arachni 1.3.2 → 1.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +108 -0
- data/Gemfile +2 -6
- data/LICENSE.md +1 -1
- data/README.md +34 -16
- data/Rakefile +1 -1
- data/arachni.gemspec +28 -20
- data/bin/arachni +1 -1
- data/bin/arachni_console +1 -1
- data/bin/arachni_multi +1 -1
- data/bin/arachni_reporter +1 -1
- data/bin/arachni_rest_server +13 -0
- data/bin/arachni_restore +1 -1
- data/bin/arachni_rpc +1 -1
- data/bin/arachni_rpcd +1 -1
- data/bin/arachni_rpcd_monitor +1 -1
- data/bin/arachni_script +1 -1
- data/components/checks/active/code_injection.rb +8 -10
- data/components/checks/active/code_injection_php_input_wrapper.rb +5 -6
- data/components/checks/active/code_injection_timing.rb +1 -1
- data/components/checks/active/csrf.rb +1 -1
- data/components/checks/active/file_inclusion.rb +20 -26
- data/components/checks/active/ldap_injection.rb +4 -5
- data/components/checks/active/no_sql_injection.rb +11 -20
- data/components/checks/active/no_sql_injection/substrings/mongodb +1 -0
- data/components/checks/active/no_sql_injection_differential.rb +3 -4
- data/components/checks/active/os_cmd_injection.rb +5 -9
- data/components/checks/active/os_cmd_injection_timing.rb +1 -1
- data/components/checks/active/path_traversal.rb +4 -17
- data/components/checks/active/response_splitting.rb +8 -2
- data/components/checks/active/rfi.rb +4 -5
- data/components/checks/active/session_fixation.rb +9 -3
- data/components/checks/active/source_code_disclosure.rb +5 -20
- data/components/checks/active/sql_injection.rb +30 -18
- data/components/checks/active/sql_injection/{regexp_ignore.txt → ignore_substrings} +0 -0
- data/components/checks/active/sql_injection/regexps/db2.yaml +2 -0
- data/components/checks/active/sql_injection/regexps/frontbase.yaml +1 -0
- data/components/checks/active/sql_injection/regexps/informix.yaml +1 -0
- data/components/checks/active/sql_injection/regexps/ingres.yaml +2 -0
- data/components/checks/active/sql_injection/regexps/maxdb.yaml +2 -0
- data/components/checks/active/sql_injection/regexps/mssql.yaml +8 -0
- data/components/checks/active/sql_injection/regexps/mysql.yaml +4 -0
- data/components/checks/active/sql_injection/regexps/oracle.yaml +4 -0
- data/components/checks/active/sql_injection/regexps/pgsql.yaml +3 -0
- data/components/checks/active/sql_injection/regexps/sqlite.yaml +2 -0
- data/components/checks/active/sql_injection/regexps/sybase.yaml +2 -0
- data/components/checks/active/sql_injection/substrings/access +3 -0
- data/components/checks/active/sql_injection/substrings/db2 +2 -0
- data/components/checks/active/sql_injection/{patterns → substrings}/emc +1 -1
- data/components/checks/active/sql_injection/{patterns → substrings}/firebird +0 -1
- data/components/checks/active/sql_injection/substrings/hsqldb +1 -0
- data/components/checks/active/sql_injection/{patterns → substrings}/informix +1 -2
- data/components/checks/active/sql_injection/substrings/ingres +1 -0
- data/components/checks/active/sql_injection/{patterns → substrings}/interbase +0 -0
- data/components/checks/active/sql_injection/substrings/mssql +17 -0
- data/components/checks/active/sql_injection/{patterns → substrings}/mysql +3 -6
- data/components/checks/active/sql_injection/substrings/oracle +2 -0
- data/components/checks/active/sql_injection/{patterns → substrings}/pgsql +3 -6
- data/components/checks/active/sql_injection/substrings/sqlite +3 -0
- data/components/checks/active/sql_injection/substrings/sybase +1 -0
- data/components/checks/active/sql_injection_differential.rb +5 -7
- data/components/checks/active/sql_injection_differential/payloads.txt +1 -1
- data/components/checks/active/sql_injection_timing.rb +1 -1
- data/components/checks/active/trainer.rb +5 -4
- data/components/checks/active/unvalidated_redirect.rb +1 -1
- data/components/checks/active/unvalidated_redirect_dom.rb +1 -1
- data/components/checks/active/xpath_injection.rb +3 -4
- data/components/checks/active/xss.rb +33 -12
- data/components/checks/active/xss_dom.rb +7 -4
- data/components/checks/active/xss_dom_script_context.rb +1 -1
- data/components/checks/active/xss_event.rb +43 -20
- data/components/checks/active/xss_path.rb +5 -4
- data/components/checks/active/xss_script_context.rb +41 -11
- data/components/checks/active/xss_tag.rb +14 -15
- data/components/checks/active/xxe.rb +5 -16
- data/components/checks/passive/allowed_methods.rb +1 -1
- data/components/checks/passive/backdoors.rb +4 -2
- data/components/checks/passive/backup_directories.rb +4 -2
- data/components/checks/passive/backup_files.rb +4 -2
- data/components/checks/passive/common_admin_interfaces.rb +4 -3
- data/components/checks/passive/common_directories.rb +3 -1
- data/components/checks/passive/common_files.rb +3 -1
- data/components/checks/passive/directory_listing.rb +4 -4
- data/components/checks/passive/grep/captcha.rb +1 -1
- data/components/checks/passive/grep/cookie_set_for_parent_domain.rb +1 -1
- data/components/checks/passive/grep/credit_card.rb +5 -7
- data/components/checks/passive/grep/cvs_svn_users.rb +1 -1
- data/components/checks/passive/grep/emails.rb +135 -8
- data/components/checks/passive/grep/form_upload.rb +1 -1
- data/components/checks/passive/grep/hsts.rb +4 -3
- data/components/checks/passive/grep/html_objects.rb +1 -1
- data/components/checks/passive/grep/http_only_cookies.rb +5 -3
- data/components/checks/passive/grep/insecure_cookies.rb +5 -3
- data/components/checks/passive/grep/insecure_cors_policy.rb +1 -1
- data/components/checks/passive/grep/mixed_resource.rb +1 -1
- data/components/checks/passive/grep/password_autocomplete.rb +1 -1
- data/components/checks/passive/grep/private_ip.rb +1 -1
- data/components/checks/passive/grep/ssn.rb +6 -3
- data/components/checks/passive/grep/unencrypted_password_forms.rb +1 -1
- data/components/checks/passive/grep/x_frame_options.rb +4 -3
- data/components/checks/passive/htaccess_limit.rb +1 -1
- data/components/checks/passive/http_put.rb +1 -1
- data/components/checks/passive/insecure_client_access_policy.rb +2 -2
- data/components/checks/passive/insecure_cross_domain_policy_access.rb +2 -2
- data/components/checks/passive/insecure_cross_domain_policy_headers.rb +2 -2
- data/components/checks/passive/interesting_responses.rb +1 -1
- data/components/checks/passive/localstart_asp.rb +1 -1
- data/components/checks/passive/origin_spoof_access_restriction_bypass.rb +1 -1
- data/components/checks/passive/webdav.rb +1 -1
- data/components/checks/passive/xst.rb +1 -1
- data/components/fingerprinters/frameworks/aspx_mvc.rb +1 -1
- data/components/fingerprinters/frameworks/cakephp.rb +1 -1
- data/components/fingerprinters/frameworks/cherrypy.rb +1 -1
- data/components/fingerprinters/frameworks/django.rb +1 -1
- data/components/fingerprinters/frameworks/jsf.rb +1 -1
- data/components/fingerprinters/frameworks/nette.rb +1 -1
- data/components/fingerprinters/frameworks/rack.rb +1 -1
- data/components/fingerprinters/frameworks/rails.rb +1 -1
- data/components/fingerprinters/frameworks/symfony.rb +1 -1
- data/components/fingerprinters/languages/asp.rb +1 -1
- data/components/fingerprinters/languages/aspx.rb +1 -1
- data/components/fingerprinters/languages/java.rb +1 -1
- data/components/fingerprinters/languages/php.rb +1 -1
- data/components/fingerprinters/languages/python.rb +1 -1
- data/components/fingerprinters/languages/ruby.rb +1 -1
- data/components/fingerprinters/os/bsd.rb +1 -1
- data/components/fingerprinters/os/linux.rb +1 -1
- data/components/fingerprinters/os/solaris.rb +1 -1
