dawnscanner 1.4.2 → 1.5.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- checksums.yaml.gz.sig +0 -0
- data.tar.gz.sig +0 -0
- data/.ruby-version +1 -1
- data/Changelog.md +85 -9
- data/KnowledgeBase.md +206 -5
- data/README.md +25 -25
- data/Rakefile +19 -5
- data/Roadmap.md +104 -46
- data/VERSION +10 -10
- data/bin/dawn +96 -15
- data/checksum/dawnscanner-1.4.2.gem.sha1 +1 -0
- data/dawnscanner.gemspec +21 -4
- data/doc/dawn_1_5_announcement.md +66 -0
- data/doc/{codesake-dawn.yaml.sample → dawnscanner.yaml.sample} +0 -0
- data/doc/new_knowledge_base_v1.0.md +78 -0
- data/lib/dawn/core.rb +22 -28
- data/lib/dawn/engine.rb +111 -54
- data/lib/dawn/kb/basic_check.rb +3 -0
- data/lib/dawn/kb/cve_2014_3483.rb +1 -0
- data/lib/dawn/kb/cve_2015_1819.rb +34 -0
- data/lib/dawn/kb/cve_2015_4020.rb +34 -0
- data/lib/dawn/kb/gem_check.rb +43 -0
- data/lib/dawn/kb/osvdb_115654.rb +33 -0
- data/lib/dawn/kb/osvdb_116010.rb +30 -0
- data/lib/dawn/kb/osvdb_117903.rb +30 -0
- data/lib/dawn/kb/osvdb_118954.rb +5 -3
- data/lib/dawn/kb/osvdb_119878.rb +3 -3
- data/lib/dawn/kb/osvdb_120415.rb +31 -0
- data/lib/dawn/kb/osvdb_120857.rb +34 -0
- data/lib/dawn/kb/osvdb_121701.rb +30 -0
- data/lib/dawn/kb/owasp_ror_cheatsheet.rb +23 -31
- data/lib/dawn/kb/owasp_ror_cheatsheet/check_for_backup_files.rb +16 -20
- data/lib/dawn/kb/owasp_ror_cheatsheet/check_for_safe_redirect_and_forward.rb +31 -31
- data/lib/dawn/kb/owasp_ror_cheatsheet/command_injection.rb +22 -22
- data/lib/dawn/kb/owasp_ror_cheatsheet/csrf.rb +23 -23
- data/lib/dawn/kb/owasp_ror_cheatsheet/mass_assignment_in_model.rb +25 -25
- data/lib/dawn/kb/owasp_ror_cheatsheet/sensitive_files.rb +21 -21
- data/lib/dawn/kb/owasp_ror_cheatsheet/session_stored_in_database.rb +24 -24
- data/lib/dawn/kb/version_check.rb +4 -0
- data/lib/dawn/knowledge_base.rb +36 -4
- data/lib/dawn/registry.rb +43 -0
- data/lib/dawn/reporter.rb +88 -47
- data/lib/dawn/utils.rb +3 -4
- data/lib/dawn/version.rb +4 -4
- data/lib/dawnscanner.rb +4 -1
- data/spec/lib/dawn/codesake_knowledgebase_spec.rb +40 -0
- data/spec/lib/kb/cve_2014_3483_spec.rb +5 -1
- data/spec/lib/kb/cve_2015_1819_spec.rb +16 -0
- data/spec/lib/kb/cve_2015_4020_spec.rb +24 -0
- data/spec/lib/kb/osvdb_115654_spec.rb +15 -0
- data/spec/lib/kb/osvdb_116010_spec.rb +15 -0
- data/spec/lib/kb/osvdb_117903_spec.rb +23 -0
- data/spec/lib/kb/osvdb_118954_spec.rb +13 -1
- data/spec/lib/kb/osvdb_119878_spec.rb +8 -9
- data/spec/lib/kb/osvdb_120415_spec.rb +16 -0
- data/spec/lib/kb/osvdb_120857_spec.rb +32 -0
- data/spec/lib/kb/osvdb_121701_spec.rb +15 -0
- metadata +153 -12
- metadata.gz.sig +0 -0
- data/BUGS.md +0 -14
@@ -0,0 +1,15 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
describe "The OSVDB_115654 vulnerability" do
|
3
|
+
before(:all) do
|
4
|
+
@check = Dawn::Kb::OSVDB_115654.new
|
5
|
+
# @check.debug = true
|
6
|
+
end
|
7
|
+
it "is reported when the vulnerable gem is detected" do
|
8
|
+
@check.dependencies = [{:name=>"raven-ruby", :version=>"0.12.1"}]
|
9
|
+
