dawnscanner 1.4.2 → 1.5.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- checksums.yaml.gz.sig +0 -0
- data.tar.gz.sig +0 -0
- data/.ruby-version +1 -1
- data/Changelog.md +85 -9
- data/KnowledgeBase.md +206 -5
- data/README.md +25 -25
- data/Rakefile +19 -5
- data/Roadmap.md +104 -46
- data/VERSION +10 -10
- data/bin/dawn +96 -15
- data/checksum/dawnscanner-1.4.2.gem.sha1 +1 -0
- data/dawnscanner.gemspec +21 -4
- data/doc/dawn_1_5_announcement.md +66 -0
- data/doc/{codesake-dawn.yaml.sample → dawnscanner.yaml.sample} +0 -0
- data/doc/new_knowledge_base_v1.0.md +78 -0
- data/lib/dawn/core.rb +22 -28
- data/lib/dawn/engine.rb +111 -54
- data/lib/dawn/kb/basic_check.rb +3 -0
- data/lib/dawn/kb/cve_2014_3483.rb +1 -0
- data/lib/dawn/kb/cve_2015_1819.rb +34 -0
- data/lib/dawn/kb/cve_2015_4020.rb +34 -0
- data/lib/dawn/kb/gem_check.rb +43 -0
- data/lib/dawn/kb/osvdb_115654.rb +33 -0
- data/lib/dawn/kb/osvdb_116010.rb +30 -0
- data/lib/dawn/kb/osvdb_117903.rb +30 -0
- data/lib/dawn/kb/osvdb_118954.rb +5 -3
- data/lib/dawn/kb/osvdb_119878.rb +3 -3
- data/lib/dawn/kb/osvdb_120415.rb +31 -0
- data/lib/dawn/kb/osvdb_120857.rb +34 -0
- data/lib/dawn/kb/osvdb_121701.rb +30 -0
- data/lib/dawn/kb/owasp_ror_cheatsheet.rb +23 -31
- data/lib/dawn/kb/owasp_ror_cheatsheet/check_for_backup_files.rb +16 -20
- data/lib/dawn/kb/owasp_ror_cheatsheet/check_for_safe_redirect_and_forward.rb +31 -31
- data/lib/dawn/kb/owasp_ror_cheatsheet/command_injection.rb +22 -22
- data/lib/dawn/kb/owasp_ror_cheatsheet/csrf.rb +23 -23
- data/lib/dawn/kb/owasp_ror_cheatsheet/mass_assignment_in_model.rb +25 -25
- data/lib/dawn/kb/owasp_ror_cheatsheet/sensitive_files.rb +21 -21
- data/lib/dawn/kb/owasp_ror_cheatsheet/session_stored_in_database.rb +24 -24
- data/lib/dawn/kb/version_check.rb +4 -0
- data/lib/dawn/knowledge_base.rb +36 -4
- data/lib/dawn/registry.rb +43 -0
- data/lib/dawn/reporter.rb +88 -47
- data/lib/dawn/utils.rb +3 -4
- data/lib/dawn/version.rb +4 -4
- data/lib/dawnscanner.rb +4 -1
- data/spec/lib/dawn/codesake_knowledgebase_spec.rb +40 -0
- data/spec/lib/kb/cve_2014_3483_spec.rb +5 -1
- data/spec/lib/kb/cve_2015_1819_spec.rb +16 -0
- data/spec/lib/kb/cve_2015_4020_spec.rb +24 -0
- data/spec/lib/kb/osvdb_115654_spec.rb +15 -0
- data/spec/lib/kb/osvdb_116010_spec.rb +15 -0
- data/spec/lib/kb/osvdb_117903_spec.rb +23 -0
- data/spec/lib/kb/osvdb_118954_spec.rb +13 -1
- data/spec/lib/kb/osvdb_119878_spec.rb +8 -9
- data/spec/lib/kb/osvdb_120415_spec.rb +16 -0
- data/spec/lib/kb/osvdb_120857_spec.rb +32 -0
- data/spec/lib/kb/osvdb_121701_spec.rb +15 -0
- metadata +153 -12
- metadata.gz.sig +0 -0
- data/BUGS.md +0 -14
@@ -0,0 +1,15 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
describe "The OSVDB_115654 vulnerability" do
|
3
|
+
before(:all) do
|
4
|
+
@check = Dawn::Kb::OSVDB_115654.new
|
5
|
+
# @check.debug = true
|
6
|
+
end
|
7
|
+
it "is reported when the vulnerable gem is detected" do
|
8
|
+
@check.dependencies = [{:name=>"raven-ruby", :version=>"0.12.1"}]
|
9
|
+
