aspisec 0.0.2 → 0.1.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/bin-ruby/aspisec +5 -5
- data/lib-ruby/aspisec/clean.rb +31 -11
- data/lib-ruby/aspisec/config.rb +55 -146
- data/lib-ruby/aspisec/configs/amass.rb +22 -0
- data/lib-ruby/aspisec/configs/bloodhound.rb +27 -0
- data/lib-ruby/aspisec/configs/crackmapexec.rb +28 -0
- data/lib-ruby/aspisec/configs/dbgate.rb +25 -0
- data/lib-ruby/aspisec/configs/ffuf.rb +19 -0
- data/lib-ruby/aspisec/configs/hashcat.rb +33 -0
- data/lib-ruby/aspisec/configs/home_history_files.rb +59 -0
- data/lib-ruby/aspisec/configs/john.rb +26 -0
- data/lib-ruby/aspisec/configs/jwt_tool.rb +19 -0
- data/lib-ruby/aspisec/configs/lsassy.rb +22 -0
- data/lib-ruby/aspisec/configs/manspider.rb +25 -0
- data/lib-ruby/aspisec/configs/metasploit.rb +38 -0
- data/lib-ruby/aspisec/configs/mobsf.rb +30 -0
- data/lib-ruby/aspisec/configs/mongodb_compass.rb +19 -0
- data/lib-ruby/aspisec/configs/mongodb_mongosh.rb +24 -0
- data/lib-ruby/aspisec/configs/ncrack.rb +19 -0
- data/lib-ruby/aspisec/configs/netexec.rb +28 -0
- data/lib-ruby/aspisec/configs/recaf.rb +24 -0
- data/lib-ruby/aspisec/configs/remmina.rb +20 -0
- data/lib-ruby/aspisec/configs/semgrep.rb +22 -0
- data/lib-ruby/aspisec/configs/spiderfoot.rb +24 -0
- data/lib-ruby/aspisec/configs/sqlmap.rb +27 -0
- data/lib-ruby/aspisec/configs/theharvester.rb +19 -0
- data/lib-ruby/aspisec/configs/weevely.rb +31 -0
- data/lib-ruby/aspisec/configs/whatwaf.rb +18 -0
- data/lib-ruby/aspisec/module.rb +35 -0
- data/lib-ruby/aspisec/modules/amass.rb +38 -0
- data/lib-ruby/aspisec/modules/bloodhound.rb +38 -0
- data/lib-ruby/aspisec/modules/dbgate.rb +38 -0
- data/lib-ruby/aspisec/modules/ffuf.rb +33 -0
- data/lib-ruby/aspisec/modules/home_history_files.rb +67 -0
- data/lib-ruby/aspisec/modules/jwt_tool.rb +33 -0
- data/lib-ruby/aspisec/modules/lsassy.rb +38 -0
- data/lib-ruby/aspisec/modules/manspider.rb +38 -0
- data/lib-ruby/aspisec/modules/mobsf.rb +49 -0
- data/lib-ruby/aspisec/modules/mongodb_compass.rb +33 -0
- data/lib-ruby/aspisec/modules/mongodb_mongosh.rb +38 -0
- data/lib-ruby/aspisec/modules/ncrack.rb +33 -0
- data/lib-ruby/aspisec/modules/recaf.rb +38 -0
- data/lib-ruby/aspisec/modules/remmina.rb +34 -0
- data/lib-ruby/aspisec/modules/semgrep.rb +38 -0
- data/lib-ruby/aspisec/modules/spiderfoot.rb +38 -0
- data/lib-ruby/aspisec/modules/weevely.rb +43 -0
- data/lib-ruby/aspisec/modules/whatwaf.rb +33 -0
- data/lib-ruby/aspisec/version.rb +1 -1
- metadata +46 -3
@@ -0,0 +1,38 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module Aspisec
|
4
|
+
class Config
|
5
|
+
module Configs
|
6
|
+
METASPLOIT = {
|
7
|
+
'enabled' => true,
|
8
|
+
'location' => {
|
9
|
+
'base' => '$HOME/.msf4', # ~/.msf4
|
10
|
+
#
|
11
|
+
#
|
12
|
+
'history' => {
|
13
|
+
'path' => '<base>/history',
|
14
|
+
'description' => "File containing the history of commands used in msf shell.\n" \
|
15
|
+
'It certainly contains username, passwords, hostnames, etc.'