@check.vuln?.should == true
|
10
|
+
end
|
11
|
+
it "is not reported when a fixed release is detected" do
|
12
|
+
@check.dependencies = [{:name=>"raven-ruby", :version=>"0.12.2"}]
|
13
|
+
@check.vuln?.should == false
|
14
|
+
end
|
15
|
+
end
|
@@ -0,0 +1,15 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
describe "The OSVDB_116010 vulnerability" do
|
3
|
+
before(:all) do
|
4
|
+
@check = Dawn::Kb::OSVDB_116010.new
|
5
|
+
# @check.debug = true
|
6
|
+
end
|
7
|
+
it "is reported when the vulnerable gem is detected" do
|
8
|
+
@check.dependencies = [{:name=>"doorkeeper", :version=>"1.4.0"}]
|
9
|
+
@check.vuln?.should == true
|
10
|
+
end
|
11
|
+
it "is not reported when a fixed release is detected" do
|
12
|
+
@check.dependencies = [{:name=>"doorkeeper", :version=>"1.4.1"}]
|
13
|
+
@check.vuln?.should == false
|
14
|
+
end
|
15
|
+
end
|
@@ -0,0 +1,23 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
describe "The OSVDB_117903 vulnerability" do
|
3
|
+
before(:all) do
|
4
|
+
@check = Dawn::Kb::OSVDB_117903.new
|
5
|
+
# @check.debug = true
|
6
|
+
end
|
7
|
+
it "is reported when the vulnerable gem is detected" do
|
8
|
+
@check.dependencies = [{:name=>"ruby-saml", :version=>"0.7.2"}]
|
9
|
+
@check.vuln?.should == true
|
10
|
+
end
|
11
|
+
it "is reported when the vulnerable gem is detected" do
|
12
|
+
@check.dependencies = [{:name=>"ruby-saml", :version=>"0.8.1"}]
|
13
|
+
@check.vuln?.should == true
|
14
|
+
end
|
15
|
+
it "is not reported when a fixed release is detected" do
|
16
|
+
@check.dependencies = [{:name=>"ruby-saml", :version=>"0.7.3"}]
|
17
|
+
@check.vuln?.should == false
|
18
|
+
end
|
19
|
+
it "is not reported when a fixed release is detected" do
|
20
|
+
@check.dependencies = [{:name=>"ruby-saml", :version=>"0.8.2"}]
|
21
|
+
@check.vuln?.should == false
|
22
|
+
end
|
23
|
+
end
|
@@ -4,5 +4,17 @@ describe "The OSVDB_118954 vulnerability" do
|
|
4
4
|
@check = Dawn::Kb::OSVDB_118954.new
|
5
5
|
# @check.debug = true
|
6
6
|
end
|
7
|
-
|
7
|
+
it "is reported when the vulnerable gem is detected" do
|
8
|
+
@check.dependencies = [{:name=>"rails", :version=>"4.2.0"}]
|
9
|
+
@check.vuln?.should == true
|
10
|
+
end
|
11
|
+
it "is not reported when a fixed release is detected" do
|
12
|
+
@check.dependencies = [{:name=>"rails", :version=>"4.2.1.rc3"}]
|
13
|
+
@check.vuln?.should == false
|
14
|
+
end
|
15
|
+
it "is not reported when a fixed release is detected" do
|
16
|
+
@check.dependencies = [{:name=>"rails", :version=>"4.0.3"}]
|
17
|
+
@check.vuln?.should == false
|
18
|
+
end
|
19
|
+
|
8
20
|
end
|
@@ -4,14 +4,13 @@ describe "The OSVDB_119878 vulnerability" do
|
|
4
4
|
@check = Dawn::Kb::OSVDB_119878.new
|
5
5
|
# @check.debug = true
|
6
6
|
end
|
7
|
-
it "is
|
8
|
-
|
9
|
-
|
10
|
-
|
11
|
-
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
# end
|
7
|
+
it "is reported when a vulnerable version it has been found (1.8.0)" do
|
8
|
+
@check.dependencies = [{:name=>"rest-client", :version=>"1.8.0"}]
|
9
|
+
