni/reporter/base_spec.rb +15 -15
data/spec/arachni/reporter/manager_spec.rb +4 -4
data/spec/arachni/reporter/options_spec.rb +6 -6
data/spec/arachni/rpc/client/base_spec.rb +6 -6
data/spec/arachni/rpc/client/dispatcher_spec.rb +2 -2
data/spec/arachni/rpc/client/instance_spec.rb +6 -6
data/spec/arachni/rpc/server/active_options_spec.rb +11 -8
data/spec/arachni/rpc/server/base_spec.rb +5 -5
data/spec/arachni/rpc/server/checks/manager_spec.rb +8 -8
data/spec/arachni/rpc/server/dispatcher/node_spec.rb +37 -37
data/spec/arachni/rpc/server/dispatcher/service_spec.rb +15 -14
data/spec/arachni/rpc/server/dispatcher_spec.rb +36 -35
data/spec/arachni/rpc/server/framework/distributor_spec.rb +36 -36
data/spec/arachni/rpc/server/framework_multi_spec.rb +340 -336
data/spec/arachni/rpc/server/framework_spec.rb +90 -85
data/spec/arachni/rpc/server/instance_spec.rb +126 -107
data/spec/arachni/rpc/server/output_spec.rb +1 -1
data/spec/arachni/rpc/server/plugin/manager_spec.rb +6 -6
data/spec/arachni/ruby/array_spec.rb +42 -42
data/spec/arachni/ruby/hash_spec.rb +20 -18
data/spec/arachni/ruby/io_spec.rb +2 -2
data/spec/arachni/ruby/object_spec.rb +1 -1
data/spec/arachni/ruby/set_spec.rb +3 -3
data/spec/arachni/ruby/string_spec.rb +30 -30
data/spec/arachni/ruby/webrick_spec.rb +2 -2
data/spec/arachni/scope_spec.rb +1 -1
data/spec/arachni/session_spec.rb +67 -64
data/spec/arachni/snapshot_spec.rb +15 -15
data/spec/arachni/state/audit_spec.rb +11 -11
data/spec/arachni/state/element_filter_spec.rb +6 -6
data/spec/arachni/state/framework/rpc_spec.rb +12 -12
data/spec/arachni/state/framework_spec.rb +125 -121
data/spec/arachni/state/http_spec.rb +7 -7
data/spec/arachni/state/options_spec.rb +7 -7
data/spec/arachni/state/plugins_spec.rb +8 -8
data/spec/arachni/state_spec.rb +10 -10
data/spec/arachni/support/buffer/autoflush_spec.rb +16 -16
data/spec/arachni/support/buffer/base_spec.rb +39 -39
data/spec/arachni/support/cache/least_cost_replacement_spec.rb +18 -18
data/spec/arachni/support/cache/least_recently_pushed_spec.rb +24 -24
data/spec/arachni/support/cache/least_recently_used_spec.rb +20 -20
data/spec/arachni/support/cache/preference_spec.rb +4 -4
data/spec/arachni/support/cache/random_replacement_spec.rb +8 -8
data/spec/arachni/support/crypto/rsa_aes_cbc_spec.rb +1 -1
data/spec/arachni/support/database/hash_spec.rb +44 -43
data/spec/arachni/support/database/queue_spec.rb +27 -27
data/spec/arachni/support/lookup/hash_set_spec.rb +8 -8
data/spec/arachni/support/lookup/moolb_spec.rb +3 -3
data/spec/arachni/support/mixins/observable_spec.rb +6 -6
data/spec/arachni/support/signature_spec.rb +19 -19
data/spec/arachni/trainer_spec.rb +39 -39
data/spec/arachni/typhoeus/hydra_spec.rb +2 -2
data/spec/arachni/uri/scope_spec.rb +66 -66
data/spec/arachni/uri_spec.rb +107 -105
data/spec/arachni/utilities_spec.rb +40 -40
data/spec/components/checks/active/csrf_spec.rb +8 -8
data/spec/components/checks/active/no_sql_injection_spec.rb +1 -1
data/spec/components/checks/active/sql_injection_spec.rb +16 -16
data/spec/components/checks/active/trainer_spec.rb +4 -4
data/spec/components/checks/active/unvalidated_redirect_dom_spec.rb +4 -2
data/spec/components/checks/active/xpath_injection_spec.rb +1 -1
data/spec/components/checks/active/xss_dom_script_context_spec.rb +51 -21
data/spec/components/checks/active/xss_dom_spec.rb +46 -24
data/spec/components/checks/passive/allowed_methods_spec.rb +1 -1
data/spec/components/checks/passive/grep/cookie_set_for_parent_domain_spec.rb +1 -1
data/spec/components/checks/passive/grep/hsts_spec.rb +2 -2
data/spec/components/checks/passive/grep/http_only_cookies_spec.rb +1 -1
data/spec/components/checks/passive/grep/insecure_cookies_spec.rb +1 -1
data/spec/components/checks/passive/grep/insecure_cors_policy_spec.rb +2 -2
data/spec/components/checks/passive/grep/password_autocomplete_spec.rb +1 -1
data/spec/components/checks/passive/grep/private_ip_spec.rb +3 -3
data/spec/components/checks/passive/grep/unencrypted_password_forms_spec.rb +1 -1
data/spec/components/checks/passive/grep/x_frame_options_spec.rb +2 -2
data/spec/components/checks/passive/interesting_responses_spec.rb +2 -2
data/spec/components/checks/passive/webdav_spec.rb +1 -1
data/spec/components/checks/passive/xst_spec.rb +1 -1
data/spec/components/fingerprinters/servers/apache_spec.rb +2 -2
data/spec/components/path_extractors/comments_spec.rb +5 -1
data/spec/components/path_extractors/scripts_spec.rb +5 -2
data/spec/components/plugins/autologin_spec.rb +22 -22
data/spec/components/plugins/autothrottle_spec.rb +6 -5
data/spec/components/plugins/content_types_spec.rb +4 -4
data/spec/components/plugins/cookie_collector_spec.rb +5 -5
data/spec/components/plugins/exec_spec.rb +12 -12