@check.vuln?.should == true
|
10
|
+
end
|
11
|
+
it "is not reported when a fixed release is detected" do
|
12
|
+
@check.dependencies = [{:name=>"raven-ruby", :version=>"0.12.2"}]
|
13
|
+
@check.vuln?.should == false
|
14
|
+
end
|
15
|
+
end
|
@@ -0,0 +1,15 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
describe "The OSVDB_116010 vulnerability" do
|
3
|
+
before(:all) do
|
4
|
+
@check = Dawn::Kb::OSVDB_116010.new
|
5
|
+
# @check.debug = true
|
6
|
+
end
|
7
|
+
it "is reported when the vulnerable gem is detected" do
|
8
|
+
@check.dependencies = [{:name=>"doorkeeper", :version=>"1.4.0"}]
|
9
|
+
@check.vuln?.should == true
|
10
|
+
end
|
11
|
+
it "is not reported when a fixed release is detected" do
|
12
|
+
@check.dependencies = [{:name=>"doorkeeper", :version=>"1.4.1"}]
|
13
|
+
@check.vuln?.should == false
|
14
|
+
end
|
15
|
+
end
|
@@ -0,0 +1,23 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
describe "The OSVDB_117903 vulnerability" do
|
3
|
+
before(:all) do
|
4
|
+
@check = Dawn::Kb::OSVDB_117903.new
|
5
|
+
# @check.debug = true
|
6
|
+
end
|
7
|
+
it "is reported when the vulnerable gem is detected" do
|
8
|
+
@check.dependencies = [{:name=>"ruby-saml", :version=>"0.7.2"}]
|
9
|
+
@check.vuln?.should == true
|
10
|
+
end
|
11
|
+
it "is reported when the vulnerable gem is detected" do
|
12
|
+
@check.dependencies = [{:name=>"ruby-saml", :version=>"0.8.1"}]
|
13
|
+
@check.vuln?.should == true
|
14
|
+
end
|
15
|
+
it "is not reported when a fixed release is detected" do
|
16
|
+
@check.dependencies = [{:name=>"ruby-saml", :version=>"0.7.3"}]
|
17
|
+
@check.vuln?.should == false
|
18
|
+
end
|
19
|
+
it "is not reported when a fixed release is detected" do
|
20
|
+
@check.dependencies = [{:name=>"ruby-saml", :version=>"0.8.2"}]
|
21
|
+
@check.vuln?.should == false
|
22
|
+
end
|
23
|
+
end
|
@@ -4,5 +4,17 @@ describe "The OSVDB_118954 vulnerability" do
|
|
4
4
|
@check = Dawn::Kb::OSVDB_118954.new
|
5
5
|
# @check.debug = true
|
6
6
|
end
|
7
|
-
|
7
|
+
it "is reported when the vulnerable gem is detected" do
|
8
|
+
@check.dependencies = [{:name=>"rails", :version=>"4.2.0"}]
|
9
|
+
@check.vuln?.should == true
|
10
|
+
end
|
11
|
+
it "is not reported when a fixed release is detected" do
|
12
|
+
@check.dependencies = [{:name=>"rails", :version=>"4.2.1.rc3"}]
|
13
|
+
@check.vuln?.should == false
|
14
|
+
end
|
15
|
+
it "is not reported when a fixed release is detected" do
|
16
|
+
@check.dependencies = [{:name=>"rails", :version=>"4.0.3"}]
|
17
|
+
@check.vuln?.should == false
|
18
|
+
end
|
19
|
+
|
8
20
|
end
|
@@ -4,14 +4,13 @@ describe "The OSVDB_119878 vulnerability" do
|
|
4
4
|
@check = Dawn::Kb::OSVDB_119878.new
|
5
5
|
# @check.debug = true
|
6
6
|
end
|
7
|
-
it "is
|
8
|
-
|
9
|
-
|
10
|
-
|
11
|
-
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
# end
|
7
|
+
it "is reported when a vulnerable version it has been found (1.8.0)" do
|
8
|
+
@check.dependencies = [{:name=>"rest-client", :version=>"1.8.0"}]
|
9
|
+