|
16
|
+
},
|
17
|
+
'logs' => {
|
18
|
+
'path' => '<base>/logs',
|
19
|
+
'description' => "Directory containing log files.\n" \
|
20
|
+
"framework.log may contain stacktraces that contain payloads.\n" \
|
21
|
+
"production.log and sessions/ ? (I don't know, empty for me)"
|
22
|
+
},
|
23
|
+
'loot' => {
|
24
|
+
'path' => '<base>/loot',
|
25
|
+
'description' => "Directory containing looted files.\n" \
|
26
|
+
'Those are retrieved clients files.'
|
27
|
+
},
|
28
|
+
'meterpreter' => {
|
29
|
+
'path' => '<base>/meterpreter_history',
|
30
|
+
'description' => "File containing the history of commands used in meterpreter sessions.\n" \
|
31
|
+
"Less sensible than msf shell history but could still contains some file paths, \n" \
|
32
|
+
'for example.'
|
33
|
+
}
|
34
|
+
}
|
35
|
+
}.freeze
|
36
|
+
end
|
37
|
+
end
|
38
|
+
end
|
@@ -0,0 +1,30 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module Aspisec
|
4
|
+
class Config
|
5
|
+
module Configs
|
6
|
+
MOBSF = {
|
7
|
+
'enabled' => true,
|
8
|
+
'location' => {
|
9
|
+
'base' => '$HOME/.MobSF', # ~/.MobSF
|
10
|
+
'logs' => {
|
11
|
+
'path' => '<base>/debug.log',
|
12
|
+
'description' => 'Logs file containing at least APK name.'
|
13
|
+
},
|
14
|
+
'downloads' => {
|
15
|
+
'path' => '<base>/downloads',
|
16
|
+
'description' => 'Directory where are stored files extracted from APK or screenshots of the app running.'
|
17
|
+
},
|
18
|
+
'uploads' => {
|
19
|
+
'path' => '<base>/uploads',
|
20
|
+
'description' => 'Directory containing decompressed APKs.'
|
21
|
+
},
|
22
|
+
'database' => {
|
23
|
+
'path' => '<base>/db.sqlite3',
|
24
|
+
'description' => 'Database file containing at least APK name.'
|
25
|
+
}
|
26
|
+
}
|
27
|
+
}.freeze
|
28
|
+
end
|
29
|
+
end
|
30
|
+
end
|
@@ -0,0 +1,19 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module Aspisec
|
4
|
+
class Config
|
5
|
+
module Configs
|
6
|
+
MONGODB_COMPASS = {
|
7
|
+
'enabled' => true,
|
8
|
+
'location' => {
|
9
|
+
'base' => '$HOME/.mongodb/compass', # ~/.mongodb/compass
|
10
|
+
'logs' => {
|
11
|
+
'path' => '<base>/*_log.gz',
|
12
|
+
'description' => "Compressed log files.\n" \
|
13
|
+
'Credentials are redacted but logs still contain IP and port.'
|
14
|
+
}
|
15
|
+
}
|
16
|
+
}.freeze
|
17
|
+
end
|
18
|
+
end
|
19
|
+
end
|
@@ -0,0 +1,24 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module Aspisec
|
4
|
+
class Config
|
5
|
+
module Configs
|
6
|
+
MONGODB_MONGOSH = {
|
7
|
+
'enabled' => true,
|
8
|
+
'location' => {
|
9
|
+
'base' => '$HOME/.mongodb/mongosh', # ~/.mongodb/mongosh
|
10
|
+
'logs' => {
|
11
|
+
'path' => '<base>/*_log',
|
12
|
+
'description' => "Log files.\n" \
|
13
|
+
'Contain at least information about target (IP, port).'
|
14
|
+
},
|
15
|
+
'history' => {
|
16
|
+
'path' => '<base>/mongosh_repl_history',
|
17
|
+
'description' => "History file.\n" \
|
18
|
+
'Contain the history of commands typed in mongosh shell.'