@check.vuln?.should == true
|
10
|
+
end
|
11
|
+
it "is not reported when a safe version it has been found (2.0.0.rc1)" do
|
12
|
+
@check.dependencies = [{:name=>"rest-client", :version=>"2.0.0.rc1"}]
|
13
|
+
@check.vuln?.should == false
|
14
|
+
end
|
16
15
|
|
17
16
|
end
|
@@ -0,0 +1,16 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
describe "The OSVDB_120415 vulnerability" do
|
3
|
+
before(:all) do
|
4
|
+
@check = Dawn::Kb::OSVDB_120415.new
|
5
|
+
# @check.debug = true
|
6
|
+
end
|
7
|
+
it "is reported when the vulnerable gem is detected" do
|
8
|
+
@check.dependencies = [{:name=>"redcarpet", :version=>"3.2.2"}]
|
9
|
+
@check.vuln?.should == true
|
10
|
+
end
|
11
|
+
it "is not reported when a fixed release is detected" do
|
12
|
+
@check.dependencies = [{:name=>"redcarpet", :version=>"3.2.3"}]
|
13
|
+
@check.vuln?.should == false
|
14
|
+
end
|
15
|
+
|
16
|
+
end
|
@@ -0,0 +1,32 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
describe "The OSVDB_120857 vulnerability" do
|
3
|
+
before(:all) do
|
4
|
+
@check = Dawn::Kb::OSVDB_120857.new
|
5
|
+
# @check.debug = true
|
6
|
+
end
|
7
|
+
it "is reported when the vulnerable gem is detected" do
|
8
|
+
@check.dependencies = [{:name=>"refile", :version=>"0.5.2"}]
|
9
|
+
@check.vuln?.should == true
|
10
|
+
end
|
11
|
+
it "is not reported when a fixed release is detected" do
|
12
|
+
@check.dependencies = [{:name=>"refile", :version=>"0.5.4"}]
|
13
|
+
@check.vuln?.should == false
|
14
|
+
end
|
15
|
+
it "is not reported when a fixed release is detected" do
|
16
|
+
@check.dependencies = [{:name=>"refile", :version=>"0.4.4"}]
|
17
|
+
@check.vuln?.should == false
|
18
|
+
end
|
19
|
+
it "is not reported when a fixed release is detected" do
|
20
|
+
@check.dependencies = [{:name=>"refile", :version=>"0.3.4"}]
|
21
|
+
@check.vuln?.should == false
|
22
|
+
end
|
23
|
+
it "is not reported when a fixed release is detected" do
|
24
|
+
@check.dependencies = [{:name=>"refile", :version=>"0.2.4"}]
|
25
|
+
@check.vuln?.should == false
|
26
|
+
end
|
27
|
+
it "is not reported when a fixed release is detected" do
|
28
|
+
@check.dependencies = [{:name=>"refile", :version=>"0.1.4"}]
|
29
|
+
@check.vuln?.should == false
|
30
|
+
end
|
31
|
+
|
32
|
+
end
|
@@ -0,0 +1,15 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
describe "The OSVDB_121701 vulnerability" do
|
3
|
+
before(:all) do
|
4
|
+
@check = Dawn::Kb::OSVDB_121701.new
|
5
|
+
# @check.debug = true
|
6
|
+
end
|
7
|
+
it "is reported when the vulnerable gem is detected" do
|
8
|
+
@check.dependencies = [{:name=>"open-uri-cached", :version=>"0.0.4"}]
|
9
|
+
@check.vuln?.should == true
|
10
|
+
end
|
11
|
+
it "is not reported when a fixed release is detected" do
|
12
|
+
@check.dependencies = [{:name=>"open-uri-cached", :version=>"0.0.5"}]
|
13
|
+
@check.vuln?.should == false
|
14
|
+
end
|
15
|
+
end
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: dawnscanner
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.