@check.vuln?.should == true
|
10
|
+
end
|
11
|
+
it "is not reported when a safe version it has been found (2.0.0.rc1)" do
|
12
|
+
@check.dependencies = [{:name=>"rest-client", :version=>"2.0.0.rc1"}]
|
13
|
+
@check.vuln?.should == false
|
14
|
+
end
|
16
15
|
|
17
16
|
end
|
@@ -0,0 +1,16 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
describe "The OSVDB_120415 vulnerability" do
|
3
|
+
before(:all) do
|
4
|
+
@check = Dawn::Kb::OSVDB_120415.new
|
5
|
+
# @check.debug = true
|
6
|
+
end
|
7
|
+
it "is reported when the vulnerable gem is detected" do
|
8
|
+
@check.dependencies = [{:name=>"redcarpet", :version=>"3.2.2"}]
|
9
|
+
@check.vuln?.should == true
|
10
|
+
end
|
11
|
+
it "is not reported when a fixed release is detected" do
|
12
|
+
@check.dependencies = [{:name=>"redcarpet", :version=>"3.2.3"}]
|
13
|
+
@check.vuln?.should == false
|
14
|
+
end
|
15
|
+
|
16
|
+
end
|
@@ -0,0 +1,32 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
describe "The OSVDB_120857 vulnerability" do
|
3
|
+
before(:all) do
|
4
|
+
@check = Dawn::Kb::OSVDB_120857.new
|
5
|
+
# @check.debug = true
|
6
|
+
end
|
7
|
+
it "is reported when the vulnerable gem is detected" do
|
8
|
+
@check.dependencies = [{:name=>"refile", :version=>"0.5.2"}]
|
9
|
+
@check.vuln?.should == true
|
10
|
+
end
|
11
|
+
it "is not reported when a fixed release is detected" do
|
12
|
+
@check.dependencies = [{:name=>"refile", :version=>"0.5.4"}]
|
13
|
+
@check.vuln?.should == false
|
14
|
+
end
|
15
|
+
it "is not reported when a fixed release is detected" do
|
16
|
+
@check.dependencies = [{:name=>"refile", :version=>"0.4.4"}]
|
17
|
+
@check.vuln?.should == false
|
18
|
+
end
|
19
|
+
it "is not reported when a fixed release is detected" do
|
20
|
+
@check.dependencies = [{:name=>"refile", :version=>"0.3.4"}]
|
21
|
+
@check.vuln?.should == false
|
22
|
+
end
|
23
|
+
it "is not reported when a fixed release is detected" do
|
24
|
+
@check.dependencies = [{:name=>"refile", :version=>"0.2.4"}]
|
25
|
+
@check.vuln?.should == false
|
26
|
+
end
|
27
|
+
it "is not reported when a fixed release is detected" do
|
28
|
+
@check.dependencies = [{:name=>"refile", :version=>"0.1.4"}]
|
29
|
+
@check.vuln?.should == false
|
30
|
+
end
|
31
|
+
|
32
|
+
end
|
@@ -0,0 +1,15 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
describe "The OSVDB_121701 vulnerability" do
|
3
|
+
before(:all) do
|
4
|
+
@check = Dawn::Kb::OSVDB_121701.new
|
5
|
+
# @check.debug = true
|
6
|
+
end
|
7
|
+
it "is reported when the vulnerable gem is detected" do
|
8
|
+
@check.dependencies = [{:name=>"open-uri-cached", :version=>"0.0.4"}]
|
9
|
+
@check.vuln?.should == true
|
10
|
+
end
|
11
|
+
it "is not reported when a fixed release is detected" do
|
12
|
+
@check.dependencies = [{:name=>"open-uri-cached", :version=>"0.0.5"}]
|
13
|
+
@check.vuln?.should == false
|
14
|
+
end
|
15
|
+
end
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: dawnscanner
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.