- data/components/fingerprinters/os/unix.rb +1 -1
- data/components/fingerprinters/os/windows.rb +1 -1
- data/components/fingerprinters/servers/apache.rb +1 -1
- data/components/fingerprinters/servers/gunicorn.rb +1 -1
- data/components/fingerprinters/servers/iis.rb +1 -1
- data/components/fingerprinters/servers/jetty.rb +1 -1
- data/components/fingerprinters/servers/nginx.rb +1 -1
- data/components/fingerprinters/servers/tomcat.rb +1 -1
- data/components/path_extractors/anchors.rb +1 -1
- data/components/path_extractors/areas.rb +1 -1
- data/components/path_extractors/comments.rb +1 -1
- data/components/path_extractors/data_url.rb +1 -1
- data/components/path_extractors/forms.rb +1 -1
- data/components/path_extractors/frames.rb +1 -1
- data/components/path_extractors/generic.rb +1 -1
- data/components/path_extractors/links.rb +1 -1
- data/components/path_extractors/meta_refresh.rb +3 -3
- data/components/path_extractors/scripts.rb +1 -1
- data/components/plugins/autologin.rb +16 -24
- data/components/plugins/beep_notify.rb +1 -1
- data/components/plugins/content_types.rb +1 -1
- data/components/plugins/cookie_collector.rb +1 -1
- data/components/plugins/defaults/autothrottle.rb +1 -1
- data/components/plugins/defaults/healthmap.rb +1 -1
- data/components/plugins/defaults/meta/remedies/discovery.rb +10 -9
- data/components/plugins/defaults/meta/remedies/timing_attacks.rb +1 -1
- data/components/plugins/defaults/meta/uniformity.rb +1 -1
- data/components/plugins/email_notify.rb +3 -5
- data/components/plugins/exec.rb +1 -1
- data/components/plugins/form_dicattack.rb +1 -1
- data/components/plugins/headers_collector.rb +1 -1
- data/components/plugins/http_dicattack.rb +1 -1
- data/components/plugins/login_script.rb +47 -22
- data/components/plugins/metrics.rb +1 -1
- data/components/plugins/proxy.rb +69 -44
- data/components/plugins/proxy/panel/help.html.erb +1 -18
- data/components/plugins/proxy/panel/inspect.html.erb +4 -3
- data/components/plugins/proxy/panel/page_accordion.html.erb +78 -43
- data/components/plugins/proxy/panel/panel.html.erb +2 -7
- data/components/plugins/proxy/template_scope.rb +1 -1
- data/components/plugins/restrict_to_dom_state.rb +3 -15
- data/components/plugins/script.rb +1 -1
- data/components/plugins/uncommon_headers.rb +1 -1
- data/components/plugins/vector_collector.rb +1 -1
- data/components/plugins/vector_feed.rb +3 -11
- data/components/plugins/waf_detector.rb +1 -1
- data/components/reporters/ap.rb +1 -1
- data/components/reporters/html.rb +2 -2
- data/components/reporters/json.rb +1 -1
- data/components/reporters/marshal.rb +1 -1
- data/components/reporters/plugin_formatters/html/autologin.rb +1 -1
- data/components/reporters/plugin_formatters/html/content_types.rb +1 -1
- data/components/reporters/plugin_formatters/html/cookie_collector.rb +1 -1
- data/components/reporters/plugin_formatters/html/exec.rb +1 -1
- data/components/reporters/plugin_formatters/html/form_dicattack.rb +1 -1
- data/components/reporters/plugin_formatters/html/healthmap.rb +1 -1
- data/components/reporters/plugin_formatters/html/http_dicattack.rb +1 -1
- data/components/reporters/plugin_formatters/html/login_script.rb +1 -1
- data/components/reporters/plugin_formatters/html/metrics.rb +1 -1
- data/components/reporters/plugin_formatters/html/uncommon_headers.rb +1 -1
- data/components/reporters/plugin_formatters/html/uniformity.rb +1 -1
- data/components/reporters/plugin_formatters/html/vector_collector.rb +1 -1
- data/components/reporters/plugin_formatters/html/waf_detector.rb +1 -1
- data/components/reporters/plugin_formatters/stdout/autologin.rb +1 -1
- data/components/reporters/plugin_formatters/stdout/content_types.rb +1 -1
- data/components/reporters/plugin_formatters/stdout/cookie_collector.rb +1 -1
- data/components/reporters/plugin_formatters/stdout/exec.rb +1 -1
- data/components/reporters/plugin_formatters/stdout/form_dicattack.rb +1 -1
- data/components/reporters/plugin_formatters/stdout/healthmap.rb +1 -1
- data/components/reporters/plugin_formatters/stdout/http_dicattack.rb +1 -1
- data/components/reporters/plugin_formatters/stdout/login_script.rb +1 -1
- data/components/reporters/plugin_formatters/stdout/metrics.rb +1 -1
- data/components/reporters/plugin_formatters/stdout/uncommon_headers.rb +1 -1
- data/components/reporters/plugin_formatters/stdout/uniformity.rb +1 -1
- data/components/reporters/plugin_formatters/stdout/vector_collector.rb +1 -1
- data/components/reporters/plugin_formatters/stdout/waf_detector.rb +1 -1
- data/components/reporters/plugin_formatters/xml/autologin.rb +1 -1
- data/components/reporters/plugin_formatters/xml/content_types.rb +1 -1
- data/components/reporters/plugin_formatters/xml/cookie_collector.rb +1 -1
- data/components/reporters/plugin_formatters/xml/exec.rb +1 -1
- data/components/reporters/plugin_formatters/xml/form_dicattack.rb +1 -1
- data/components/reporters/plugin_formatters/xml/healthmap.rb +1 -1
- data/components/reporters/plugin_formatters/xml/http_dicattack.rb +1 -1
- data/components/reporters/plugin_formatters/xml/login_script.rb +1 -1
- data/components/reporters/plugin_formatters/xml/metrics.rb +1 -1
- data/components/reporters/plugin_formatters/xml/uncommon_headers.rb +1 -1
- data/components/reporters/plugin_formatters/xml/uniformity.rb +1 -1
- data/components/reporters/plugin_formatters/xml/vector_collector.rb +1 -1
- data/components/reporters/plugin_formatters/xml/waf_detector.rb +1 -1
- data/components/reporters/stdout.rb +1 -1
- data/components/reporters/txt.rb +1 -1
- data/components/reporters/xml.rb +29 -4
- data/components/reporters/yaml.rb +1 -1
- data/lib/arachni.rb +48 -3
- data/lib/arachni/banner.rb +1 -1
- data/lib/arachni/browser.rb +601 -358
- data/lib/arachni/browser/element_locator.rb +25 -6
- data/lib/arachni/browser/javascript.rb +103 -35
- data/lib/arachni/browser/javascript/dom_monitor.rb +1 -1
- data/lib/arachni/browser/javascript/proxy.rb +28 -16
- data/lib/arachni/browser/javascript/proxy/stub.rb +1 -1
- data/lib/arachni/browser/javascript/scripts/dom_monitor.js +138 -67
- data/lib/arachni/browser/javascript/scripts/polyfills.js +28 -0
- data/lib/arachni/browser/javascript/scripts/taint_tracer.js +27 -6
- data/lib/arachni/browser/javascript/taint_tracer.rb +1 -1
- data/lib/arachni/browser/javascript/taint_tracer/frame.rb +1 -1
- data/lib/arachni/browser/javascript/taint_tracer/frame/called_function.rb +1 -1
- data/lib/arachni/browser/javascript/taint_tracer/sink/base.rb +1 -1
- data/lib/arachni/browser/javascript/taint_tracer/sink/data_flow.rb +1 -1
- data/lib/arachni/browser/javascript/taint_tracer/sink/execution_flow.rb +1 -1
- data/lib/arachni/browser_cluster.rb +10 -14
- data/lib/arachni/browser_cluster/job.rb +1 -1
- data/lib/arachni/browser_cluster/job/result.rb +1 -1
- data/lib/arachni/browser_cluster/jobs/browser_provider.rb +1 -1
- data/lib/arachni/browser_cluster/jobs/{resource_exploration.rb → dom_exploration.rb} +5 -5
- data/lib/arachni/browser_cluster/jobs/{resource_exploration → dom_exploration}/event_trigger.rb +7 -4
- data/lib/arachni/browser_cluster/jobs/{resource_exploration → dom_exploration}/event_trigger/result.rb +3 -3
- data/lib/arachni/browser_cluster/jobs/{resource_exploration → dom_exploration}/result.rb +2 -2
- data/lib/arachni/browser_cluster/jobs/taint_trace.rb +3 -3
- data/lib/arachni/browser_cluster/jobs/taint_trace/event_trigger.rb +2 -2
- data/lib/arachni/browser_cluster/jobs/taint_trace/event_trigger/result.rb +2 -2