|
19
|
+
}
|
20
|
+
}
|
21
|
+
}.freeze
|
22
|
+
end
|
23
|
+
end
|
24
|
+
end
|
@@ -0,0 +1,19 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module Aspisec
|
4
|
+
class Config
|
5
|
+
module Configs
|
6
|
+
NCRACK = {
|
7
|
+
'enabled' => true,
|
8
|
+
'location' => {
|
9
|
+
'base' => '$HOME/.ncrack', # ~/.ncrack
|
10
|
+
'restore' => {
|
11
|
+
'path' => '<base>',
|
12
|
+
'description' => "Directory containing retore files to resume a cracking session.\n" \
|
13
|
+
'Restore files contain the command launch including the username or wordlist used.'
|
14
|
+
}
|
15
|
+
}
|
16
|
+
}.freeze
|
17
|
+
end
|
18
|
+
end
|
19
|
+
end
|
@@ -0,0 +1,28 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module Aspisec
|
4
|
+
class Config
|
5
|
+
module Configs
|
6
|
+
NETEXEC = {
|
7
|
+
'enabled' => true,
|
8
|
+
'location' => {
|
9
|
+
'base' => '$HOME/.nxc', # ~/.nxc
|
10
|
+
'logs' => {
|
11
|
+
'path' => '<base>/logs',
|
12
|
+
'description' => 'Directory containing log files, secrets, hashes, cleartext password etc.'
|
13
|
+
},
|
14
|
+
'screenshots' => {
|
15
|
+
'path' => '<base>/screenshots',
|
16
|
+
'description' => 'Directory where are stored all screenshots taken with the --screenshot option.'
|
17
|
+
},
|
18
|
+
'workspaces' => {
|
19
|
+
'path' => '<base>/workspaces',
|
20
|
+
'description' => "Directory containing workspaces.\n" \
|
21
|
+
'Workspaces contain SQLite databases including users (domain, usernames, password), ' \
|
22
|
+
'shares, hosts, dpapi secrets, etc.'
|
23
|
+
}
|
24
|
+
}
|
25
|
+
}.freeze
|
26
|
+
end
|
27
|
+
end
|
28
|
+
end
|
@@ -0,0 +1,24 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module Aspisec
|
4
|
+
class Config
|
5
|
+
module Configs
|
6
|
+
RECAF = {
|
7
|
+
'enabled' => true,
|
8
|
+
'location' => {
|
9
|
+
'base' => '$XDG_CONFIG_HOME/Recaf', # ~/.config/Recaf
|
10
|
+
'classpath' => {
|
11
|
+
'path' => '<base>/classpath',
|
12
|
+
'description' => "Folder containing JARs.\n" \
|
13
|
+
'Those JARs contain the classpath of previously openned JARs.'
|
14
|
+
},
|
15
|
+
'logs' => {
|
16
|
+
'path' => '<base>/rclog.txt',
|
17
|
+
'description' => "Log file of the last session.\n" \
|
18
|
+
'Contains class names, file names or commands if openned in CLI mode.'
|
19
|
+
}
|
20
|
+
}
|
21
|
+
}.freeze
|
22
|
+
end
|
23
|
+
end
|
24
|
+
end
|
@@ -0,0 +1,20 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module Aspisec
|
4
|
+
class Config
|
5
|
+
module Configs
|
6
|
+
REMMINA = {
|
7
|
+
'enabled' => true,
|
8
|
+
'location' => {
|
9
|
+
'base' => '$XDG_DATA_HOME/remmina', # ~/.local/share/remmina/
|
10
|
+
'configs' => {
|
11
|
+
'enabled' => false,
|
12
|
+
'path' => '<base>/*.remmina',
|
13
|
+
'description' => "Configuration files for saved targets.\n" \
|
14
|
+
'It could contain usernames, passwords, IP addresses, target name.'
|
15
|
+
}
|
16
|
+
}
|
17
|
+
}.freeze
|
18
|
+
end
|
19
|
+
end
|
20
|
+
end
|
@@ -0,0 +1,22 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module Aspisec
|
4
|
+
class Config
|
5
|
+
module Configs
|
6
|
+
SEMGREP = {
|
7
|
+
'enabled' => true,
|
8
|
+
'location' => {
|
9
|
+
'base' => '$HOME/.semgrep', # ~/.semgrep
|
10
|
+
'logs1' => {
|
11
|
+
'path' => '<base>/last.log',
|
12
|
+
'description' => 'Logs files containing project path.'
|
13
|
+
},
|
14
|
+
'logs2' => {
|
15
|
+
'path' => '<base>/semgrep.log',
|
16
|
+
'description' => 'Logs files containing project path.'