|
4
|
+
version: 1.5.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Paolo Perego
|
@@ -30,7 +30,7 @@ cert_chain:
|
|
30
30
|
1zH2rpK27DW5pOeHUEJn31+gGd111ogP5tYruPV7Qgfy2jUrUPmP67v7nRNlgd84
|
31
31
|
Z5mHj9jGk4wgMQy2pk4GDwsXiirZfI0z2WZfySqEldE=
|
32
32
|
-----END CERTIFICATE-----
|
33
|
-
date: 2015-
|
33
|
+
date: 2015-12-09 00:00:00.000000000 Z
|
34
34
|
dependencies:
|
35
35
|
- !ruby/object:Gem::Dependency
|
36
36
|
name: cvss
|
@@ -61,7 +61,63 @@ dependencies:
|
|
61
61
|
- !ruby/object:Gem::Version
|
62
62
|
version: '0'
|
63
63
|
- !ruby/object:Gem::Dependency
|
64
|
-
name:
|
64
|
+
name: ruby_parser
|
65
|
+
requirement: !ruby/object:Gem::Requirement
|
66
|
+
requirements:
|
67
|
+
- - ">="
|
68
|
+
- !ruby/object:Gem::Version
|
69
|
+
version: '0'
|
70
|
+
type: :runtime
|
71
|
+
prerelease: false
|
72
|
+
version_requirements: !ruby/object:Gem::Requirement
|
73
|
+
requirements:
|
74
|
+
- - ">="
|
75
|
+
- !ruby/object:Gem::Version
|
76
|
+
version: '0'
|
77
|
+
- !ruby/object:Gem::Dependency
|
78
|
+
name: sys-uname
|
79
|
+
requirement: !ruby/object:Gem::Requirement
|
80
|
+
requirements:
|
81
|
+
- - ">="
|
82
|
+
- !ruby/object:Gem::Version
|
83
|
+
version: '0'
|
84
|
+
type: :runtime
|
85
|
+
prerelease: false
|
86
|
+
version_requirements: !ruby/object:Gem::Requirement
|
87
|
+
requirements:
|
88
|
+
- - ">="
|
89
|
+
- !ruby/object:Gem::Version
|
90
|
+
version: '0'
|
91
|
+
- !ruby/object:Gem::Dependency
|
92
|
+
name: terminal-table
|
93
|
+
requirement: !ruby/object:Gem::Requirement
|
94
|
+
requirements:
|
95
|
+
- - ">="
|
96
|
+
- !ruby/object:Gem::Version
|
97
|
+
version: '0'
|
98
|
+
type: :runtime
|
99
|
+
prerelease: false
|
100
|
+
version_requirements: !ruby/object:Gem::Requirement
|
101
|
+
requirements:
|
102
|
+
- - ">="
|
103
|
+
- !ruby/object:Gem::Version
|
104
|
+
version: '0'
|
105
|
+
- !ruby/object:Gem::Dependency
|
106
|
+
name: justify
|
107
|
+
requirement: !ruby/object:Gem::Requirement
|
108
|
+
requirements:
|
109
|
+
- - ">="
|
110
|
+
- !ruby/object:Gem::Version
|
111
|
+
version: '0'
|
112
|
+
type: :runtime
|
113
|
+
prerelease: false
|
114
|
+
version_requirements: !ruby/object:Gem::Requirement
|
115
|
+
requirements:
|
116
|
+
- - ">="
|
117
|
+
- !ruby/object:Gem::Version
|
118
|
+
version: '0'
|
119
|
+
- !ruby/object:Gem::Dependency
|
120
|
+
name: logger-colors
|
65
121
|
requirement: !ruby/object:Gem::Requirement