- data/lib/arachni/browser_cluster/jobs/taint_trace/result.rb +1 -1
- data/lib/arachni/browser_cluster/worker.rb +12 -40
- data/lib/arachni/check.rb +1 -1
- data/lib/arachni/check/auditor.rb +15 -1
- data/lib/arachni/check/base.rb +1 -1
- data/lib/arachni/check/manager.rb +1 -1
- data/lib/arachni/component.rb +1 -1
- data/lib/arachni/component/base.rb +5 -5
- data/lib/arachni/component/manager.rb +39 -13
- data/lib/arachni/component/options.rb +1 -1
- data/lib/arachni/component/options/address.rb +1 -1
- data/lib/arachni/component/options/base.rb +1 -1
- data/lib/arachni/component/options/bool.rb +1 -1
- data/lib/arachni/component/options/float.rb +1 -1
- data/lib/arachni/component/options/int.rb +1 -1
- data/lib/arachni/component/options/multiple_choice.rb +1 -1
- data/lib/arachni/component/options/object.rb +1 -1
- data/lib/arachni/component/options/path.rb +1 -1
- data/lib/arachni/component/options/port.rb +1 -1
- data/lib/arachni/component/options/string.rb +1 -1
- data/lib/arachni/component/options/url.rb +1 -1
- data/lib/arachni/component/output.rb +1 -1
- data/lib/arachni/component/utilities.rb +1 -1
- data/lib/arachni/data.rb +1 -1
- data/lib/arachni/data/framework.rb +1 -1
- data/lib/arachni/data/framework/rpc.rb +1 -1
- data/lib/arachni/data/issues.rb +1 -1
- data/lib/arachni/data/plugins.rb +1 -1
- data/lib/arachni/data/session.rb +1 -1
- data/lib/arachni/element/base.rb +19 -5
- data/lib/arachni/element/body.rb +1 -1
- data/lib/arachni/element/capabilities/analyzable.rb +1 -1
- data/lib/arachni/element/capabilities/analyzable/differential.rb +15 -5
- data/lib/arachni/element/capabilities/analyzable/signature.rb +147 -89
- data/lib/arachni/element/capabilities/analyzable/timeout.rb +43 -16
- data/lib/arachni/element/capabilities/auditable.rb +20 -15
- data/lib/arachni/element/capabilities/dom_only.rb +5 -4
- data/lib/arachni/element/capabilities/inputtable.rb +62 -12
- data/lib/arachni/element/capabilities/mutable.rb +74 -13
- data/lib/arachni/element/capabilities/refreshable.rb +1 -1
- data/lib/arachni/element/capabilities/submittable.rb +5 -2
- data/lib/arachni/element/capabilities/with_auditor.rb +1 -1
- data/lib/arachni/element/capabilities/with_auditor/output.rb +5 -5
- data/lib/arachni/element/capabilities/with_dom.rb +1 -1
- data/lib/arachni/element/capabilities/with_node.rb +2 -2
- data/lib/arachni/element/capabilities/with_scope.rb +1 -1
- data/lib/arachni/element/capabilities/with_scope/scope.rb +1 -1
- data/lib/arachni/element/capabilities/with_source.rb +4 -4
- data/lib/arachni/element/cookie.rb +57 -34
- data/lib/arachni/element/cookie/capabilities/inputtable.rb +1 -1
- data/lib/arachni/element/cookie/capabilities/mutable.rb +10 -1
- data/lib/arachni/element/cookie/capabilities/with_dom.rb +1 -1
- data/lib/arachni/element/cookie/dom.rb +1 -1
- data/lib/arachni/element/dom.rb +1 -15
- data/lib/arachni/element/dom/capabilities/auditable.rb +1 -1
- data/lib/arachni/element/dom/capabilities/inputtable.rb +1 -1
- data/lib/arachni/element/dom/capabilities/locatable.rb +29 -0
- data/lib/arachni/element/dom/capabilities/mutable.rb +11 -1
- data/lib/arachni/element/dom/capabilities/submittable.rb +2 -2
- data/lib/arachni/element/form.rb +33 -14
- data/lib/arachni/element/form/capabilities/auditable.rb +1 -1
- data/lib/arachni/element/form/capabilities/mutable.rb +18 -17
- data/lib/arachni/element/form/capabilities/submittable.rb +1 -1
- data/lib/arachni/element/form/capabilities/with_dom.rb +2 -1
- data/lib/arachni/element/form/dom.rb +3 -2
- data/lib/arachni/element/generic_dom.rb +1 -1
- data/lib/arachni/element/header.rb +16 -4
- data/lib/arachni/element/header/capabilities/inputtable.rb +1 -1
- data/lib/arachni/element/header/capabilities/mutable.rb +11 -1
- data/lib/arachni/element/json.rb +2 -2
- data/lib/arachni/element/json/capabilities/inputtable.rb +1 -1
- data/lib/arachni/element/json/capabilities/mutable.rb +8 -2
- data/lib/arachni/element/link.rb +14 -7
- data/lib/arachni/element/link/capabilities/auditable.rb +1 -1
- data/lib/arachni/element/link/capabilities/submittable.rb +1 -1
- data/lib/arachni/element/link/capabilities/with_dom.rb +8 -1
- data/lib/arachni/element/link/dom.rb +2 -1
- data/lib/arachni/element/link/dom/capabilities/submittable.rb +1 -1
- data/lib/arachni/element/link_template.rb +8 -3
- data/lib/arachni/element/link_template/capabilities/auditable.rb +1 -1
- data/lib/arachni/element/link_template/capabilities/inputtable.rb +1 -1
- data/lib/arachni/element/link_template/capabilities/with_dom.rb +1 -1
- data/lib/arachni/element/link_template/dom.rb +2 -1
- data/lib/arachni/element/link_template/dom/capabilities/submittable.rb +1 -1
- data/lib/arachni/element/path.rb +1 -1
- data/lib/arachni/element/server.rb +3 -3
- data/lib/arachni/element/ui_form.rb +24 -21
- data/lib/arachni/element/ui_form/dom.rb +12 -3
- data/lib/arachni/element/ui_input.rb +17 -11
- data/lib/arachni/element/{input → ui_input}/dom.rb +11 -2
- data/lib/arachni/element/xml.rb +3 -3
- data/lib/arachni/element/xml/capabilities/inputtable.rb +7 -1
- data/lib/arachni/element/xml/capabilities/mutable.rb +7 -13
- data/lib/arachni/element_filter.rb +1 -1
- data/lib/arachni/error.rb +1 -1
- data/lib/arachni/ethon/easy.rb +1 -1
- data/lib/arachni/framework.rb +2 -5
- data/lib/arachni/framework/parts/audit.rb +8 -2
- data/lib/arachni/framework/parts/browser.rb +8 -9
- data/lib/arachni/framework/parts/check.rb +2 -6
- data/lib/arachni/framework/parts/data.rb +23 -8
- data/lib/arachni/framework/parts/platform.rb +1 -1
- data/lib/arachni/framework/parts/plugin.rb +2 -8
- data/lib/arachni/framework/parts/report.rb +3 -9
- data/lib/arachni/framework/parts/scope.rb +1 -1
- data/lib/arachni/framework/parts/state.rb +8 -8
- data/lib/arachni/http.rb +1 -1
- data/lib/arachni/http/client.rb +72 -68
- data/lib/arachni/http/client/dynamic_404_handler.rb +85 -60
- data/lib/arachni/http/cookie_jar.rb +48 -27
- data/lib/arachni/http/headers.rb +4 -3
- data/lib/arachni/http/message.rb +17 -3
- data/lib/arachni/http/message/scope.rb +1 -1
- data/lib/arachni/http/proxy_server.rb +46 -344
- data/lib/arachni/http/proxy_server/connection.rb +316 -0
- data/lib/arachni/http/proxy_server/ssl_interceptor.rb +102 -0
- data/lib/arachni/http/proxy_server/tunnel.rb +54 -0
- data/lib/arachni/http/request.rb +126 -29
- data/lib/arachni/http/request/scope.rb +1 -1
- data/lib/arachni/http/response.rb +42 -12
- data/lib/arachni/http/response/scope.rb +1 -1
- data/lib/arachni/issue.rb +2 -2
- data/lib/arachni/issue/severity.rb +1 -1
- data/lib/arachni/issue/severity/base.rb +1 -1
- data/lib/arachni/option_group.rb +1 -1
- data/lib/arachni/option_groups.rb +1 -1
- data/lib/arachni/option_groups/audit.rb +20 -4
- data/lib/arachni/option_groups/browser_cluster.rb +8 -4
- data/lib/arachni/option_groups/datastore.rb +1 -1
- data/lib/arachni/option_groups/dispatcher.rb +1 -1
- data/lib/arachni/option_groups/http.rb +2 -2
- data/lib/arachni/option_groups/input.rb +6 -3
- data/lib/arachni/option_groups/output.rb +1 -1
- data/lib/arachni/option_groups/paths.rb +10 -3
- data/lib/arachni/option_groups/rpc.rb +1 -1
- data/lib/arachni/option_groups/scope.rb +35 -6
- data/lib/arachni/option_groups/session.rb +1 -1
- data/lib/arachni/option_groups/snapshot.rb +1 -1
- data/lib/arachni/options.rb +1 -1
- data/lib/arachni/page.rb +26 -12
- data/lib/arachni/page/dom.rb +29 -22
- data/lib/arachni/page/dom/transition.rb +2 -2
- data/lib/arachni/page/scope.rb +1 -1
- data/lib/arachni/parser.rb +42 -5
- data/lib/arachni/platform.rb +1 -1