|
17
|
+
}
|
18
|
+
}
|
19
|
+
}.freeze
|
20
|
+
end
|
21
|
+
end
|
22
|
+
end
|
@@ -0,0 +1,24 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module Aspisec
|
4
|
+
class Config
|
5
|
+
module Configs
|
6
|
+
SPIDERFOOT = {
|
7
|
+
'enabled' => true,
|
8
|
+
'location' => {
|
9
|
+
'base' => '$HOME/.spiderfoot', # ~/.spiderfoot
|
10
|
+
'database' => {
|
11
|
+
'path' => '<base>/spiderfoot.db',
|
12
|
+
'description' => "Database file.\n" \
|
13
|
+
'It contains target domains in logs and results.'
|
14
|
+
},
|
15
|
+
'logs' => {
|
16
|
+
'path' => '<base>/logs',
|
17
|
+
'description' => "Directory containing debug and errors logs.\n" \
|
18
|
+
'Logs contain IP addresses of targets.'
|
19
|
+
}
|
20
|
+
}
|
21
|
+
}.freeze
|
22
|
+
end
|
23
|
+
end
|
24
|
+
end
|
@@ -0,0 +1,27 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module Aspisec
|
4
|
+
class Config
|
5
|
+
module Configs
|
6
|
+
SQLMAP = {
|
7
|
+
'enabled' => true,
|
8
|
+
'location' => {
|
9
|
+
'base' => '$XDG_DATA_HOME/sqlmap', # ~/.local/share/sqlmap
|
10
|
+
'history' => {
|
11
|
+
'path' => '<base>/history',
|
12
|
+
'description' => "Directory containing history files.\n" \
|
13
|
+
"os.hst stores system commands entered when using --os-pwn option.\n" \
|
14
|
+
'sql.hst stores SQL quries entered when using --os-shell option.'
|
15
|
+
},
|
16
|
+
'logs' => {
|
17
|
+
'path' => '<base>/output',
|
18
|
+
'description' => "Directory containing a folder per target.\n" \
|
19
|
+
"<target>/log contains all successful injection vectors.\n" \
|
20
|
+
"<target>/session.sqlite contains retrieved data.\n" \
|
21
|
+
'<target>/target.txt contains target URL + command used.'
|
22
|
+
}
|
23
|
+
}
|
24
|
+
}.freeze
|
25
|
+
end
|
26
|
+
end
|
27
|
+
end
|
@@ -0,0 +1,19 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module Aspisec
|
4
|
+
class Config
|
5
|
+
module Configs
|
6
|
+
THEHARVESTER = {
|
7
|
+
'enabled' => true,
|
8
|
+
'location' => {
|
9
|
+
'base' => '$XDG_DATA_HOME/theHarvester', # ~/.local/share/theHarvester
|
10
|
+
#
|
11
|
+
'stash' => {
|
12
|
+
'path' => '<base>/stash.sqlite',
|
13
|
+
'description' => 'File (SQLite DB) containing all the harvested addresses.'
|
14
|
+
}
|
15
|
+
}
|
16
|
+
}.freeze
|
17
|
+
end
|
18
|
+
end
|
19
|
+
end
|
@@ -0,0 +1,31 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module Aspisec
|
4
|
+
class Config
|
5
|
+
module Configs
|
6
|
+
WEEVELY = {
|
7
|
+
'enabled' => true,
|
8
|
+
'location' => {
|
9
|
+
'base' => '$HOME/.weevely', # ~/.weevely
|
10
|
+
'history' => {
|
11
|
+
'path' => '<base>/history',
|
12
|
+
'description' => 'File containing the history of the commands typed on webshells.'
|
13
|
+
},
|
14
|
+
'sessions' => {
|
15
|
+
'path' => '<base>/sessions',
|
16
|
+
'description' => "Directory containing session files.\n" \
|
17
|
+
'Session files contain URL to webshell, webshell password, extension results, etc.'
|
18
|
+
},
|
19
|
+
'logs' => {
|
20
|
+
'path' => '<base>/weevely.log*',
|
21
|
+
'description' => "Files containing the logs.\n" \
|
22
|
+
"A log file contains the response to commands executed on the remote machine.\n" \
|
23
|
+
'As there is a rotation, mutiple log files may exist. The last will be weevely.log ' \
|
24
|
+
'then the older ones will follow the pattern weevely.log.<number> e.g. weevely.log.1 ' \
|
25
|
+
'etc.'