|
4
|
+
version: 1.5.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Paolo Perego
|
@@ -30,7 +30,7 @@ cert_chain:
|
|
30
30
|
1zH2rpK27DW5pOeHUEJn31+gGd111ogP5tYruPV7Qgfy2jUrUPmP67v7nRNlgd84
|
31
31
|
Z5mHj9jGk4wgMQy2pk4GDwsXiirZfI0z2WZfySqEldE=
|
32
32
|
-----END CERTIFICATE-----
|
33
|
-
date: 2015-
|
33
|
+
date: 2015-12-09 00:00:00.000000000 Z
|
34
34
|
dependencies:
|
35
35
|
- !ruby/object:Gem::Dependency
|
36
36
|
name: cvss
|
@@ -61,7 +61,63 @@ dependencies:
|
|
61
61
|
- !ruby/object:Gem::Version
|
62
62
|
version: '0'
|
63
63
|
- !ruby/object:Gem::Dependency
|
64
|
-
name:
|
64
|
+
name: ruby_parser
|
65
|
+
requirement: !ruby/object:Gem::Requirement
|
66
|
+
requirements:
|
67
|
+
- - ">="
|
68
|
+
- !ruby/object:Gem::Version
|
69
|
+
version: '0'
|
70
|
+
type: :runtime
|
71
|
+
prerelease: false
|
72
|
+
version_requirements: !ruby/object:Gem::Requirement
|
73
|
+
requirements:
|
74
|
+
- - ">="
|
75
|
+
- !ruby/object:Gem::Version
|
76
|
+
version: '0'
|
77
|
+
- !ruby/object:Gem::Dependency
|
78
|
+
name: sys-uname
|
79
|
+
requirement: !ruby/object:Gem::Requirement
|
80
|
+
requirements:
|
81
|
+
- - ">="
|
82
|
+
- !ruby/object:Gem::Version
|
83
|
+
version: '0'
|
84
|
+
type: :runtime
|
85
|
+
prerelease: false
|
86
|
+
version_requirements: !ruby/object:Gem::Requirement
|
87
|
+
requirements:
|
88
|
+
- - ">="
|
89
|
+
- !ruby/object:Gem::Version
|
90
|
+
version: '0'
|
91
|
+
- !ruby/object:Gem::Dependency
|
92
|
+
name: terminal-table
|
93
|
+
requirement: !ruby/object:Gem::Requirement
|
94
|
+
requirements:
|
95
|
+
- - ">="
|
96
|
+
- !ruby/object:Gem::Version
|
97
|
+
version: '0'
|
98
|
+
type: :runtime
|
99
|
+
prerelease: false
|
100
|
+
version_requirements: !ruby/object:Gem::Requirement
|
101
|
+
requirements:
|
102
|
+
- - ">="
|
103
|
+
- !ruby/object:Gem::Version
|
104
|
+
version: '0'
|
105
|
+
- !ruby/object:Gem::Dependency
|
106
|
+
name: justify
|
107
|
+
requirement: !ruby/object:Gem::Requirement
|
108
|
+
requirements:
|
109
|
+
- - ">="
|
110
|
+
- !ruby/object:Gem::Version
|
111
|
+
version: '0'
|
112
|
+
type: :runtime
|
113
|
+
prerelease: false
|
114
|
+
version_requirements: !ruby/object:Gem::Requirement
|
115
|
+
requirements:
|
116
|
+
- - ">="
|
117
|
+
- !ruby/object:Gem::Version
|
118
|
+
version: '0'
|
119
|
+
- !ruby/object:Gem::Dependency
|
120
|
+
name: logger-colors
|
65
121
|
requirement: !ruby/object:Gem::Requirement