- data/lib/arachni/platform/fingerprinter.rb +1 -1
- data/lib/arachni/platform/list.rb +1 -1
- data/lib/arachni/platform/manager.rb +2 -2
- data/lib/arachni/plugin.rb +1 -1
- data/lib/arachni/plugin/base.rb +1 -1
- data/lib/arachni/plugin/formatter.rb +1 -1
- data/lib/arachni/plugin/manager.rb +7 -13
- data/lib/arachni/processes.rb +1 -1
- data/lib/arachni/processes/dispatchers.rb +2 -2
- data/lib/arachni/processes/executables/base.rb +45 -4
- data/lib/arachni/processes/executables/browser.rb +91 -0
- data/lib/arachni/processes/executables/rest_service.rb +14 -0
- data/lib/arachni/processes/helpers.rb +1 -1
- data/lib/arachni/processes/helpers/dispatchers.rb +1 -1
- data/lib/arachni/processes/helpers/instances.rb +1 -1
- data/lib/arachni/processes/helpers/processes.rb +1 -1
- data/lib/arachni/processes/instances.rb +5 -5
- data/lib/arachni/processes/manager.rb +68 -9
- data/lib/arachni/report.rb +1 -1
- data/lib/arachni/reporter.rb +1 -1
- data/lib/arachni/reporter/base.rb +1 -1
- data/lib/arachni/reporter/formatter_manager.rb +4 -2
- data/lib/arachni/reporter/manager.rb +3 -2
- data/lib/arachni/reporter/options.rb +1 -1
- data/lib/arachni/rest/server.rb +231 -0
- data/lib/arachni/rest/server/instance_helpers.rb +37 -0
- data/lib/arachni/rpc/client/base.rb +1 -1
- data/lib/arachni/rpc/client/dispatcher.rb +1 -1
- data/lib/arachni/rpc/client/instance.rb +1 -1
- data/lib/arachni/rpc/client/instance/framework.rb +1 -1
- data/lib/arachni/rpc/client/instance/service.rb +1 -1
- data/lib/arachni/rpc/serializer.rb +1 -1
- data/lib/arachni/rpc/server/active_options.rb +20 -3
- data/lib/arachni/rpc/server/base.rb +1 -1
- data/lib/arachni/rpc/server/check/manager.rb +1 -1
- data/lib/arachni/rpc/server/dispatcher.rb +4 -4
- data/lib/arachni/rpc/server/dispatcher/node.rb +1 -1
- data/lib/arachni/rpc/server/dispatcher/service.rb +1 -1
- data/lib/arachni/rpc/server/framework.rb +3 -1
- data/lib/arachni/rpc/server/framework/distributor.rb +1 -1
- data/lib/arachni/rpc/server/framework/master.rb +1 -1
- data/lib/arachni/rpc/server/framework/multi_instance.rb +1 -1
- data/lib/arachni/rpc/server/framework/slave.rb +1 -1
- data/lib/arachni/rpc/server/instance.rb +1 -3
- data/lib/arachni/rpc/server/output.rb +1 -1
- data/lib/arachni/rpc/server/plugin/manager.rb +1 -1
- data/lib/arachni/ruby.rb +1 -2
- data/lib/arachni/ruby/array.rb +1 -1
- data/lib/arachni/ruby/hash.rb +1 -1
- data/lib/arachni/ruby/object.rb +15 -1
- data/lib/arachni/ruby/set.rb +1 -1
- data/lib/arachni/ruby/string.rb +23 -4
- data/lib/arachni/ruby/webrick.rb +1 -1
- data/lib/arachni/ruby/webrick/cookie.rb +1 -1
- data/lib/arachni/ruby/webrick/httprequest.rb +1 -1
- data/lib/arachni/scope.rb +1 -1
- data/lib/arachni/{watir → selenium/webdriver}/element.rb +12 -13
- data/lib/arachni/session.rb +19 -4
- data/lib/arachni/snapshot.rb +9 -5
- data/lib/arachni/state.rb +1 -1
- data/lib/arachni/state/audit.rb +1 -1
- data/lib/arachni/state/element_filter.rb +1 -1
- data/lib/arachni/state/framework.rb +1 -1
- data/lib/arachni/state/framework/rpc.rb +1 -1
- data/lib/arachni/state/http.rb +1 -1
- data/lib/arachni/state/options.rb +1 -1
- data/lib/arachni/state/plugins.rb +1 -1
- data/lib/arachni/support.rb +2 -1
- data/lib/arachni/support/buffer.rb +1 -1
- data/lib/arachni/support/buffer/autoflush.rb +1 -1
- data/lib/arachni/support/buffer/base.rb +1 -1
- data/lib/arachni/support/cache.rb +1 -1
- data/lib/arachni/support/cache/base.rb +20 -8
- data/lib/arachni/support/cache/least_cost_replacement.rb +1 -1
- data/lib/arachni/support/cache/least_recently_pushed.rb +1 -1
- data/lib/arachni/support/cache/least_recently_used.rb +8 -9
- data/lib/arachni/support/cache/preference.rb +7 -20
- data/lib/arachni/support/cache/random_replacement.rb +1 -1
- data/lib/arachni/support/crypto.rb +1 -1
- data/lib/arachni/support/crypto/rsa_aes_cbc.rb +1 -1
- data/lib/arachni/support/database.rb +1 -1
- data/lib/arachni/support/database/base.rb +2 -2
- data/lib/arachni/support/database/hash.rb +1 -1
- data/lib/arachni/support/database/queue.rb +1 -1
- data/lib/arachni/support/glob.rb +35 -0
- data/lib/arachni/support/lookup.rb +1 -1
- data/lib/arachni/support/lookup/base.rb +1 -1
- data/lib/arachni/support/lookup/hash_set.rb +1 -1
- data/lib/arachni/support/lookup/moolb.rb +1 -1
- data/lib/arachni/support/mixins.rb +1 -1
- data/lib/arachni/support/mixins/observable.rb +1 -1
- data/lib/arachni/support/mixins/terminal.rb +1 -1
- data/lib/arachni/support/profiler.rb +12 -10
- data/lib/arachni/support/signature.rb +12 -5
- data/lib/arachni/trainer.rb +18 -4
- data/lib/arachni/ui/foo/output.rb +17 -1
- data/lib/arachni/uri.rb +285 -203
- data/lib/arachni/uri/scope.rb +13 -2
- data/lib/arachni/utilities.rb +22 -5
- data/lib/arachni/version.rb +1 -1
- data/lib/version +1 -1
- data/spec/arachni/browser/element_locator_spec.rb +42 -14
- data/spec/arachni/browser/javascript/dom_monitor_spec.rb +34 -304
- data/spec/arachni/browser/javascript/polyfills_spec.rb +35 -0
- data/spec/arachni/browser/javascript/taint_tracer_spec.rb +24 -4
- data/spec/arachni/browser/javascript_spec.rb +92 -65
- data/spec/arachni/browser_cluster/job_spec.rb +3 -3
- data/spec/arachni/browser_cluster/jobs/{resource_exploration → dom_exploration}/event_trigger/result_spec.rb +1 -1
- data/spec/arachni/browser_cluster/jobs/{resource_exploration → dom_exploration}/event_trigger_spec.rb +4 -4
- data/spec/arachni/browser_cluster/jobs/{resource_exploration → dom_exploration}/result_spec.rb +1 -1
- data/spec/arachni/browser_cluster/jobs/{resource_exploration_spec.rb → dom_exploration_spec.rb} +4 -4
- data/spec/arachni/browser_cluster/jobs/taint_tracer_spec.rb +9 -9
- data/spec/arachni/browser_cluster/worker_spec.rb +46 -67
- data/spec/arachni/browser_cluster_spec.rb +19 -17
- data/spec/arachni/browser_spec.rb +506 -183
- data/spec/arachni/check/auditor_spec.rb +70 -25
- data/spec/arachni/component/manager_spec.rb +19 -20
- data/spec/arachni/data/framework/rpc_spec.rb +1 -1
- data/spec/arachni/data/framework_spec.rb +1 -1
- data/spec/arachni/data/issues_spec.rb +3 -3
- data/spec/arachni/element/capabilities/analyzable/differential_spec.rb +44 -0
- data/spec/arachni/element/capabilities/analyzable/signature_spec.rb +33 -162
- data/spec/arachni/element/capabilities/analyzable/timeout_spec.rb +4 -4
- data/spec/arachni/element/cookie_spec.rb +98 -49
- data/spec/arachni/element/form/dom_spec.rb +1 -22
- data/spec/arachni/element/form_spec.rb +7 -7
- data/spec/arachni/element/header_spec.rb +2 -2
- data/spec/arachni/element/json_spec.rb +2 -2
- data/spec/arachni/element/link/dom_spec.rb +1 -22
- data/spec/arachni/element/link_spec.rb +17 -1
- data/spec/arachni/element/link_template/dom_spec.rb +1 -22
- data/spec/arachni/element/link_template_spec.rb +3 -3
- data/spec/arachni/element/ui_form/{ui_form_dom_spec.rb → dom_spec.rb} +72 -22
- data/spec/arachni/element/ui_form_spec.rb +1 -0
- data/spec/arachni/element/ui_input/dom_spec.rb +64 -22
- data/spec/arachni/element/ui_input_spec.rb +1 -0
- data/spec/arachni/element/xml_spec.rb +1 -0
- data/spec/arachni/framework/parts/audit_spec.rb +7 -5
- data/spec/arachni/framework/parts/browser_spec.rb +8 -8
- data/spec/arachni/framework/parts/check_spec.rb +1 -1
- data/spec/arachni/framework/parts/data_spec.rb +4 -4
- data/spec/arachni/framework/parts/scope_spec.rb +2 -2
- data/spec/arachni/framework_spec.rb +1 -1
- data/spec/arachni/http/client/dynamic_404_handlers_spec.rb +26 -13
- data/spec/arachni/http/client_spec.rb +80 -45
- data/spec/arachni/http/cookie_jar_spec.rb +6 -6