|
26
|
+
}
|
27
|
+
}
|
28
|
+
}.freeze
|
29
|
+
end
|
30
|
+
end
|
31
|
+
end
|
@@ -0,0 +1,18 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module Aspisec
|
4
|
+
class Config
|
5
|
+
module Configs
|
6
|
+
WHATWAF = {
|
7
|
+
'enabled' => true,
|
8
|
+
'location' => {
|
9
|
+
'base' => '$HOME/.whatwaf', # ~/.whatwaf
|
10
|
+
'database' => {
|
11
|
+
'path' => '<base>/whatwaf.sqlite',
|
12
|
+
'description' => 'File (database) containing cached payloads and URLs.'
|
13
|
+
}
|
14
|
+
}
|
15
|
+
}.freeze
|
16
|
+
end
|
17
|
+
end
|
18
|
+
end
|
data/lib-ruby/aspisec/module.rb
CHANGED
@@ -45,11 +45,22 @@ module Aspisec
|
|
45
45
|
@name = tool_name
|
46
46
|
@logger.debug("Module #{@name} was loaded", app: @name)
|
47
47
|
@conf = conf['tools'][tool_name]
|
48
|
+
check_config
|
48
49
|
@base = Pathname.new(@conf.dig('location', 'base'))
|
49
50
|
@enabled = @conf.fetch('enabled', true)
|
50
51
|
@locations_list = []
|
51
52
|
end
|
52
53
|
|
54
|
+
# Raise an issue if the module configuration is missing
|
55
|
+
def check_config
|
56
|
+
return unless @conf.nil?
|
57
|
+
|
58
|
+
message = "Configuration for module #{@name} is missing." \
|
59
|
+
'You may use an old version of the configuration file.'
|
60
|
+
@logger.error(message, app: @name)
|
61
|
+
raise 'Missing configuration for the current module.'
|
62
|
+
end
|
63
|
+
|
53
64
|
# Is this module enabled?
|
54
65
|
# @return [true|false]
|
55
66
|
def enabled?
|
@@ -98,6 +109,30 @@ module Aspisec
|
|
98
109
|
def enabled?
|
99
110
|
@enabled
|
100
111
|
end
|
112
|
+
|
113
|
+
# Check if the location exist (weither it's a file, directory or a path contaning globbing so
|
114
|
+
# multiple files / directories).
|
115
|
+
# loc.path.exist? will return false when a path contains globbing as it's not expended,
|
116
|
+
# that's the main reason for creating the loc.exist? helper.
|
117
|
+
# @return [true|false]
|
118
|
+
def exist?
|
119
|
+
return true if path.exist?
|
120
|
+
|
121
|
+
# this case is needed to support globbing
|
122
|
+
candidates = Dir[path].map { |path| Pathname.new(path).exist? }
|
123
|
+
# rubocop:disable Lint/DuplicateBranch
|
124
|
+
# false positive in rubocop rule
|
125
|
+
if candidates.empty? # necessary because [].all? always return true whatever the condition is
|
126
|
+
# this is preventing doing a simple one-liner like
|
127
|
+
# self.path.exist? || Dir[self.path].map { |path| Pathname.new(path).exist? }.all? { |bool| bool == true }
|
128
|
+
false
|
129
|
+
elsif candidates.all? { |bool| bool == true }
|
130
|
+
true
|
131
|
+
else
|
132
|
+
false
|
133
|
+
end
|
134
|
+
# rubocop:enable Lint/DuplicateBranch
|
135
|
+
end
|
101
136
|
end
|
102
137
|
end
|
103
138
|
end
|
@@ -0,0 +1,38 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'aspisec/module'