data/spec/components/plugins/form_dicattack_spec.rb +3 -3
data/spec/components/plugins/headers_collector_spec.rb +8 -8
data/spec/components/plugins/healthmap_spec.rb +3 -3
data/spec/components/plugins/http_dicattack_spec.rb +3 -3
data/spec/components/plugins/login_script_spec.rb +79 -22
data/spec/components/plugins/meta/remedies/discovery_spec.rb +3 -2
data/spec/components/plugins/meta/remedies/timing_attacks_spec.rb +3 -3
data/spec/components/plugins/meta/uniformity_spec.rb +2 -2
data/spec/components/plugins/restrict_to_dom_state_spec.rb +1 -1
data/spec/components/plugins/script_spec.rb +1 -1
data/spec/components/plugins/uncommon_headers_spec.rb +2 -2
data/spec/components/plugins/vector_collector_spec.rb +2 -2
data/spec/components/plugins/vector_feed_spec.rb +40 -40
data/spec/components/plugins/waf_detector_spec.rb +6 -6
data/spec/components/reporters/json_spec.rb +4 -4
data/spec/components/reporters/marshal_spec.rb +2 -2
data/spec/components/reporters/yaml_spec.rb +3 -2
data/spec/external/wavsep/active/sqli_spec.rb +1 -3
data/spec/spec_helper.rb +4 -0
data/spec/support/factories/element/ui_form.rb +14 -0
data/spec/support/factories/element/ui_input.rb +13 -0
data/spec/support/factories/issue.rb +0 -13
data/spec/support/fixtures/report.afr +0 -0
data/spec/support/fixtures/{taint_check/taint.rb → signature_check/signature.rb} +2 -2
data/spec/support/helpers/browser_cluster/jobs/taint_tracer.rb +11 -11
data/spec/support/helpers/framework.rb +1 -1
data/spec/support/helpers/pages.rb +2 -2
data/spec/support/servers/arachni/browser.rb +139 -0
data/spec/support/servers/arachni/browser/javascript/taint_tracer.rb +40 -0
data/spec/support/servers/arachni/element/capabilities/analyzable/{taint.rb → signature.rb} +0 -0
data/spec/support/servers/arachni/element/input/input_dom.rb +102 -0
data/spec/support/servers/arachni/element/ui_form/ui_form_dom.rb +238 -0
data/spec/support/servers/checks/active/trainer_check.rb +7 -7
data/spec/support/servers/checks/active/unvalidated_redirect_dom.rb +22 -6
data/spec/support/servers/checks/active/xss_dom.rb +50 -0
data/spec/support/servers/checks/active/xss_dom_script_context.rb +53 -0
data/spec/support/shared/browser/javascript/taint_tracer/sink/base.rb +6 -6
data/spec/support/shared/check.rb +10 -12
data/spec/support/shared/component/options/base.rb +24 -24
data/spec/support/shared/element/base.rb +25 -25
data/spec/support/shared/element/capabilities/auditable.rb +116 -140
data/spec/support/shared/element/capabilities/dom_only.rb +65 -0
data/spec/support/shared/element/capabilities/inputtable.rb +71 -86
data/spec/support/shared/element/capabilities/mutable.rb +122 -111
data/spec/support/shared/element/capabilities/refreshable.rb +10 -10
data/spec/support/shared/element/capabilities/{submitable.rb → submittable.rb} +26 -26
data/spec/support/shared/element/capabilities/with_auditor.rb +10 -10
data/spec/support/shared/element/capabilities/with_dom.rb +8 -8
data/spec/support/shared/element/capabilities/with_node.rb +4 -6
data/spec/support/shared/element/capabilities/with_scope.rb +2 -2
data/spec/support/shared/element/capabilities/with_source.rb +6 -8
data/spec/support/shared/element/dom.rb +144 -0
data/spec/support/shared/element/dom/auditable.rb +42 -0
data/spec/support/shared/element/dom/inputtable.rb +5 -0
data/spec/support/shared/element/dom/mutable.rb +3 -0
data/spec/support/shared/element/dom/submittable.rb +119 -0
data/spec/support/shared/external/wavsep.rb +3 -3
data/spec/support/shared/fingerprinter.rb +2 -2
data/spec/support/shared/framework.rb +1 -1
data/spec/support/shared/http/message.rb +9 -9
data/spec/support/shared/option_group.rb +17 -17
data/spec/support/shared/path_extractor.rb +1 -1
data/spec/support/shared/plugin.rb +2 -2
data/spec/support/shared/support/cache.rb +57 -57
data/spec/support/shared/support/lookup.rb +25 -25
data/ui/cli/framework.rb +22 -11
data/ui/cli/framework/option_parser.rb +15 -0
data/ui/cli/option_parser.rb +8 -1
data/ui/cli/output.rb +2 -1
metadata +54 -20
data/components/checks/active/xss_dom_inputs.rb +0 -236
data/spec/components/checks/active/xss_dom_inputs_spec.rb +0 -30
data/spec/support/servers/checks/active/xss_dom_inputs.rb +0 -59
data/spec/support/shared/element/capabilities/auditable/dom.rb +0 -322

data/spec/support/shared/element/base.rb CHANGED

@@ -9,10 +9,10 @@ shared_examples_for 'element' do
     let(:page) { Factory[:page].dup }
     it "supports #{Arachni::RPC::Serializer}" do
-        subject.should == Arachni::RPC::Serializer.deep_clone( subject )
+        expect(subject).to eq(Arachni::RPC::Serializer.deep_clone( subject ))
     end
-    rpc_attributes = if described_class.ancestors.include? Arachni::Element::Capabilities::Auditable::DOM
