caido 0.0.0.pre.dev → 0.2.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.rubocop.yml +221 -0
- data/README.md +19 -15
- data/Rakefile +3 -3
- data/caido.gemspec +19 -13
- data/caido_introspection_schema.json +31049 -0
- data/lib/caido/helpers/_example.rb +10 -0
- data/lib/caido/helpers/automate.rb +30 -0
- data/lib/caido/helpers/export.rb +38 -0
- data/lib/caido/helpers/hosted_file.rb +19 -0
- data/lib/caido/helpers/replay.rb +89 -0
- data/lib/caido/helpers/request.rb +34 -0
- data/lib/caido/helpers/response.rb +19 -0
- data/lib/caido/helpers/runtime.rb +14 -0
- data/lib/caido/helpers/sitemap.rb +40 -0
- data/lib/caido/helpers/workflow.rb +36 -0
- data/lib/caido/helpers/workspace.rb +32 -0
- data/lib/caido/instance.rb +61 -0
- data/lib/caido/version.rb +1 -1
- data/lib/caido.rb +2 -2
- metadata +55 -9
@@ -0,0 +1,30 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module Caido
|
4
|
+
# Instance class
|
5
|
+
class Instance
|
6
|
+
def automate_session(id)
|
7
|
+
query("query{
|
8
|
+
automateSession(id: \"#{id}\"){
|
9
|
+
id
|
10
|
+
name
|
11
|
+
raw
|
12
|
+
createdAt
|
13
|
+
}
|
14
|
+
}")['automateSession']
|
15
|
+
end
|
16
|
+
|
17
|
+
def automate_sessions
|
18
|
+
query('query{
|
19
|
+
automateSessions{
|
20
|
+
nodes{
|
21
|
+
id
|
22
|
+
name
|
23
|
+
raw
|
24
|
+
createdAt
|
25
|
+
}
|
26
|
+
}
|
27
|
+
}')['automateSessions']
|
28
|
+
end
|
29
|
+
end
|
30
|
+
end
|
@@ -0,0 +1,38 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module Caido
|
4
|
+
# Instance class
|
5
|
+
class Instance
|
6
|
+
def exports
|
7
|
+
query('query{
|
8
|
+
dataExports{
|
9
|
+
id
|
10
|
+
format
|
11
|
+
name
|
12
|
+
status
|
13
|
+
error
|
14
|
+
createdAt
|
15
|
+
path
|
16
|
+
size
|
17
|
+
downloadUri
|
18
|
+
}
|
19
|
+
}')['dataExports']
|
20
|
+
end
|
21
|
+
|
22
|
+
def export(id)
|
23
|
+
query("query{
|
24
|
+
dataExport(id: \"#{id}\"){
|
25
|
+
id
|
26
|
+
format
|
27
|
+
name
|
28
|
+
status
|
29
|
+
error
|
30
|
+
createdAt
|
31
|
+
path
|
32
|
+
size
|
33
|
+
downloadUri
|
34
|
+
}
|
35
|
+
}")['dataExport']
|
36
|
+
end
|
37
|
+
end
|
38
|
+
end
|
@@ -0,0 +1,89 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module Caido
|
4
|
+
# Instance class
|
5
|
+
class Instance
|
6
|
+
def replay_collections
|
7
|
+
query('query {
|
8
|
+
replaySessionCollections{
|
9
|
+
nodes{
|
10
|
+
name
|
11
|
+
sessions{
|
12
|
+
name
|
13
|
+
id
|
14
|
+
}
|
15
|
+
}
|
16
|
+
}
|
17
|
+
}')['replaySessionCollections']['nodes']
|
18
|
+
end
|
19
|
+
|
20
|
+
def replay_session(id)
|
21
|
+
query("query{
|
22
|
+
replaySession(id: \"#{id}\"){
|
23
|
+
name
|
24
|
+
activeEntry{
|
25
|
+
request{
|
26
|
+
host
|
27
|
+
path
|
28
|
+
method
|
29
|
+
query
|
30
|
+
raw
|
31
|
+
isTls
|
32
|
+
fileExtension
|
33
|
+
source
|
34
|
+
port
|
35
|
+
|
36
|
+
}
|
37
|
+
}
|
38
|
+
}
|
39
|
+
}")['replaySession']
|
40
|
+
end
|
41
|
+
|
42
|
+
def replay_sessions
|
43
|
+
sessions_data = []
|
44
|
+