|
66
122
|
requirements:
|
67
123
|
- - ">="
|
@@ -89,7 +145,7 @@ dependencies:
|
|
89
145
|
- !ruby/object:Gem::Version
|
90
146
|
version: '0'
|
91
147
|
- !ruby/object:Gem::Dependency
|
92
|
-
name:
|
148
|
+
name: sqlite3
|
93
149
|
requirement: !ruby/object:Gem::Requirement
|
94
150
|
requirements:
|
95
151
|
- - ">="
|
@@ -103,7 +159,7 @@ dependencies:
|
|
103
159
|
- !ruby/object:Gem::Version
|
104
160
|
version: '0'
|
105
161
|
- !ruby/object:Gem::Dependency
|
106
|
-
name:
|
162
|
+
name: dm-sqlite-adapter
|
107
163
|
requirement: !ruby/object:Gem::Requirement
|
108
164
|
requirements:
|
109
165
|
- - ">="
|
@@ -117,7 +173,7 @@ dependencies:
|
|
117
173
|
- !ruby/object:Gem::Version
|
118
174
|
version: '0'
|
119
175
|
- !ruby/object:Gem::Dependency
|
120
|
-
name:
|
176
|
+
name: data_mapper
|
121
177
|
requirement: !ruby/object:Gem::Requirement
|
122
178
|
requirements:
|
123
179
|
- - ">="
|
@@ -131,7 +187,7 @@ dependencies:
|
|
131
187
|
- !ruby/object:Gem::Version
|
132
188
|
version: '0'
|
133
189
|
- !ruby/object:Gem::Dependency
|
134
|
-
name:
|
190
|
+
name: code_metrics
|
135
191
|
requirement: !ruby/object:Gem::Requirement
|
136
192
|
requirements:
|
137
193
|
- - ">="
|
@@ -145,7 +201,7 @@ dependencies:
|
|
145
201
|
- !ruby/object:Gem::Version
|
146
202
|
version: '0'
|
147
203
|
- !ruby/object:Gem::Dependency
|
148
|
-
name:
|
204
|
+
name: metric_fu-Saikuro
|
149
205
|
requirement: !ruby/object:Gem::Requirement
|
150
206
|
requirements:
|
151
207
|
- - ">="
|
@@ -159,7 +215,63 @@ dependencies:
|
|
159
215
|
- !ruby/object:Gem::Version
|
160
216
|
version: '0'
|
161
217
|
- !ruby/object:Gem::Dependency
|
162
|
-
name:
|
218
|
+
name: flay
|
219
|
+
requirement: !ruby/object:Gem::Requirement
|
220
|
+
requirements:
|
221
|
+
- - ">="
|
222
|
+
- !ruby/object:Gem::Version
|
223
|
+
version: '0'
|
224
|
+
type: :runtime
|
225
|
+
prerelease: false
|
226
|
+
version_requirements: !ruby/object:Gem::Requirement
|
227
|
+
requirements:
|
228
|
+
- - ">="
|
229
|
+
- !ruby/object:Gem::Version
|
230
|
+
version: '0'
|
231
|
+
- !ruby/object:Gem::Dependency
|
232
|
+
name: churn
|
233
|
+
requirement: !ruby/object:Gem::Requirement
|
234
|
+
requirements:
|
235
|
+
- - ">="
|
236
|
+
- !ruby/object:Gem::Version
|
237
|
+
version: '0'
|
238
|
+
type: :runtime
|
239
|
+
prerelease: false
|
240
|
+
version_requirements: !ruby/object:Gem::Requirement