- data/spec/arachni/http/proxy_server_spec.rb +69 -66
- data/spec/arachni/http/request_spec.rb +147 -23
- data/spec/arachni/http/response/scope_spec.rb +12 -12
- data/spec/arachni/http/response_spec.rb +62 -4
- data/spec/arachni/issue_spec.rb +6 -6
- data/spec/arachni/option_groups/audit_spec.rb +25 -8
- data/spec/arachni/option_groups/browser_cluster_spec.rb +27 -1
- data/spec/arachni/option_groups/dispatcher_spec.rb +3 -3
- data/spec/arachni/option_groups/input_spec.rb +9 -9
- data/spec/arachni/option_groups/paths_spec.rb +2 -2
- data/spec/arachni/option_groups/scope_spec.rb +32 -16
- data/spec/arachni/options_spec.rb +4 -4
- data/spec/arachni/page/dom/transition_spec.rb +17 -10
- data/spec/arachni/page/dom_spec.rb +19 -0
- data/spec/arachni/page/scope_spec.rb +4 -4
- data/spec/arachni/page_spec.rb +15 -15
- data/spec/arachni/platform/manager_spec.rb +2 -2
- data/spec/arachni/plugin/base_spec.rb +1 -0
- data/spec/arachni/reporter/base_spec.rb +2 -2
- data/spec/arachni/reporter/manager_spec.rb +2 -2
- data/spec/arachni/rest/server_spec.rb +495 -0
- data/spec/arachni/rpc/server/active_options_spec.rb +63 -12
- data/spec/arachni/rpc/server/base_spec.rb +1 -1
- data/spec/arachni/rpc/server/framework/distributor_spec.rb +2 -2
- data/spec/arachni/rpc/server/framework_multi_spec.rb +6 -6
- data/spec/arachni/rpc/server/framework_spec.rb +4 -4
- data/spec/arachni/rpc/server/instance_spec.rb +24 -24
- data/spec/arachni/ruby/array_spec.rb +2 -2
- data/spec/arachni/ruby/string_spec.rb +52 -0
- data/spec/arachni/session_spec.rb +19 -2
- data/spec/arachni/snapshot_spec.rb +1 -1
- data/spec/arachni/state/audit_spec.rb +1 -1
- data/spec/arachni/state/framework_spec.rb +2 -2
- data/spec/arachni/support/cache/least_recently_used_spec.rb +0 -2
- data/spec/arachni/support/glob_spec.rb +75 -0
- data/spec/arachni/support/lookup/hash_set_spec.rb +1 -1
- data/spec/arachni/support/lookup/moolb_spec.rb +2 -2
- data/spec/arachni/support/signature_spec.rb +4 -4
- data/spec/arachni/trainer_spec.rb +48 -4
- data/spec/arachni/uri/scope_spec.rb +54 -10
- data/spec/arachni/uri_spec.rb +110 -89
- data/spec/arachni/utilities_spec.rb +8 -8
- data/spec/components/checks/active/code_injection_spec.rb +9 -9
- data/spec/components/checks/active/file_inclusion_spec.rb +20 -20
- data/spec/components/checks/active/ldap_injection_spec.rb +1 -1
- data/spec/components/checks/active/no_sql_injection_spec.rb +1 -1
- data/spec/components/checks/active/os_cmd_injection_spec.rb +3 -3
- data/spec/components/checks/active/path_traversal_spec.rb +11 -11
- data/spec/components/checks/active/response_splitting_spec.rb +2 -2
- data/spec/components/checks/active/rfi_spec.rb +3 -3
- data/spec/components/checks/active/session_fixation_spec.rb +1 -1
- data/spec/components/checks/active/source_code_disclosure_spec.rb +4 -4
- data/spec/components/checks/active/sql_injection_spec.rb +58 -59
- data/spec/components/checks/active/unvalidated_redirect_spec.rb +2 -2
- data/spec/components/checks/active/xpath_injection_spec.rb +3 -3
- data/spec/components/checks/active/xss_dom_script_context_spec.rb +1 -1
- data/spec/components/checks/active/xss_dom_spec.rb +1 -1
- data/spec/components/checks/active/xss_script_context_spec.rb +5 -5
- data/spec/components/checks/active/xss_spec.rb +5 -5
- data/spec/components/checks/passive/grep/credit_card_spec.rb +1 -1
- data/spec/components/checks/passive/grep/emails_spec.rb +12 -2
- data/spec/components/checks/passive/grep/ssn_spec.rb +1 -1
- data/spec/components/path_extractors/meta_refresh_spec.rb +3 -1
- data/spec/components/plugins/exec_spec.rb +2 -2
- data/spec/components/plugins/login_script_spec.rb +22 -2
- data/spec/components/plugins/vector_feed_spec.rb +3 -3
- data/spec/spec_helper.rb +10 -4
- data/spec/support/factories/browser_cluster/job.rb +1 -0
- data/spec/support/fixtures/check_with_invalid_platforms/with_invalid_platforms.rb +1 -1
- data/spec/support/fixtures/checks/test.rb +1 -1
- data/spec/support/fixtures/checks/test2.rb +1 -1
- data/spec/support/fixtures/checks/test3.rb +1 -1
- data/spec/support/fixtures/fingerprinters/test.rb +1 -1
- data/spec/support/fixtures/plugins/bad.rb +1 -1
- data/spec/support/fixtures/plugins/defaults/default.rb +1 -1
- data/spec/support/fixtures/plugins/distributable.rb +1 -1
- data/spec/support/fixtures/plugins/loop.rb +1 -1
- data/spec/support/fixtures/plugins/suspendable.rb +1 -1
- data/spec/support/fixtures/plugins/wait.rb +1 -1
- data/spec/support/fixtures/plugins/with_options.rb +1 -1
- data/spec/support/fixtures/plugins_with_priorities/p0.rb +1 -1
- data/spec/support/fixtures/plugins_with_priorities/p00.rb +1 -1
- data/spec/support/fixtures/plugins_with_priorities/p1.rb +1 -1
- data/spec/support/fixtures/plugins_with_priorities/p2.rb +1 -1
- data/spec/support/fixtures/plugins_with_priorities/p22.rb +1 -1
- data/spec/support/fixtures/plugins_with_priorities/p222.rb +1 -1
- data/spec/support/fixtures/plugins_with_priorities/p_nil.rb +1 -1
- data/spec/support/fixtures/plugins_with_priorities/p_nil2.rb +1 -1
- data/spec/support/fixtures/report.afr +0 -0
- data/spec/support/fixtures/reporters/base_spec/plugin_formatters/with_formatters/foobar.rb +1 -1
- data/spec/support/fixtures/reporters/base_spec/with_formatters.rb +1 -1
- data/spec/support/fixtures/reporters/base_spec/with_outfile.rb +1 -1
- data/spec/support/fixtures/reporters/base_spec/without_outfile.rb +1 -1
- data/spec/support/fixtures/reporters/manager_spec/afr.rb +1 -1
- data/spec/support/fixtures/reporters/manager_spec/error.rb +1 -1
- data/spec/support/fixtures/reporters/manager_spec/foo.rb +1 -1
- data/spec/support/fixtures/run_check/body.rb +1 -1
- data/spec/support/fixtures/run_check/cookies.rb +1 -1
- data/spec/support/fixtures/run_check/empty.rb +1 -1
- data/spec/support/fixtures/run_check/flch.rb +1 -1
- data/spec/support/fixtures/run_check/forms.rb +1 -1
- data/spec/support/fixtures/run_check/headers.rb +1 -1
- data/spec/support/fixtures/run_check/links.rb +1 -1
- data/spec/support/fixtures/run_check/nil.rb +1 -1
- data/spec/support/fixtures/run_check/path.rb +1 -1
- data/spec/support/fixtures/run_check/server.rb +1 -1
- data/spec/support/fixtures/signature_check/signature.rb +1 -1
- data/spec/support/fixtures/wait_check/wait.rb +1 -1
- data/spec/support/helpers/framework.rb +1 -1
- data/spec/support/helpers/misc.rb +1 -1
- data/spec/support/helpers/paths.rb +1 -1
- data/spec/support/helpers/request_helpers.rb +38 -0
- data/spec/support/helpers/requires.rb +1 -1
- data/spec/support/helpers/resets.rb +1 -1
- data/spec/support/helpers/web_server.rb +1 -1
- data/spec/support/lib/factory.rb +1 -1
- data/spec/support/lib/web_server_client.rb +1 -1
- data/spec/support/lib/web_server_dispatcher.rb +1 -1
- data/spec/support/lib/web_server_manager.rb +2 -2
- data/spec/support/servers/arachni/browser.rb +182 -15
- data/spec/support/servers/arachni/browser/javascript/angular-1.2.8.js +1 -1
- data/spec/support/servers/arachni/browser/javascript/angular-route.js +1 -1
- data/spec/support/servers/arachni/browser/javascript/dom_monitor.rb +27 -4
- data/spec/support/servers/arachni/element/capabilities/analyzable/differential.rb +103 -0
- data/spec/support/servers/arachni/element/capabilities/analyzable/timeout.rb +5 -2
- data/spec/support/servers/arachni/element/header.rb +1 -1
- data/spec/support/servers/arachni/http/client.rb +46 -0
- data/spec/support/servers/arachni/http/client/dynamic_404_handler.rb +7 -1
- data/spec/support/servers/checks/active/code_injection.rb +5 -5
- data/spec/support/servers/checks/active/no_sql_injection.rb +0 -6