collections = query('query {
|
45
|
+
replaySessionCollections{
|
46
|
+
nodes{
|
47
|
+
name
|
48
|
+
sessions{
|
49
|
+
name
|
50
|
+
id
|
51
|
+
}
|
52
|
+
}
|
53
|
+
}
|
54
|
+
}')['replaySessionCollections']['nodes']
|
55
|
+
|
56
|
+
collections.each do |collection|
|
57
|
+
next unless collection
|
58
|
+
|
59
|
+
sessions = collection['sessions']
|
60
|
+
|
61
|
+
sessions.each do |session|
|
62
|
+
next unless session
|
63
|
+
|
64
|
+
sessions_data << query("query{
|
65
|
+
replaySession(id: \"#{session['id']}\"){
|
66
|
+
name
|
67
|
+
activeEntry{
|
68
|
+
request{
|
69
|
+
host
|
70
|
+
path
|
71
|
+
method
|
72
|
+
query
|
73
|
+
raw
|
74
|
+
isTls
|
75
|
+
fileExtension
|
76
|
+
source
|
77
|
+
port
|
78
|
+
|
79
|
+
}
|
80
|
+
}
|
81
|
+
}
|
82
|
+
}")['replaySession']
|
83
|
+
end
|
84
|
+
end
|
85
|
+
|
86
|
+
sessions_data
|
87
|
+
end
|
88
|
+
end
|
89
|
+
end
|
@@ -0,0 +1,34 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module Caido
|
4
|
+
# Instance class
|
5
|
+
class Instance
|
6
|
+
def request(id)
|
7
|
+
query("query{
|
8
|
+
request(id:\"#{id}\"){
|
9
|
+
id
|
10
|
+
host
|
11
|
+
method
|
12
|
+
query
|
13
|
+
length
|
14
|
+
port
|
15
|
+
isTls
|
16
|
+
fileExtension
|
17
|
+
source
|
18
|
+
alteration
|
19
|
+
edited
|
20
|
+
createdAt
|
21
|
+
raw
|
22
|
+
response{
|
23
|
+
id
|
24
|
+
statusCode
|
25
|
+
length
|
26
|
+
roundtripTime
|
27
|
+
edited
|
28
|
+
raw
|
29
|
+
}
|
30
|
+
}
|
31
|
+
}")['request']
|
32
|
+
end
|
33
|
+
end
|
34
|
+
end
|
@@ -0,0 +1,19 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module Caido
|
4
|
+
# Instance class
|
5
|
+
class Instance
|
6
|
+
def response(id)
|
7
|
+
query("query{
|
8
|
+
response(id:\"#{id}\"){
|
9
|
+
id
|
10
|
+
statusCode
|
11
|
+
length
|
12
|
+
roundtripTime
|
13
|
+
edited
|
14
|
+
raw
|
15
|
+
}
|
16
|
+
}")['response']
|
17
|
+
end
|
18
|
+
end
|
19
|
+
end
|
@@ -0,0 +1,40 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module Caido
|
4
|
+
# Instance class
|
5
|
+
class Instance
|
6
|
+
def sitemap_entiry(id)
|
7
|
+
query("query{
|
8
|
+
sitemapEntry(id: \"#{id}\"){
|
9
|
+
id
|
10
|
+
label
|
11
|
+
kind
|
12
|
+
parentId
|
13
|
+
request{
|
14
|
+
id
|
15
|
+
host
|
16
|
+
method
|
17
|
+
query
|
18
|
+
length
|
19
|
+
port
|
20
|
+
isTls
|
21
|
+
fileExtension
|
22
|
+
source
|
23
|
+
alteration
|
24
|
+
edited
|
25
|
+
createdAt
|
26
|
+
raw
|
27
|
+
response{
|
28
|
+
id
|
29
|
+
statusCode
|
30
|
+
length
|
31
|
+
roundtripTime
|
32
|
+
edited
|
33
|
+
raw
|
34
|
+
}
|
35
|
+
}
|
36
|
+
}
|
37
|
+
}")['sitemapEntry']
|
38
|
+
end
|
39
|
+
end
|
40
|
+
end
|
@@ -0,0 +1,36 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module Caido
|
4
|
+
# Instance class
|
5
|
+
class Instance
|
6
|
+
def workflows
|
7
|
+
query('query{
|
8
|
+
workflows{
|
9
|
+
id
|
10
|
+
name
|
11
|
+
kind
|
12
|
+
enabled
|
13
|
+
global
|
14
|
+
definition
|
15
|
+
createdAt
|
16
|
+
updatedAt
|
17
|
+
}
|
18
|