|
241
|
+
requirements:
|
242
|
+
- - ">="
|
243
|
+
- !ruby/object:Gem::Version
|
244
|
+
version: '0'
|
245
|
+
- !ruby/object:Gem::Dependency
|
246
|
+
name: flog
|
247
|
+
requirement: !ruby/object:Gem::Requirement
|
248
|
+
requirements:
|
249
|
+
- - ">="
|
250
|
+
- !ruby/object:Gem::Version
|
251
|
+
version: '0'
|
252
|
+
type: :runtime
|
253
|
+
prerelease: false
|
254
|
+
version_requirements: !ruby/object:Gem::Requirement
|
255
|
+
requirements:
|
256
|
+
- - ">="
|
257
|
+
- !ruby/object:Gem::Version
|
258
|
+
version: '0'
|
259
|
+
- !ruby/object:Gem::Dependency
|
260
|
+
name: reek
|
261
|
+
requirement: !ruby/object:Gem::Requirement
|
262
|
+
requirements:
|
263
|
+
- - ">="
|
264
|
+
- !ruby/object:Gem::Version
|
265
|
+
version: '0'
|
266
|
+
type: :runtime
|
267
|
+
prerelease: false
|
268
|
+
version_requirements: !ruby/object:Gem::Requirement
|
269
|
+
requirements:
|
270
|
+
- - ">="
|
271
|
+
- !ruby/object:Gem::Version
|
272
|
+
version: '0'
|
273
|
+
- !ruby/object:Gem::Dependency
|
274
|
+
name: cane
|
163
275
|
requirement: !ruby/object:Gem::Requirement
|
164
276
|
requirements:
|
165
277
|
- - ">="
|
@@ -272,7 +384,6 @@ files:
|
|
272
384
|
- ".ruby-gemset"
|
273
385
|
- ".ruby-version"
|
274
386
|
- ".travis.yml"
|
275
|
-
- BUGS.md
|
276
387
|
- Changelog.md
|
277
388
|
- Gemfile
|
278
389
|
- KnowledgeBase.md
|
@@ -297,11 +408,14 @@ files:
|
|
297
408
|
- checksum/dawnscanner-1.3.5.gem.sha1
|
298
409
|
- checksum/dawnscanner-1.4.0.gem.sha1
|
299
410
|
- checksum/dawnscanner-1.4.1.gem.sha1
|
411
|
+
- checksum/dawnscanner-1.4.2.gem.sha1
|
300
412
|
- dawnscanner.gemspec
|
301
|
-
- doc/codesake-dawn.yaml.sample
|
302
413
|
- doc/dawn_1_0_announcement.md
|
303
414
|
- doc/dawn_1_1_announcement.md
|
304
415
|
- doc/dawn_1_2_announcement.md
|
416
|
+
- doc/dawn_1_5_announcement.md
|
417
|
+
- doc/dawnscanner.yaml.sample
|
418
|
+
- doc/new_knowledge_base_v1.0.md
|
305
419
|
- features/dawn_complains_about_an_incorrect_command_line.feature.disabled
|
306
420
|
- features/dawn_scan_a_secure_sinatra_app.feature.disabled
|
307
421
|
- features/dawn_scan_a_vulnerable_sinatra_app.feature.disabled
|
@@ -486,6 +600,7 @@ files:
|
|
486
600
|
- lib/dawn/kb/cve_2014_7829.rb
|
487
601
|
- lib/dawn/kb/cve_2014_8090.rb
|
488
602
|
- lib/dawn/kb/cve_2014_9490.rb
|
603
|
+
- lib/dawn/kb/cve_2015_1819.rb
|
489
604
|
- lib/dawn/kb/cve_2015_1840/cve_2015_1840_a.rb