- data/spec/support/servers/checks/active/no_sql_injection_differential.rb +1 -1
- data/spec/support/servers/checks/active/sql_injection.rb +5 -2
- data/spec/support/servers/checks/active/sql_injection_differential.rb +1 -1
- data/spec/support/servers/checks/active/trainer_check.rb +6 -6
- data/spec/support/servers/checks/passive/backdoors.rb +1 -0
- data/spec/support/servers/checks/passive/backup_directories.rb +2 -0
- data/spec/support/servers/checks/passive/backup_files.rb +2 -0
- data/spec/support/servers/checks/passive/grep/emails.rb +6 -6
- data/spec/support/shared/check.rb +28 -0
- data/spec/support/shared/element/capabilities/auditable.rb +76 -13
- data/spec/support/shared/element/capabilities/dom_only.rb +5 -6
- data/spec/support/shared/element/capabilities/inputtable.rb +74 -4
- data/spec/support/shared/element/capabilities/mutable.rb +86 -14
- data/spec/support/shared/element/capabilities/submittable.rb +12 -0
- data/spec/support/shared/element/capabilities/with_dom.rb +13 -4
- data/spec/support/shared/element/capabilities/with_node.rb +1 -1
- data/spec/support/shared/element/capabilities/with_source.rb +1 -6
- data/spec/support/shared/element/dom/locatable.rb +20 -0
- data/spec/support/shared/element/dom/submittable.rb +4 -17
- data/spec/support/shared/http/message.rb +37 -5
- data/spec/support/shared/support/cache.rb +5 -4
- data/ui/cli/framework.rb +4 -3
- data/ui/cli/framework/option_parser.rb +20 -8
- data/ui/cli/option_parser.rb +1 -1
- data/ui/cli/output.rb +40 -4
- data/ui/cli/reporter.rb +1 -1
- data/ui/cli/reporter/option_parser.rb +4 -4
- data/ui/cli/rest/server.rb +43 -0
- data/ui/cli/rest/server/option_parser.rb +115 -0
- data/ui/cli/restored_framework.rb +1 -1
- data/ui/cli/restored_framework/option_parser.rb +1 -1
- data/ui/cli/rpc/client/dispatcher_monitor.rb +1 -1
- data/ui/cli/rpc/client/dispatcher_monitor/option_parser.rb +1 -1
- data/ui/cli/rpc/client/instance.rb +1 -1
- data/ui/cli/rpc/client/local.rb +1 -1
- data/ui/cli/rpc/client/local/option_parser.rb +1 -1
- data/ui/cli/rpc/client/remote.rb +1 -1
- data/ui/cli/rpc/client/remote/option_parser.rb +1 -1
- data/ui/cli/rpc/server/dispatcher.rb +1 -1
- data/ui/cli/rpc/server/dispatcher/option_parser.rb +1 -1
- data/ui/cli/utilities.rb +1 -1
- metadata +197 -84
- data/components/checks/active/no_sql_injection/patterns/mongodb +0 -1
- data/components/checks/active/no_sql_injection/regexp_ignore.txt +0 -0
- data/components/checks/active/sql_injection/patterns/access +0 -3
- data/components/checks/active/sql_injection/patterns/db2 +0 -5
- data/components/checks/active/sql_injection/patterns/frontbase +0 -1
- data/components/checks/active/sql_injection/patterns/hsqldb +0 -1
- data/components/checks/active/sql_injection/patterns/ingres +0 -3
- data/components/checks/active/sql_injection/patterns/maxdb +0 -2
- data/components/checks/active/sql_injection/patterns/mssql +0 -25
- data/components/checks/active/sql_injection/patterns/oracle +0 -6
- data/components/checks/active/sql_injection/patterns/sqlite +0 -5
- data/components/checks/active/sql_injection/patterns/sybase +0 -3
- data/lib/arachni/ruby/io.rb +0 -39
- data/lib/arachni/selenium/webdriver/remote/http/typhoeus.rb +0 -63
- data/spec/arachni/ruby/io_spec.rb +0 -26
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
=begin
|
|
2
|
-
Copyright 2010-
|
|
2
|
+
Copyright 2010-2016 Tasos Laskos <tasos.laskos@arachni-scanner.com>
|
|
3
3
|
|
|
4
4
|
This file is part of the Arachni Framework project and is subject to
|
|
5
5
|
redistribution and commercial restrictions. Please see the Arachni Framework
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
=begin
|
|
2
|
-
Copyright 2010-
|
|
2
|
+
Copyright 2010-2016 Tasos Laskos <tasos.laskos@arachni-scanner.com>
|
|
3
3
|
|
|
4
4
|
This file is part of the Arachni Framework project and is subject to
|
|
5
5
|
redistribution and commercial restrictions. Please see the Arachni Framework
|
|
@@ -7,12 +7,13 @@
|
|
|
7
7
|
=end
|
|
8
8
|
|
|
9
9
|
# @author Tasos Laskos <tasos.laskos@arachni-scanner.com>
|
|
10
|
-
# @version 0.1.
|
|
10
|
+
# @version 0.1.3
|
|
11
11
|
class Arachni::Checks::Hsts < Arachni::Check::Base
|
|
12
12
|
|
|
13
13
|
def run
|
|
14
14
|
return if audited?( page.parsed_url.host ) ||
|
|
15
15
|
page.parsed_url.scheme != 'https' ||
|
|
16
|
+
page.response.headers.empty? ||
|
|
16
17
|
page.response.headers['Strict-Transport-Security']
|
|
17
18
|
|
|
18
19
|
audited( page.parsed_url.host )
|
|
@@ -28,7 +29,7 @@ class Arachni::Checks::Hsts < Arachni::Check::Base
|
|
|
28
29
|
name: 'HTTP Strict Transport Security',
|
|
29
30
|
description: %q{Checks HTTPS pages for missing `Strict-Transport-Security` headers.},
|
|
30
31
|
author: 'Tasos Laskos <tasos.laskos@arachni-scanner.com>',
|
|
31
|
-
version: '0.1.
|
|
32
|
+
version: '0.1.3',
|
|
32
33
|
elements: [ Element::Server ],
|
|
33
34
|
|
|
34
35
|
issue: {
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
=begin
|
|
2
|
-
Copyright 2010-
|
|
2
|
+
Copyright 2010-2016 Tasos Laskos <tasos.laskos@arachni-scanner.com>
|
|
3
3
|
|
|
4
4
|
This file is part of the Arachni Framework project and is subject to
|
|
5
5
|
redistribution and commercial restrictions. Please see the Arachni Framework
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
=begin
|
|
2
|
-
Copyright 2010-
|
|
2
|
+
Copyright 2010-2016 Tasos Laskos <tasos.laskos@arachni-scanner.com>
|
|
3
3
|
|
|
4
4
|
This file is part of the Arachni Framework project and is subject to
|
|
5
5
|
redistribution and commercial restrictions. Please see the Arachni Framework
|
|
@@ -12,7 +12,9 @@
|
|
|
12
12
|
class Arachni::Checks::HttpOnlyCookies < Arachni::Check::Base
|
|
13
13
|
|
|
14
14
|
def run
|
|
15
|
-
|
|
15
|
+
# We grab the parser cookies because the Page#cookies will also include
|
|
16
|
+
# stuff from the cookiejar.
|
|
17
|
+
page.parser.cookies.each do |cookie|
|
|
16
18
|
next if cookie.http_only? || audited?( cookie.name )
|
|
17
19
|
|
|
18
20
|
log( vector: cookie )
|
|
@@ -26,7 +28,7 @@ class Arachni::Checks::HttpOnlyCookies < Arachni::Check::Base
|
|
|
26
28
|
description: %q{Logs cookies that are accessible via JavaScript.},
|
|
27
29
|
elements: [ Element::Cookie ],
|
|
28
30
|
author: 'Tasos "Zapotek" Laskos <tasos.laskos@arachni-scanner.com>',
|
|
29
|
-
version: '0.1.
|
|
31
|
+
version: '0.1.5',
|
|
30
32
|
|
|
31
33
|
issue: {
|
|
32
34
|
name: %q{HttpOnly cookie},
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
=begin
|
|
2
|
-
Copyright 2010-
|
|
2
|
+
Copyright 2010-2016 Tasos Laskos <tasos.laskos@arachni-scanner.com>
|
|
3
3
|
|
|
4
4
|
This file is part of the Arachni Framework project and is subject to
|
|
5
5
|
redistribution and commercial restrictions. Please see the Arachni Framework
|
|
@@ -12,7 +12,9 @@ class Arachni::Checks::InsecureCookies < Arachni::Check::Base
|
|
|
12
12
|
def run
|
|
13
13
|
return if page.parsed_url.scheme != 'https'
|
|
14
14
|
|
|
15
|
-
|
|
15
|
+
# We grab the parser cookies because the Page#cookies will also include
|
|
16
|
+
# stuff from the cookiejar.
|
|
17
|
+
page.parser.cookies.each do |cookie|
|
|
16
18
|
next if cookie.secure? || audited?( cookie.name )
|
|
17
19
|
|
|
18
20
|
log( vector: cookie )
|
|
@@ -29,7 +31,7 @@ Logs cookies that are served over an encrypted channel but without having the
|
|
|
29
31
|
},
|
|
30
32
|
elements: [ Element::Cookie ],
|
|
31
33
|
author: 'Tasos "Zapotek" Laskos <tasos.laskos@arachni-scanner.com>',
|
|
32
|
-
version: '0.1.