+    rpc_attributes = if described_class.ancestors.include? Arachni::Element::DOM
                          %w(url)
                      else
                          %w(url initialization_options)
@@ -22,7 +22,7 @@ shared_examples_for 'element' do
         let(:data) { subject.to_rpc_data }
         it "includes 'url'" do
-            data['url'].should == subject.url
+            expect(data['url']).to eq(subject.url)
         end
         if rpc_attributes.include? 'initialization_options'
@@ -45,16 +45,16 @@ shared_examples_for 'element' do
                     end
                 end
-                data['initialization_options'].should == init
+                expect(data['initialization_options']).to eq(init)
             end
         end
         it "includes 'class'" do
-            data['class'].should == subject.class.to_s
+            expect(data['class']).to eq(subject.class.to_s)
         end
         it 'excludes #page' do
-            data.should_not include 'page'
+            expect(data).not_to include 'page'
         end
     end
@@ -69,15 +69,15 @@ shared_examples_for 'element' do
                 if attribute == 'initialization_options' && v1.is_a?( Hash )
                     if v1.include? :expires
-                        v1.delete(:expires).to_s.should == v2.delete(:expires).to_s
+                        expect(v1.delete(:expires).to_s).to eq(v2.delete(:expires).to_s)
                     end
                     if v1.include? :template
-                        v1.delete(:template).source.should == v2.delete(:template).source
+                        expect(v1.delete(:template).source).to eq(v2.delete(:template).source)
                     end
                 end
-                v1.should == v2
+                expect(v1).to eq(v2)
             end
         end
     end
@@ -86,19 +86,19 @@ shared_examples_for 'element' do
         context 'when passed an Numeric' do
             context "equal to #{described_class::MAX_SIZE}" do
                 it 'returns true' do
-                    described_class.too_big?( described_class::MAX_SIZE ).should be_true
+                    expect(described_class.too_big?( described_class::MAX_SIZE )).to be_truthy
                 end
             end
             context "larger than #{described_class::MAX_SIZE}" do
                 it 'returns true' do
-                    described_class.too_big?( described_class::MAX_SIZE + 1 ).should be_true
+                    expect(described_class.too_big?( described_class::MAX_SIZE + 1 )).to be_truthy
                 end
             end
             context "smaller than #{described_class::MAX_SIZE}" do
                 it 'returns false' do
-                    described_class.too_big?( described_class::MAX_SIZE - 1 ).should be_false
+                    expect(described_class.too_big?( described_class::MAX_SIZE - 1 )).to be_falsey
                 end
             end
         end
@@ -106,19 +106,19 @@ shared_examples_for 'element' do
         context 'when passed a String' do
             context "whose size is equal to #{described_class::MAX_SIZE}" do
                 it 'returns true' do
-                    described_class.too_big?( 'a' * described_class::MAX_SIZE ).should be_true
+                    expect(described_class.too_big?( 'a' * described_class::MAX_SIZE )).to be_truthy
                 end
             end
             context "whose size is larger than #{described_class::MAX_SIZE}" do
                 it 'returns true' do
-                    described_class.too_big?( 'a' * (described_class::MAX_SIZE + 1) ).should be_true
+                    expect(described_class.too_big?( 'a' * (described_class::MAX_SIZE + 1) )).to be_truthy
                 end
             end
             context "whose size is smaller than #{described_class::MAX_SIZE}" do
                 it 'returns false' do
-                    described_class.too_big?( 'a' * (described_class::MAX_SIZE - 1) ).should be_false
+                    expect(described_class.too_big?( 'a' * (described_class::MAX_SIZE - 1) )).to be_falsey
                 end
             end
         end
@@ -127,34 +127,34 @@ shared_examples_for 'element' do
     describe '#marshal_dump' do
         it 'excludes #page' do
             subject.page = page
-            subject.marshal_dump.should_not include :page
+            expect(subject.marshal_dump).not_to include :page
         end
     end
     describe '#url=',
-             if: !described_class.ancestors.include?( Arachni::Element::Capabilities::Auditable::DOM ) do
+             if: !described_class.ancestors.include?( Arachni::Element::DOM ) do
         it 'normalizes the passed URL' do
             url = 'http://test.com/some stuff#frag!'