|
4
|
+
|
5
|
+
module Aspisec
|
6
|
+
module Modules
|
7
|
+
# Amass module.
|
8
|
+
# Inherits {Aspisec::Module}.
|
9
|
+
# For more examples of methods, see {Aspisec::Modules::Sqlmap}.
|
10
|
+
# @see https://github.com/OWASP/Amass
|
11
|
+
# @example
|
12
|
+
# # Get the global config
|
13
|
+
# conf = Aspisec::Config.new.conf
|
14
|
+
# # Create a Amass module instance
|
15
|
+
# ama = Aspisec::Modules::Amass.new(conf)
|
16
|
+
# # Locations available
|
17
|
+
# ama.locations_list # => ["logs", "database"]
|
18
|
+
class Amass < Aspisec::Module
|
19
|
+
# see {Aspisec::Config::DEFAULT_CONFIG} or call {Aspisec::Module::Location#description}.
|
20
|
+
# @return [Location]
|
21
|
+
attr_reader :logs
|
22
|
+
|
23
|
+
# see {Aspisec::Config::DEFAULT_CONFIG} or call {Aspisec::Module::Location#description}.
|
24
|
+
# @return [Location]
|
25
|
+
attr_reader :database
|
26
|
+
|
27
|
+
# Inherits from {Aspisec::Module} but has only the `conf` argument,
|
28
|
+
# `tool_name` is hardcoded for each module.
|
29
|
+
# @param conf [Aspisec::Config] an instance of the global configuration
|
30
|
+
def initialize(conf, logger: nil)
|
31
|
+
super(conf, 'amass', logger:)
|
32
|
+
@logs = Location.new(@conf, 'logs')
|
33
|
+
@database = Location.new(@conf, 'database')
|
34
|
+
@locations_list = %w[logs database]
|
35
|
+
end
|
36
|
+
end
|
37
|
+
end
|
38
|
+
end
|
@@ -0,0 +1,38 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'aspisec/module'
|
4
|
+
|
5
|
+
module Aspisec
|
6
|
+
module Modules
|
7
|
+
# Bloodhound module.
|
8
|
+
# Inherits {Aspisec::Module}.
|
9
|
+
# For more examples of methods, see {Aspisec::Modules::Sqlmap}.
|
10
|
+
# @see https://github.com/BloodHoundAD/BloodHound
|
11
|
+
# @example
|
12
|
+
# # Get the global config
|
13
|
+
# conf = Aspisec::Config.new.conf
|
14
|
+
# # Create a Bloodhound module instance
|
15
|
+
# blh = Aspisec::Modules::Bloodhound.new(conf)
|
16
|
+
# # Locations available
|
17
|
+
# blh.locations_list # => ["database", "transactions"]
|
18
|
+
class Bloodhound < Aspisec::Module
|
19
|
+
# see {Aspisec::Config::DEFAULT_CONFIG} or call {Aspisec::Module::Location#description}.
|
20
|
+
# @return [Location]
|
21
|
+
attr_reader :database
|
22
|
+
|
23
|
+
# see {Aspisec::Config::DEFAULT_CONFIG} or call {Aspisec::Module::Location#description}.
|
24
|
+
# @return [Location]
|
25
|
+
attr_reader :transactions
|
26
|
+
|
27
|
+
# Inherits from {Aspisec::Module} but has only the `conf` argument,
|
28
|
+
# `tool_name` is hardcoded for each module.
|
29
|
+
# @param conf [Aspisec::Config] an instance of the global configuration
|
30
|
+
def initialize(conf, logger: nil)
|
31
|
+
super(conf, 'bloodhound', logger:)
|
32
|
+
@database = Location.new(@conf, 'database')
|
33
|
+
@transactions = Location.new(@conf, 'transactions')
|
34
|
+
@locations_list = %w[database transactions]
|
35
|
+
end
|
36
|
+
end
|
37
|
+
end
|
38
|
+
end
|
@@ -0,0 +1,38 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'aspisec/module'