|
|
34
|
+
version: '0.1.4',
|
|
33
35
|
|
|
34
36
|
issue: {
|
|
35
37
|
name: %q{Insecure cookie},
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
=begin
|
|
2
|
-
Copyright 2010-
|
|
2
|
+
Copyright 2010-2016 Tasos Laskos <tasos.laskos@arachni-scanner.com>
|
|
3
3
|
|
|
4
4
|
This file is part of the Arachni Framework project and is subject to
|
|
5
5
|
redistribution and commercial restrictions. Please see the Arachni Framework
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
=begin
|
|
2
|
-
Copyright 2010-
|
|
2
|
+
Copyright 2010-2016 Tasos Laskos <tasos.laskos@arachni-scanner.com>
|
|
3
3
|
|
|
4
4
|
This file is part of the Arachni Framework project and is subject to
|
|
5
5
|
redistribution and commercial restrictions. Please see the Arachni Framework
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
=begin
|
|
2
|
-
Copyright 2010-
|
|
2
|
+
Copyright 2010-2016 Tasos Laskos <tasos.laskos@arachni-scanner.com>
|
|
3
3
|
|
|
4
4
|
This file is part of the Arachni Framework project and is subject to
|
|
5
5
|
redistribution and commercial restrictions. Please see the Arachni Framework
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
=begin
|
|
2
|
-
Copyright 2010-
|
|
2
|
+
Copyright 2010-2016 Tasos Laskos <tasos.laskos@arachni-scanner.com>
|
|
3
3
|
|
|
4
4
|
This file is part of the Arachni Framework project and is subject to
|
|
5
5
|
redistribution and commercial restrictions. Please see the Arachni Framework
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
=begin
|
|
2
|
-
Copyright 2010-
|
|
2
|
+
Copyright 2010-2016 Tasos Laskos <tasos.laskos@arachni-scanner.com>
|
|
3
3
|
|
|
4
4
|
This file is part of the Arachni Framework project and is subject to
|
|
5
5
|
redistribution and commercial restrictions. Please see the Arachni Framework
|
|
@@ -26,7 +26,7 @@ class Arachni::Checks::Ssn < Arachni::Check::Base
|
|
|
26
26
|
'Tasos "Zapotek" Laskos <tasos.laskos@arachni-scanner.com>', # original
|
|
27
27
|
'haliphax' # tweaked regexp
|
|
28
28
|
],
|
|
29
|
-
version: '0.1.
|
|
29
|
+
version: '0.1.4',
|
|
30
30
|
|
|
31
31
|
issue: {
|
|
32
32
|
name: %q{Disclosed US Social Security Number (SSN)},
|
|
@@ -54,7 +54,10 @@ If the response does contain a valid SSN, then all efforts should be taken to
|
|
|
54
54
|
remove or further protect this information. This can be achieved by removing the
|
|
55
55
|
SSN altogether or by masking the number so that only the last few digits are
|
|
56
56
|
present within the response (eg. _**********123_).
|
|
57
|
-
}
|
|
57
|
+
},
|
|
58
|
+
# Well, we can't know whether the logged number actually is an
|
|
59
|
+
# SSN now can we?
|
|
60
|
+
trusted: false
|
|
58
61
|
}
|
|
59
62
|
}
|
|
60
63
|
end
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
=begin
|
|
2
|
-
Copyright 2010-
|
|
2
|
+
Copyright 2010-2016 Tasos Laskos <tasos.laskos@arachni-scanner.com>
|
|
3
3
|
|
|
4
4
|
This file is part of the Arachni Framework project and is subject to
|
|
5
5
|
redistribution and commercial restrictions. Please see the Arachni Framework
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
=begin
|
|
2
|
-
Copyright 2010-
|
|
2
|
+
Copyright 2010-2016 Tasos Laskos <tasos.laskos@arachni-scanner.com>
|
|
3
3
|
|
|
4
4
|
This file is part of the Arachni Framework project and is subject to
|
|
5
5
|
redistribution and commercial restrictions. Please see the Arachni Framework
|
|
@@ -7,11 +7,12 @@
|
|
|
7
7
|
=end
|
|
8
8
|
|
|
9
9
|
# @author Tasos Laskos <tasos.laskos@arachni-scanner.com>
|
|
10
|
-
# @version 0.1.
|
|
10
|
+
# @version 0.1.2
|
|
11
11
|
class Arachni::Checks::XFrameOptions < Arachni::Check::Base
|
|
12
12
|
|
|
13
13
|
def run
|
|
14
14
|
return if audited?( page.parsed_url.host ) ||
|
|
15
|
+
page.response.headers.empty? ||
|
|
15
16
|
page.response.headers['X-Frame-Options']
|
|
16
17
|
audited( page.parsed_url.host )
|
|
17
18
|
|
|
@@ -26,7 +27,7 @@ class Arachni::Checks::XFrameOptions < Arachni::Check::Base
|
|
|
26
27
|
name: 'Missing X-Frame-Options header',
|
|
27
28
|
description: %q{Checks the host for a missing `X-Frame-Options` header.},
|
|
28
29
|
author: 'Tasos Laskos <tasos.laskos@arachni-scanner.com>',
|
|
29
|
-
version: '0.1.
|
|
30
|
+
version: '0.1.2',
|
|
30
31
|
elements: [ Element::Server ],
|
|
31
32
|
|
|
32
33
|
issue: {
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
=begin
|
|
2
|
-
Copyright 2010-
|
|
2
|
+
Copyright 2010-2016 Tasos Laskos <tasos.laskos@arachni-scanner.com>
|
|
3
3
|
|
|
4
4
|
This file is part of the Arachni Framework project and is subject to
|
|
5
5
|
redistribution and commercial restrictions. Please see the Arachni Framework
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
=begin
|
|
2
|
-
Copyright 2010-
|
|
2
|
+
Copyright 2010-2016 Tasos Laskos <tasos.laskos@arachni-scanner.com>
|
|
3
3
|
|
|
4
4
|
This file is part of the Arachni Framework project and is subject to
|
|
5
5
|
redistribution and commercial restrictions. Please see the Arachni Framework
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
=begin
|
|
2
|
-
Copyright 2010-
|
|
2
|
+
Copyright 2010-2016 Tasos Laskos <tasos.laskos@arachni-scanner.com>
|
|
3
3
|
|
|
4
4
|
This file is part of the Arachni Framework project and is subject to
|
|
5
5
|
redistribution and commercial restrictions. Please see the Arachni Framework
|
|
@@ -27,7 +27,7 @@ class Arachni::Checks::InsecureClientAccessPolicy < Arachni::Check::Base
|
|
|
27
27
|
def check_and_log( response )
|
|
28
28
|
return if response.code != 200
|
|
29
29
|
|
|
30
|
-
policy =
|
|
30
|
+
policy = Arachni::Parser.parse_xml( response.body )
|
|
31
31
|
return if !policy
|
|
32
32
|
|
|
33
33
|
INSECURE_WILDCARDS.each do |wildcard|
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
=begin
|
|
2
|
-
Copyright 2010-
|
|
2
|
+
Copyright 2010-2016 Tasos Laskos <tasos.laskos@arachni-scanner.com>
|
|
3
3
|
|
|
4
4
|
This file is part of the Arachni Framework project and is subject to
|
|
5
5
|
redistribution and commercial restrictions. Please see the Arachni Framework
|
|
@@ -27,7 +27,7 @@ class Arachni::Checks::InsecureCrossDomainPolicyAccess < Arachni::Check::Base
|
|
|
27
27
|
def check_and_log( response )
|
|
28
28
|
return if response.code != 200
|
|
29
29
|
|
|
30
|
-
policy =
|
|
30
|
+
policy = Arachni::Parser.parse_xml( response.body )
|
|
31
31
|
return if !policy
|
|
32
32
|
|
|
33
33
|
INSECURE_WILDCARDS.each do |wildcard|
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
=begin
|
|
2
|
-
Copyright 2010-
|
|
2
|
+
Copyright 2010-2016 Tasos Laskos <tasos.laskos@arachni-scanner.com>
|
|
3
3
|
|
|
4
4
|
This file is part of the Arachni Framework project and is subject to
|
|
5
5
|
redistribution and commercial restrictions. Please see the Arachni Framework
|
|
@@ -27,7 +27,7 @@ class Arachni::Checks::InsecureCrossDomainPolicyHeaders < Arachni::Check::Base
|
|
|
27
27
|
def check_and_log( response )
|
|
28
28
|
return if response.code != 200
|
|
29
29
|
|
|
30
|
-
policy =
|
|
30
|
+
policy = Arachni::Parser.parse_xml( response.body )
|
|
31
31
|
return if !policy
|
|
32
32
|
|
|
33
33
|
INSECURE_WILDCARDS.each do |wildcard|
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
=begin
|
|
2
|
-
Copyright 2010-
|
|
2
|
+
Copyright 2010-2016 Tasos Laskos <tasos.laskos@arachni-scanner.com>
|
|
3
3
|
|
|
4
4
|
This file is part of the Arachni Framework project and is subject to
|
|
5
5
|
redistribution and commercial restrictions. Please see the Arachni Framework
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
=begin
|
|
2
|
-
Copyright 2010-
|
|
2
|
+
Copyright 2010-2016 Tasos Laskos <tasos.laskos@arachni-scanner.com>
|
|
3
3
|
|
|
4
4