|
490
605
|
- lib/dawn/kb/cve_2015_1840/cve_2015_1840_b.rb
|
491
606
|
- lib/dawn/kb/cve_2015_2963.rb
|
@@ -494,8 +609,10 @@ files:
|
|
494
609
|
- lib/dawn/kb/cve_2015_3226.rb
|
495
610
|
- lib/dawn/kb/cve_2015_3227.rb
|
496
611
|
- lib/dawn/kb/cve_2015_3448.rb
|
612
|
+
- lib/dawn/kb/cve_2015_4020.rb
|
497
613
|
- lib/dawn/kb/dependency_check.rb
|
498
614
|
- lib/dawn/kb/deprecation_check.rb
|
615
|
+
- lib/dawn/kb/gem_check.rb
|
499
616
|
- lib/dawn/kb/not_revised_code.rb
|
500
617
|
- lib/dawn/kb/operating_system_check.rb
|
501
618
|
- lib/dawn/kb/osvdb_105971.rb
|
@@ -503,11 +620,17 @@ files:
|
|
503
620
|
- lib/dawn/kb/osvdb_108563.rb
|
504
621
|
- lib/dawn/kb/osvdb_108569.rb
|
505
622
|
- lib/dawn/kb/osvdb_108570.rb
|
623
|
+
- lib/dawn/kb/osvdb_115654.rb
|
624
|
+
- lib/dawn/kb/osvdb_116010.rb
|
625
|
+
- lib/dawn/kb/osvdb_117903.rb
|
506
626
|
- lib/dawn/kb/osvdb_118579.rb
|
507
627
|
- lib/dawn/kb/osvdb_118830.rb
|
508
628
|
- lib/dawn/kb/osvdb_118954.rb
|
509
629
|
- lib/dawn/kb/osvdb_119878.rb
|
510
630
|
- lib/dawn/kb/osvdb_119927.rb
|
631
|
+
- lib/dawn/kb/osvdb_120415.rb
|
632
|
+
- lib/dawn/kb/osvdb_120857.rb
|
633
|
+
- lib/dawn/kb/osvdb_121701.rb
|
511
634
|
- lib/dawn/kb/owasp_ror_cheatsheet.rb
|
512
635
|
- lib/dawn/kb/owasp_ror_cheatsheet/check_for_backup_files.rb
|
513
636
|
- lib/dawn/kb/owasp_ror_cheatsheet/check_for_safe_redirect_and_forward.rb
|
@@ -526,6 +649,7 @@ files:
|
|
526
649
|
- lib/dawn/padrino.rb
|
527
650
|
- lib/dawn/rails.rb
|
528
651
|
- lib/dawn/railtie.rb
|
652
|
+
- lib/dawn/registry.rb
|
529
653
|
- lib/dawn/reporter.rb
|
530
654
|
- lib/dawn/sinatra.rb
|
531
655
|
- lib/dawn/tasks.rb
|
@@ -595,6 +719,7 @@ files:
|
|
595
719
|
- spec/lib/kb/cve_2014_7819_spec.rb
|
596
720
|
- spec/lib/kb/cve_2014_7829_spec.rb
|
597
721
|
- spec/lib/kb/cve_2014_9490_spec.rb
|
722
|
+
- spec/lib/kb/cve_2015_1819_spec.rb
|
598
723
|
- spec/lib/kb/cve_2015_1840_spec.rb
|
599
724
|
- spec/lib/kb/cve_2015_2963_spec.rb
|
600
725
|
- spec/lib/kb/cve_2015_3224_spec.rb
|
@@ -602,23 +727,31 @@ files:
|
|
602
727
|
- spec/lib/kb/cve_2015_3226_spec.rb
|
603
728
|
- spec/lib/kb/cve_2015_3227_spec.rb
|
604
729
|
- spec/lib/kb/cve_2015_3448_spec.rb
|
730
|
+
- spec/lib/kb/cve_2015_4020_spec.rb
|
605
731
|
- spec/lib/kb/osvdb_105971_spec.rb
|
606
732
|
- spec/lib/kb/osvdb_108530_spec.rb
|
607
733
|
- spec/lib/kb/osvdb_108563_spec.rb
|
608
734
|