|
66
122
|
requirements:
|
67
123
|
- - ">="
|
@@ -89,7 +145,7 @@ dependencies:
|
|
89
145
|
- !ruby/object:Gem::Version
|
90
146
|
version: '0'
|
91
147
|
- !ruby/object:Gem::Dependency
|
92
|
-
name:
|
148
|
+
name: sqlite3
|
93
149
|
requirement: !ruby/object:Gem::Requirement
|
94
150
|
requirements:
|
95
151
|
- - ">="
|
@@ -103,7 +159,7 @@ dependencies:
|
|
103
159
|
- !ruby/object:Gem::Version
|
104
160
|
version: '0'
|
105
161
|
- !ruby/object:Gem::Dependency
|
106
|
-
name:
|
162
|
+
name: dm-sqlite-adapter
|
107
163
|
requirement: !ruby/object:Gem::Requirement
|
108
164
|
requirements:
|
109
165
|
- - ">="
|
@@ -117,7 +173,7 @@ dependencies:
|
|
117
173
|
- !ruby/object:Gem::Version
|
118
174
|
version: '0'
|
119
175
|
- !ruby/object:Gem::Dependency
|
120
|
-
name:
|
176
|
+
name: data_mapper
|
121
177
|
requirement: !ruby/object:Gem::Requirement
|
122
178
|
requirements:
|
123
179
|
- - ">="
|
@@ -131,7 +187,7 @@ dependencies:
|
|
131
187
|
- !ruby/object:Gem::Version
|
132
188
|
version: '0'
|
133
189
|
- !ruby/object:Gem::Dependency
|
134
|
-
name:
|
190
|
+
name: code_metrics
|
135
191
|
requirement: !ruby/object:Gem::Requirement
|
136
192
|
requirements:
|
137
193
|
- - ">="
|
@@ -145,7 +201,7 @@ dependencies:
|
|
145
201
|
- !ruby/object:Gem::Version
|
146
202
|
version: '0'
|
147
203
|
- !ruby/object:Gem::Dependency
|
148
|
-
name:
|
204
|
+
name: metric_fu-Saikuro
|
149
205
|
requirement: !ruby/object:Gem::Requirement
|
150
206
|
requirements:
|
151
207
|
- - ">="
|
@@ -159,7 +215,63 @@ dependencies:
|
|
159
215
|
- !ruby/object:Gem::Version
|
160
216
|
version: '0'
|
161
217
|
- !ruby/object:Gem::Dependency
|
162
|
-
name:
|
218
|
+
name: flay
|
219
|
+
requirement: !ruby/object:Gem::Requirement
|
220
|
+
requirements:
|
221
|
+
- - ">="
|
222
|
+
- !ruby/object:Gem::Version
|
223
|
+
version: '0'
|
224
|
+
type: :runtime
|
225
|
+
prerelease: false
|
226
|
+
version_requirements: !ruby/object:Gem::Requirement
|
227
|
+
requirements:
|
228
|
+
- - ">="
|
229
|
+
- !ruby/object:Gem::Version
|
230
|
+
version: '0'
|
231
|
+
- !ruby/object:Gem::Dependency
|
232
|
+
name: churn
|
233
|
+
requirement: !ruby/object:Gem::Requirement
|
234
|
+
requirements:
|
235
|
+
- - ">="
|
236
|
+
- !ruby/object:Gem::Version
|
237
|
+
version: '0'
|
238
|
+
type: :runtime
|
239
|
+
prerelease: false
|
240
|
+
version_requirements: !ruby/object:Gem::Requirement