|
This file is part of the Arachni Framework project and is subject to
|
|
5
5
|
redistribution and commercial restrictions. Please see the Arachni Framework
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
=begin
|
|
2
|
-
Copyright 2010-
|
|
2
|
+
Copyright 2010-2016 Tasos Laskos <tasos.laskos@arachni-scanner.com>
|
|
3
3
|
|
|
4
4
|
This file is part of the Arachni Framework project and is subject to
|
|
5
5
|
redistribution and commercial restrictions. Please see the Arachni Framework
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
=begin
|
|
2
|
-
Copyright 2010-
|
|
2
|
+
Copyright 2010-2016 Tasos Laskos <tasos.laskos@arachni-scanner.com>
|
|
3
3
|
|
|
4
4
|
This file is part of the Arachni Framework project and is subject to
|
|
5
5
|
redistribution and commercial restrictions. Please see the Arachni Framework
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
=begin
|
|
2
|
-
Copyright 2010-
|
|
2
|
+
Copyright 2010-2016 Tasos Laskos <tasos.laskos@arachni-scanner.com>
|
|
3
3
|
|
|
4
4
|
This file is part of the Arachni Framework project and is subject to
|
|
5
5
|
redistribution and commercial restrictions. Please see the Arachni Framework
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
=begin
|
|
2
|
-
Copyright 2010-
|
|
2
|
+
Copyright 2010-2016 Tasos Laskos <tasos.laskos@arachni-scanner.com>
|
|
3
3
|
|
|
4
4
|
This file is part of the Arachni Framework project and is subject to
|
|
5
5
|
redistribution and commercial restrictions. Please see the Arachni Framework
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
=begin
|
|
2
|
-
Copyright 2010-
|
|
2
|
+
Copyright 2010-2016 Tasos Laskos <tasos.laskos@arachni-scanner.com>
|
|
3
3
|
|
|
4
4
|
This file is part of the Arachni Framework project and is subject to
|
|
5
5
|
redistribution and commercial restrictions. Please see the Arachni Framework
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
=begin
|
|
2
|
-
Copyright 2010-
|
|
2
|
+
Copyright 2010-2016 Tasos Laskos <tasos.laskos@arachni-scanner.com>
|
|
3
3
|
|
|
4
4
|
This file is part of the Arachni Framework project and is subject to
|
|
5
5
|
redistribution and commercial restrictions. Please see the Arachni Framework
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
=begin
|
|
2
|
-
Copyright 2010-
|
|
2
|
+
Copyright 2010-2016 Tasos Laskos <tasos.laskos@arachni-scanner.com>
|
|
3
3
|
|
|
4
4
|
This file is part of the Arachni Framework project and is subject to
|
|
5
5
|
redistribution and commercial restrictions. Please see the Arachni Framework
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
=begin
|
|
2
|
-
Copyright 2010-
|
|
2
|
+
Copyright 2010-2016 Tasos Laskos <tasos.laskos@arachni-scanner.com>
|
|
3
3
|
|
|
4
4
|
This file is part of the Arachni Framework project and is subject to
|
|
5
5
|
redistribution and commercial restrictions. Please see the Arachni Framework
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
=begin
|
|
2
|
-
Copyright 2010-
|
|
2
|
+
Copyright 2010-2016 Tasos Laskos <tasos.laskos@arachni-scanner.com>
|
|
3
3
|
|
|
4
4
|
This file is part of the Arachni Framework project and is subject to
|
|
5
5
|
redistribution and commercial restrictions. Please see the Arachni Framework
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
=begin
|
|
2
|
-
Copyright 2010-
|
|
2
|
+
Copyright 2010-2016 Tasos Laskos <tasos.laskos@arachni-scanner.com>
|
|
3
3
|
|
|
4
4
|
This file is part of the Arachni Framework project and is subject to
|
|
5
5
|
redistribution and commercial restrictions. Please see the Arachni Framework
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
=begin
|
|
2
|
-
Copyright 2010-
|
|
2
|
+
Copyright 2010-2016 Tasos Laskos <tasos.laskos@arachni-scanner.com>
|
|
3
3
|
|
|
4
4
|
This file is part of the Arachni Framework project and is subject to
|
|
5
5
|
redistribution and commercial restrictions. Please see the Arachni Framework
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
=begin
|
|
2
|
-
Copyright 2010-
|
|
2
|
+
Copyright 2010-2016 Tasos Laskos <tasos.laskos@arachni-scanner.com>
|
|
3
3
|
|
|
4
4
|
This file is part of the Arachni Framework project and is subject to
|
|
5
5
|
redistribution and commercial restrictions. Please see the Arachni Framework
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
=begin
|
|
2
|
-
Copyright 2010-
|
|
2
|
+
Copyright 2010-2016 Tasos Laskos <tasos.laskos@arachni-scanner.com>
|
|
3
3
|
|
|
4
4
|
This file is part of the Arachni Framework project and is subject to
|
|
5
5
|
redistribution and commercial restrictions. Please see the Arachni Framework
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
=begin
|
|
2
|
-
Copyright 2010-
|
|
2
|
+
Copyright 2010-2016 Tasos Laskos <tasos.laskos@arachni-scanner.com>
|
|
3
3
|
|
|
4
4
|
This file is part of the Arachni Framework project and is subject to
|
|
5
5
|
redistribution and commercial restrictions. Please see the Arachni Framework
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
=begin
|
|
2
|
-
Copyright 2010-
|
|
2
|
+
Copyright 2010-2016 Tasos Laskos <tasos.laskos@arachni-scanner.com>
|
|
3
3
|
|
|
4
4
|
This file is part of the Arachni Framework project and is subject to
|
|
5
5
|
redistribution and commercial restrictions. Please see the Arachni Framework
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
=begin
|
|
2
|
-
Copyright 2010-
|
|
2
|
+
Copyright 2010-2016 Tasos Laskos <tasos.laskos@arachni-scanner.com>
|
|
3
3
|
|
|
4
4
|
This file is part of the Arachni Framework project and is subject to
|
|
5
5
|
redistribution and commercial restrictions. Please see the Arachni Framework
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
=begin
|
|
2
|
-
Copyright 2010-
|
|
2
|
+
Copyright 2010-2016 Tasos Laskos <tasos.laskos@arachni-scanner.com>
|
|
3
3
|
|
|
4
4
|
This file is part of the Arachni Framework project and is subject to
|
|
5
5
|
redistribution and commercial restrictions. Please see the Arachni Framework
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
=begin
|
|
2
|
-
Copyright 2010-
|
|
2
|
+
Copyright 2010-2016 Tasos Laskos <tasos.laskos@arachni-scanner.com>
|
|
3
3
|
|
|
4
4
|
This file is part of the Arachni Framework project and is subject to
|
|
5
5
|
redistribution and commercial restrictions. Please see the Arachni Framework
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
=begin
|
|
2
|
-
Copyright 2010-
|
|
2
|
+
Copyright 2010-2016 Tasos Laskos <tasos.laskos@arachni-scanner.com>
|
|
3
3
|
|
|
4
4
|
This file is part of the Arachni Framework project and is subject to
|
|
5
5
|
redistribution and commercial restrictions. Please see the Arachni Framework
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
=begin
|
|
2
|
-
Copyright 2010-
|
|
2
|
+
Copyright 2010-2016 Tasos Laskos <tasos.laskos@arachni-scanner.com>
|
|
3
3
|
|
|
4
4
|
This file is part of the Arachni Framework project and is subject to
|
|
5
5
|
redistribution and commercial restrictions. Please see the Arachni Framework
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
=begin
|
|
2
|
-
Copyright 2010-
|
|
2
|
+
Copyright 2010-2016 Tasos Laskos <tasos.laskos@arachni-scanner.com>
|
|
3
3
|
|
|
4
4
|
This file is part of the Arachni Framework project and is subject to
|
|
5
5
|
redistribution and commercial restrictions. Please see the Arachni Framework
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
=begin
|
|
2
|
-
Copyright 2010-
|
|
2
|
+
Copyright 2010-2016 Tasos Laskos <tasos.laskos@arachni-scanner.com>
|
|
3
3
|
|
|
4
4
|
This file is part of the Arachni Framework project and is subject to
|
|
5
5
|
redistribution and commercial restrictions. Please see the Arachni Framework
|