- spec/lib/kb/osvdb_108569_spec.rb
|
609
735
|
- spec/lib/kb/osvdb_108570_spec.rb
|
736
|
+
- spec/lib/kb/osvdb_115654_spec.rb
|
737
|
+
- spec/lib/kb/osvdb_116010_spec.rb
|
738
|
+
- spec/lib/kb/osvdb_117903_spec.rb
|
610
739
|
- spec/lib/kb/osvdb_118579_spec.rb
|
611
740
|
- spec/lib/kb/osvdb_118830_spec.rb
|
612
741
|
- spec/lib/kb/osvdb_118954_spec.rb
|
613
742
|
- spec/lib/kb/osvdb_119878_spec.rb
|
614
743
|
- spec/lib/kb/osvdb_119927_spec.rb
|
744
|
+
- spec/lib/kb/osvdb_120415_spec.rb
|
745
|
+
- spec/lib/kb/osvdb_120857_spec.rb
|
746
|
+
- spec/lib/kb/osvdb_121701_spec.rb
|
615
747
|
- spec/lib/kb/owasp_ror_cheatsheet_disabled.rb
|
616
748
|
- spec/spec_helper.rb
|
617
749
|
- support/bootstrap.js
|
618
750
|
- support/bootstrap.min.css
|
619
751
|
- support/codesake.css
|
620
752
|
homepage: http://dawnscanner.org
|
621
|
-
licenses:
|
753
|
+
licenses:
|
754
|
+
- MIT
|
622
755
|
metadata: {}
|
623
756
|
post_install_message:
|
624
757
|
rdoc_options: []
|
@@ -710,6 +843,7 @@ test_files:
|
|
710
843
|
- spec/lib/kb/cve_2014_7819_spec.rb
|
711
844
|
- spec/lib/kb/cve_2014_7829_spec.rb
|
712
845
|
- spec/lib/kb/cve_2014_9490_spec.rb
|
846
|
+
- spec/lib/kb/cve_2015_1819_spec.rb
|
713
847
|
- spec/lib/kb/cve_2015_1840_spec.rb
|
714
848
|
- spec/lib/kb/cve_2015_2963_spec.rb
|
715
849
|
- spec/lib/kb/cve_2015_3224_spec.rb
|
@@ -717,15 +851,22 @@ test_files:
|
|
717
851
|
- spec/lib/kb/cve_2015_3226_spec.rb
|
718
852
|
- spec/lib/kb/cve_2015_3227_spec.rb
|
719
853
|
- spec/lib/kb/cve_2015_3448_spec.rb
|
854
|
+
- spec/lib/kb/cve_2015_4020_spec.rb
|
720
855
|
- spec/lib/kb/osvdb_105971_spec.rb
|
721
856
|
- spec/lib/kb/osvdb_108530_spec.rb
|
722
857
|
- spec/lib/kb/osvdb_108563_spec.rb
|
723
858
|
- spec/lib/kb/osvdb_108569_spec.rb
|
724
859
|
- spec/lib/kb/osvdb_108570_spec.rb
|
860
|
+
- spec/lib/kb/osvdb_115654_spec.rb
|
861
|
+
- spec/lib/kb/osvdb_116010_spec.rb
|
862
|
+
- spec/lib/kb/osvdb_117903_spec.rb
|
725
863
|
- spec/lib/kb/osvdb_118579_spec.rb
|
726
864
|
- spec/lib/kb/osvdb_118830_spec.rb
|
727
865
|
- spec/lib/kb/osvdb_118954_spec.rb
|
728
866
|
- spec/lib/kb/osvdb_119878_spec.rb
|
729
867
|
- spec/lib/kb/osvdb_119927_spec.rb
|
868
|
+
- spec/lib/kb/osvdb_120415_spec.rb
|
869
|
+
- spec/lib/kb/osvdb_120857_spec.rb
|
870
|
+
- spec/lib/kb/osvdb_121701_spec.rb
|
730
871
|
- spec/lib/kb/owasp_ror_cheatsheet_disabled.rb
|
731
872
|
- spec/spec_helper.rb
|