|
241
|
+
requirements:
|
242
|
+
- - ">="
|
243
|
+
- !ruby/object:Gem::Version
|
244
|
+
version: '0'
|
245
|
+
- !ruby/object:Gem::Dependency
|
246
|
+
name: flog
|
247
|
+
requirement: !ruby/object:Gem::Requirement
|
248
|
+
requirements:
|
249
|
+
- - ">="
|
250
|
+
- !ruby/object:Gem::Version
|
251
|
+
version: '0'
|
252
|
+
type: :runtime
|
253
|
+
prerelease: false
|
254
|
+
version_requirements: !ruby/object:Gem::Requirement
|
255
|
+
requirements:
|
256
|
+
- - ">="
|
257
|
+
- !ruby/object:Gem::Version
|
258
|
+
version: '0'
|
259
|
+
- !ruby/object:Gem::Dependency
|
260
|
+
name: reek
|
261
|
+
requirement: !ruby/object:Gem::Requirement
|
262
|
+
requirements:
|
263
|
+
- - ">="
|
264
|
+
- !ruby/object:Gem::Version
|
265
|
+
version: '0'
|
266
|
+
type: :runtime
|
267
|
+
prerelease: false
|
268
|
+
version_requirements: !ruby/object:Gem::Requirement
|
269
|
+
requirements:
|
270
|
+
- - ">="
|
271
|
+
- !ruby/object:Gem::Version
|
272
|
+
version: '0'
|
273
|
+
- !ruby/object:Gem::Dependency
|
274
|
+
name: cane
|
163
275
|
requirement: !ruby/object:Gem::Requirement
|
164
276
|
requirements:
|
165
277
|
- - ">="
|
@@ -272,7 +384,6 @@ files:
|
|
272
384
|
- ".ruby-gemset"
|
273
385
|
- ".ruby-version"
|
274
386
|
- ".travis.yml"
|
275
|
-
- BUGS.md
|
276
387
|
- Changelog.md
|
277
388
|
- Gemfile
|
278
389
|
- KnowledgeBase.md
|
@@ -297,11 +408,14 @@ files:
|
|
297
408
|
- checksum/dawnscanner-1.3.5.gem.sha1
|
298
409
|
- checksum/dawnscanner-1.4.0.gem.sha1
|
299
410
|
- checksum/dawnscanner-1.4.1.gem.sha1
|
411
|
+
- checksum/dawnscanner-1.4.2.gem.sha1
|
300
412
|
- dawnscanner.gemspec
|
301
|
-
- doc/codesake-dawn.yaml.sample
|
302
413
|
- doc/dawn_1_0_announcement.md
|
303
414
|
- doc/dawn_1_1_announcement.md
|
304
415
|
- doc/dawn_1_2_announcement.md
|
416
|
+
- doc/dawn_1_5_announcement.md
|
417
|
+
- doc/dawnscanner.yaml.sample
|
418
|
+
- doc/new_knowledge_base_v1.0.md
|
305
419
|
- features/dawn_complains_about_an_incorrect_command_line.feature.disabled
|
306
420
|
- features/dawn_scan_a_secure_sinatra_app.feature.disabled
|
307
421
|
- features/dawn_scan_a_vulnerable_sinatra_app.feature.disabled
|
@@ -486,6 +600,7 @@ files:
|
|
486
600
|
- lib/dawn/kb/cve_2014_7829.rb
|
487
601
|
- lib/dawn/kb/cve_2014_8090.rb
|
488
602
|
- lib/dawn/kb/cve_2014_9490.rb
|
603
|
+
- lib/dawn/kb/cve_2015_1819.rb
|
489
604
|
- lib/dawn/kb/cve_2015_1840/cve_2015_1840_a.rb