|
4
|
+
|
5
|
+
module Aspisec
|
6
|
+
module Modules
|
7
|
+
# dbgate module.
|
8
|
+
# Inherits {Aspisec::Module}.
|
9
|
+
# For more examples of methods, see {Aspisec::Modules::Sqlmap}.
|
10
|
+
# @see https://github.com/dbgate/dbgate
|
11
|
+
# @example
|
12
|
+
# # Get the global config
|
13
|
+
# conf = Aspisec::Config.new.conf
|
14
|
+
# # Create a Dbgate module instance
|
15
|
+
# dbg = Aspisec::Modules::Dbgate.new(conf)
|
16
|
+
# # Locations available
|
17
|
+
# dbg.locations_list # => ["connections", "logs"]
|
18
|
+
class Dbgate < Aspisec::Module
|
19
|
+
# see {Aspisec::Config::DEFAULT_CONFIG} or call {Aspisec::Module::Location#description}.
|
20
|
+
# @return [Location]
|
21
|
+
attr_reader :connections
|
22
|
+
|
23
|
+
# see {Aspisec::Config::DEFAULT_CONFIG} or call {Aspisec::Module::Location#description}.
|
24
|
+
# @return [Location]
|
25
|
+
attr_reader :logs
|
26
|
+
|
27
|
+
# Inherits from {Aspisec::Module} but has only the `conf` argument,
|
28
|
+
# `tool_name` is hardcoded for each module.
|
29
|
+
# @param conf [Aspisec::Config] an instance of the global configuration
|
30
|
+
def initialize(conf, logger: nil)
|
31
|
+
super(conf, 'dbgate', logger:)
|
32
|
+
@connections = Location.new(@conf, 'connections')
|
33
|
+
@logs = Location.new(@conf, 'logs')
|
34
|
+
@locations_list = %w[connections logs]
|
35
|
+
end
|
36
|
+
end
|
37
|
+
end
|
38
|
+
end
|
@@ -0,0 +1,33 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'aspisec/module'
|
4
|
+
|
5
|
+
module Aspisec
|
6
|
+
module Modules
|
7
|
+
# ffuf module.
|
8
|
+
# Inherits {Aspisec::Module}.
|
9
|
+
# For more examples of methods, see {Aspisec::Modules::Sqlmap}.
|
10
|
+
# @see https://github.com/ffuf/ffuf
|
11
|
+
# @example
|
12
|
+
# # Get the global config
|
13
|
+
# conf = Aspisec::Config.new.conf
|
14
|
+
# # Create a Ffuf module instance
|
15
|
+
# ffu = Aspisec::Modules::Ffuf.new(conf)
|
16
|
+
# # Locations available
|
17
|
+
# ffu.locations_list # => ["history"]
|
18
|
+
class Ffuf < Aspisec::Module
|
19
|
+
# see {Aspisec::Config::DEFAULT_CONFIG} or call {Aspisec::Module::Location#description}.
|
20
|
+
# @return [Location]
|
21
|
+
attr_reader :history
|
22
|
+
|
23
|
+
# Inherits from {Aspisec::Module} but has only the `conf` argument,
|
24
|
+
# `tool_name` is hardcoded for each module.
|
25
|
+
# @param conf [Aspisec::Config] an instance of the global configuration
|
26
|
+
def initialize(conf, logger: nil)
|
27
|
+
super(conf, 'ffuf', logger:)
|
28
|
+
@history = Location.new(@conf, 'history')
|
29
|
+
@locations_list = %w[history]
|
30
|
+
end
|
31
|
+
end
|
32
|
+
end
|
33
|
+
end
|
@@ -0,0 +1,67 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'aspisec/module'