             subject.url = url
-            subject.url.should == Arachni::Utilities.normalize_url( url )
+            expect(subject.url).to eq(Arachni::Utilities.normalize_url( url ))
         end
     end
     describe '#page=' do
         it 'sets the associated page' do
             subject.page = page
-            subject.page.should == page
+            expect(subject.page).to eq(page)
         end
     end
     describe '#dup' do
         it 'returns a copy of self' do
-            subject.dup.should == subject
+            expect(subject.dup).to eq(subject)
         end
         it 'copies #page' do
             subject.page = page
-            subject.dup.page.should == page
+            expect(subject.dup.page).to eq(page)
         end
     end
@@ -162,19 +162,19 @@ shared_examples_for 'element' do
         let(:hash) { subject.to_h }
         it 'includes the #type' do
-            hash[:type].should == subject.type
+            expect(hash[:type]).to eq(subject.type)
         end
         it 'includes the #url' do
-            hash[:url].should == subject.url
+            expect(hash[:url]).to eq(subject.url)
         end
         it 'includes the element class as a string' do
-            hash[:class].should == described_class.to_s
+            expect(hash[:class]).to eq(described_class.to_s)
         end
         it 'is aliased to #to_hash' do
-            hash.should == subject.to_hash
+            expect(hash).to eq(subject.to_hash)
         end
     end
 end

data/spec/support/shared/element/capabilities/auditable.rb CHANGED

@@ -1,34 +1,16 @@
-shared_examples_for 'auditable' do |options = {}|
-    it_should_behave_like 'inputtable', options
-    it_should_behave_like 'submittable'
-    it_should_behave_like 'mutable', options
-    it_should_behave_like 'with_auditor'
-    let(:opts) do
-        {
-            single_input:   false,
-            supports_nulls: true
-        }.merge( options )
-    end
+shared_examples_for 'auditable' do
     before :each do
         begin
             Arachni::Options.audit.elements described_class.type
-        rescue Arachni::OptionGroups::Audit::Error
+        rescue Arachni::OptionGroups::Audit::Error => e
         end
-        @framework ||= Arachni::Framework.new
-        @page      = Arachni::Page.from_url( url )
-        @auditor   = Auditor.new( @page, @framework )
     end
     after :each do
-        @framework.clean_up
-        @framework.reset
         reset_options
     end
-    let(:auditor) { @auditor }
     let(:seed) { 'my_seed' }
     let(:auditable) do
@@ -42,12 +24,6 @@ shared_examples_for 'auditable' do |options = {}|
         end
     end
-    let(:other) do
-        new = auditable.dup
-        new.inputs = { stuff: 'blah' }
-        new
-    end
     def has_parameter_extractor?
         begin
             auditable_extract_parameters
@@ -60,14 +36,14 @@ shared_examples_for 'auditable' do |options = {}|
     end
     it "supports #{Arachni::RPC::Serializer}" do
-        auditable.should == Arachni::RPC::Serializer.deep_clone( auditable )
+        expect(auditable).to eq(Arachni::RPC::Serializer.deep_clone( auditable ))
     end
     describe '#to_rpc_data' do
         let(:data) { auditable.to_rpc_data }
         it 'excludes #audit_options' do
-            data.should_not include 'audit_options'
+            expect(data).not_to include 'audit_options'
         end
     end
@@ -75,7 +51,7 @@ shared_examples_for 'auditable' do |options = {}|
         it 'clears #audit_options' do
             auditable.audit_options[:stuff] = true
             auditable.reset
-            auditable.audit_options.should be_empty
+            expect(auditable.audit_options).to be_empty
         end
     end
@@ -87,14 +63,14 @@ shared_examples_for 'auditable' do |options = {}|
             dupped.audit( seed ) { |_, m| audited = m }
             run
-            audited.audit_options.should be_any
+            expect(audited.audit_options).to be_any
             dupped = audited.dup
-            dupped.audit_options.should == audited.audit_options
+            expect(dupped.audit_options).to eq(audited.audit_options)
             dupped2 = dupped.dup
             dupped.audit_options.clear
-            dupped2.audit_options.should == audited.audit_options
+            expect(dupped2.audit_options).to eq(audited.audit_options)
         end
     end
@@ -103,7 +79,7 @@ shared_examples_for 'auditable' do |options = {}|
             audited = false
             auditable.audit( 'seed' ){ audited = true }
             run
-            audited.should be_true
+            expect(audited).to be_truthy
             Arachni::Element::Capabilities::Auditable.reset
             Arachni::Element::Capabilities::Auditable.skip_like do
@@ -113,14 +89,14 @@ shared_examples_for 'auditable' do |options = {}|
             audited = false
             auditable.audit( 'seed' ){ audited = true }
             run
-            audited.should be_false
+            expect(audited).to be_falsey
         end
         it 'skips element mutations based on the block\'s return value' do
             called = false
             auditable.audit( 'seed' ){ called = true }
             run
-            called.should be_true
+            expect(called).to be_truthy
             Arachni::Element::Capabilities::Auditable.reset
             Arachni::Element::Capabilities::Auditable.skip_like do |element|
@@ -130,7 +106,7 @@ shared_examples_for 'auditable' do |options = {}|
             i = 0
             auditable.audit( 'seed' ){ i += 1 }
             run
-            i.should == 0
+            expect(i).to eq(0)