|
490
605
|
- lib/dawn/kb/cve_2015_1840/cve_2015_1840_b.rb
|
491
606
|
- lib/dawn/kb/cve_2015_2963.rb
|
@@ -494,8 +609,10 @@ files:
|
|
494
609
|
- lib/dawn/kb/cve_2015_3226.rb
|
495
610
|
- lib/dawn/kb/cve_2015_3227.rb
|
496
611
|
- lib/dawn/kb/cve_2015_3448.rb
|
612
|
+
- lib/dawn/kb/cve_2015_4020.rb
|
497
613
|
- lib/dawn/kb/dependency_check.rb
|
498
614
|
- lib/dawn/kb/deprecation_check.rb
|
615
|
+
- lib/dawn/kb/gem_check.rb
|
499
616
|
- lib/dawn/kb/not_revised_code.rb
|
500
617
|
- lib/dawn/kb/operating_system_check.rb
|
501
618
|
- lib/dawn/kb/osvdb_105971.rb
|
@@ -503,11 +620,17 @@ files:
|
|
503
620
|
- lib/dawn/kb/osvdb_108563.rb
|
504
621
|
- lib/dawn/kb/osvdb_108569.rb
|
505
622
|
- lib/dawn/kb/osvdb_108570.rb
|
623
|
+
- lib/dawn/kb/osvdb_115654.rb
|
624
|
+
- lib/dawn/kb/osvdb_116010.rb
|
625
|
+
- lib/dawn/kb/osvdb_117903.rb
|
506
626
|
- lib/dawn/kb/osvdb_118579.rb
|
507
627
|
- lib/dawn/kb/osvdb_118830.rb
|
508
628
|
- lib/dawn/kb/osvdb_118954.rb
|
509
629
|
- lib/dawn/kb/osvdb_119878.rb
|
510
630
|
- lib/dawn/kb/osvdb_119927.rb
|
631
|
+
- lib/dawn/kb/osvdb_120415.rb
|
632
|
+
- lib/dawn/kb/osvdb_120857.rb
|
633
|
+
- lib/dawn/kb/osvdb_121701.rb
|
511
634
|
- lib/dawn/kb/owasp_ror_cheatsheet.rb
|
512
635
|
- lib/dawn/kb/owasp_ror_cheatsheet/check_for_backup_files.rb
|
513
636
|
- lib/dawn/kb/owasp_ror_cheatsheet/check_for_safe_redirect_and_forward.rb
|
@@ -526,6 +649,7 @@ files:
|
|
526
649
|
- lib/dawn/padrino.rb
|
527
650
|
- lib/dawn/rails.rb
|
528
651
|
- lib/dawn/railtie.rb
|
652
|
+
- lib/dawn/registry.rb
|
529
653
|
- lib/dawn/reporter.rb
|
530
654
|
- lib/dawn/sinatra.rb
|
531
655
|
- lib/dawn/tasks.rb
|
@@ -595,6 +719,7 @@ files:
|
|
595
719
|
- spec/lib/kb/cve_2014_7819_spec.rb
|
596
720
|
- spec/lib/kb/cve_2014_7829_spec.rb
|
597
721
|
- spec/lib/kb/cve_2014_9490_spec.rb
|
722
|
+
- spec/lib/kb/cve_2015_1819_spec.rb
|
598
723
|
- spec/lib/kb/cve_2015_1840_spec.rb
|
599
724
|
- spec/lib/kb/cve_2015_2963_spec.rb
|
600
725
|
- spec/lib/kb/cve_2015_3224_spec.rb
|
@@ -602,23 +727,31 @@ files:
|
|
602
727
|
- spec/lib/kb/cve_2015_3226_spec.rb
|
603
728
|
- spec/lib/kb/cve_2015_3227_spec.rb
|
604
729
|
- spec/lib/kb/cve_2015_3448_spec.rb
|
730
|
+
- spec/lib/kb/cve_2015_4020_spec.rb
|
605
731
|
- spec/lib/kb/osvdb_105971_spec.rb
|
606
732
|
- spec/lib/kb/osvdb_108530_spec.rb
|
607
733
|
- spec/lib/kb/osvdb_108563_spec.rb
|
608
734
|