+
}')['workflows']
|
19
|
+
end
|
20
|
+
|
21
|
+
def workflow(id)
|
22
|
+
query("query{
|
23
|
+
workflow(id: \"#{id}\"){
|
24
|
+
id
|
25
|
+
name
|
26
|
+
kind
|
27
|
+
enabled
|
28
|
+
global
|
29
|
+
definition
|
30
|
+
createdAt
|
31
|
+
updatedAt
|
32
|
+
}
|
33
|
+
}")['workflow']
|
34
|
+
end
|
35
|
+
end
|
36
|
+
end
|
@@ -0,0 +1,32 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module Caido
|
4
|
+
# Instance class
|
5
|
+
class Instance
|
6
|
+
def projects
|
7
|
+
query('query {
|
8
|
+
projects{
|
9
|
+
id
|
10
|
+
name
|
11
|
+
version
|
12
|
+
updatedAt
|
13
|
+
}
|
14
|
+
}')['projects']
|
15
|
+
end
|
16
|
+
|
17
|
+
def backups
|
18
|
+
query('query{
|
19
|
+
backups{
|
20
|
+
id
|
21
|
+
name
|
22
|
+
status
|
23
|
+
updatedAt
|
24
|
+
createdAt
|
25
|
+
path
|
26
|
+
size
|
27
|
+
downloadUri
|
28
|
+
}
|
29
|
+
}')['backups']
|
30
|
+
end
|
31
|
+
end
|
32
|
+
end
|
@@ -0,0 +1,61 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'httparty'
|
4
|
+
require 'json'
|
5
|
+
|
6
|
+
# Assuming this code is at the top level of instance.rb and helplers directory is at the same level
|
7
|
+
Dir[File.expand_path('helpers/*.rb', __dir__)].each { |file| require file }
|
8
|
+
|
9
|
+
module Caido
|
10
|
+
# Instance class
|
11
|
+
class Instance
|
12
|
+
attr_reader :graphql_url, :authorization
|
13
|
+
|
14
|
+
def initialize(*args)
|
15
|
+
set_defaults
|
16
|
+
process_arguments(args)
|
17
|
+
auth_from_env
|
18
|
+
end
|
19
|
+
|
20
|
+
private
|
21
|
+
|
22
|
+
def set_defaults
|
23
|
+
@graphql_url = 'http://localhost:8080/graphql'
|
24
|
+
@authorization = nil
|
25
|
+
end
|
26
|
+
|
27
|
+
def process_arguments(args)
|
28
|
+
case args.size
|
29
|
+
when 1
|
30
|
+
@graphql_url = args[0]
|
31
|
+
when 2
|
32
|
+
@graphql_url, authorization = args
|
33
|
+
@authorization = format_authorization(authorization)
|
34
|
+
when args.size > 2
|
35
|
+
raise ArgumentError, 'Too many arguments provided'
|
36
|
+
end
|
37
|
+
end
|
38
|
+
|
39
|
+
def format_authorization(auth)
|
40
|
+
auth.include?('Bearer ') ? auth : "Bearer #{auth}"
|
41
|
+
end
|
42
|
+
|
43
|
+
def auth_from_env
|
44
|
+
@auth_from_env ||= ENV.fetch('CAIDO_AUTH_TOKEN', 'Bearer ')
|
45
|
+
end
|
46
|
+
|
47
|
+
def query(query)
|
48
|
+
res = HTTParty.post(
|
49
|
+
graphql_url,
|
50
|
+
body: { query: }.to_json,
|
51
|
+
headers: {
|
52
|
+
'Content-Type' => 'application/json',
|
53
|
+
'Authorization' => authorization
|
54
|
+
}
|
55
|
+
)
|
56
|
+
|
57
|
+
obj = JSON.parse(res.body)
|
58
|
+
obj['data']
|
59
|
+
end
|
60
|
+
end
|
61
|
+
end
|
data/lib/caido/version.rb
CHANGED
data/lib/caido.rb
CHANGED
metadata
CHANGED
@@ -1,34 +1,80 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: caido
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.2.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- HAHWUL
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date: 2024-06-
|
12
|
-
dependencies:
|
13
|
-
|