|
4
|
+
|
5
|
+
module Aspisec
|
6
|
+
module Modules
|
7
|
+
# Module for various history files stored in the user home directory.
|
8
|
+
# Inherits {Aspisec::Module}.
|
9
|
+
# For more examples of methods, see {Aspisec::Modules::Sqlmap}.
|
10
|
+
# @example
|
11
|
+
# # Get the global config
|
12
|
+
# conf = Aspisec::Config.new.conf
|
13
|
+
# # Create a HomeHistoryFiles module instance
|
14
|
+
# hhf = Aspisec::Modules::HomeHistoryFiles.new(conf)
|
15
|
+
# # Locations available
|
16
|
+
# hhf.locations_list # => ["python", "postgresql", "ruby_irb", "ruby_rdbg", "redis_cli", "bash", "zsh", "zsh_alt"]
|
17
|
+
class HomeHistoryFiles < Aspisec::Module
|
18
|
+
# see {Aspisec::Config::DEFAULT_CONFIG} or call {Aspisec::Module::Location#description}.
|
19
|
+
# @return [Location]
|
20
|
+
attr_reader :python
|
21
|
+
|
22
|
+
# see {Aspisec::Config::DEFAULT_CONFIG} or call {Aspisec::Module::Location#description}.
|
23
|
+
# @return [Location]
|
24
|
+
attr_reader :postgresql
|
25
|
+
|
26
|
+
# see {Aspisec::Config::DEFAULT_CONFIG} or call {Aspisec::Module::Location#description}.
|
27
|
+
# @return [Location]
|
28
|
+
attr_reader :ruby_irb
|
29
|
+
|
30
|
+
# see {Aspisec::Config::DEFAULT_CONFIG} or call {Aspisec::Module::Location#description}.
|
31
|
+
# @return [Location]
|
32
|
+
attr_reader :ruby_rdbg
|
33
|
+
|
34
|
+
# see {Aspisec::Config::DEFAULT_CONFIG} or call {Aspisec::Module::Location#description}.
|
35
|
+
# @return [Location]
|
36
|
+
attr_reader :redis_cli
|
37
|
+
|
38
|
+
# see {Aspisec::Config::DEFAULT_CONFIG} or call {Aspisec::Module::Location#description}.
|
39
|
+
# @return [Location]
|
40
|
+
attr_reader :bash
|
41
|
+
|
42
|
+
# see {Aspisec::Config::DEFAULT_CONFIG} or call {Aspisec::Module::Location#description}.
|
43
|
+
# @return [Location]
|
44
|
+
attr_reader :zsh
|
45
|
+
|
46
|
+
# see {Aspisec::Config::DEFAULT_CONFIG} or call {Aspisec::Module::Location#description}.
|
47
|
+
# @return [Location]
|
48
|
+
attr_reader :zsh_alt
|
49
|
+
|
50
|
+
# Inherits from {Aspisec::Module} but has only the `conf` argument,
|
51
|
+
# `tool_name` is hardcoded for each module.
|
52
|
+
# @param conf [Aspisec::Config] an instance of the global configuration
|
53
|
+
def initialize(conf, logger: nil)
|
54
|
+
super(conf, 'home-history-files', logger:)
|
55
|
+
@python = Location.new(@conf, 'python')
|
56
|
+
@postgresql = Location.new(@conf, 'postgresql')
|
57
|
+
@ruby_irb = Location.new(@conf, 'ruby-irb')
|
58
|
+
@ruby_rdbg = Location.new(@conf, 'ruby-rdbg')
|
59
|
+
@redis_cli = Location.new(@conf, 'redis-cli')
|
60
|
+
@bash = Location.new(@conf, 'bash')
|
61
|
+
@zsh = Location.new(@conf, 'zsh')
|
62
|
+
@zsh_alt = Location.new(@conf, 'zsh-alt')
|
63
|
+
@locations_list = %w[python postgresql ruby_irb ruby_rdbg redis_cli bash zsh zsh_alt]
|
64
|
+
end
|
65
|
+
end
|
66
|
+
end
|
67
|
+
end
|
@@ -0,0 +1,33 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'aspisec/module'
|
4
|
+
|
5
|
+
module Aspisec
|
6
|
+
module Modules
|
7
|
+
# jwt_tool module.
|
8
|
+
# Inherits {Aspisec::Module}.
|
9
|
+
# For more examples of methods, see {Aspisec::Modules::Sqlmap}.
|
10
|
+
# @see https://github.com/ticarpi/jwt_tool
|
11
|
+
# @example
|
12
|
+
# # Get the global config
|
13
|
+
# conf = Aspisec::Config.new.conf
|
14
|
+
# # Create a JwtTool module instance
|
15
|
+
# jwt = Aspisec::Modules::JwtTool.new(conf)
|
16
|
+
# # Locations available
|
17
|
+
# jwt.locations_list # => ["logs"]
|
18
|
+
class JwtTool < Aspisec::Module
|
19
|
+
# see {Aspisec::Config::DEFAULT_CONFIG} or call {Aspisec::Module::Location#description}.
|
20
|
+
# @return [Location]
|
21
|
+
attr_reader :logs
|
22
|
+
|
23
|
+
# Inherits from {Aspisec::Module} but has only the `conf` argument,
|
24
|
+
# `tool_name` is hardcoded for each module.
|
25
|
+
# @param conf [Aspisec::Config] an instance of the global configuration
|
26
|
+
def initialize(conf, logger: nil)
|
27
|
+
super(conf, 'jwt_tool', logger:)
|
28
|
+
@logs = Location.new(@conf, 'logs')
|
29
|
+
@locations_list = %w[logs]
|
30
|
+
end
|
31
|
+
end
|
32
|
+
end
|
33
|
+
end
|