- spec/lib/kb/osvdb_108569_spec.rb
|
609
735
|
- spec/lib/kb/osvdb_108570_spec.rb
|
736
|
+
- spec/lib/kb/osvdb_115654_spec.rb
|
737
|
+
- spec/lib/kb/osvdb_116010_spec.rb
|
738
|
+
- spec/lib/kb/osvdb_117903_spec.rb
|
610
739
|
- spec/lib/kb/osvdb_118579_spec.rb
|
611
740
|
- spec/lib/kb/osvdb_118830_spec.rb
|
612
741
|
- spec/lib/kb/osvdb_118954_spec.rb
|
613
742
|
- spec/lib/kb/osvdb_119878_spec.rb
|
614
743
|
- spec/lib/kb/osvdb_119927_spec.rb
|
744
|
+
- spec/lib/kb/osvdb_120415_spec.rb
|
745
|
+
- spec/lib/kb/osvdb_120857_spec.rb
|
746
|
+
- spec/lib/kb/osvdb_121701_spec.rb
|
615
747
|
- spec/lib/kb/owasp_ror_cheatsheet_disabled.rb
|
616
748
|
- spec/spec_helper.rb
|
617
749
|
- support/bootstrap.js
|
618
750
|
- support/bootstrap.min.css
|
619
751
|
- support/codesake.css
|
620
752
|
homepage: http://dawnscanner.org
|
621
|
-
licenses:
|
753
|
+
licenses:
|
754
|
+
- MIT
|
622
755
|
metadata: {}
|
623
756
|
post_install_message:
|
624
757
|
rdoc_options: []
|
@@ -710,6 +843,7 @@ test_files:
|
|
710
843
|
- spec/lib/kb/cve_2014_7819_spec.rb
|
711
844
|
- spec/lib/kb/cve_2014_7829_spec.rb
|
712
845
|
- spec/lib/kb/cve_2014_9490_spec.rb
|
846
|
+
- spec/lib/kb/cve_2015_1819_spec.rb
|
713
847
|
- spec/lib/kb/cve_2015_1840_spec.rb
|
714
848
|
- spec/lib/kb/cve_2015_2963_spec.rb
|
715
849
|
- spec/lib/kb/cve_2015_3224_spec.rb
|
@@ -717,15 +851,22 @@ test_files:
|
|
717
851
|
- spec/lib/kb/cve_2015_3226_spec.rb
|
718
852
|
- spec/lib/kb/cve_2015_3227_spec.rb
|
719
853
|
- spec/lib/kb/cve_2015_3448_spec.rb
|
854
|
+
- spec/lib/kb/cve_2015_4020_spec.rb
|
720
855
|
- spec/lib/kb/osvdb_105971_spec.rb
|
721
856
|
- spec/lib/kb/osvdb_108530_spec.rb
|
722
857
|
- spec/lib/kb/osvdb_108563_spec.rb
|
723
858
|
- spec/lib/kb/osvdb_108569_spec.rb
|
724
859
|
- spec/lib/kb/osvdb_108570_spec.rb
|
860
|
+
- spec/lib/kb/osvdb_115654_spec.rb
|
861
|
+
- spec/lib/kb/osvdb_116010_spec.rb
|
862
|
+
- spec/lib/kb/osvdb_117903_spec.rb
|
725
863
|
- spec/lib/kb/osvdb_118579_spec.rb
|
726
864
|
- spec/lib/kb/osvdb_118830_spec.rb
|
727
865
|
- spec/lib/kb/osvdb_118954_spec.rb
|
728
866
|
- spec/lib/kb/osvdb_119878_spec.rb
|
729
867
|
- spec/lib/kb/osvdb_119927_spec.rb
|
868
|
+
- spec/lib/kb/osvdb_120415_spec.rb
|
869
|
+
- spec/lib/kb/osvdb_120857_spec.rb
|
870
|
+
- spec/lib/kb/osvdb_121701_spec.rb
|
730
871
|
- spec/lib/kb/owasp_ror_cheatsheet_disabled.rb
|
731
872
|
- spec/spec_helper.rb
|