         end
     end
@@ -142,55 +118,55 @@ shared_examples_for 'auditable' do |options = {}|
             id = auditable.audit_id
             auditable.auditor = '2'
-            auditable.audit_id.should_not == id
+            expect(auditable.audit_id).not_to eq(id)
             auditable.auditor = 1
             id = auditable.audit_id
             auditable.auditor = 2
-            auditable.audit_id.should == id
+            expect(auditable.audit_id).to eq(id)
         end
         it 'takes into account #action' do
             e = auditable.dup
-            e.stub(:action) { action }
+            allow(e).to receive(:action) { action }
             c = auditable.dup
-            c.stub(:action) { "#{action}2" }
+            allow(c).to receive(:action) { "#{action}2" }
-            e.audit_id.should_not == c.audit_id
+            expect(e.audit_id).not_to eq(c.audit_id)
         end
         it 'takes into account #type' do
             e = auditable.dup
-            e.stub(:type) { :blah }
+            allow(e).to receive(:type) { :blah }
             c = auditable.dup
-            c.stub(:type) { :blooh }
+            allow(c).to receive(:type) { :blooh }
-            e.audit_id.should_not == c.audit_id
+            expect(e.audit_id).not_to eq(c.audit_id)
         end
         it 'takes into account #inputs names' do
             e = auditable.dup
-            e.stub(:inputs) { {input1: 'stuff' } }
+            allow(e).to receive(:inputs) { {input1: 'stuff' } }
             c = auditable.dup
-            c.stub(:inputs) { {input1: 'stuff2' } }
-            e.audit_id.should == c.audit_id
+            allow(c).to receive(:inputs) { {input1: 'stuff2' } }
+            expect(e.audit_id).to eq(c.audit_id)
             e = auditable.dup
-            e.stub(:inputs) { {input1: 'stuff' } }
+            allow(e).to receive(:inputs) { {input1: 'stuff' } }
             c = auditable.dup
-            c.stub(:inputs) { {input2: 'stuff' } }
+            allow(c).to receive(:inputs) { {input2: 'stuff' } }
-            e.audit_id.should_not == c.audit_id
+            expect(e.audit_id).not_to eq(c.audit_id)
         end
         it 'takes into account the given payload' do
             id = auditable.audit_id( '1' )
-            auditable.audit_id( '2' ).should_not == id
+            expect(auditable.audit_id( '2' )).not_to eq(id)
         end
     end
@@ -199,45 +175,45 @@ shared_examples_for 'auditable' do |options = {}|
         it 'takes into account #action' do
             e = auditable.dup
-            e.stub(:action) { action }
+            allow(e).to receive(:action) { action }
             c = auditable.dup
-            c.stub(:action) { "#{action}2" }
+            allow(c).to receive(:action) { "#{action}2" }
-            e.coverage_id.should_not == c.coverage_id
+            expect(e.coverage_id).not_to eq(c.coverage_id)
         end
         it 'takes into account #type' do
             e = auditable.dup
-            e.stub(:type) { :blah }
+            allow(e).to receive(:type) { :blah }
             c = auditable.dup
-            c.stub(:type) { :blooh }
+            allow(c).to receive(:type) { :blooh }
-            e.coverage_id.should_not == c.coverage_id
+            expect(e.coverage_id).not_to eq(c.coverage_id)
         end
         it 'takes into account #inputs names' do
             e = auditable.dup
-            e.stub(:inputs) { {input1: 'stuff' } }
+            allow(e).to receive(:inputs) { {input1: 'stuff' } }
             c = auditable.dup
-            c.stub(:inputs) { {input1: 'stuff2' } }
-            e.coverage_id.should == c.coverage_id
+            allow(c).to receive(:inputs) { {input1: 'stuff2' } }
+            expect(e.coverage_id).to eq(c.coverage_id)
             e = auditable.dup
-            e.stub(:inputs) { {input1: 'stuff' } }
+            allow(e).to receive(:inputs) { {input1: 'stuff' } }
             c = auditable.dup
-            c.stub(:inputs) { {input2: 'stuff' } }
+            allow(c).to receive(:inputs) { {input2: 'stuff' } }
-            e.coverage_id.should_not == c.coverage_id
+            expect(e.coverage_id).not_to eq(c.coverage_id)
         end
     end
     describe '#coverage_hash' do
         it 'returns the String#persistent_hash of #coverage_id' do
-            auditable.coverage_hash.should == auditable.coverage_id.persistent_hash
+            expect(auditable.coverage_hash).to eq(auditable.coverage_id.persistent_hash)
         end
     end
@@ -262,7 +238,7 @@ shared_examples_for 'auditable' do |options = {}|
                     end
                     run
-                    injected.should == payload
+                    expect(injected).to eq(payload)
                 end
                 context 'with invalid data' do
@@ -270,7 +246,7 @@ shared_examples_for 'auditable' do |options = {}|
                         payload = 'stuff-here'
                         called  = 0
-                        auditable.class.any_instance.stub(:valid_input_data?) { |i| i != payload }
+                        allow_any_instance_of(auditable.class).to receive(:valid_input_data?) { |instance, i| i != payload }
                         auditable.audit( payload,
                                          format: [ Arachni::Check::Auditor::Format::STRAIGHT ],
@@ -278,7 +254,7 @@ shared_examples_for 'auditable' do |options = {}|
                         ) { |_, element| called += 1 }
                         run
-                        called.should == 0
+                        expect(called).to eq(0)
                     end
                 end
             end