11
|
+
date: 2024-06-28 00:00:00.000000000 Z
|
12
|
+
dependencies:
|
13
|
+
- !ruby/object:Gem::Dependency
|
14
|
+
name: graphql
|
15
|
+
requirement: !ruby/object:Gem::Requirement
|
16
|
+
requirements:
|
17
|
+
- - "~>"
|
18
|
+
- !ruby/object:Gem::Version
|
19
|
+
version: 2.3.0
|
20
|
+
type: :runtime
|
21
|
+
prerelease: false
|
22
|
+
version_requirements: !ruby/object:Gem::Requirement
|
23
|
+
requirements:
|
24
|
+
- - "~>"
|
25
|
+
- !ruby/object:Gem::Version
|
26
|
+
version: 2.3.0
|
27
|
+
- !ruby/object:Gem::Dependency
|
28
|
+
name: httparty
|
29
|
+
requirement: !ruby/object:Gem::Requirement
|
30
|
+
requirements:
|
31
|
+
- - "~>"
|
32
|
+
- !ruby/object:Gem::Version
|
33
|
+
version: 0.22.0
|
34
|
+
type: :runtime
|
35
|
+
prerelease: false
|
36
|
+
version_requirements: !ruby/object:Gem::Requirement
|
37
|
+
requirements:
|
38
|
+
- - "~>"
|
39
|
+
- !ruby/object:Gem::Version
|
40
|
+
version: 0.22.0
|
41
|
+
description: |-
|
42
|
+
The caido-ruby library simplifies using Caido's API in Ruby applications.
|
43
|
+
Caido is lightweight web security auditing toolkit.
|
14
44
|
email:
|
15
45
|
- hahwul@gmail.com
|
16
46
|
executables: []
|
17
47
|
extensions: []
|
18
48
|
extra_rdoc_files: []
|
19
49
|
files:
|
50
|
+
- ".rubocop.yml"
|
20
51
|
- LICENSE
|
21
52
|
- README.md
|
22
53
|
- Rakefile
|
23
54
|
- caido.gemspec
|
55
|
+
- caido_introspection_schema.json
|
24
56
|
- lib/caido.rb
|
57
|
+
- lib/caido/helpers/_example.rb
|
58
|
+
- lib/caido/helpers/automate.rb
|
59
|
+
- lib/caido/helpers/export.rb
|
60
|
+
- lib/caido/helpers/hosted_file.rb
|
61
|
+
- lib/caido/helpers/replay.rb
|
62
|
+
- lib/caido/helpers/request.rb
|
63
|
+
- lib/caido/helpers/response.rb
|
64
|
+
- lib/caido/helpers/runtime.rb
|
65
|
+
- lib/caido/helpers/sitemap.rb
|
66
|
+
- lib/caido/helpers/workflow.rb
|
67
|
+
- lib/caido/helpers/workspace.rb
|
68
|
+
- lib/caido/instance.rb
|
25
69
|
- lib/caido/version.rb
|
26
70
|
- sig/caido.rbs
|
27
|
-
homepage: https://
|
28
|
-
licenses:
|
71
|
+
homepage: https://rubygems.org/gems/caido
|
72
|
+
licenses:
|
73
|
+
- MIT
|
29
74
|
metadata:
|
30
|
-
homepage_uri: https://
|
75
|
+
homepage_uri: https://rubygems.org/gems/caido
|
31
76
|
source_code_uri: https://github.com/caineers/caido-ruby
|
77
|
+
rubygems_mfa_required: 'true'
|
32
78
|
post_install_message:
|
33
79
|
rdoc_options: []
|
34
80
|
require_paths:
|
@@ -37,7 +83,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
37
83
|
requirements:
|
38
84
|
- - ">="
|
39
85
|
- !ruby/object:Gem::Version
|
40
|
-
version:
|
86
|
+
version: 3.1.0
|
41
87
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
42
88
|
requirements:
|
43
89
|
- - ">="
|
@@ -47,5 +93,5 @@ requirements: []
|
|
47
93
|
rubygems_version: 3.5.3
|
48
94
|
signing_key:
|
49
95
|
specification_version: 4
|
50
|
-
summary:
|
96
|
+
summary: The caido-ruby library simplifies using Caido's API in Ruby applications.
|
51
97
|
test_files: []
|