@@ -295,21 +271,21 @@ shared_examples_for 'auditable' do |options = {}|
                     end
                     run
-                    injected.uniq.sort.should == payloads.sort
+                    expect(injected.uniq.sort).to eq(payloads.sort)
                 end
                 context 'and is empty' do
                     it 'returns nil' do
                         injected = []
-                        auditable.audit( [],
+                        expect(auditable.audit( [],
                                           format: [ Arachni::Check::Auditor::Format::STRAIGHT ],
                                           skip_original: true
                         ) do |_, element|
                             injected << element.affected_input_value
-                        end.should be_nil
+                        end).to be_nil
                         run
-                        injected.should be_empty
+                        expect(injected).to be_empty
                     end
                 end
             end
@@ -327,31 +303,31 @@ shared_examples_for 'auditable' do |options = {}|
                     injected = []
                     auditable.platforms.update %w(unix php apache)
-                    auditable.audit( payloads,
+                    expect(auditable.audit( payloads,
                                       format: [ Arachni::Check::Auditor::Format::STRAIGHT ],
                                       skip_original: true
                     ) do |_, element|
                         injected << element.affected_input_value
-                    end.should be_true
+                    end).to be_truthy
                     run
                     payloads.delete( :windows )
                     payloads.delete( :aspx )
-                    injected.uniq.sort.should == payloads.values.flatten.sort
+                    expect(injected.uniq.sort).to eq(payloads.values.flatten.sort)
                 end
                 context 'and is empty' do
                     it 'returns nil' do
                         injected = []
-                        auditable.audit( {},
+                        expect(auditable.audit( {},
                                           format: [ Arachni::Check::Auditor::Format::STRAIGHT ] ) do |_, element|
                             injected << element.affected_input_value
-                        end.should be_nil
+                        end).to be_nil
                         run
-                        injected.should be_empty
+                        expect(injected).to be_empty
                     end
                 end
@@ -369,16 +345,16 @@ shared_examples_for 'auditable' do |options = {}|
                         injected = []
                         auditable.platforms.clear
-                        auditable.audit( payloads,
+                        expect(auditable.audit( payloads,
                                           format: [ Arachni::Check::Auditor::Format::STRAIGHT ],
                                           skip_original: true
                         ) do |_, element|
                             injected << element.affected_input_value
-                        end.should be_true
+                        end).to be_truthy
                         run
-                        injected.uniq.sort.should == payloads.values.flatten.sort
+                        expect(injected.uniq.sort).to eq(payloads.values.flatten.sort)
                     end
                 end
@@ -392,17 +368,17 @@ shared_examples_for 'auditable' do |options = {}|
                         injected = []
                         auditable.platforms.update %w(unix php apache)
-                        auditable.audit( payloads,
+                        expect(auditable.audit( payloads,
                                           format: [ Arachni::Check::Auditor::Format::STRAIGHT ] ) do |_, element|
                             injected << element.affected_input_value
-                        end.should be_nil
+                        end).to be_nil
                         run
                         payloads.delete( :windows )
                         payloads.delete( :aspx )
-                        injected.should be_empty
+                        expect(injected).to be_empty
                     end
                 end
             end
@@ -426,18 +402,18 @@ shared_examples_for 'auditable' do |options = {}|
                     called = false
                     each = proc do |mutation|
-                        mutation.should receive(:submit).with(options)
+                        expect(mutation).to receive(:submit).with(options)
                         called = true
                     end
                     auditable.audit( seed, each_mutation: each, submit: options ){}
-                    called.should be_true
+                    expect(called).to be_truthy
                 end
             end
             describe :each_mutation do
                 it 'is passed each generated mutation' do
-                    pending if !has_parameter_extractor?
+                    skip if !has_parameter_extractor?
                     submitted = nil
                     cnt = 0
@@ -451,12 +427,12 @@ shared_examples_for 'auditable' do |options = {}|
                     end
                     run
-                    cnt.should == 1
+                    expect(cnt).to eq(1)
                     auditable.inputs == submitted
                 end
                 it 'is able to modify mutations on the fly' do
-                    pending if !has_parameter_extractor?
+                    skip if !has_parameter_extractor?
                     submitted = nil
@@ -472,12 +448,12 @@ shared_examples_for 'auditable' do |options = {}|
                     end
                     run
-                    submitted.values.first.should == modified_seed
+                    expect(submitted.values.first).to eq(modified_seed)
                 end
                 context 'when it returns one or more elements of the same type' do
                     it 'audits those elements too' do
-                        pending if !has_parameter_extractor?
+                        skip if !has_parameter_extractor?
                         injected = []
                         cnt = 0
@@ -500,8 +476,8 @@ shared_examples_for 'auditable' do |options = {}|
                         end
                         run
-                        cnt.should == 3
-                        injected.sort.should == [ seed, 'houa', 'houa2'].sort
+                        expect(cnt).to eq(3)
+                        expect(injected.sort).to eq([ seed, 'houa', 'houa2'].sort)
                     end
                 end
             end
@@ -519,8 +495,8 @@ shared_examples_for 'auditable' do |options = {}|
                         run
                         audited.uniq!
-                        audited.size.should == 1
-                        audited.should == [auditable.inputs.keys.first]
+                        expect(audited.size).to eq(1)
+                        expect(audited).to eq([auditable.inputs.keys.first])
                     end
                 end
@@ -537,8 +513,8 @@ shared_examples_for 'auditable' do |options = {}|
                         run
                         audited.uniq!
-                        audited.size.should == 1
-                        audited.should      == [auditable.inputs.keys.first]
+                        expect(audited.size).to eq(1)
+                        expect(audited).to      eq([auditable.inputs.keys.first])
                     end
                 end
             end
@@ -546,7 +522,7 @@ shared_examples_for 'auditable' do |options = {}|
             describe :format do
                 describe 'Arachni::Check::Auditor::Format::STRAIGHT' do
                     it 'injects the seed as is' do
-                        pending if !has_parameter_extractor?
+                        skip if !has_parameter_extractor?
                         injected = nil
                         cnt = 0
@@ -559,14 +535,14 @@ shared_examples_for 'auditable' do |options = {}|
                         end
                         run
-                        cnt.should == 1
-                        injected.should == seed
+                        expect(cnt).to eq(1)
+                        expect(injected).to eq(seed)
                     end
                 end
                 describe 'Arachni::Check::Auditor::Format::APPEND' do
                     it 'appends the seed to the existing value of the input' do
-                        pending if !has_parameter_extractor?
+                        skip if !has_parameter_extractor?
                         injected = nil
                         cnt = 0
@@ -579,16 +555,16 @@ shared_examples_for 'auditable' do |options = {}|
                         end
                         run
-                        cnt.should == 1
-                        injected.should == auditable.inputs.values.first + seed
+                        expect(cnt).to eq(1)
+                        expect(injected).to eq(auditable.inputs.values.first + seed)
                     end
                 end
                 describe 'Arachni::Check::Auditor::Format::NULL' do
                     it 'terminates the seed with a null character',
                        if: described_class != Arachni::Element::Header &&
-                               described_class.is_a?( Arachni::Element::Capabilities::Auditable::DOM ) do
-                        pending if !has_parameter_extractor?
+                               described_class.is_a?( Arachni::Element::DOM ) do
+                        skip if !has_parameter_extractor?
                         injected = nil
                         cnt = 0
@@ -600,14 +576,14 @@ shared_examples_for 'auditable' do |options = {}|
                         end
                         run
-                        cnt.should == 1
-                        auditable.decode( injected ).should == seed + "\0"
+                        expect(cnt).to eq(1)
+                        expect(auditable.decode( injected )).to eq(seed + "\0")
                     end
                 end
                 describe 'Arachni::Check::Auditor::Format::SEMICOLON' do
                     it 'prepends the seed with a semicolon' do
-                        pending if !has_parameter_extractor?
+                        skip if !has_parameter_extractor?
                         injected = nil
                         cnt = 0
@@ -618,9 +594,9 @@ shared_examples_for 'auditable' do |options = {}|
                             cnt += 1
                         end
                         run
-                        cnt.should == 1
+                        expect(cnt).to eq(1)
-                        auditable.decode( injected ).should == ";" + seed
+                        expect(auditable.decode( injected )).to eq(";" + seed)
                     end
                 end
             end
@@ -640,7 +616,7 @@ shared_examples_for 'auditable' do |options = {}|
                             auditable.audit( seed, @audit_opts.merge( redundant: true )){ cnt += 1 }
                         end
                         run
-                        cnt.should == 5
+                        expect(cnt).to eq(5)
                     end
                 end
@@ -651,7 +627,7 @@ shared_examples_for 'auditable' do |options = {}|
                             auditable.audit( seed, @audit_opts.merge( redundant: false )){ cnt += 1 }
                         end
                         run
-                        cnt.should == 1
+                        expect(cnt).to eq(1)
                     end
                 end
@@ -662,7 +638,7 @@ shared_examples_for 'auditable' do |options = {}|
                             auditable.audit( seed, @audit_opts ){ cnt += 1 }
                         end
                         run
-                        cnt.should == 1
+                        expect(cnt).to eq(1)
                     end
                 end
             end
@@ -673,41 +649,41 @@ shared_examples_for 'auditable' do |options = {}|
                 Arachni::Options.audit.exclude_vector_patterns = auditable.inputs.keys
                 audited = []
-                auditable.audit( seed, skip_original: true ) do |_, elem|
+                expect(auditable.audit( seed, skip_original: true ) do |_, elem|
                     audited << elem.affected_input_name
-                end.should be_true
+                end).to be_truthy
                 run
-                audited.should be_empty
+                expect(audited).to be_empty
             end
         end
         context "when #{Arachni::OptionGroups::Audit}#vector?" do
             context 'returns true' do
                 it 'audits the input' do
-                    Arachni::Options.audit.stub(:vector?){ true }
+                    allow(Arachni::Options.audit).to receive(:vector?){ true }
                     audited = []
-                    auditable.audit( seed, skip_original: true ) do |_, elem|
+                    expect(auditable.audit( seed, skip_original: true ) do |_, elem|
                         audited << elem.affected_input_name
-                    end.should be_true
+                    end).to be_truthy
                     run
-                    audited.should_not be_empty
+                    expect(audited).not_to be_empty
                 end
             end
             context 'returns false' do
                 it 'skips the input' do
-                    Arachni::Options.audit.stub(:vector?){ false }
+                    allow(Arachni::Options.audit).to receive(:vector?){ false }
                     audited = []
-                    auditable.audit( seed, skip_original: true ) do |_, elem|
+                    expect(auditable.audit( seed, skip_original: true ) do |_, elem|
                         audited << elem.affected_input_name
-                    end.should be_true
+                    end).to be_truthy
                     run
-                    audited.should be_empty
+                    expect(audited).to be_empty
                 end
             end
         end
@@ -715,12 +691,12 @@ shared_examples_for 'auditable' do |options = {}|
         context "when #{described_class::Scope}#out?" do
             context true do
                 it 'returns immediately' do
-                    described_class::Scope.any_instance.stub(:out?) { true }
+                    allow_any_instance_of(described_class::Scope).to receive(:out?) { true }
                     ran = false
-                    auditable.audit( seed ) { ran = true }.should be_false
+                    expect(auditable.audit( seed ) { ran = true }).to be_falsey
                     run
-                    ran.should be_false
+                    expect(ran).to be_falsey
                 end
             end
         end
@@ -729,19 +705,19 @@ shared_examples_for 'auditable' do |options = {}|
             it 'returns immediately' do
                 ran = false
                 auditable.inputs = {}
-                auditable.audit( seed ) { ran = true }.should be_false
+                expect(auditable.audit( seed ) { ran = true }).to be_falsey
                 run
-                ran.should be_false
+                expect(ran).to be_falsey
             end
         end
         context 'when the auditor\'s #skip? method returns true for a mutation' do
             it 'is skipped' do
                 ran = false
-                auditable.audit( seed ) { ran = true }.should be_true
+                expect(auditable.audit( seed ) { ran = true }).to be_truthy
                 run
-                ran.should be_true
+                expect(ran).to be_truthy
                 Arachni::Element::Capabilities::Auditable.reset
@@ -750,9 +726,9 @@ shared_examples_for 'auditable' do |options = {}|
                 end
                 ran = false
-                auditable.audit( seed ) { ran = true }.should be_true
+                expect(auditable.audit( seed ) { ran = true }).to be_truthy
                 run
-                ran.should be_false
+                expect(ran).to be_falsey
                 Arachni::Element::Capabilities::Auditable.reset
@@ -761,18 +737,18 @@ shared_examples_for 'auditable' do |options = {}|
                 end
                 ran = false
-                auditable.audit( seed ) { ran = true }.should be_true
+                expect(auditable.audit( seed ) { ran = true }).to be_truthy
                 run
-                ran.should be_true
+                expect(ran).to be_truthy
             end
         end
         context 'when the element\'s #skip? method returns true for a mutation' do
             it 'is skipped' do
                 ran = false
-                auditable.audit( seed ) { ran = true }.should be_true
+                expect(auditable.audit( seed ) { ran = true }).to be_truthy
                 run
-                ran.should be_true
+                expect(ran).to be_truthy
                 Arachni::Element::Capabilities::Auditable.reset
@@ -781,9 +757,9 @@ shared_examples_for 'auditable' do |options = {}|
                 end
                 ran = false
-                auditable.audit( seed ) { ran = true }.should be_true
+                expect(auditable.audit( seed ) { ran = true }).to be_truthy
                 run
-                ran.should be_false
+                expect(ran).to be_falsey
                 Arachni::Element::Capabilities::Auditable.reset
@@ -792,9 +768,9 @@ shared_examples_for 'auditable' do |options = {}|
                 end
                 ran = false
-                auditable.audit( seed ) { ran = true }.should be_true
+                expect(auditable.audit( seed ) { ran = true }).to be_truthy
                 run
-                ran.should be_true
+                expect(ran).to be_truthy
             end
         end
     end